0% found this document useful (0 votes)

247 views513 pages

NetEngine 8000 X V800R012C00SPC300 Configuration Guide - System Monitor 04

Uploaded by

Adrian Carmona

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

247 views513 pages

NetEngine 8000 X V800R012C00SPC300 Configuration Guide - System Monitor 04

Uploaded by

Adrian Carmona

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 513

HUAWEI NetEngine 8000 X Series Router

V800R012C00SPC300

Configuration Guide - System

Monitor

Issue 04
Date 2020-04-30

HUAWEI TECHNOLOGIES CO., LTD.

Copyright © Huawei Technologies Co., Ltd. 2020. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without prior
written consent of Huawei Technologies Co., Ltd.

Trademarks and Permissions

and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective
holders.

Notice
The purchased products, services and features are stipulated by the contract made between Huawei and
the customer. All or part of the products, services and features described in this document may not be
within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,
information, and recommendations in this document are provided "AS IS" without warranties, guarantees
or representations of any kind, either express or implied.

The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute a warranty of any kind, express or implied.

Huawei Technologies Co., Ltd.

Address: Huawei Industrial Base
Bantian, Longgang
Shenzhen 518129
People's Republic of China

Website: https://www.huawei.com
Email: [email protected]

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. i

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor Contents

Contents

1 About This Document.............................................................................................................1

2 IP FPM Configuration............................................................................................................. 5
2.1 Overview of IP FPM................................................................................................................................................................ 5
2.2 IP FPM Licensing Requirements and Configuration Precautions............................................................................ 9
2.3 Configuring IP FPM End-to-End Performance Statistics Collection.....................................................................11
2.3.1 Configuring an MCP......................................................................................................................................................... 12
2.3.2 Configuring a DCP............................................................................................................................................................. 14
2.3.3 Checking the Configurations......................................................................................................................................... 18
2.4 Configuring IP FPM Hop-by-Hop Performance Statistics Collection.................................................................. 18
2.4.1 Configuring an MCP......................................................................................................................................................... 19
2.4.2 Configuring a DCP............................................................................................................................................................. 22
2.4.3 Checking the Configurations......................................................................................................................................... 27
2.5 Maintaining IP FPM..............................................................................................................................................................27
2.5.1 Configuring Alarm and Clear Alarm Thresholds for IP FPM Performance Counters................................. 27
2.5.2 Monitoring the IP FPM Running Status..................................................................................................................... 28
2.6 IP FPM Configuration Examples...................................................................................................................................... 28
2.6.1 Example for Configuring IP FPM End-to-End Performance Statistics Collection........................................ 28
2.6.2 Example for Configuring IP FPM Hop-by-Hop Performance Statistics Collection...................................... 47

3 NetStream Configuration.................................................................................................... 68
3.1 Overview of NetStream...................................................................................................................................................... 69
3.2 NetStream Licensing Requirements and Configuration Precautions.................................................................. 71
3.3 Collecting Statistics About IPv4 Original Flows......................................................................................................... 72
3.3.1 Specifying a NetStream Service Processing Mode................................................................................................. 73
3.3.2 Outputting Original Flows............................................................................................................................................. 74
3.3.3 (Optional) Configuring NetStream Monitoring Services..................................................................................... 76
3.3.4 (Optional) Adjusting the AS Field Mode and Interface Index Type.................................................................77
3.3.5 (Optional) Enabling Statistics Collection of TCP Flags........................................................................................ 78
3.3.6 (Optional) Configuring NetStream Interface Option Packets and Setting Option Template
Refreshing Parameters............................................................................................................................................................... 78
3.3.7 (Optional) Enabling the Storage Function for Aged Original Flows............................................................... 79
3.3.8 Sampling IPv4 Flows........................................................................................................................................................ 80
3.3.9 (Optional) Disabling MPLS Packet Sampling on an Interface...........................................................................81
3.3.10 Verifying the Configuration of Statistics Collection of IPv4 Original Flows............................................... 82

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. ii

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor Contents

3.4 Collecting Statistics About IPv4 Aggregated Flows.................................................................................................. 82

3.4.1 Specifying a NetStream Service Processing Mode................................................................................................. 83
3.4.2 Configuring an Aggregation Mode for IPv4 Flows................................................................................................ 84
3.4.3 Outputting Aggregated Flows...................................................................................................................................... 87
3.4.4 (Optional) Adjusting the AS Field Mode and Interface Index Type.................................................................89
3.4.5 Sampling IPv4 Flows........................................................................................................................................................ 90
3.4.6 (Optional) Disabling MPLS Packet Sampling on an Interface...........................................................................91
3.4.7 Verifying the Configuration of Statistics Collection of IPv4 Aggregated Flows...........................................91
3.5 Collecting Statistics About IPv6 Original Flows......................................................................................................... 92
3.5.1 Specifying a NetStream Service Processing Mode................................................................................................. 93
3.5.2 Outputting Original Flows............................................................................................................................................. 94
3.5.3 (Optional) Configuring NetStream Monitoring Services..................................................................................... 95
3.5.4 (Optional) Adjusting the AS Field Mode and Interface Index Type.................................................................97
3.5.5 (Optional) Enabling Statistics Collection of TCP Flags in Original Flows......................................................98
3.5.6 (Optional) Enabling the Storage Function for Aged Original Flows............................................................... 98
3.5.7 Sampling IPv6 Flows........................................................................................................................................................ 99
3.5.8 (Optional) Disabling MPLS Packet Sampling on an Interface........................................................................ 100
3.5.9 Verifying the Configuration of Statistics Collection of IPv6 Original Flows............................................... 100
3.6 Collecting Statistics About IPv6 Aggregated Flows................................................................................................ 101
3.6.1 Specifying a NetStream Service Processing Mode...............................................................................................102
3.6.2 Configuring an Aggregation Mode for IPv6 Flows.............................................................................................. 103
3.6.3 Outputting Aggregated Flows.................................................................................................................................... 105
3.6.4 (Optional) Adjusting the AS Field Mode and Interface Index Type.............................................................. 107
3.6.5 Sampling IPv6 Flows...................................................................................................................................................... 108
3.6.6 (Optional) Disabling MPLS Packet Sampling on an Interface........................................................................ 109
3.6.7 Verifying the Configuration of Statistics Collection of IPv6 Aggregated Flows........................................ 110
3.7 Collecting Statistics About IPv4 Flexible Flows........................................................................................................ 110
3.7.1 Specifying a NetStream Service Processing Mode...............................................................................................111
3.7.2 Configuring a Flexible Flow Statistics Template.................................................................................................. 112
3.7.3 Outputting Flexible Flows............................................................................................................................................ 112
3.7.4 (Optional) Configuring NetStream Monitoring Services...................................................................................114
3.7.5 (Optional) Adjusting the AS Field Mode and Interface Index Type.............................................................. 115
3.7.6 Sampling IPv4 Flows...................................................................................................................................................... 116
3.7.7 (Optional) Disabling MPLS Packet Sampling on an Interface........................................................................ 117
3.7.8 Verifying the Configuration of IPv4 Flexible Flow Statistics Collection....................................................... 117
3.8 Collecting Statistics About IPv6 Flexible Flows........................................................................................................ 118
3.8.1 Specifying a NetStream Service Processing Mode...............................................................................................119
3.8.2 Configuring a Flexible Flow Statistics Template.................................................................................................. 119
3.8.3 Outputting Flexible Flows............................................................................................................................................ 120
3.8.4 (Optional) Configuring NetStream Monitoring Services...................................................................................121
3.8.5 (Optional) Adjusting the AS Field Mode and Interface Index Type.............................................................. 123
3.8.6 Sampling IPv6 Flows...................................................................................................................................................... 123

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. iii

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor Contents

3.8.7 (Optional) Disabling MPLS Packet Sampling on an Interface........................................................................ 125

3.8.8 Verifying the Configuration of IPv6 Flexible Flow Statistics Collection....................................................... 125
3.9 Collecting Statistics About MPLS IPv4 Packets........................................................................................................ 125
3.10 Collecting Statistics About MPLS IPv6 Packet........................................................................................................ 127
3.11 Collecting Statistics About BGP/MPLS VPN Flows............................................................................................... 129
3.12 Maintaining NetStream................................................................................................................................................. 130
3.12.1 Monitoring the NetStream Operating Status..................................................................................................... 130
3.12.2 Deleting NetStream Template Statistics...............................................................................................................131
3.13 Configuration Examples for NetStream................................................................................................................... 131
3.13.1 Example for Collecting Statistics About Abnormal IPv4 Flows on the User Side...................................131
3.13.2 Example for Collecting Statistics About IPv4 Flows Aggregated Based on the AS Number.............. 134
3.13.3 Example for Collecting Statistics About MPLS Original Flows..................................................................... 138
3.13.4 Example for Deploying NetStream on the BGP/MPLS IP VPN Network................................................... 142
3.13.5 Example for Collecting IPv6 Original Flow Statistics....................................................................................... 148
3.13.6 Example for Collecting IPv4 Flexible Flow Statistics........................................................................................ 152

4 NQA Configuration............................................................................................................. 156

4.1 Overview of NQA............................................................................................................................................................... 157
4.2 NQA Licensing Requirements and Configuration Precautions........................................................................... 157
4.3 Configuring NQA to Monitor an IP Network............................................................................................................162
4.3.1 Configuring a DNS Test.................................................................................................................................................164
4.3.2 Configuring an ICMP Test............................................................................................................................................ 166
4.3.3 Configuring a TCP Test.................................................................................................................................................. 168
4.3.4 Configuring a UDP Test.................................................................................................................................................170
4.3.5 Configuring an SNMP Test........................................................................................................................................... 173
4.3.6 Configuring a Trace Test............................................................................................................................................... 175
4.3.7 Configuring a UDP Jitter Test......................................................................................................................................178
4.3.8 Configuring an ICMP Jitter Test................................................................................................................................. 181
4.3.9 Configuring Parameters for the Path Jitter Test................................................................................................... 183
4.3.10 Configuring Parameters for the Path MTU Test................................................................................................ 185
4.3.11 Verifying the NQA Configuration............................................................................................................................ 186
4.4 Configuring NQA to Monitor an MPLS Network.................................................................................................... 186
4.4.1 Configuring an LSP Ping Test...................................................................................................................................... 187
4.4.2 Configuring an LSP Trace Test.................................................................................................................................... 190
4.4.3 Configuring an LSP Jitter Test..................................................................................................................................... 192
4.4.4 Verifying the NQA Configuration.............................................................................................................................. 194
4.5 Configuring NQA to Monitor VPNs.............................................................................................................................. 194
4.5.1 Configuring a PWE3 Ping Test.................................................................................................................................... 195
4.5.2 Configuring a VPLS MAC Ping Test........................................................................................................................... 198
4.5.3 Configuring a VPLS PW Ping Test..............................................................................................................................200
4.5.4 Configuring a PWE3 Trace Test.................................................................................................................................. 202
4.5.5 Configuring a VPLS PW Trace Test............................................................................................................................ 204
4.5.6 Verifying the NQA Configuration.............................................................................................................................. 205

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. iv

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor Contents

4.6 Configuring NQA to Check a Layer 2 Network........................................................................................................206

4.6.1 Configuring a MAC Ping Test...................................................................................................................................... 206
4.6.2 Verifying the NQA Configuration.............................................................................................................................. 209
4.7 Configuring an RFC 2544 Generalflow Test Instance.............................................................................................209
4.7.1 Configuring a Reflector................................................................................................................................................. 212
4.7.2 Configuring an Initiator................................................................................................................................................ 214
4.7.3 Verifying the Configuration of a Generalflow Test Instance............................................................................220
4.8 Configuring a Y.1564 Ethernet Service Activation Test..........................................................................................220
4.8.1 Configuring the Reflector............................................................................................................................................. 221
4.8.2 Configuring an Initiator................................................................................................................................................ 223
4.8.3 Verifying the Configuration of an Ethernet Service Activation Test..............................................................225
4.9 Configuring Test Results to Be Sent to the FTP Server......................................................................................... 225
4.9.1 Setting Parameters for Configuring Test Results to Be Sent to the FTP Server........................................ 226
4.9.2 Starting a Test Instance................................................................................................................................................ 227
4.9.3 Verifying the Configuration of Test Results to Be Sent to the FTP Server.................................................. 228
4.10 Maintaining NQA............................................................................................................................................................. 228
4.10.1 Checking Test Types and Server Types Supported by the NetEngine 8000.............................................. 228
4.10.2 Stopping a Test Instance............................................................................................................................................ 229
4.10.3 Restarting an NQA Test Instance............................................................................................................................ 229
4.10.4 Checking 802.1ag Packet Statistics........................................................................................................................ 230
4.10.5 Deleting Statistics......................................................................................................................................................... 230
4.10.6 Deleting Test Records.................................................................................................................................................. 231
4.11 Configuration Examples for NQA............................................................................................................................... 231
4.11.1 Example for Configuring an NQA Test to Detect the DNS Resolution Speed on an IP Network.....231
4.11.2 Example for Configuring an NQA TCP Test to Measure the Response Time on an IP Network.......233
4.11.3 Example for Configuring an NQA UDP Jitter Test to Monitor the VoIP Service Jitter Time............... 236
4.11.4 Example for Configuring an NQA LSP Ping Test to Monitor MPLS Network Connectivity................ 238
4.11.5 Example for Configuring an NQA PWE3 Ping Test to Monitor PW Connectivity on a VPWS Network
......................................................................................................................................................................................................... 241
4.11.6 Example for Configuring a Generalflow Test in a Native Ethernet Scenario (RFC 2544)................... 247
4.11.7 Example for Configuring a Generalflow Test in the IP Gateway Scenario (RFC 2544)........................250
4.11.8 Example for Configuring a Layer 2 Ethernet Service Activation Test (Y.1564)....................................... 253
4.11.9 Example for Configuring an Ethernet Service Activation Test in a Layer 3 Scenario (Y.1564).......... 257
4.11.10 Example for Configuring an Ethernet Service Activation Test on an EVPN VXLAN (Y.1564).......... 261
4.11.11 Example for Configuring Test Results to Be Sent to the FTP Server........................................................ 268

5 Ping/Tracert.......................................................................................................................... 271
5.1 Ping/Tracert Licensing Requirements and Configuration Precautions............................................................. 272
5.2 Using Ping/Tracert on an IP Network.......................................................................................................................... 272
5.2.1 Using Ping to Check Link Connectivity on an IPv4 or IPv6 Network............................................................ 272
5.2.2 Using Ping to Monitor the Reachability of Layer 3 Trunk Member Interfaces..........................................274
5.2.3 Using Tracert to Monitor the Forwarding Path on an IPv4 or IPv6 Network............................................ 275
5.3 Using Ping/Tracert on an MPLS Network.................................................................................................................. 277

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. v

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor Contents

5.3.1 Using Ping to Monitor Link Connectivity on an MPLS Network.................................................................... 277

5.3.2 Using Tracert to Test the Forwarding Path on an MPLS Network................................................................. 282
5.4 Using Ping/Tracert on a P2MP Network.....................................................................................................................286
5.4.1 Using Ping to Check Link Connectivity on a P2MP Network...........................................................................286
5.4.2 Using Tracert to Check the Forwarding Path on a P2MP Network............................................................... 288
5.5 Detecting the VLL Network Through the Ping or Tracert Operation............................................................... 289
5.5.1 Using Ping to Monitor Link Connectivity on a VLL Network...........................................................................289
5.5.2 Using Tracert to Monitor Link Connectivity on a VLL Network...................................................................... 290
5.6 Using Ping/Tracert on a VPN Network....................................................................................................................... 291
5.6.1 Using Ping to Monitor VPWS PW Connectivity.................................................................................................... 291
5.6.2 Using PW Ping to Monitor PW Connectivity on a VPLS Network..................................................................294
5.6.3 Using Tracert to Monitor PWE3 Network Connectivity..................................................................................... 295
5.6.4 Using Tracert to Monitor PW Connectivity on a VPLS Network.....................................................................296
5.6.5 Using CE Ping to Monitor the Connectivity Between a PE and a CE on a VPLS Network.................... 296
5.6.6 Using CE Ping to Check the Connectivity Between a PE and a CE in an EVC Model..............................297
5.7 Using Ping/Tracert on a Layer 2 Network..................................................................................................................298
5.7.1 Using GMAC Ping to Monitor Link Connectivity on a Layer 2 Network......................................................299
5.7.2 Using GMAC Trace to Monitor the Forwarding Path on a Layer 2 Network............................................. 300
5.7.3 Using 802.1ag MAC Ping to Monitor Link Connectivity on a Layer 2 Network........................................302
5.7.4 Using 802.1ag MAC Trace to Monitor the Forwarding Path on a Layer 2 Network............................... 303
5.8 Using a Ping Operation on an EVPN........................................................................................................................... 305
5.8.1 Checking EVPN Connectivity Using a Ping Operation........................................................................................305
5.9 Using a Ping/Tracert Operation on an EVPN VPWS Network............................................................................ 306
5.9.1 Checking EVPN VPWS Network Connectivity Using a Ping Operation........................................................ 306
5.9.2 Checking EVPN VPWS Network Connectivity Using a Tracert Operation................................................... 307
5.10 Using Ping/Tracert to Test an SRv6 Network......................................................................................................... 308
5.10.1 Using Ping to Test the Connectivity of an SRv6 Network.............................................................................. 308
5.10.2 Using Tracert to Test the Path Information of an SRv6 Network................................................................ 309
5.11 Using MTrace to Test a Multicast Network.............................................................................................................311

6 Telemetry Configuration................................................................................................... 315

6.1 Overview of Telemetry..................................................................................................................................................... 316
6.2 Telemetry Licensing Requirements and Configuration Precautions................................................................. 317
6.3 Configuring Static Telemetry Subscription (IPv4 Collector)................................................................................ 324
6.3.1 Configuring a Destination Collector......................................................................................................................... 325
6.3.2 Configuring the Data to Be Sampled or a Customized Event......................................................................... 326
6.3.3 Creating a Subscription................................................................................................................................................. 328
6.3.4 Verifying the Telemetry Configuration.................................................................................................................... 331
6.4 Configuring Dynamic Telemetry Subscription (IPv4 Collector).......................................................................... 332
6.5 Configuring Static Telemetry Subscription (IPv6 Collector)................................................................................ 334
6.5.1 Configuring an IPv6 Destination Collector............................................................................................................. 334
6.5.2 Configuring the Data to Be Sampled or a Customized Event......................................................................... 335
6.5.3 Creating a Subscription................................................................................................................................................. 338

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. vi

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor Contents

6.5.4 Verifying the Telemetry Configuration.................................................................................................................... 341

6.6 Configuring Dynamic Telemetry Subscription (IPv6 Collector).......................................................................... 341
6.7 Configuration Examples for Telemetry....................................................................................................................... 343
6.7.1 Example for Configuring Static Telemetry Subscription Based on gRPC..................................................... 343
6.7.2 Example for Configuring Static Telemetry Subscription Based on UDP...................................................... 346
6.7.3 Example for Configuring Dynamic Telemetry Subscription Based on gRPC (IPv4 Collector).............. 349
6.7.4 Example for Configuring Dynamic Telemetry Subscription Based on gRPC (IPv6 Collector).............. 350

7 TWAMP Configuration....................................................................................................... 353

7.1 Overview of TWAMP......................................................................................................................................................... 353
7.2 TWAMP Licensing Requirements and Configuration Precautions..................................................................... 355
7.3 Configuring TWAMP.......................................................................................................................................................... 356
7.4 Configuring TWAMP.......................................................................................................................................................... 356
7.4.1 Configuring the Server.................................................................................................................................................. 357
7.4.2 Configuring the Session-Reflector............................................................................................................................. 357
7.4.3 Verifying the TWAMP Configuration........................................................................................................................ 358
7.5 Configuration Examples for TWAMP........................................................................................................................... 358
7.5.1 Example for Configuring TWAMP............................................................................................................................. 359
7.5.2 Example for Configuring TWAMP on an L3 VXLAN............................................................................................361
7.5.3 Example for Configuring TWAMP on an EVPN L3VPN...................................................................................... 365

8 TWAMP Light Configuration............................................................................................ 370

8.1 Overview of TWAMP Light.............................................................................................................................................. 370
8.2 TWAMP Light Licensing Requirements and Configuration Precautions..........................................................371
8.3 Configuring TWAMP Light Functions.......................................................................................................................... 372
8.3.1 Configuring the TWAMP Light Responder............................................................................................................. 373
8.3.2 Configuring the TWAMP Light Controller.............................................................................................................. 374
8.3.3 Verifying the Configuration of the TWAMP Light Statistics Collection Function..................................... 376
8.4 Maintaining TWAMP Light.............................................................................................................................................. 376
8.4.1 Clearing TWAMP Light Session Statistics............................................................................................................... 376
8.5 TWAMP Light Configuration Examples.......................................................................................................................376
8.5.1 Example for Configuring TWAMP Light Functions.............................................................................................. 377
8.5.2 Example for Configuring TWAMP Light on an L3 VXLAN................................................................................ 380
8.5.3 Example for Configuring TWAMP Light on an EVPN L3VPN...........................................................................385
8.5.4 Example for Configuring TWAMP Light IPv6 Functions.................................................................................... 390
8.5.5 Example for Configuring TWAMP Light on VLL+L3VPN Networks............................................................... 393

9 sFlow Configuration........................................................................................................... 401

9.1 Overview of sFlow.............................................................................................................................................................. 401
9.2 sFlow Licensing Requirements and Configuration Precautions..........................................................................402
9.3 Configuring sFlow.............................................................................................................................................................. 403
9.3.1 Configuring sFlow Agent and Collector Information..........................................................................................403
9.3.2 Configuring Flow Sampling......................................................................................................................................... 404
9.3.3 Verifying the sFlow Configuration............................................................................................................................ 405

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. vii

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor Contents

9.4 Configuration Examples for sFlow................................................................................................................................405

10 IP Traffic Monitoring Configuration.............................................................................409

10.1 IP Traffic Monitoring Licensing Requirements and Configuration Precautions......................................... 409
10.2 Enabling IP Traffic Monitoring.................................................................................................................................... 410

11 iFIT Configuration............................................................................................................. 411

11.1 Overview of iFIT............................................................................................................................................................... 411
11.2 iFIT Licensing Requirements and Configuration Precautions........................................................................... 414
11.3 Configuring iFIT End-to-End Measurement............................................................................................................ 418
11.3.1 Configuring iFIT End-to-End Measurement........................................................................................................ 418
11.3.2 Configuring iFIT Hop-by-Hop Measurement...................................................................................................... 420
11.3.3 Verifying the iFIT Configuration.............................................................................................................................. 422
11.4 Configuration Examples for iFIT................................................................................................................................. 422
11.4.1 Example for Configuring iFIT End-to-End Measurement............................................................................... 423
11.4.2 Example for Configuring iFIT Hop-by-Hop Measurement............................................................................. 434

12 eMDI Configuration..........................................................................................................447
12.1 EMDI Overview................................................................................................................................................................. 447
12.2 EMDI Licensing Requirements and Configuration Precautions........................................................................449
12.3 Configuring Basic eMDI Detection Functions.........................................................................................................451
12.3.1 Configuring an eMDI Channel Group.................................................................................................................... 451
12.3.2 Configuring an eMDI Board Group........................................................................................................................ 452
12.3.3 Binding a Channel Group to a Board Group....................................................................................................... 452
12.3.4 (Optional) Configuring eMDI Jitter Detection....................................................................................................453
12.3.5 (Optional) Configuring eMDI Detection on Ps.................................................................................................. 454
12.4 Configuring eMDI Attributes........................................................................................................................................ 454
12.4.1 Configuring an eMDI Detection Period.................................................................................................................455
12.4.2 Configuring eMDI Alarm Thresholds and the Number of Alarm Suppression Times...........................455
12.4.3 Configuring an eMDI Detection Rate.................................................................................................................... 456
12.5 Maintaining eMDI............................................................................................................................................................ 457
12.6 Configuration Examples for eMDI.............................................................................................................................. 457
12.6.1 Example for Configuring eMDI Detection for a Common Layer 3 Multicast Service........................... 457
12.6.2 Example for Configuring eMDI Detection on an Intra-AS NG MVPN with an mLDP P2MP LSP..... 466

13 ESQM Configuration........................................................................................................ 485

13.1 Overview of ESQM.......................................................................................................................................................... 485
13.2 ESQM Licensing Requirements and Configuration Precautions...................................................................... 486
13.3 Configuring ESQM End-to-End Performance Measurement............................................................................ 490
13.4 Example for Configuring ESQM End-to-End Performance Measurement................................................... 491

14 Flow Recognition Configuration................................................................................... 497

14.1 Overview of Flow Recognition.................................................................................................................................... 497
14.2 Configuring Flow Recognition..................................................................................................................................... 499
14.3 Verifying the Flow Recognition Configuration.......................................................................................................500

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. viii

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor Contents

14.4 Configuration Examples for Flow Recognition...................................................................................................... 501

14.4.1 Example for Configuring Flow Recognition on a Media Network...............................................................501

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. ix

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 1 About This Document

1 About This Document

Purpose
This document provides the basic concepts, configuration procedures, and
configuration examples in different application scenarios of the system monitor
feature supported by the NetEngine 8000.

Related Version
The following table lists the product version related to this document.

Product Name Version

NetEngine 8000 X Series V800R012C00

NCE (IP Domain) V100R019C00SPC601

Intended Audience
This document is intended for:

● Data configuration engineers

● Commissioning engineers
● Network monitoring engineers
● System maintenance engineers

Security Declaration
● Encryption algorithm declaration
The encryption algorithms DES/3DES/RSA (RSA-2048 or lower)/MD5 (in
digital signature scenarios and password encryption)/SHA1 (in digital
signature scenarios) have a low security, which may bring security risks. If
protocols allowed, using more secure encryption algorithms, such as AES/RSA
(RSA-2048 or higher)/SHA2/HMAC-SHA2 is recommended.
● Password configuration declaration

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 1

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 1 About This Document

– Do not set both the start and end characters of a password to "%^%#".
This causes the password to be displayed directly in the configuration file.
– To further improve device security, periodically change the password.
● Personal data declaration
Your purchased products, services, or features may use users' some personal
data during service operation or fault locating. You must define user privacy
policies in compliance with local laws and take proper measures to fully
protect personal data.
● Feature declaration
– The NetStream feature may be used to analyze the communication
information of terminal customers for network traffic statistics and
management purposes. Before enabling the NetStream feature, ensure
that it is performed within the boundaries permitted by applicable laws
and regulations. Effective measures must be taken to ensure that
information is securely protected.
– The mirroring feature may be used to analyze the communication
information of terminal customers for a maintenance purpose. Before
enabling the mirroring function, ensure that it is performed within the
boundaries permitted by applicable laws and regulations. Effective
measures must be taken to ensure that information is securely protected.
– The packet header obtaining feature may be used to collect or store
some communication information about specific customers for
transmission fault and error detection purposes. Huawei cannot offer
services to collect or store this information unilaterally. Before enabling
the function, ensure that it is performed within the boundaries permitted
by applicable laws and regulations. Effective measures must be taken to
ensure that information is securely protected.
● Reliability design declaration
Network planning and site design must comply with reliability design
principles and provide device- and solution-level protection. Device-level
protection includes planning principles of dual-network and inter-board dual-
link to avoid single point or single link of failure. Solution-level protection
refers to a fast convergence mechanism, such as FRR and VRRP. If solution-
level protection is used, ensure that the primary and backup paths do not
share links or transmission devices. Otherwise, solution-level protection may
fail to take effect.

Special Declaration
● This document serves only as a guide. The content is written based on device
information gathered under lab conditions. The content provided by this
document is intended to be taken as general guidance, and does not cover all
scenarios. The content provided by this document may be different from the
information on user device interfaces due to factors such as version upgrades
and differences in device models, board restrictions, and configuration files.
The actual user device information takes precedence over the content
provided by this document. The preceding differences are beyond the scope of
this document.
● The maximum values provided in this document are obtained in specific lab
environments (for example, only a certain type of board or protocol is

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 2

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 1 About This Document

configured on a tested device). The actually obtained maximum values may

be different from the maximum values provided in this document due to
factors such as differences in hardware configurations and carried services.
● Interface numbers used in this document are examples. Use the existing
interface numbers on devices for configuration.
● The pictures of hardware in this document are for reference only.
● The supported boards are described in the document. Whether a
customization requirement can be met is subject to the information provided
at the pre-sales interface.
● In this document, public IP addresses may be used in feature introduction and
configuration examples and are for reference only unless otherwise specified.
● The configuration precautions described in this document may not accurately
reflect all scenarios.

Symbol Conventions
The symbols that may be found in this document are defined as follows.

Symbol Description

Indicates a hazard with a high level of risk which, if

not avoided, will result in death or serious injury.

Indicates a hazard with a medium level of risk

which, if not avoided, could result in death or
serious injury.

Indicates a hazard with a low level of risk which, if

not avoided, could result in minor or moderate
injury.

Indicates a potentially hazardous situation which, if

not avoided, could result in equipment damage,
data loss, performance deterioration, or
unanticipated results.
NOTICE is used to address practices not related to
personal injury.

Supplements the important information in the main

text.
NOTE is used to address information not related to
personal injury, equipment damage, and
environment deterioration.

Command Conventions
The command conventions that may be found in this document are defined as
follows.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 3

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 1 About This Document

Convention Description

Boldface The keywords of a command line are in boldface.

Italic Command arguments are in italics.

[] Items (keywords or arguments) in brackets [ ] are

optional.

{ x | y | ... } Optional items are grouped in braces and separated

by vertical bars. One item is selected.

[ x | y | ... ] Optional items are grouped in brackets and

separated by vertical bars. One item is selected or
no item is selected.

{ x | y | ... }* Optional items are grouped in braces and separated

by vertical bars. A minimum of one item or a
maximum of all items can be selected.

[ x | y | ... ]* Optional items are grouped in brackets and

separated by vertical bars. Several items or no item
can be selected.

&<1-n> The parameter before the & sign can be repeated 1

to n times.

# A line starting with the # sign is comments.

Change History
Changes between document issues are cumulative. The latest document issue
contains all the changes made in earlier issues.
● Changes in Issue 04 (2020-04-30)
This issue is the fourth official release. The software version of this issue is
V800R012C00SPC300.
● Changes in Issue 03 (2020-03-30)
This issue is the third official release. The software version of this issue is
V800R012C00SPC300.
● Changes in Issue 02 (2020-03-15)
This issue is the second official release. The software version of this issue is
V800R012C00SPC100.
● Changes in Issue 01 (2019-10-30)
This issue is the first official release. The software version of this issue is
V800R012C00.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 4

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

2 IP FPM Configuration

About This Chapter

IP Flow Performance Measurement (FPM) is a Huawei proprietary feature that

measures packet loss rate and delay of end-to-end service packets transmitted on
an IP network to determine network performance. This feature is easy to deploy
and provides an accurate assessment of network performance.

2.1 Overview of IP FPM

IP Flow Performance Measurement (FPM) is a Huawei-proprietary feature that
measures packet loss rate and delay of end-to-end service packets transmitted on
an IP network. This feature is easy to deploy and provides an accurate assessment
of network performance.
2.2 IP FPM Licensing Requirements and Configuration Precautions
2.3 Configuring IP FPM End-to-End Performance Statistics Collection
IP Flow Performance Measurement (FPM) end-to-end performance statistics
collection measures packet loss and delay on the entire network so that carriers
can quickly respond to resolve network issues if network performance deteriorates.
2.4 Configuring IP FPM Hop-by-Hop Performance Statistics Collection
IP Flow Performance Measurement (FPM) hop-by-hop performance statistics
collection helps locate faulty nodes when packet loss or delay occurs.
2.5 Maintaining IP FPM
This section describes how to maintain IP Flow Performance Monitor (FPM) by
configuring the alarm thresholds for IP FPM performance and monitoring IP FPM
performance statistics.
2.6 IP FPM Configuration Examples
This chapter provides IP FPM configuration examples.

2.1 Overview of IP FPM

IP Flow Performance Measurement (FPM) is a Huawei-proprietary feature that
measures packet loss rate and delay of end-to-end service packets transmitted on

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 5

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

an IP network. This feature is easy to deploy and provides an accurate assessment

of network performance.

Background
As IP services are more widely used, fault diagnosis and end-to-end service quality
analysis are becoming an increasingly pressing concern for carriers. However,
absence of effective measures prolongs fault diagnosis and increases the
workload. IP FPM is developed to help carriers collect statistics and monitor end-
to-end network performance.

Basic Concepts
The IP Flow Performance Measurement (FPM) model describes how service flows
are measured to obtain the packet loss rate and delay.Figure 2-1 shows the IP
FPM statistical model. The IP FPM model is composed of three objects: target
flows, a transit network, and the statistical system. The statistical system is further
classified into the Target Logical Port (TLP), Data Collecting Point (DCP), and
Measurement Control Point (MCP).

Figure 2-1 IP FPM model

● Target flow
Target flows must be pre-defined.
One or more fields in IP headers can be specified to identify target flows. The
field can be the source IP address or prefix, destination IP address or prefix,
protocol type, source port number, destination port number, or type of service
(ToS). The more fields specified, the more accurately flows can be identified.
Specifying as many fields as possible is recommended to maximize
measurement accuracy.
● Transit network
The transit network only bears target flows. The target flows are not
generated or terminated on the transit network. The transit network can be a
Layer 2 (L2), Layer 3 (L3), or L2+L3 hybrid network. Each node on the transit
network must be reachable at the network layer.
● TLP

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 6

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

TLPs are interfaces on the edge nodes of the transit network. TLPs perform
the following actions:
– Compile statistics on the packet loss rate and delay.
– Generate statistics, such as the number of packets sent and received,
traffic bandwidth, and timestamp.
An In-Point-TLP collects statistics about service flows it receives. An Out-Point-
TLP collects statistics about service flows it sends.
● DCP
DCPs are edge nodes on the transit network. DCPs perform the following
actions:
– Manage and control TLPs.
– Collect statistics generated by TLPs.
– Report the statistics to an MCP.
● MCP
MCPs can be any nodes on the transit network. MCPs perform the following
actions:
– Collect statistics reported by DCPs.
– Summarize and calculate the statistics.
– Report measurement results to user terminals or the network
management system (NMS).
IP FPM also defines measurement flags. Measurement flags, also called
identification flags, identifies whether a specific packet is used to measure packet
loss or delay. A specific bit in the IPv4 packet header can be specified as a
measurement flag for packet loss or delay measurement.

Currently, the IP FPM Measurement flags cannot use the same Bit with Qos flags.

Implementation
IP Flow Performance Measurement (FPM) measures multipoint-to-multipoint
(MP2MP) service flows to obtain the packet loss rate and delay.In statistical terms,
the statistical objects are the service flows, and statistical calculations determine
the packet loss rate and delay of the service flows traveling across the transit
network. Service flow statistical analysis is performed on the ingress and egress of
the transit network. On the IP/MPLS network shown in Figure 2-2, the number of
packets entering the network in the ingress direction on R(n) is PI(n), and the
number of packets leaving the network in the egress direction on HUAWEI (n) is
PE(n).

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 7

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Figure 2-2 IP FPM statistics collection

The difference between the number of packets entering the network and the
number of packets leaving the network within a specified period is the packet loss.
● The number of packets entering the network is the sum of all packets moving
in the ingress direction: PI = PI(1) + PI(2) + PI(3)
● The number of packets leaving the network is the sum of all packets moving
in the egress direction: PE = PE(1) + PE(2) + PE(3)
The difference between the time a service flow enters the network and the time
the service flow leaves the network within a specified period is the delay.

Benefits
IP FPM brings the following benefits to carriers:
● Allows carriers to use the network management system (NMS) to monitor
the network running status to determine whether the network quality
complies with the service level agreement (SLA).
● Allows carriers to promptly adjust services based on measurement results to
ensure proper transmission of voice and data services, improving user
experience.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 8

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

The following examples describe how to configure packet loss measurement and two-way
delay measurement in end-to-end proactive performance statistics and how to configure
packet loss measurement and one-way delay measurement in hop-by-hop on-demand
performance statistics.
IP FPM has the following limitations:
● IP FPM does not support statistics collection on multicast and broadcast streams.
● IP FPM supports statistics collection on only IPv4 packets and not IPv6 packets.
● For the packets fragmented within a measurement domain, IP FPM supports statistics
collection only on the first fragments. This may lead to byte loss or incorrect byte loss
rate.
● If the interface where the TLP resides is an inter-board trunk interface, a measurement
flag is added to delay packets in polling mode in the upstream direction. That is, delay
measurement is enabled on all the boards where the trunk interface resides one by
one to ensure that a measurement flag is added to one packet each time. If there are
N boards where the trunk interface resides and the measurement period is Interval, a
delay measurement result is generated after a period of N x Interval at least.
● If switching from a 1588 clock to an NTP clock occurs during IP FPM, the collected
statistics are incorrect.
● If a configuration change (such as a TLP or flow configuration change) occurs during
IP FPM, the collected statistics are incorrect.
● If a master/slave switchover occurs on a device during IP FPM, the data generated
during the switchover does not take effect.
● During 1588 clock synchronization, IP FPM delay statistics are incorrect.
● A statistical instance supports at most two InPoint nodes.
● For multipoint delay statistics collection, the packets that do not support ingress are
copied. The statistics cannot be viewed, and no statistics result is available.
● During traffic switching in master/slave RSG scenarios, there is a low probability that
the delay statistics collected within the first period are incorrect.
● Multipoint delay statistics collection is supported only after all the devices deployed
with IP FPM (including MCP and DCP) are upgraded. Otherwise, only single-point
delay statistics collection is supported.
In P2MP (MP being two points) and MP2P (MP being two points) delay measurement
scenarios, all devices in the delay measurement area must support P2MP delay
measurement. Otherwise, delay measurement fails.

2.2 IP FPM Licensing Requirements and Configuration

Precautions
Licensing Requirements
For details, see "Licensing Requirements" in Feature Description.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 9

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Configuration Precautions
Restrictions Guidelines Impact

In the case of 1588v2 Do not use the 1588v2 IP FPM measurement

clock synchronization, clock source as a DCP. results are not available.
the 1588v2 clock source
cannot obtain the
locking status of the
1588v2 clock. Therefore,
the 1588v2 clock source
cannot function as a
DCP. If the 1588v2 clock
source functions as a
DCP in this situation, a
statistics collection
abnormality occurs.

IP FPM does not support None IP FPM measurement

GRE tunnels. results are inaccurate
when GRE tunnels are
deployed.

IP FPM multi-path Use the corresponding Configuration delivery

detection: MIB tables properly. may fail.
In load balancing mode,
the hwIpfpmDcpInstTl-
pIndexTable and
hwIpfpmDcpInstTlpN-
HIndexTable MIB tables
are used to deliver
configurations. In non-
load balancing mode,
the hwIpfpmDcpInstTlpT-
able and
hwIpfpmDcpInstTlpNHT-
able MIB tables are used
to deliver configurations.

In an L2VPN scenario, None In an L2VPN scenario,

private packets whose statistics about private
Layer 2 headers are not packets whose Layer 2
Ethernet headers are not headers are not Ethernet
supported. headers cannot be
collected.

If a third-party device None. IP FPM measurement

exists on measurement results are not available.
networks, only end-to-
end IP FPM can be
deployed and hop-by-
hop IP FPM cannot be
deployed.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 10

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Restrictions Guidelines Impact

For the same VPN or in a Plan the flow granularity Packet loss statistics are
native IP scenario, the for measurement inaccurate, and no delay
flow characteristics instances, and ensure measurement result is
(including the source IP that the characteristics available.
address, destination IP of one measurement
address, source port, instance do not include
destination port, or overlap the
protocol number, and characteristics of
DSCP) of different another.
measurement instances
under the same DCP
cannot conflict. For
example, the
characteristics of one
measurement instance
cannot include or
overlap the
characteristics of
another. If the
characteristics conflict,
the measurement result
is inaccurate.

2.3 Configuring IP FPM End-to-End Performance

Statistics Collection
IP Flow Performance Measurement (FPM) end-to-end performance statistics
collection measures packet loss and delay on the entire network so that carriers
can quickly respond to resolve network issues if network performance deteriorates.

Usage Scenario
The NetEngine 8000 supports proactive and on-demand IP FPM end-to-end
performance statistics. These functions apply to different scenarios:
● Proactive performance statistics apply when you want to monitor network
performance in real-time. After you configure this function, the system
continuously implements performance statistics on packet loss or delay.
● On-demand performance statistics apply when you want to diagnose network
faults or monitor network performance over a specified period. After you
configure this function, the system periodically implements performance
statistics on packet loss or delay.
These measurements serve as a reliable reference for network operation and
maintenance and fault diagnosis, improving network reliability and user
experience.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 11

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Pre-configuration Tasks
Before configuring IP FPM end-to-end performance statistics collection, complete
the following tasks:
● Configure a dynamic routing protocol or static routes so that devices are
reachable at the network layer.
● Configure the network time protocol (NTP) or 1588v2 so that all device clocks
can be synchronized.

2.3.1 Configuring an MCP

A Measurement Control Point (MCP) collects statistics reported by Data Collecting
Points (DCPs), summarizes and calculates the statistics, and reports measurement
results to user terminals or the network management system (NMS).

Context
On the network shown in Figure 2-3, IP Flow Performance Measurement (FPM)
end-to-end performance statistics collection is implemented. The target flow
enters the transport network through Device A, travels across Device B, and leaves
the transport network through Device C. To monitor transport network
performance or diagnose faults, configure IP FPM end-to-end performance
statistics collection on both Device A and Device C.

Figure 2-3 IP FPM end-to-end performance statistics collection

As shown in Figure 2-3, Device A functions as an MCP to collect statistics reported

by DCP1 and DCP3, summarize and calculate the statistics, and report
measurement results to user terminals or the NMS.
Perform the following steps on Device A:

Procedure
Step 1 Run system-view
The system view is displayed.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 12

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Step 2 Run nqa ipfpm mcp

MCP is enabled globally, and the IPFPM-MCP view is displayed.
Step 3 Run mcp id mcp-id
An MCP ID is configured.
Using the Router ID of a device that is configured as an MCP as its MCP ID is
recommended.
The MCP ID must be an IP address reachable to DCPs. The MCP ID configured on
an MCP must be the same as that specified in the mcp mcp-id [ port port-
number ] command run in the IP FPM instance view of all DCPs associated with
this MCP. If an MCP ID is changed on an MCP, it must be changed for all DCPs
associated with this MCP in an IP FPM instance. Otherwise, the MCP cannot
process the statistics reported by the DCPs.
Step 4 (Optional) Run protocol udp port port-number
A UDP port number is specified for the MCP to communicate with DCPs.
The UDP port number configured on an MCP must be the same as that specified
in the mcp mcp-id [ port port-number ] command run in the IP FPM instance
view of all DCPs associated with this MCP. If a UDP port number is changed on an
MCP, it must be changed for all DCPs associated with this MCP in an IP FPM
instance. Otherwise, the MCP cannot process the statistics reported by the DCPs.
Step 5 (Optional) Run authentication-mode hmac-sha256 key-id key-id [ cipher ]
[ password | password ]
The authentication mode and password are configured on the MCP.
The authentication mode and password configured on an MCP must be the same
as those configured in the authentication-mode hmac-sha256 key-id key-id
[ cipher ] [ password | password ] command run on all DCPs associated with this
MCP. Otherwise, the MCP cannot process the statistics reported by the DCPs.
Step 6 Run instance instance-id
An IP FPM instance is created, and the instance view is displayed.
instance-id must be unique on an MCP and all its associated DCPs. The MCP and
all its associated DCPs must have the same IP FPM instance configured.
Otherwise, statistics collection does not take effect.
Step 7 (Optional) Run description text
The description is configured for the IP FPM instance.
The description of an IP FPM instance can contain the functions of the instance,
facilitating applications.
Step 8 Run dcp dcp-id
A DCP ID is specified in the IP FPM instance.
The DCP ID configured in an IP FPM instance must be the same as that specified
in the dcp id dcp-id command run on a DCP. Otherwise, the MCP associated with
this DCP cannot process the statistics reported by the DCP.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 13

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Step 9 Run commit

The configuration is committed.

----End

Follow-up Procedure
When DCP configurations are being changed, the MCP may receive incorrect
statistics from the DCP. To prevent this, run the measure disable command to
disable IP FPM performance statistics collection of a specified instance on the
MCP. After the DCP configuration change is complete, run the undo measure
disable or measure enable command to enable IP FPM performance statistics
collection for the specified instance on the MCP. This ensures accurate
measurement.

2.3.2 Configuring a DCP

A Data Collecting Point (DCP) manages and controls Target Logical Ports (TLPs),
collects statistics generated by TLPs, and reports the statistics to a Measurement
Control Point (MCP).

Context
On the network shown in Figure 2-4, IP Flow Performance Measurement (FPM)
end-to-end performance statistics collection is implemented. The target flow
enters the transport network through Device A, travels across Device B, and leaves
the transport network through Device C. To monitor transport network
performance or diagnose faults, configure IP FPM end-to-end performance
statistics collection on both Device A and Device C.

Figure 2-4 IP FPM end-to-end performance statistics collection

As shown in Figure 2-4, Device A and Device C function as DCPs to manage and
control TLP100 and TLP310, respectively. Device A and Device C collect statistics
generated by TLP100 and TLP310 and report the statistics to the MCP.
Perform the following steps on Device A and Device C:

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 14

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run nqa ipfpm dcp
DCP is enabled globally, and the IPFPM-DCP view is displayed.
Step 3 Run dcp id dcp-id
A DCP ID is configured.
Using the Router ID of a device that is configured as a DCP as its DCP ID is
recommended.
The DCP ID configured on a DCP must be the same as that specified in the dcp
dcp-id command run in the IP FPM instance view of the MCP associated with this
DCP. Otherwise, the MCP cannot process the statistics reported by the DCP.
Step 4 (Optional) Run authentication-mode hmac-sha256 key-id key-id [ cipher ]
[ password | password ]
The authentication mode and password are configured on the DCP.
The authentication mode and password configured on a DCP must be the same as
those configured in the authentication-mode hmac-sha256 key-id key-id
[ cipher ] [ password | password ] command run on the MCP associated with this
DCP. Otherwise, the MCP cannot process the statistics reported by the DCP.
Step 5 (Optional) Run color-flag loss-measure { tos-bit tos-bit | flags-bit0 } delay-
measure { tos-bit tos-bit | flags-bit0 }
IP FPM measurement flags are configured.
The loss and delay measurement flags cannot use the same bit, and the bits used
for loss and delay measurement must not have been used in other measurement
tasks.
Step 6 Run mcp mcp-id [ port port-number ] [ vpn-instance vpn-instance-name | net-
manager-vpn ]
An MCP ID is specified for the DCP, and the UDP port number is configured for the
DCP to communicate with the MCP.
The UDP port number configured on the DCP must be the same as that
configured in the protocol udp port port-number command run on the MCP
associated with this DCP. Otherwise, the DCP cannot report the statistics to the
MCP.
The VPN instance has been created on the DCP before you configure vpn-instance
vpn-instance-name or net-manager-vpn to allow the DCP to report the statistics
to the MCP through the specified VPN or management VPN.
Step 7 (Optional) Run period source ntp
The DCP is configured to select NTP as the clock source when calculating an IP
FPM statistical period ID.
In P2MP (MP being two points) delay measurement scenarios, if the ingress of the
service traffic uses NTP as the clock source, but the egresses use a different clock

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 15

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Configure the bidirectional target flow characteristics.

● When protocol is specified as TCP or UDP, run:
flow bidirectional { protocol { tcp | udp } { source-port src-port-number1
[ to src-port-number2 ] | destination-port dest-port-number1 [ to dest-port-
number2 ] } * | dscp dscp-value | source src-ip-address [ src-mask-length ] |
destination dest-ip-address [ dest-mask-length ] } *
● When protocol is specified as any protocol other than TCP or UDP, run:

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 16

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

● If the target flow in an IP FPM instance is unidirectional, only forward can be specified.
● If the target flow in an IP FPM instance is bidirectional, two situations are available:
– If the bidirectional target flow is asymmetrical, you must configure forward and
backward in two command instances to configure the forward and backward flow
characteristics.
– If the bidirectional target flow is symmetrical, you can specify bidirectional to
configure the bidirectional target flow characteristics. By default, the characteristics
specified are used for the forward flow, and the reverse of those are used for the
backward flow. Specifically, the source and destination IP addresses and port numbers
specified for the forward flow are used respectively as the destination and source IP
addresses and port numbers for the backward flow. If the target flow is symmetrical
bidirectional, set src-ip-address to specify a source IP address and dest-ip-address to
specify a destination IP address for the target flow.

Step 12 Run tlp tlp-id { in-point | out-point } { ingress | egress } [ vpn-label vpn-label
[ lsp-label lsp-label ] ] [ backward-vpn-label backward-vpn-label [ backward-
lsp-label backward-lsp-label ] ]
A TLP is configured and its role is specified.
A TLP compiles statistics and outputs data in the IP FPM model. A TLP can be
specified as an in-point or an out-point. The system sets the measurement flags of
target flows on an in-point, and clears the measurement flags of target flows on
an out-point. TLP100 and TLP310 in Figure 2-4 are the in-point and out-point,
respectively.
Step 13 Run commit
The configuration is committed.
Step 14 Run quit
Return to the IPFPM-DCP view.
Step 15 Run quit
Return to the system view.
Step 16 Bind the TLP to an interface.
1. Run the interface interface-type interface-name command to enter the
interface view.
2. Run either of the following commands:
– If the interface is a Layer 3 interface, run the ipfpm tlp tlp-id command.
– If the interface is a Layer 2 interface, run the ipfpm tlp tlp-id { ce-
default-vlan | vlan-id vlan-id } command.
Step 17 Configure IP FPM end-to-end performance statistics collection.
1. Run the system-view command to enter the system view.
2. Run the nqa ipfpm dcp command to enter the IPFPM-DCP view.
3. Run the instance instance-id command to enter the IP FPM instance view.
4. Run either of the following commands to enable packet loss measurement:
– To enable on-demand packet loss measurement, run the loss-measure
enable [ time-range time-range ] command.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 17

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

– To enable proactive packet loss measurement, run the loss-measure

enable continual command.
5. Perform either of the following operations to enable delay measurement.
Run either of the following commands if the target flow is unidirectional:
– To enable on-demand one-way delay measurement, run the delay-
measure enable one-way tlp tlp-id [ time-range time-range ]
command.
– To enable proactive one-way delay measurement, run the delay-measure
enable one-way tlp tlp-id continual command.
Run either of the following commands if the target flow is bidirectional:
– To enable on-demand two-way delay measurement, run the delay-
measure enable two-way tlp tlp-id1 [ tlp-id2 ] [ time-range time-
range ] command.
– To enable proactive two-way delay measurement, run the delay-measure
enable two-way tlp tlp-id1 [ tlp-id2 ] continual command.

Step 18 Run commit

The configuration is committed.

----End

2.3.3 Checking the Configurations

After configuring the MCP, DCPs, and TLPs, check the IP FPM end-to-end
performance statistics collection function.

Prerequisites
The IP FPM end-to-end performance statistics collection function has been
configured.

Procedure
● Run the display ipfpm mcp command to check MCP configurations.
● Run the display ipfpm dcp command to check DCP configurations.
● Run the display ipfpm statistic-type { loss | oneway-delay | twoway-
delay } instance instance-id command to check the performance statistics for
a specified IP FPM instance.

----End

2.4 Configuring IP FPM Hop-by-Hop Performance

Statistics Collection
IP Flow Performance Measurement (FPM) hop-by-hop performance statistics
collection helps locate faulty nodes when packet loss or delay occurs.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 18

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Usage Scenario
IP FPM hop-by-hop performance statistics collection helps locate faults hop by
hop from the source node that initiates traffic.
● When a target flow is unidirectional, you can directly implement hop-by-hop
performance statistics collection for the flow.
● When a target flow is bidirectional, two situations are available:
– If the target flow is symmetrical, you can implement hop-by-hop
performance statistics collection for the forward or backward flow, and
the measurement is the same either way.
– If the target flow is asymmetrical, you must implement hop-by-hop
performance statistics collection for both the forward and backward flows
to obtain their respective measurements.

These measurements serve as a reliable reference for network operation and

maintenance and fault diagnosis, improving network reliability and user
experience.

Pre-configuration Tasks
Before configuring IP FPM hop-by-hop performance statistics collection, complete
the following tasks:

● Configure a dynamic routing protocol or static routes so that devices are

reachable at the network layer.
● Configure the network time protocol (NTP) or 1588v2 so that all device clocks
can be synchronized.

Compared with NTP, 1588v2 implements inter-device clock synchronization with

higher precision. To obtain accurate performance statistics, it is recommended that
1588v2 be deployed to implement clock synchronization between all devices with
clocks when you use IP FPM for performance measurement, especially for one-way
delay measurement.

2.4.1 Configuring an MCP

Context
On the network shown in Figure 2-5, IP Flow Performance Measurement (FPM)
hop-by-hop performance statistics collection is implemented. The target flow
enters the transport network through Device A, travels across Device B, and leaves
the transport network through Device C. To locate faults when network
performance deteriorates, configure IP FPM hop-by-hop performance statistics
collection on Device A, Device B, and Device C to measure packet loss and delay
hop by hop.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 19

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Figure 2-5 IP FPM hop-by-hop performance statistics collection

As shown in Figure 2-5, Device A functions as an MCP to collect statistics reported

by DCP1, DCP2, and DCP3, summarize and calculate the statistics, and report
measurement results to user terminals or the NMS.
Perform the following steps on Device A:

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run nqa ipfpm mcp
MCP is enabled globally, and the IPFPM-MCP view is displayed.
Step 3 Run mcp id mcp-id
An MCP ID is configured.
Using the Router ID of a device that is configured as an MCP as its MCP ID is
recommended.
The MCP ID must be an IP address reachable to DCPs. The MCP ID configured on
an MCP must be the same as that specified in the mcp mcp-id [ port port-
number ] command run in the IP FPM instance view of all DCPs associated with
this MCP. If an MCP ID is changed on an MCP, it must be changed for all DCPs
associated with this MCP in an IP FPM instance. Otherwise, the MCP cannot
process the statistics reported by the DCPs.
Step 4 (Optional) Run protocol udp port port-number
A UDP port number is specified for the MCP to communicate with DCPs.
The UDP port number configured on an MCP must be the same as that specified
in the mcp mcp-id [ port port-number ] command run in the IP FPM instance

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 20

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

view of all DCPs associated with this MCP. If a UDP port number is changed on an
MCP, it must be changed for all DCPs associated with this MCP in an IP FPM
instance. Otherwise, the MCP cannot process the statistics reported by the DCPs.

Step 5 (Optional) Run authentication-mode hmac-sha256 key-id key-id [ cipher ]

[ password | password ]

The authentication mode and password are configured on the MCP.

The authentication mode and password configured on an MCP must be the same
as those configured in the authentication-mode hmac-sha256 key-id key-id
[ cipher ] [ password | password ] command run on all DCPs associated with this
MCP. Otherwise, the MCP cannot process the statistics reported by the DCPs.

Step 6 Run instance instance-id

An IP FPM instance is created, and the instance view is displayed.

instance-id must be unique on an MCP and all its associated DCPs. The MCP and
all its associated DCPs must have the same IP FPM instance configured.
Otherwise, statistics collection does not take effect.

Step 7 (Optional) Run description text

The description is configured for the IP FPM instance.

The description of an IP FPM instance can contain the functions of the instance,
facilitating applications.

Step 8 Run dcp dcp-id

A DCP ID is specified in the IP FPM instance.

The DCP ID configured in an IP FPM instance must be the same as that specified
in the dcp id dcp-id command run on a DCP. Otherwise, the MCP associated with
this DCP cannot process the statistics reported by the DCP.

Step 9 Run the following commands to configure Atomic Closed Hops (ACHs).

An ACH identifies a range between two neighboring measurement points. The

network shown in Figure 2-5 is classified into three ACHs: ACH1 {TLP100,
TLP200}, ACH2 {TLP200, TLP300}, and ACH3 {TLP200, TLP310}. In ACH1, TLP100 is
the in-point, and TLP200 is the out-point. In ACH2, TLP200 is the in-point, and
TLP300 is the out-point. In ACH3, TLP200 is the in-point, and TLP310 is the out-
point.

1. Run the ach ach-id command to create an ACH and enter the ACH view.
2. Run the flow { forward | backward | bidirectional } command to specify the
direction in which hop-by-hop delay measurement is implemented for the
target flow.
3. Run the in-group dcp dcp-id tlp tlp-id command to configure the TLP in-
group.
4. Run the out-group dcp dcp-id tlp tlp-id command to configure the TLP out-
group.

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 21

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

2.4.2 Configuring a DCP

A Data Collecting Point (DCP) manages and controls Target Logical Ports (TLPs),
collects statistics generated by TLPs, and reports the statistics to a Measurement
Control Point (MCP).

Context
On the network shown in Figure 2-6, IP Flow Performance Measurement (FPM)
hop-by-hop performance statistics collection is implemented. The target flow
enters the transport network through Device A, travels across Device B, and leaves
the transport network through Device C. To locate faults when network
performance deteriorates, configure IP FPM hop-by-hop performance statistics
collection on Device A, Device B, and Device C to measure packet loss and delay
hop by hop.

Figure 2-6 IP FPM hop-by-hop performance statistics collection

As shown in Figure 2-6, Device A, Device B, and Device C function as DCPs. Device
A manages and controls TLP100, Device B manages and controls TLP200, and
Device C manages and control TLP300 and TLP310. Device A, Device B, and Device
C collect statistics generated by these TLPs and report the statistics to the MCP.
Perform the following steps on Device A, Device B, and Device C:

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 22

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run nqa ipfpm dcp
DCP is enabled globally, and the IPFPM-DCP view is displayed.
Step 3 Run dcp id dcp-id
A DCP ID is configured.
Using the Router ID of a device that is configured as a DCP as its DCP ID is
recommended.
The DCP ID configured on a DCP must be the same as that specified in the dcp
dcp-id command run in the IP FPM instance view of the MCP associated with this
DCP. Otherwise, the MCP cannot process the statistics reported by the DCP.
Step 4 (Optional) Run authentication-mode hmac-sha256 key-id key-id [ cipher ]
[ password | password ]
The authentication mode and password are configured on the DCP.
The authentication mode and password configured on a DCP must be the same as
those configured in the authentication-mode hmac-sha256 key-id key-id
[ cipher ] [ password | password ] command run on the MCP associated with the
DCP. Otherwise, the MCP cannot process the statistics reported by the DCP.
Step 5 (Optional) Run color-flag loss-measure { tos-bit tos-bit | flags-bit0 } delay-
measure { tos-bit tos-bit | flags-bit0 }
IP FPM measurement flags are configured.
The loss and delay measurement flags cannot use the same bit, and the bits used
for loss and delay measurement must not have been used in other measurement
tasks.
Step 6 Run mcp mcp-id [ port port-number ] [ vpn-instance vpn-instance-name | net-
manager-vpn ]
An MCP ID is specified for the DCP, and the UDP port number is configured for the
DCP to communicate with the MCP.
The UDP port number configured on the DCP must be the same as that
configured in the protocol udp port port-number command run on the MCP
associated with this DCP. Otherwise, the DCP cannot report the statistics to the
MCP.
The VPN instance has been created on the DCP before you configure vpn-instance
vpn-instance-name or net-manager-vpn to allow the DCP to report the statistics
to the MCP through the specified VPN or management VPN.
Step 7 (Optional) Run period source ntp
The DCP is configured to select NTP as the clock source when calculating an IP
FPM statistical period ID.
In P2MP (MP being two points) delay measurement scenarios, if the ingress of the
service traffic uses NTP as the clock source, but the egresses use a different clock

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 23

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

source, for example, NTP or 1588v2, you must configure the egresses to select
NTP as the clock source when calculating an IP FPM statistical period ID to ensure
consistent clock sources on the ingress and egresses.
Step 8 Run instance instance-id
An IP FPM instance is created, and the instance view is displayed.
instance-id must be unique on an MCP and all its associated DCPs. The MCP and
all its associated DCPs must have the same IP FPM instance configured.
Otherwise, statistics collection does not take effect.
Step 9 (Optional) Run description text
The description is configured for the IP FPM instance.
The description of an IP FPM instance can contain the functions of the instance,
facilitating applications.
Step 10 (Optional) Run interval interval
The statistical period is configured for the IP FPM instance.
Step 11 Perform either of the following operations to configure the target flow
characteristics in the IP FPM instance.
Configure the forward or backward target flow characteristics.
● When protocol is specified as TCP or UDP, run:
flow { forward | backward } { protocol { tcp | udp } { source-port src-port-
number1 [ to src-port-number2 ] | destination-port dest-port-number1 [ to
dest-port-number2 ] } * | dscp dscp-value | source src-ip-address [ src-mask-
length ] | destination dest-ip-address [ dest-mask-length ] }
● When protocol is specified as any protocol other than TCP or UDP, run:
flow { forward | backward } { protocol protocol-number | dscp dscp-value |
source src-ip-address [ src-mask-length ] | destination dest-ip-address [ dest-
mask-length ] }
Configure the characteristics for the bidirectional target flow.
● When protocol is specified as TCP or UDP, run:
flow bidirectional { protocol { tcp | udp } { source-port src-port-number1
[ to src-port-number2 ] | destination-port dest-port-number1 [ to dest-port-
number2 ] } * | dscp dscp-value | source src-ip-address [ src-mask-length ] |
destination dest-ip-address [ dest-mask-length ] } *
● When protocol is specified as any protocol other than TCP or UDP, run:
flow bidirectional { protocol protocol-number | dscp dscp-value | source src-
ip-address [ src-mask-length ] | destination dest-ip-address [ dest-mask-
length ] }

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 24

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

● If the target flow in an IP FPM instance is unidirectional, only forward can be specified.
● If the target flow in an IP FPM instance is bidirectional, two situations are available:
– If the bidirectional target flow is asymmetrical, you must configure forward and
backward in two command instances to configure the characteristics for the forward
and backward flows, respectively.
– If the bidirectional target flow is symmetrical, you can specify bidirectional to
configure the bidirectional target flow characteristics. By default, the characteristics
specified are used for the forward flow, and the reverse of those are used for the
backward flow. Specifically, the source and destination IP addresses and port numbers
specified for the forward flow are used respectively as the destination and source IP
addresses and port numbers for the backward flow. If the target flow is symmetrical
bidirectional, set src-ip-address to specify a source IP address and dest-ip-address to
specify a destination IP address for the target flow.

Step 12 Run the following commands to configure TLPs.

● Run the tlp { in-point | out-point } { ingress | egress } [ vpn-label vpn-
label ] [ backward-vpn-label backward-vpn-label ] commands to configure a
TLP and specify it as an in-point or out-point.
On the network shown in Figure 2-6, TLP100 is the in-point, and TLP310 is
the out-point.
● Run the tlp tlp-id mid-point flow { forward | backward } { ingress | egress }
[ vpn-label vpn-label [ lsp-label lsp-label [ lsp-label2 lsp-label2 ] ] [ flow-
label ] [ control-word ] [ l2vpn [ tpid tpid ] ] ] command to configure a TLP
and specify it as a mid-point. In a load-balancing scenario where different
paths share the same interface or path segment, run the tlp tlp-id index
index-id mid-point flow { forward | backward } { ingress | egress } vpn-
label vpn-label [ lsp-label lsp-label [ lsp-label2 lsp-label2 ] [ flow-label ]
[ control-word ] [ l2vpn [ tpid tpid ] ] ] command to configure the mid-
point included in the IP FPM statistical instance and the role of the mid-point.
On the network shown in Figure 2-6, TLP200 and TLP300 are mid-points.
● Run the tlp tlp-id mid-point flow bidirectional { ingress | egress } [ forward
{ vpn-label vpn-label [ lsp-label lsp-label [ lsp-label2 lsp-label2 ] ] [ flow-
label ] [ control-word ] [ l2vpn [ tpid tpid ] ] } ] [backward { vpn-label
vpn-label [ lsp-label lsp-label [ lsp-label2 lsp-label2 ] ] [ flow-label ]
[ control-word ] [ l2vpn [ tpid tpid ] ] } ] command to configure a TLP and
specify it as a mid-point for the bidirectional target flow. In a load-balancing
scenario where different paths share the same interface or path segment, run
the tlp tlp-id index index-id mid-point flow bidirectional { ingress | egress }
{ forward vpn-label vpn-label [ lsp-label lsp-label [ lsp-label2 lsp-label2 ] ]
[ flow-label ] [ control-word ] [ l2vpn [ tpid tpid ] ] | backward vpn-label
vpn-label [ lsp-label lsp-label [ lsp-label2 lsp-label2 ] ] [ flow-label ]
[ control-word ] [ l2vpn [ tpid tpid ] ] | forward vpn-label vpn-label [ lsp-
label lsp-label [ lsp-label2 lsp-label2 ] ] [ flow-label ] [ control-word ]
[ l2vpn [ tpid tpid ] ] backward vpn-label vpn-label [ lsp-label lsp-label
[ lsp-label2 lsp-label2 ] ] [ flow-label ] [ control-word ] [ l2vpn [ tpid
tpid ] ] } command to configure the mid-point of the bidirectional target flow
included in the IP FPM statistical instance and the role of the mid-point.
● Run the tlp tlp-id mid-point flow { forward | backward } { ingress | egress }
[ vpn-label vpn-label [ lsp-label lsp-label [ lsp-label2 { lsp-label2 | any } ] ]
[ flow-label ] [ control-word ] [ l2vpn [ tpid tpid ] ] ] command or the tlp
mid-point flow bidirectional { ingress | egress } [ forward vpn-label vpn-

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 25

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

label [ lsp-label lsp-label [ lsp-label2 { lsp-label2 | any } ] ] [ flow-label ]

[ control-word ] [ l2vpn [ tpid tpid ] ] ] [ backward vpn-label vpn-label
[ lsp-label lsp-label [ lsp-label2 { lsp-label2 | any } ] ] [ flow-label ]
[ control-word ] [ l2vpn [ tpid tpid ] ] ] command to configure the TE label
of the TLP in an IP FPM instance as a wildcard label.

● Label overlapping may occur when performance measurement is performed on packets

carrying labels on the downstream interface. In this case, run the tlp nexthop command
to specify a next hop address.
● If tlp-id is set to the same value in the preceding commands, the configurations of the
command run later overwrite the configurations of the command run earlier.

Step 13 Run quit

Return to the IPFPM-DCP view.
Step 14 Run quit
Return to the system view.
Step 15 Bind the TLPs to interfaces.
1. Run the interface interface-type interface-name command to enter the
interface view.
2. Run either of the following commands:
– If the interface is a Layer 3 interface, run the ipfpm tlp tlp-id command.
– If the interface is a Layer 2 interface, run the ipfpm tlp tlp-id { ce-
default-vlan | vlan-id vlan-id } command.
3. Run the quit command to return to the system view.
Step 16 Configure IP FPM hop-by-hop performance statistics collection.
1. Run the nqa ipfpm dcp command to enter the IPFPM-DCP view.
2. Run the instance instance-id command to enter the IP FPM instance view.
3. Run the loss-measure enable mid-point [ time-range time-range |
continual ] command to enable hop-by-hop packet loss measurement.
4. Enable delay measurement.
If the target flow is unidirectional, run either of the following commands:
– To enable on-demand one-way delay measurement, run the delay-
measure enable one-way tlp mid-point [ time-range time-range ]
command.
– To enable proactive one-way delay measurement, run the delay-measure
enable one-way tlp mid-point continual command.

In NetEngine 8000 implementation, hop-by-hop delay measurement can be

performed after you enable this function on the TLP in-point (TLP100 in Figure
2-6) from which the target flow enters the network.
If the target flow is a bidirectional, run either of the following commands:
– To enable on-demand two-way delay measurement, run the delay-
measure enable two-way tlp mid-point [ time-range time-range ]
command.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 26

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

– To enable proactive two-way delay measurement, run the delay-measure

enable two-way tlp mid-point continual command.

----End

2.4.3 Checking the Configurations

After configuring the MCP, DCPs, and TLPs, check the IP FPM hop-by-hop
performance statistics collection function.

Prerequisites
The IP FPM hop-by-hop performance statistics collection function has been
configured.

Procedure
● Run the display ipfpm mcp command to check MCP configurations.
● Run the display ipfpm dcp command to check DCP configurations.
● Run the display ipfpm statistic-type { loss | oneway-delay | twoway-
delay } instance instance-id ach ach-id command to check the hop-by-hop
performance statistics for a specified ACH.
----End

2.5 Maintaining IP FPM

This section describes how to maintain IP Flow Performance Monitor (FPM) by
configuring the alarm thresholds for IP FPM performance and monitoring IP FPM
performance statistics.

2.5.1 Configuring Alarm and Clear Alarm Thresholds for IP

FPM Performance Counters
After you configure the alarm threshold and its clear alarm threshold for packet
loss or delay, the device generates an alarm when the packet loss rate or delay
reaches the alarm threshold and clears the alarm when the packet loss rate or
delay falls below the clear alarm threshold. The alarm functions help network
operation and maintenance.

Context
If the packet loss rate or delay on a network is detected high but left unattended,
the packet loss rate or delay may increase and potentially affect user experience.
To help network operation and maintenance, configure the alarm threshold and
its clear alarm threshold for packet loss or delay.

Procedure
Step 1 Run system-view
The system view is displayed.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 27

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Step 2 Run nqa ipfpm mcp

The IPFPM-MCP view is displayed.
Step 3 Run instance instance-id
The IP FPM instance view is displayed.
Step 4 Run loss-measure ratio-threshold upper-limit upper-limit lower-limit lower-
limit
The packet loss alarm threshold and its clear alarm threshold are configured.
Step 5 Run either of the following commands to configure the delay alarm threshold and
its clear alarm threshold.
● When the target flow is unidirectional, run the delay-measure one-way
delay-threshold upper-limit upper-limit lower-limit lower-limit command to
configure the one-way delay alarm threshold and its clear alarm threshold.
● When the target flow is bidirectional, run the delay-measure two-way
delay-threshold upper-limit upper-limit lower-limit lower-limit command to
configure the two-way delay alarm threshold and its clear alarm threshold.

----End

2.5.2 Monitoring the IP FPM Running Status

This section describes how to monitor the IP FPM running status.

Context
Run the display commands in any view to check the IP FPM performance statistics
and monitor the IP FPM running status in routine maintenance.

Procedure
● Run the display ipfpm statistic-type { loss | oneway-delay | twoway-
delay } instance instance-id command to check the performance statistics for
a specified IP FPM instance.
● Run the display ipfpm statistic-type { loss | oneway-delay | twoway-
delay } instance instance-id ach ach-id [ verbose ] command to check the
hop-by-hop performance statistics for a specified ACH.
----End

2.6 IP FPM Configuration Examples

This chapter provides IP FPM configuration examples.

2.6.1 Example for Configuring IP FPM End-to-End Performance

Statistics Collection
This section provides an example for configuring IP Flow Performance Monitor
(FPM) end-to-end performance statistics collection.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 28

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Networking Requirements
Various value-added services, such as IPTV, video conferencing, and Voice over
Internet Protocol (VoIP) are widely used on networks. As these services rely heavily
on high speed and robust networks, link connectivity and network performance
are essential to service transmission.
● When voice services are deployed, users will not detect any change in the
voice quality if the packet loss rate on links is lower than 5%. If the packet
loss rate is higher than 10%, the voice quality will deteriorate significantly.
● Real-time services, such as VoIP, online games, and video conferencing,
require a delay lower than 100 ms, or even 50 ms. As the delay increases, user
experience worsens.
To meet users' service quality requirements, carriers need to promptly measure the
packet loss rate and delay so that they can quickly respond to resolve network
issues if the service quality deteriorates.
The IPRAN network shown in Figure 2-7 transmits voice services. Voice flows are
symmetrical and bidirectional, and therefore one voice flow can be divided into
two unidirectional service flows. The forward service flow enters the network
through the UPE, travels across SPE1, and leaves the network through the NPE.
The backward service flow enters the network through the NPE, also travels across
SPE1, and leaves the network through the UPE.
To meet users' service quality requirements and take measures when service
quality deteriorates, configure IP FPM end-to-end performance statistics collection
to monitor the packet loss and delay of the links between the UPE and NPE in real
time.

Figure 2-7 IP FPM end-to-end performance statistics collection

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 29

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Table 2-1 Interfaces connecting devices and their IP addresses

Device Interface Name Interface Remote IP
(Role) Device Address
(Role)

UPE (DCP1/ - Loopback1 - 1.1.1.1/32

MCP)
interface1 GE1/0/0 NodeB 192.168.1.
1/24

interface2 GE1/0/1 SPE1 172.16.1.1

/24

interface3 GE1/0/2 SPE2 172.16.2.1

/24

SPE1 - Loopback1 - 2.2.2.2/32

interface1 GE1/0/1 UPE 172.16.1.2

(DCP1/ /24
MCP)

interface2 GE1/0/2 NPE 172.16.4.1

(DCP2) /24

interface3 GE1/0/3 SPE2 172.16.3.1

/24

SPE2 - Loopback1 - 3.3.3.3/32

interface1 GE1/0/1 NPE 172.16.5.1

(DCP2) /24

interface2 GE1/0/2 UPE 172.16.2.2

(DCP1/ /24
MCP)

interface3 GE1/0/3 SPE1 172.16.3.2

/24

NPE (DCP2) - Loopback1 - 4.4.4.4/32

interface1 GE1/0/1 SPE2 172.16.5.2

/24

interface2 GE1/0/2 SEP1 172.16.4.2

/24

interface3 GE1/0/3 NPE 192.168.2.

(DCP2) 1/24

Configuration Roadmap
The configuration roadmap is as follows:

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 30

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

1. Configure an IP address and a routing protocol for each interface so that all
provider edge devices (PEs) can communicate at the network layer. This
example uses Open Shortest Path First (OSPF) as the routing protocol.
2. Configure Multiprotocol Label Switching (MPLS) functions and public network
tunnels. In this example, RSVP-TE tunnels are established between the UPE
and SPEs, and Label Distribution Protocol (LDP) LSPs are established between
the SPEs and between the NPE and SPEs.
3. Create a VPN instance on the UPE and NPE and import the local direct routes
on the UPE and NPE to their respective VPN instance routing tables.
4. Establish MP-IBGP peer relationships between the UPE and SPEs and between
the NPE and SPEs.
5. Configure the SPEs as route reflectors (RRs) and specify the UPE and NPE as
RR clients.
6. Configure VPN FRR on the UPE and NPE.
7. Configure the Network Time Protocol (NTP) to synchronize the clocks of the
UPE, SPE1, and the NPE.
8. Configure proactive packet loss and delay measurement on the UPE and NPE
to collect packet loss and delay statistics at intervals.
9. Configure the packet loss and two-way delay alarm thresholds and clear
alarm thresholds on the UPE.

Data Preparation
To complete the configuration, you need the following data:
● IP address of each interface listed in Table 2-1
● Interior Gateway Protocol (IGP) protocol type, process ID, and area ID
● Label switching router (LSR) IDs of the UPE and SPEs
● Tunnel interface names, tunnel IDs, and tunnel interface addresses (loopback
interface addresses) for the bidirectional tunnels between the UPE and SPEs
● Tunnel policy names for the bidirectional tunnels between the UPE and SPEs
and tunnel selector names on the SPEs
● Names, route distinguishers (RDs), and VPN targets of the VPN instances on
the UPE and NPE
● UPE's NTP stratum (1); clock synchronization interval (180s) for the UPE,
SPEs, and the NPE; offset (50s) between the clock server and client; maximum
polling time (64s)
● UPE's DCP ID and MCP ID (both 1.1.1.1); NPE's MCP ID (4.4.4.4)
● IP FPM instance ID (1) and statistical period (10s)
● Forward target flow's source IP address (10.1.1.1) and destination IP address
(10.2.1.1); backward target flow's source IP address (10.2.1.1) and destination
IP address (10.1.1.1)
● Measurement points (TLP100 and TLP310)
● Loss and delay measurement flags (respectively the third and fourth bits in
the ToS field of the IPv4 packet header)

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 31

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Before you deploy IP FPM for packet loss and delay measurement, if two or more bits
in the IPv4 packet header have not been planned for other purposes, they can be used
for packet loss and delay measurement at the same time. If only one bit in the IPv4
packet header has not been planned, it can be used for either packet loss or delay
measurement in one IP FPM instance.
● Authentication mode (HMAC-SHA256), password (Huawei-123), key ID (1),
and UDP port number (2048) on the UPE and NPE
● Packet loss alarm threshold and its clear alarm threshold (respectively 10%
and 5%); two-way delay alarm threshold and its clear alarm threshold
(respectively 100 ms and 50 ms)

Procedure
Step 1 Configure interface IP addresses.
Assign an IP address to each interface according to Table 2-1 and create a
loopback interface on each node. For configuration details, see Configuration
Files in this section.
Step 2 Configure OSPF.
Configure OSPF on each node to allow the nodes to communicate at the network
layer. For detailed configurations, see Configuration Files in this section.
Step 3 Configure basic MPLS functions and public network tunnels.
● Configure basic MPLS functions and enable MPLS TE, RSVP-TE, and Constraint
Shortest Path First (CSPF).
# Configure the UPE.
<UPE> system-view
[~UPE] mpls lsr-id 1.1.1.1
[*UPE] mpls
[*UPE-mpls] mpls te
[*UPE-mpls] mpls rsvp-te
[*UPE-mpls] mpls te cspf
[*UPE-mpls] quit
[*UPE] interface gigabitethernet 1/0/1
[*UPE-GigabitEthernet1/0/1] mpls
[*UPE-GigabitEthernet1/0/1] mpls te
[*UPE-GigabitEthernet1/0/1] mpls rsvp-te
[*UPE-GigabitEthernet1/0/1] quit
[*UPE] interface gigabitethernet 1/0/2
[*UPE-GigabitEthernet1/0/2] mpls
[*UPE-GigabitEthernet1/0/2] mpls te
[*UPE-GigabitEthernet1/0/2] mpls rsvp-te
[*UPE-GigabitEthernet1/0/2] quit
[*UPE] ospf 1
[*UPE-ospf-1] opaque-capability enable
[*UPE-ospf-1] area 0
[*UPE-ospf-1-area-0.0.0.0] mpls-te enable
[*UPE-ospf-1-area-0.0.0.0] quit
[*UPE-ospf-1] quit
[*UPE] commit

# Configure SPE1.
<SPE1> system-view
[~SPE1] mpls lsr-id 2.2.2.2
[*SPE1] mpls
[*SPE1-mpls] mpls te
[*SPE1-mpls] mpls rsvp-te

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 32

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

[*SPE1-mpls] mpls te cspf

[*SPE1-mpls] quit
[*SPE1] mpls ldp
[*SPE1-mpls-ldp] quit
[*SPE1] interface gigabitethernet 1/0/1
[*SPE1-GigabitEthernet1/0/1] mpls
[*SPE1-GigabitEthernet1/0/1] mpls te
[*SPE1-GigabitEthernet1/0/1] mpls rsvp-te
[*SPE1-GigabitEthernet1/0/1] quit
[*SPE1] interface gigabitethernet 1/0/3
[*SPE1-GigabitEthernet1/0/3] mpls
[*SPE1-GigabitEthernet1/0/3] mpls ldp
[*SPE1-GigabitEthernet1/0/3] quit
[*SPE1] ospf 1
[*SPE1-ospf-1] opaque-capability enable
[*SPE1-ospf-1] area 0
[*SPE1-ospf-1-area-0.0.0.0] mpls-te enable
[*SPE1-ospf-1-area-0.0.0.0] quit
[*SPE1-ospf-1] quit
[*SPE1] commit
# Configure SPE2.
<SPE2> system-view
[~SPE2] mpls lsr-id 3.3.3.3
[*SPE2] mpls
[*SPE2-mpls] mpls te
[*SPE2-mpls] mpls rsvp-te
[*SPE2-mpls] mpls te cspf
[*SPE2-mpls] quit
[*SPE2] mpls ldp
[*SPE2-mpls-ldp] quit
[*SPE2] interface gigabitethernet 1/0/2
[*SPE2-GigabitEthernet1/0/2] mpls
[*SPE2-GigabitEthernet1/0/2] mpls te
[*SPE2-GigabitEthernet1/0/2] mpls rsvp-te
[*SPE2-GigabitEthernet1/0/2] quit
[*SPE2] interface gigabitethernet 1/0/3
[*SPE2-GigabitEthernet1/0/3] mpls
[*SPE2-GigabitEthernet1/0/3] mpls ldp
[*SPE2-GigabitEthernet1/0/3] quit
[*SPE2] ospf 1
[*SPE2-ospf-1] opaque-capability enable
[*SPE2-ospf-1] area 0
[*SPE2-ospf-1-area-0.0.0.0] mpls-te enable
[*SPE2-ospf-1-area-0.0.0.0] quit
[*SPE2-ospf-1] quit
[*SPE2] commit
# Configure NPE.
<NPE> system-view
[~NPE] mpls lsr-id 4.4.4.4
[*NPE] mpls
[*NPE-mpls] quit
[*NPE] mpls ldp
[*NPE-mpls-ldp] quit
[*NPE] interface gigabitethernet 1/0/1
[*NPE-GigabitEthernet1/0/1] mpls
[*NPE-GigabitEthernet1/0/1] mpls ldp
[*NPE-GigabitEthernet1/0/1] quit
[*NPE] interface gigabitethernet 1/0/2
[*NPE-GigabitEthernet1/0/2] mpls
[*NPE-GigabitEthernet1/0/2] mpls ldp
[*NPE-GigabitEthernet1/0/2] quit
[*NPE] commit
● Enable the egress of each unidirectional tunnel to be created to assign a non-
null label to the penultimate hop.
# Configure the UPE.
[~UPE] mpls

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 33

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

[*UPE-mpls] label advertise non-null

[*UPE-mpls] quit
[*UPE] commit

# Configure SPE1.
[~SPE1] mpls
[*SPE1-mpls] label advertise non-null
[*SPE1-mpls] quit
[*SPE1] commit

# Configure SPE2.
[~SPE2] mpls
[*SPE2-mpls] label advertise non-null
[*SPE2-mpls] quit
[*SPE2] commit

● Configure RSVP-TE tunnel interfaces.

# Configure the UPE.
[~UPE] interface Tunnel 11
[*UPE-Tunnel11] ip address unnumbered interface loopback 1
[*UPE-Tunnel11] tunnel-protocol mpls te
[*UPE-Tunnel11] destination 2.2.2.2
[*UPE-Tunnel11] mpls te tunnel-id 100
[*UPE-Tunnel11] mpls te signal-protocol rsvp-te
[*UPE-Tunnel11] mpls te reserved-for-binding
[*UPE-Tunnel11] quit
[*UPE] interface Tunnel 12
[*UPE-Tunnel12] ip address unnumbered interface loopback 1
[*UPE-Tunnel12] tunnel-protocol mpls te
[*UPE-Tunnel12] destination 3.3.3.3
[*UPE-Tunnel12] mpls te tunnel-id 200
[*UPE-Tunnel12] mpls te signal-protocol rsvp-te
[*UPE-Tunnel12] mpls te reserved-for-binding
[*UPE-Tunnel12] quit
[*UPE] commit

# Configure SPE1.
[~SPE1] interface Tunnel 11
[*SPE1-Tunnel11] ip address unnumbered interface loopback 1
[*SPE1-Tunnel11] tunnel-protocol mpls te
[*SPE1-Tunnel11] destination 1.1.1.1
[*SPE1-Tunnel11] mpls te tunnel-id 100
[*SPE1-Tunnel11] mpls te signal-protocol rsvp-te
[*SPE1-Tunnel11] mpls te reserved-for-binding
[*SPE1-Tunnel11] quit
[*SPE1] commit

# Configure SPE2.
[~SPE2] interface Tunnel 12
[*SPE2-Tunnel12] ip address unnumbered interface loopback 1
[*SPE2-Tunnel12] tunnel-protocol mpls te
[*SPE2-Tunnel12] destination 1.1.1.1
[*SPE2-Tunnel12] mpls te tunnel-id 200
[*SPE2-Tunnel12] mpls te signal-protocol rsvp-te
[*SPE2-Tunnel12] mpls te reserved-for-binding
[*SPE2-Tunnel12] quit
[*SPE2] commit

● Configure tunnel policies.

# Configure the UPE.
[~UPE] tunnel-policy policy1
[*UPE-tunnel-policy-policy1] tunnel binding destination 2.2.2.2 te Tunnel 11
[*UPE-tunnel-policy-policy1] tunnel binding destination 3.3.3.3 te Tunnel 12
[*UPE-tunnel-policy-policy1] quit
[*UPE] commit

# Configure SPE1.
[~SPE1] tunnel-policy policy1

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 34

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

[*SPE1-tunnel-policy-policy1] tunnel binding destination 1.1.1.1 te Tunnel 11

[*SPE1-tunnel-policy-policy1] quit
[*SPE1] commit

# Configure SPE2.
[~SPE2] tunnel-policy policy1
[*SPE2-tunnel-policy-policy1] tunnel binding destination 1.1.1.1 te Tunnel 12
[*SPE2-tunnel-policy-policy1] quit
[*SPE2] commit

Step 4 Create a VPN instance on the UPE and NPE and import the local direct routes on
the UPE and NPE to their respective VPN instance routing tables.

# Configure the UPE.

[~UPE] ip vpn-instance vpna
[*UPE-vpn-instance-vpna] ipv4-family
[*UPE-vpn-instance-vpna-af-ipv4] route-distinguisher 100:1
[*UPE-vpn-instance-vpna-af-ipv4] vpn-target 1:1
[*UPE-vpn-instance-vpna-af-ipv4] quit
[*UPE-vpn-instance-vpna] quit
[*UPE] interface gigabitethernet 1/0/0
[*UPE-GigabitEthernet1/0/0] ip binding vpn-instance vpna
[*UPE-GigabitEthernet1/0/0] ip address 192.168.1.1 24
[*UPE-GigabitEthernet1/0/0] quit
[*UPE] bgp 100
[*UPE-bgp] ipv4-family vpn-instance vpna
[*UPE-bgp-vpna] import-route direct
[*UPE-bgp-vpna] quit
[*UPE-bgp] quit
[*UPE] commit

# Configure the NPE.

[~NPE] ip vpn-instance vpna
[*NPE-vpn-instance-vpna] ipv4-family
[*NPE-vpn-instance-vpna-af-ipv4] route-distinguisher 100:1
[*NPE-vpn-instance-vpna-af-ipv4] vpn-target 1:1
[*NPE-vpn-instance-vpna-af-ipv4] quit
[*NPE-vpn-instance-vpna] quit
[*NPE] interface gigabitethernet 1/0/3
[*NPE-GigabitEthernet1/0/3] ip binding vpn-instance vpna
[*NPE-GigabitEthernet1/0/3] ip address 192.168.2.1 24
[*NPE-GigabitEthernet1/0/3] quit
[*NPE] bgp 100
[*NPE-bgp] ipv4-family vpn-instance vpna
[*NPE-bgp-vpna] import-route direct
[*NPE-bgp-vpna] quit
[*NPE-bgp] quit
[*NPE] commit

Step 5 Establish MP-IBGP peer relationships between the UPE and SPEs and between the
NPE and SPEs.

# Configure the UPE.

[~UPE] bgp 100
[*UPE-bgp] router-id 1.1.1.1
[*UPE-bgp] peer 2.2.2.2 as-number 100
[*UPE-bgp] peer 2.2.2.2 connect-interface loopback 1
[*UPE-bgp] peer 3.3.3.3 as-number 100
[*UPE-bgp] peer 3.3.3.3 connect-interface loopback 1
[*UPE-bgp] ipv4-family vpnv4
[*UPE-bgp-af-vpnv4] peer 2.2.2.2 enable
[*UPE-bgp-af-vpnv4] peer 3.3.3.3 enable
[*UPE-bgp-af-vpnv4] quit
[*UPE-bgp] quit
[*UPE] commit

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 35

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

# Configure SPE1.
[~SPE1] bgp 100
[*SPE1-bgp] router-id 2.2.2.2
[*SPE1-bgp] peer 1.1.1.1 as-number 100
[*SPE1-bgp] peer 1.1.1.1 connect-interface loopback 1
[*SPE1-bgp] peer 3.3.3.3 as-number 100
[*SPE1-bgp] peer 3.3.3.3 connect-interface loopback 1
[*SPE1-bgp] peer 4.4.4.4 as-number 100
[*SPE1-bgp] peer 4.4.4.4 connect-interface loopback 1
[*SPE1-bgp] ipv4-family vpnv4
[*SPE1-bgp-af-vpnv4] undo policy vpn-target
[*SPE1-bgp-af-vpnv4] peer 1.1.1.1 enable
[*SPE1-bgp-af-vpnv4] peer 3.3.3.3 enable
[*SPE1-bgp-af-vpnv4] peer 4.4.4.4 enable
[*SPE1-bgp-af-vpnv4] quit
[*SPE1-bgp] quit
[*SPE1] commit

The configuration of SPE2 is similar to the configuration of SPE1. For configuration

details, see Configuration Files in this section.
# Configure the NPE.
[~NPE] bgp 100
[*NPE-bgp] router-id 4.4.4.4
[*NPE-bgp] peer 2.2.2.2 as-number 100
[*NPE-bgp] peer 2.2.2.2 connect-interface loopback 1
[*NPE-bgp] peer 3.3.3.3 as-number 100
[*NPE-bgp] peer 3.3.3.3 connect-interface loopback 1
[*NPE-bgp] ipv4-family vpnv4
[*NPE-bgp-af-vpnv4] peer 2.2.2.2 enable
[*NPE-bgp-af-vpnv4] peer 3.3.3.3 enable
[*NPE-bgp-af-vpnv4] quit
[*NPE-bgp] quit
[*NPE] commit

Step 6 Configure the SPEs as RRs and specify the UPE and NPE as RR clients.
[~SPE1] bgp 100
[*SPE1-bgp] ipv4-family vpnv4
[*SPE1-bgp-af-vpnv4] peer 1.1.1.1 reflect-client
[*SPE1-bgp-af-vpnv4] peer 1.1.1.1 next-hop-local
[*SPE1-bgp-af-vpnv4] peer 4.4.4.4 reflect-client
[*SPE1-bgp-af-vpnv4] peer 4.4.4.4 next-hop-local
[*SPE1-bgp-af-vpnv4] quit
[*SPE1-bgp] quit
[*SPE1] commit

The configuration of SPE2 is similar to the configuration of SPE1. For configuration

details, see Configuration Files in this section.
Step 7 Apply the tunnel policy on the UPE and configure a tunnel selector on each SPE
because SPEs do not have VPN instances, so that the UPE and SPEs use RSVP-TE
tunnels to transmit traffic.
# Apply the tunnel policy on the UPE.
[~UPE] ip vpn-instance vpna
[*UPE-vpn-instance-vpna] ipv4-family
[*UPE-vpn-instance-vpna-af-ipv4] route-distinguisher 100:1
[*UPE-vpn-instance-vpna-af-ipv4] tnl-policy policy1
[*UPE-vpn-instance-vpna-af-ipv4] quit
[*UPE-vpn-instance-vpna] quit
[*UPE] commit

# Configure a tunnel selector on SPE1 to use RSVP-TE tunnels to transmit traffic.

[~SPE1] tunnel-selector bindTE permit node 10

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 36

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

[*SPE1-tunnel-selector] apply tunnel-policy policy1

[*SPE1-tunnel-selector] quit
[*SPE1] bgp 100
[*SPE1-bgp] ipv4-family vpnv4
[*SPE1-bgp-af-vpnv4] tunnel-selector bindTE
[*SPE1-bgp-af-vpnv4] quit
[*SPE1-bgp] quit
[*SPE1] commit

The configuration of SPE2 is similar to the configuration of SPE1. For configuration

details, see Configuration Files in this section.

Step 8 Configure VPN FRR on the UPE and NPE.

# Configure the UPE.

[~UPE] bgp 100
[*UPE-bgp] ipv4-family vpn-instance vpna
[*UPE-bgp-vpna] auto-frr
[*UPE-bgp-vpna] quit
[*UPE-bgp] quit
[*UPE] commit

The configuration of the NPE is similar to the configuration of the UPE. For
configuration details, see Configuration Files in this section. After completing the
configurations, run the display bgp vpnv4 vpn-instancevpna routing-table
command on the UPE and NPE to view detailed information about received
routes.
[~UPE] display bgp vpnv4 vpn-instance vpna routing-table
BGP Local router ID is 1.1.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V - valid, I - invalid, N - not-found

VPN-Instance vpna, Router ID 1.1.1.1:

Total Number of Routes: 4

Network NextHop MED LocPrf PrefVal Path/Ogn

*> 192.168.1.0/24 0.0.0.0 0 0 ?

*> 192.168.1.1/32 0.0.0.0 0 0 ?
*>i 192.168.2.0/24 2.2.2.2 0 100 0 ?
*i 3.3.3.3 0 100 0 ?
[~NPE] display bgp vpnv4 vpn-instance vpna routing-table
BGP Local router ID is 4.4.4.4
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V - valid, I - invalid, N - not-found

VPN-Instance vpna, Router ID 4.4.4.4:

Total Number of Routes: 4

Network NextHop MED LocPrf PrefVal Path/Ogn

*>i 192.168.1.0/24 2.2.2.2 0 100 0 ?

*i 3.3.3.3 0 100 0 ?
*> 192.168.2.0/24 0.0.0.0 0 0 ?
*> 192.168.2.1/32 0.0.0.0 0 0 ?

The command output shows that the UPE and NPE both preferentially select the
routes advertised by SPE1 and use UPE <-> SPE1 <-> NPE as the primary path.

Step 9 Configure NTP to synchronize the clocks of the UPE, SPE1, and the NPE.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 37

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

# Configure the UPE.

[~UPE] ntp-service sync-interval 180
[*UPE] ntp-service refclock-master 1
[*UPE] commit

# Configure SPE1.
[~SPE1] ntp-service sync-interval 180
[*SPE1] ntp-service unicast-server 172.16.1.1
[*SPE1] commit

# Configure the NPE.

[~NPE] ntp-service sync-interval 180
[*NPE] ntp-service unicast-server 172.16.4.1
[*NPE] commit

After completing the configuration, the UPE, SPE1, and the NPE have synchronized
their clocks.

Run the display ntp-service status command on the UPE to check its NTP status.
The command output shows that the clock status is synchronized, which means
that synchronization is complete.
[~UPE] display ntp-service status
clock status: synchronized
clock stratum: 1
reference clock ID: LOCAL(0)
nominal frequency: 64.0000 Hz
actual frequency: 64.0000 Hz
clock precision: 2^7
clock offset: 0.0000 ms
root delay: 0.00 ms
root dispersion: 26.49 ms
peer dispersion: 10.00 ms
reference time: 08:55:35.000 UTC Apr 2 2013(D5051B87.0020C49B)
synchronization state: clock synchronized

Run the display ntp-service status command on SPE1 to check its NTP status.
The command output shows that the clock status is synchronized and the clock
stratum is 2, lower than that of the UPE.
[~SPE1] display ntp-service status
clock status: synchronized
clock stratum: 2
reference clock ID: 172.16.1.1
nominal frequency: 64.0000 Hz
actual frequency: 64.0000 Hz
clock precision: 2^7
clock offset: -0.0099 ms
root delay: 0.08 ms
root dispersion: 51.00 ms
peer dispersion: 34.30 ms
reference time: 08:56:45.000 UTC Apr 2 2013(D5051BCD.00346DC5)
synchronization state: clock synchronized

Run the display ntp-service status command on the NPE to check its NTP status.
The command output shows that the clock status is synchronized and the clock
stratum is 3, lower than that of SPE1.
[~NPE] display ntp-service status
clock status: synchronized
clock stratum: 3
reference clock ID: 172.16.4.1
nominal frequency: 64.0000 Hz
actual frequency: 64.0000 Hz
clock precision: 2^7
clock offset: -0.0192 ms
root delay: 0.18 ms
root dispersion: 201.41 ms
peer dispersion: 58.64 ms

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 38

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

reference time: 08:56:47.000 UTC Apr 2 2013(D5051BCF.001E2584)

synchronization state: clock synchronized

Step 10 Configure proactive packet loss and delay measurement on the UPE and NPE;
configure the UPE as the MCP and also a DCP and configure TLP310 on the UPE;
configure the NPE as a DCP and configure TLP100 on the NPE.

# Configure the UPE.

● Configure the MCP.
[~UPE] nqa ipfpm mcp
[*UPE-nqa-ipfpm-mcp] mcp id 1.1.1.1
[*UPE-nqa-ipfpm-mcp] protocol udp port 2048
[*UPE-nqa-ipfpm-mcp] authentication-mode hmac-sha256 key-id 1 cipher Huawei-123
[*UPE-nqa-ipfpm-mcp] instance 1
[*UPE-nqa-ipfpm-mcp-instance-1] dcp 1.1.1.1
[*UPE-nqa-ipfpm-mcp-instance-1] dcp 4.4.4.4
[*UPE-nqa-ipfpm-mcp-instance-1] quit
[*UPE-nqa-ipfpm-mcp] quit
[*UPE] commit

After completing the configuration, run the display ipfpm mcp command on
the UPE. The command output shows MCP configurations on the UPE.
[~UPE] display ipfpm mcp
Specification Information:
Max Instance Number :64
Max DCP Number Per Instance :256
Max ACH Number Per Instance :16
Max TLP Number Per ACH :16

Configuration Information:
MCP ID :1.1.1.1
Status :Active
Protocol Port :2048
Current Instance Number :1

● Configure a DCP.
[~UPE] nqa ipfpm dcp
[*UPE-nqa-ipfpm-dcp] dcp id 1.1.1.1
[*UPE-nqa-ipfpm-dcp] authentication-mode hmac-sha256 key-id 1 cipher Huawei-123
[*UPE-nqa-ipfpm-dcp] color-flag loss-measure tos-bit 3 delay-measure tos-bit 4
[*UPE-nqa-ipfpm-dcp] mcp 1.1.1.1 port 2048
[*UPE-nqa-ipfpm-dcp] instance 1
[*UPE-nqa-ipfpm-dcp-instance-1] interval 10
[*UPE-nqa-ipfpm-dcp-instance-1] flow bidirectional source 10.1.1.1 destination 10.2.1.1
[*UPE-nqa-ipfpm-dcp-instance-1] tlp 100 in-point ingress
[*UPE-nqa-ipfpm-dcp-instance-1] quit
[*UPE-nqa-ipfpm-dcp] quit
[*UPE] commit

After completing the configuration, run the display ipfpm dcp command on
the UPE. The command output shows DCP configurations on the UPE.
[~UPE] display ipfpm dcp
Specification Information(Main Board):
Max Instance Number :64
Max 10s Instance Number :64
Max 1s Instance Number :--
Max TLP Number :512
Max TLP Number Per Instance :8

Configuration Information:
DCP ID : 1.1.1.1
Loss-measure Flag : tos-bit3
Delay-measure Flag : tos-bit4

Authentication Mode : hmac-sha256

Test Instances MCP ID : 1.1.1.1
Test Instances MCP Port : 2048
Current Instance Number :1

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 39

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

● Bind the TLP to an interface.

[~UPE] interface GigabitEthernet1/0/0
[~UPE-GigabitEthernet1/0/0] ipfpm tlp 100
[*UPE-GigabitEthernet1/0/0] quit
[*UPE] commit

● Enable packet loss and delay measurement.

[~UPE] nqa ipfpm dcp
[*UPE-nqa-ipfpm-dcp] instance 1
[*UPE-nqa-ipfpm-dcp-instance-1] loss-measure enable continual
[*UPE-nqa-ipfpm-dcp-instance-1] delay-measure enable two-way tlp 100 continual
[*UPE-nqa-ipfpm-dcp-instance-1] quit
[*UPE-nqa-ipfpm-dcp] quit
[*UPE] commit

# Configure the NPE.

● Configure a DCP.
[~NPE] nqa ipfpm dcp
[*NPE-nqa-ipfpm-dcp] dcp id 4.4.4.4
[*NPE-nqa-ipfpm-dcp] authentication-mode hmac-sha256 key-id 1 cipher Huawei-123
[*NPE-nqa-ipfpm-dcp] color-flag loss-measure tos-bit 3 delay-measure tos-bit 4
[*NPE-nqa-ipfpm-dcp] mcp 1.1.1.1 port 2048
[*NPE-nqa-ipfpm-dcp] instance 1
[*NPE-nqa-ipfpm-dcp-instance-1] interval 10
[*NPE-nqa-ipfpm-dcp-instance-1] flow bidirectional source 10.1.1.1 destination 10.2.1.1
[*NPE-nqa-ipfpm-dcp-instance-1] tlp 310 out-point egress
[*NPE-nqa-ipfpm-dcp-instance-1] quit
[*NPE-nqa-ipfpm-dcp] quit
[*NPE] commit

After completing the configuration, run the display ipfpm dcp command on
the NPE. The command output shows DCP configurations on the NPE.
[~NPE] display ipfpm dcp
Specification Information(Main Board):
Max Instance Number :64
Max 10s Instance Number :64
Max 1s Instance Number :--
Max TLP Number :512
Max TLP Number Per Instance :8

Configuration Information:
DCP ID : 4.4.4.4
Loss-measure Flag : tos-bit3
Delay-measure Flag : tos-bit4

Authentication Mode : hmac-sha256

Test Instances MCP ID : 1.1.1.1
Test Instances MCP Port : 2048
Current Instance Number :1

● Bind the TLP to an interface.

[~NPE] interface GigabitEthernet1/0/3
[~NPE-GigabitEthernet1/0/1] ipfpm tlp 310
[*NPE-GigabitEthernet1/0/1] quit
[*NPE] commit

● Enable proactive packet loss and delay measurement.

[~NPE] nqa ipfpm dcp
[*NPE-nqa-ipfpm-dcp] instance 1
[*NPE-nqa-ipfpm-dcp-instance-1] loss-measure enable continual
[*NPE-nqa-ipfpm-dcp-instance-1] delay-measure enable two-way tlp 310 continual
[*NPE-nqa-ipfpm-dcp-instance-1] commit

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 40

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

[*UPE-nqa-ipfpm-mcp-instance-1] loss-measure ratio-threshold upper-limit 10 lower-limit 5

[*UPE-nqa-ipfpm-mcp-instance-1] commit

# Configure the two-way delay alarm threshold and its clear alarm threshold.
[~UPE-nqa-ipfpm-mcp-instance-1] delay-measure two-way delay-threshold upper-limit 100000 lower-
limit 50000
[*UPE-nqa-ipfpm-mcp-instance-1] commit

Step 12 Verify the configuration.

Run the display ipfpm statistic-type { loss | twoway-delay } instance instance-
id command on the UPE to check the performance statistics for a specified IP FPM
instance.
● # The following example uses the packet loss statistics for IP FPM instance 1.
[~UPE] display ipfpm statistic-type loss instance 1
Latest loss statistics of forward flow:
Unit: p - packet, b - byte
------------------------------------------------------------------------------------------
Period Loss(p) LossRatio(p) Loss(b) LossRatio(b)
------------------------------------------------------------------------------------------
136118757 20 20.000000% 2000 20.000000%
136118756 20 20.000000% 2000 20.000000%
136118755 20 20.000000% 2000 20.000000%
136118753 20 20.000000% 2000 20.000000%
136118752 20 20.000000% 2000 20.000000%
136118751 20 20.000000% 2000 20.000000%
136118750 20 20.000000% 2000 20.000000%
136118749 20 20.000000% 2000 20.000000%
136118748 20 20.000000% 2000 20.000000%
136118747 20 20.000000% 2000 20.000000%
136118746 20 20.000000% 2000 20.000000%
136118745 20 20.000000% 2000 20.000000%
Latest loss statistics of backward flow:

Unit: p - packet, b - byte

------------------------------------------------------------------------------------------
Period Loss(p) LossRatio(p) Loss(b) LossRatio(b)
------------------------------------------------------------------------------------------
136118757 20 20.000000% 2000 20.000000%
136118756 20 20.000000% 2000 20.000000%
136118755 20 20.000000% 2000 20.000000%
136118753 20 20.000000% 2000 20.000000%
136118752 20 20.000000% 2000 20.000000%
136118751 20 20.000000% 2000 20.000000%
136118750 20 20.000000% 2000 20.000000%
136118749 20 20.000000% 2000 20.000000%
136118748 20 20.000000% 2000 20.000000%
136118747 20 20.000000% 2000 20.000000%
136118746 20 20.000000% 2000 20.000000%
136118745 20 20.000000% 2000 20.000000%
● # The following example uses the two-way delay statistics for IP FPM instance
1.
[~UPE] display ipfpm statistic-type twoway-delay instance 1
Latest two-way delay statistics:
--------------------------------------------------
Period Delay(usec) Delay
Variation(usec)
--------------------------------------------------
136118757 800 0
136118756 800 0
136118755 800 0
136118753 800 0
136118752 800 0
136118751 800 0
136118750 800 0
136118749 800 0
136118748 800 0

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 41

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

136118747 800 0
136118746 800 0
136118745 800 0
Latest one-way delay statistics of bidirectional flow:

--------------------------------------------------------------------------------
Period Forward ForwardDelay Backward BackwardDelay
Delay(usec) Variation(usec) Delay(usec) Variation(usec)
--------------------------------------------------------------------------------
136118757 400 0 400 0
136118756 400 0 400 0
136118755 400 0 400 0
136118753 400 0 400 0
136118752 400 0 400 0
136118751 400 0 400 0
136118750 400 0 400 0
136118749 400 0 400 0
136118748 400 0 400 0
136118747 400 0 400 0
136118746 400 0 400 0
136118745 400 0 400 0

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 42

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

interface LoopBack1
ip address 1.1.1.1 255.255.255.255
#
interface Tunnel11
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 2.2.2.2
mpls te tunnel-id 100
mpls te reserved-for-binding
#
interface Tunnel12
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 3.3.3.3
mpls te tunnel-id 200
mpls te reserved-for-binding
#
bgp 100
router-id 1.1.1.1
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack1
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
peer 3.3.3.3 enable
#
ipv4-family vpnv4
policy vpn-target
peer 2.2.2.2 enable
peer 3.3.3.3 enable
#
ipv4-family vpn-instance vpna
import-route direct
auto-frr
#
ospf 1
opaque-capability enable
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 172.16.1.0 0.0.0.255
network 172.16.2.0 0.0.0.255
mpls-te enable
#
tunnel-policy policy1
tunnel binding destination 2.2.2.2 te Tunnel11
tunnel binding destination 3.3.3.3 te Tunnel12
#
nqa ipfpm dcp
dcp id 1.1.1.1
mcp 1.1.1.1 port 2048
authentication-mode hmac-sha256 key-id 1 cipher #%#%c^)+6\&Xmec@('3&m,d%1C,d%1C<#%#%
color-flag loss-measure tos-bit 3 delay-measure tos-bit 4
instance 1
flow bidirectional source 10.1.1.1 destination 10.2.1.1
tlp 100 in-point ingress
loss-measure enable continual
delay-measure enable two-way tlp 100 continual
#
nqa ipfpm mcp
mcp id 1.1.1.1
protocol udp port 2048
authentication-mode hmac-sha256 key-id 1 cipher #%#%\8u;Ufa-'-+mtJG0r#:00dV[#%#
%
instance 1
dcp 1.1.1.1
dcp 4.4.4.4

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 43

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

loss-measure ratio-threshold upper-limit 10.000000 lower-limit 5.000000

delay-measure two-way delay-threshold upper-limit 100000 lower-limit 50000
#
return
● SPE1 configuration file
#
sysname SPE1
#
tunnel-selector bindTE permit node 10
apply tunnel-policy policy1
#
mpls lsr-id 2.2.2.2
mpls
mpls te
label advertise non-null
mpls rsvp-te
mpls te cspf
#
mpls ldp
#
ntp-service sync-interval 180
ntp-service unicast-server 172.16.1.1
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.16.1.2 255.255.255.0
mpls
mpls te
mpls rsvp-te
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.4.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet1/0/3
undo shutdown
ip address 172.16.3.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 2.2.2.2 255.255.255.255
#
interface Tunnel11
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 1.1.1.1
mpls te tunnel-id 100
mpls te reserved-for-binding
#
bgp 100
router-id 2.2.2.2
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack1
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack1
peer 4.4.4.4 as-number 100
peer 4.4.4.4 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
peer 3.3.3.3 enable
peer 4.4.4.4 enable
#
ipv4-family vpnv4
undo policy vpn-target

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 44

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

tunnel-selector bindTE
peer 1.1.1.1 enable
peer 1.1.1.1 reflect-client
peer 1.1.1.1 next-hop-local
peer 3.3.3.3 enable
peer 4.4.4.4 enable
peer 4.4.4.4 reflect-client
peer 4.4.4.4 next-hop-local
#
ospf 1
opaque-capability enable
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 172.16.1.0 0.0.0.255
network 172.16.3.0 0.0.0.255
network 172.16.4.0 0.0.0.255
mpls-te enable
#
tunnel-policy policy1
tunnel binding destination 1.1.1.1 te Tunnel11
#
return
● SPE2 configuration file
#
sysname SPE2
#
tunnel-selector bindTE permit node 10
apply tunnel-policy policy1
#
mpls lsr-id 3.3.3.3
mpls
mpls te
label advertise non-null
mpls rsvp-te
mpls te cspf
#
mpls ldp
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.16.5.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.2.2 255.255.255.0
mpls
mpls te
mpls rsvp-te
#
interface GigabitEthernet1/0/3
undo shutdown
ip address 172.16.3.2 255.255.255.0
mpls
mpls te
mpls ldp
#
interface LoopBack1
ip address 3.3.3.3 255.255.255.255
#
interface Tunnel12
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 1.1.1.1
mpls te tunnel-id 200
mpls te reserved-for-binding
#
bgp 100

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 45

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

router-id 3.3.3.3
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack1
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack1
peer 4.4.4.4 as-number 100
peer 4.4.4.4 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
peer 2.2.2.2 enable
peer 4.4.4.4 enable
#
ipv4-family vpnv4
undo policy vpn-target
tunnel-selector bindTE
peer 1.1.1.1 enable
peer 1.1.1.1 reflect-client
peer 1.1.1.1 next-hop-local
peer 2.2.2.2 enable
peer 4.4.4.4 enable
peer 4.4.4.4 reflect-client
peer 4.4.4.4 next-hop-local
#
ospf 1
opaque-capability enable
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 172.16.2.0 0.0.0.255
network 172.16.3.0 0.0.0.255
network 172.16.5.0 0.0.0.255
mpls-te enable
#
tunnel-policy policy1
tunnel binding destination 1.1.1.1 te Tunnel12
#
return
● NPE configuration file
#
sysname NPE
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 100:1
apply-label per-instance
vpn-target 1:1 export-extcommunity
vpn-target 1:1 import-extcommunity
#
mpls lsr-id 4.4.4.4
mpls
#
mpls ldp
#
ntp-service sync-interval 180
ntp-service unicast-server 172.16.4.1
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.16.5.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.4.2 255.255.255.0
mpls
mpls ldp
#

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 46

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

interface GigabitEthernet1/0/3
undo shutdown
ip binding vpn-instance vpna
ip address 192.168.2.1 255.255.255.0
ipfpm tlp 310
#
interface LoopBack1
ip address 4.4.4.4 255.255.255.255
#
bgp 100
router-id 4.4.4.4
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack1
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
peer 3.3.3.3 enable
#
ipv4-family vpnv4
policy vpn-target
peer 2.2.2.2 enable
peer 3.3.3.3 enable
#
ipv4-family vpn-instance vpna
import-route direct
auto-frr
#
ospf 1
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 172.16.4.0 0.0.0.255
network 172.16.5.0 0.0.0.255
#
nqa ipfpm dcp
dcp id 4.4.4.4
mcp 1.1.1.1 port 2048
authentication-mode hmac-sha256 key-id 1 cipher #%#%;\VV*UAUfP'8+uS{,4v+1Gjv#%#%
color-flag loss-measure tos-bit 3 delay-measure tos-bit 4
instance 1
flow bidirectional source 10.1.1.1 destination 10.2.1.1
tlp 310 out-point egress
loss-measure enable continual
delay-measure enable two-way tlp 310 continual
#
return

2.6.2 Example for Configuring IP FPM Hop-by-Hop

Performance Statistics Collection
This section provides an example for configuring IP Flow Performance Monitor
(FPM) hop-by-hop performance statistics collection.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 47

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

● When voice services are deployed, users will not detect any change in the
voice quality if the packet loss rate on links is lower than 5%. If the packet
loss rate is higher than 10%, the voice quality will deteriorate significantly.
● Real-time services, such as VoIP, online games, and video conferencing,
require a delay lower than 100 ms, or even 50 ms. As the delay increases, user
experience worsens.
To locate faults when network performance deteriorates, configure IP FPM hop-
by-hop performance statistics collection.
The IPRAN network shown in Figure 2-8 transmits video services. A unidirectional
service flow enters the network through the UPE, travels across SPE1, and leaves
the network through the NPE.
To locate faults when network performance deteriorates, configure hop-by-hop
packet loss and delay measurement on the UPE and NPE to locate faults segment
by segment.

Figure 2-8 IP FPM hop-by-hop performance statistics collection

Table 2-2 Interfaces connecting devices and their IP addresses

Device Interface Interface Remote Device IP Address
(Role) Name (Role)

UPE (DCP1/ - Loopback1 - 1.1.1.1/32

MCP)
interface1 GE1/0/0 NodeB 192.168.1.1/2
4

interface2 GE1/0/1 SPE1 (DCP2) 172.16.1.1/24

interface3 GE1/0/2 SPE2 172.16.2.1/24

SPE1 (DCP2) - Loopback1 - 2.2.2.2/32

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 48

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Device Interface Interface Remote Device IP Address

(Role) Name (Role)

interface1 GE1/0/1 UPE (DCP1/ 172.16.1.2/24

MCP)

interface2 GE1/0/2 NPE (DCP3) 172.16.4.1/24

interface3 GE1/0/3 SPE2 172.16.3.1/24

interface4 GE1/0/4 BITS 172.16.6.1/24

SPE2 - Loopback1 - 3.3.3.3/32

interface1 GE1/0/1 NPE (DCP3) 172.16.5.1/24

interface2 GE1/0/2 UPE (DCP1/ 172.16.2.2/24

MCP)

interface3 GE1/0/3 SPE1 (DCP2) 172.16.3.2/24

NPE (DCP3) - Loopback1 - 4.4.4.4/32

interface1 GE1/0/1 SPE2 172.16.5.2/24

interface2 GE1/0/2 SEP1 (DCP2) 172.16.4.2/24

interface3 GE1/0/3 NPE (DCP3) 192.168.2.1/2

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure an IP address and a routing protocol for each interface so that all
provider edge devices (PEs) can communicate at the network layer. This
example uses Open Shortest Path First (OSPF) as the routing protocol.
2. Configure Multiprotocol Label Switching (MPLS) functions and public network
tunnels. In this example, RSVP-TE tunnels are established between the UPE
and SPEs, and Label Distribution Protocol (LDP) LSPs are established between
the SPEs and between the NPE and SPEs.
3. Create a VPN instance on the UPE and NPE and import the local direct routes
on the UPE and NPE to their respective VPN instance routing tables.
4. Establish MP-IBGP peer relationships between the UPE and SPEs and between
the NPE and SPEs.
5. Configure the SPEs as route reflectors (RRs) and specify the UPE and NPE as
RR clients.
6. Configure VPN FRR on the UPE and NPE.
7. Configure the Network Time Protocol (1588v2) to synchronize the clocks of
the UPE, SPE1, and the NPE.
8. Configure hop-by-hop packet loss and delay measurement on the UPE and
NPE to locate faults segment by segment.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 49

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

9. Configure the packet loss and two-way delay alarm thresholds and clear
alarm thresholds on the UPE.

Data Preparation
To complete the configuration, you need the following data:
● IP address of each interface listed in Table 2-2
● Interior Gateway Protocol (IGP) protocol type, process ID, and area ID
● Label switching router (LSR) IDs of the UPE and SPEs
● Tunnel interface names, tunnel IDs, and tunnel interface addresses (loopback
interface addresses) for the bidirectional tunnels between the UPE and SPEs
● Tunnel policy names for the bidirectional tunnels between the UPE and SPEs
and tunnel selector names on the SPEs
● Names, route distinguishers (RDs), and VPN targets of the VPN instances on
the UPE and NPE
● UPE's DCP ID and MCP ID (both 1.1.1.1); SPE1's DCP ID (2.2.2.2); NPE's MCP
ID (4.4.4.4)
● IP FPM instance ID (1) and statistical period (10s)
● Target flow's source IP address (10.1.1.1) and destination IP address (10.2.1.1)
● ACH1 {TLP100, TLP200} and ACH2 {TLP200, TLP310}
● Loss and delay measurement flags (respectively the third and fourth bits in
the ToS field of the IPv4 packet header)

Before you deploy IP FPM for packet loss and delay measurement, if two or more bits
in the IPv4 packet header have not been planned for other purposes, they can be used
for packet loss and delay measurement at the same time. If only one bit in the IPv4
packet header has not been planned, it can be used for either packet loss or delay
measurement in one IP FPM instance.
● Authentication mode (HMAC-SHA256), password (Huawei-123), key ID (1),
and UDP port number (2048) on the UPE, SPE1, and NPE
● Hop-by-hop packet loss and delay measurement intervals (30min)
● Packet loss alarm threshold and its clear alarm threshold (respectively 10%
and 5%); two-way delay alarm threshold and its clear alarm threshold
(respectively 100 ms and 50 ms)

Procedure
Step 1 Configure interface IP addresses.
Assign an IP address to each interface according to Table 2-2 and create a
loopback interface on each node. For configuration details, see Configuration
Files in this section.
Step 2 Configure OSPF.
Configure OSPF on each node to allow the nodes to communicate at the network
layer. For detailed configurations, see Configuration Files in this section.
Step 3 Configure basic MPLS functions and public network tunnels.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 50

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

● Configure basic MPLS functions and enable MPLS TE, RSVP-TE, and Constraint
Shortest Path First (CSPF).
# Configure the UPE.
<UPE> system-view
[~UPE] mpls lsr-id 1.1.1.1
[*UPE] mpls
[*UPE-mpls] mpls te
[*UPE-mpls] mpls rsvp-te
[*UPE-mpls] mpls te cspf
[*UPE-mpls] quit
[*UPE] interface gigabitethernet 1/0/1
[*UPE-GigabitEthernet1/0/1] mpls
[*UPE-GigabitEthernet1/0/1] mpls te
[*UPE-GigabitEthernet1/0/1] mpls rsvp-te
[*UPE-GigabitEthernet1/0/1] quit
[*UPE] interface gigabitethernet 1/0/2
[*UPE-GigabitEthernet1/0/2] mpls
[*UPE-GigabitEthernet1/0/2] mpls te
[*UPE-GigabitEthernet1/0/2] mpls rsvp-te
[*UPE-GigabitEthernet1/0/2] quit
[*UPE] ospf 1
[*UPE-ospf-1] opaque-capability enable
[*UPE-ospf-1] area 0
[*UPE-ospf-1-area-0.0.0.0] mpls-te enable
[*UPE-ospf-1-area-0.0.0.0] quit
[*UPE-ospf-1] quit
[*UPE] commit
# Configure SPE1.
<SPE1> system-view
[~SPE1] mpls lsr-id 2.2.2.2
[*SPE1] mpls
[*SPE1-mpls] mpls te
[*SPE1-mpls] mpls rsvp-te
[*SPE1-mpls] mpls te cspf
[*SPE1-mpls] quit
[*SPE1] mpls ldp
[*SPE1-mpls-ldp] quit
[*SPE1] interface gigabitethernet 1/0/1
[*SPE1-GigabitEthernet1/0/1] mpls
[*SPE1-GigabitEthernet1/0/1] mpls te
[*SPE1-GigabitEthernet1/0/1] mpls rsvp-te
[*SPE1-GigabitEthernet1/0/1] quit
[*SPE1] interface gigabitethernet 1/0/3
[*SPE1-GigabitEthernet1/0/3] mpls
[*SPE1-GigabitEthernet1/0/3] mpls ldp
[*SPE1-GigabitEthernet1/0/3] quit
[*SPE1] ospf 1
[*SPE1-ospf-1] opaque-capability enable
[*SPE1-ospf-1] area 0
[*SPE1-ospf-1-area-0.0.0.0] mpls-te enable
[*SPE1-ospf-1-area-0.0.0.0] quit
[*SPE1-ospf-1] quit
[*SPE1] commit
# Configure SPE2.
<SPE2> system-view
[~SPE2] mpls lsr-id 3.3.3.3
[*SPE2] mpls
[*SPE2-mpls] mpls te
[*SPE2-mpls] mpls rsvp-te
[*SPE2-mpls] mpls te cspf
[*SPE2-mpls] quit
[*SPE2] mpls ldp
[*SPE2-mpls-ldp] quit
[*SPE2] interface gigabitethernet 1/0/2
[*SPE2-GigabitEthernet1/0/2] mpls
[*SPE2-GigabitEthernet1/0/2] mpls te

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 51

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

[*SPE2-GigabitEthernet1/0/2] mpls rsvp-te

[*SPE2-GigabitEthernet1/0/2] quit
[*SPE2] interface gigabitethernet 1/0/3
[*SPE2-GigabitEthernet1/0/3] mpls
[*SPE2-GigabitEthernet1/0/3] mpls ldp
[*SPE2-GigabitEthernet1/0/3] quit
[*SPE2] ospf 1
[*SPE2-ospf-1] opaque-capability enable
[*SPE2-ospf-1] area 0
[*SPE2-ospf-1-area-0.0.0.0] mpls-te enable
[*SPE2-ospf-1-area-0.0.0.0] quit
[*SPE2-ospf-1] quit
[*SPE2] commit
# Configure NPE.
<NPE> system-view
[~NPE] mpls lsr-id 4.4.4.4
[*NPE] mpls
[*NPE-mpls] quit
[*NPE] mpls ldp
[*NPE-mpls-ldp] quit
[*NPE] interface gigabitethernet 1/0/1
[*NPE-GigabitEthernet1/0/1] mpls
[*NPE-GigabitEthernet1/0/1] mpls ldp
[*NPE-GigabitEthernet1/0/1] quit
[*NPE] interface gigabitethernet 1/0/2
[*NPE-GigabitEthernet1/0/2] mpls
[*NPE-GigabitEthernet1/0/2] mpls ldp
[*NPE-GigabitEthernet1/0/2] quit
[*NPE] commit
● Enable the egress of each unidirectional tunnel to be created to assign a non-
null label to the penultimate hop.
# Configure the UPE.
[~UPE] mpls
[*UPE-mpls] label advertise non-null
[*UPE-mpls] quit
[*UPE] commit
# Configure SPE1.
[~SPE1] mpls
[*SPE1-mpls] label advertise non-null
[*SPE1-mpls] quit
[*SPE1] commit
# Configure SPE2.
[~SPE2] mpls
[*SPE2-mpls] label advertise non-null
[*SPE2-mpls] quit
[*SPE2] commit
● Configure RSVP-TE tunnel interfaces.
# Configure the UPE.
[~UPE] interface Tunnel 11
[*UPE-Tunnel11] ip address unnumbered interface loopback 1
[*UPE-Tunnel11] tunnel-protocol mpls te
[*UPE-Tunnel11] destination 2.2.2.2
[*UPE-Tunnel11] mpls te tunnel-id 100
[*UPE-Tunnel11] mpls te signal-protocol rsvp-te
[*UPE-Tunnel11] mpls te reserved-for-binding
[*UPE-Tunnel11] quit
[*UPE] interface Tunnel 12
[*UPE-Tunnel12] ip address unnumbered interface loopback 1
[*UPE-Tunnel12] tunnel-protocol mpls te
[*UPE-Tunnel12] destination 3.3.3.3
[*UPE-Tunnel12] mpls te tunnel-id 200
[*UPE-Tunnel12] mpls te signal-protocol rsvp-te
[*UPE-Tunnel12] mpls te reserved-for-binding
[*UPE-Tunnel12] quit

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 52

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

[*UPE] commit
# Configure SPE1.
[~SPE1] interface Tunnel 11
[*SPE1-Tunnel11] ip address unnumbered interface loopback 1
[*SPE1-Tunnel11] tunnel-protocol mpls te
[*SPE1-Tunnel11] destination 1.1.1.1
[*SPE1-Tunnel11] mpls te tunnel-id 100
[*SPE1-Tunnel11] mpls te signal-protocol rsvp-te
[*SPE1-Tunnel11] mpls te reserved-for-binding
[*SPE1-Tunnel11] quit
[*SPE1] commit
# Configure SPE2.
[~SPE2] interface Tunnel 12
[*SPE2-Tunnel12] ip address unnumbered interface loopback 1
[*SPE2-Tunnel12] tunnel-protocol mpls te
[*SPE2-Tunnel12] destination 1.1.1.1
[*SPE2-Tunnel12] mpls te tunnel-id 200
[*SPE2-Tunnel12] mpls te signal-protocol rsvp-te
[*SPE2-Tunnel12] mpls te reserved-for-binding
[*SPE2-Tunnel12] quit
[*SPE2] commit
● Configure tunnel policies.
# Configure the UPE.
[~UPE] tunnel-policy policy1
[*UPE-tunnel-policy-policy1] tunnel binding destination 2.2.2.2 te Tunnel 11
[*UPE-tunnel-policy-policy1] tunnel binding destination 3.3.3.3 te Tunnel 12
[*UPE-tunnel-policy-policy1] quit
[*UPE] commit
# Configure SPE1.
[~SPE1] tunnel-policy policy1
[*SPE1-tunnel-policy-policy1] tunnel binding destination 1.1.1.1 te Tunnel 11
[*SPE1-tunnel-policy-policy1] quit
[*SPE1] commit
# Configure SPE2.
[~SPE2] tunnel-policy policy1
[*SPE2-tunnel-policy-policy1] tunnel binding destination 1.1.1.1 te Tunnel 12
[*SPE2-tunnel-policy-policy1] quit
[*SPE2] commit

Step 4 Create a VPN instance on the UPE and NPE and import the local direct routes on
the UPE and NPE to their respective VPN instance routing tables.
# Configure the UPE.
[~UPE] ip vpn-instance vpna
[*UPE-vpn-instance-vpna] ipv4-family
[*UPE-vpn-instance-vpna-af-ipv4] route-distinguisher 100:1
[*UPE-vpn-instance-vpna-af-ipv4] vpn-target 1:1
[*UPE-vpn-instance-vpna-af-ipv4] quit
[*UPE-vpn-instance-vpna] quit
[*UPE] interface gigabitethernet 1/0/0
[*UPE-GigabitEthernet1/0/0] ip binding vpn-instance vpna
[*UPE-GigabitEthernet1/0/0] ip address 192.168.1.1 24
[*UPE-GigabitEthernet1/0/0] quit
[*UPE] bgp 100
[*UPE-bgp] ipv4-family vpn-instance vpna
[*UPE-bgp-vpna] import-route direct
[*UPE-bgp-vpna] quit
[*UPE-bgp] quit
[*UPE] commit

# Configure the NPE.

[~NPE] ip vpn-instance vpna

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 53

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

[*NPE-vpn-instance-vpna] ipv4-family
[*NPE-vpn-instance-vpna-af-ipv4] route-distinguisher 100:1
[*NPE-vpn-instance-vpna-af-ipv4] vpn-target 1:1
[*NPE-vpn-instance-vpna-af-ipv4] quit
[*NPE-vpn-instance-vpna] quit
[*NPE] interface gigabitethernet 1/0/3
[*NPE-GigabitEthernet1/0/3] ip binding vpn-instance vpna
[*NPE-GigabitEthernet1/0/3] ip address 192.168.2.1 24
[*NPE-GigabitEthernet1/0/3] quit
[*NPE] bgp 100
[*NPE-bgp] ipv4-family vpn-instance vpna
[*NPE-bgp-vpna] import-route direct
[*NPE-bgp-vpna] quit
[*NPE-bgp] quit
[*NPE] commit

Step 5 Establish MP-IBGP peer relationships between the UPE and SPEs and between the
NPE and SPEs.
# Configure the UPE.
[~UPE] bgp 100
[*UPE-bgp] router-id 1.1.1.1
[*UPE-bgp] peer 2.2.2.2 as-number 100
[*UPE-bgp] peer 2.2.2.2 connect-interface loopback 1
[*UPE-bgp] peer 3.3.3.3 as-number 100
[*UPE-bgp] peer 3.3.3.3 connect-interface loopback 1
[*UPE-bgp] ipv4-family vpnv4
[*UPE-bgp-af-vpnv4] peer 2.2.2.2 enable
[*UPE-bgp-af-vpnv4] peer 3.3.3.3 enable
[*UPE-bgp-af-vpnv4] quit
[*UPE-bgp] quit
[*UPE] commit

The configuration of SPE2 is similar to the configuration of SPE1. For configuration

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 54

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

[*NPE] commit

Step 7 Apply the tunnel policy on the UPE and configure a tunnel selector on each SPE
because SPEs do not have VPN instances, so that the UPE and SPEs use RSVP-TE
tunnels to transmit traffic.
# Apply the tunnel policy on the UPE.
[~UPE] ip vpn-instance vpna
[*UPE-vpn-instance-vpna] ipv4-family
[*UPE-vpn-instance-vpna-af-ipv4] route-distinguisher 100:1
[*UPE-vpn-instance-vpna-af-ipv4] tnl-policy policy1
[*UPE-vpn-instance-vpna-af-ipv4] quit
[*UPE-vpn-instance-vpna] quit
[*UPE] commit

# Configure a tunnel selector on SPE1 to use RSVP-TE tunnels to transmit traffic.

[~SPE1] tunnel-selector bindTE permit node 10
[*SPE1-tunnel-selector] apply tunnel-policy policy1
[*SPE1-tunnel-selector] quit
[*SPE1] bgp 100
[*SPE1-bgp] ipv4-family vpnv4
[*SPE1-bgp-af-vpnv4] tunnel-selector bindTE
[*SPE1-bgp-af-vpnv4] quit
[*SPE1-bgp] quit
[*SPE1] commit

The configuration of SPE2 is similar to the configuration of SPE1. For configuration

details, see Configuration Files in this section.
Step 8 Configure VPN FRR on the UPE and NPE.
# Configure the UPE.
[~UPE] bgp 100
[*UPE-bgp] ipv4-family vpn-instance vpna
[*UPE-bgp-vpna] auto-frr
[*UPE-bgp-vpna] quit
[*UPE-bgp] quit
[*UPE] commit

VPN-Instance vpna, Router ID 1.1.1.1:

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 55

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Total Number of Routes: 4

Network NextHop MED LocPrf PrefVal Path/Ogn

*> 192.168.1.0/24 0.0.0.0 0 0 ?

VPN-Instance vpna, Router ID 4.4.4.4:

Total Number of Routes: 4

Network NextHop MED LocPrf PrefVal Path/Ogn

*>i 192.168.1.0/24 2.2.2.2 0 100 0 ?

*i 3.3.3.3 0 100 0 ?
*> 192.168.2.0/24 0.0.0.0 0 0 ?
*> 192.168.2.1/32 0.0.0.0 0 0 ?

The command output shows that the UPE and NPE both preferentially select the
routes advertised by SPE1 and use UPE <-> SPE1 <-> NPE as the primary path.
Step 9 Configure 1588v2 to synchronize the clocks of the UPE, SPE1, and the NPE.
1. # Import BITS0 signals to SPE1.
[~SPE1] clock bits-type bits0 2mhz
[*SPE1] clock source bits0 synchronization enable
[*SPE1] clock source bits0 priority 1
[*SPE1] commit
2. # Enable 1588v2 globally.
# Configure SPE1.
[~SPE1] ptp enable
[*SPE1] ptp domain 1
[*SPE1] ptp device-type bc
[*SPE1] ptp clock-source local clock-class 185
[*SPE1] clock source ptp synchronization enable
[*SPE1] clock source ptp priority 1
[*SPE1] commit
# Configure UPE.
[~UPE] ptp enable
[*UPE] ptp domain 1
[*UPE] ptp device-type bc
[*UPE] ptp clock-source local clock-class 185
[*UPE] clock source ptp synchronization enable
[*UPE] clock source ptp priority 1
[*UPE] commit
# Configure NPE.
[~NPE] ptp enable
[*NPE] ptp domain 1
[*NPE] ptp device-type bc
[*NPE] ptp clock-source local clock-class 185
[*NPE] clock source ptp synchronization enable
[*NPE] clock source ptp priority 1
[*NPE] commit
3. Enable 1588v2 on an interface.
# Configure SPE1.
[~SPE1] interface gigabitethernet 1/0/1
[~SPE1-GigabitEthernet1/0/1] ptp enable

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 56

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

[*SPE1-GigabitEthernet1/0/1] commit
[~SPE1-GigabitEthernet1/0/1] quit
[~SPE1] interface gigabitethernet 1/0/2
[~SPE1-GigabitEthernet1/0/2] ptp enable
[*SPE1-GigabitEthernet1/0/2] commit
[~SPE1-GigabitEthernet1/0/2] quit
[~SPE1] interface gigabitethernet 1/0/4
[~SPE1-GigabitEthernet1/0/2] ptp enable
[*SPE1-GigabitEthernet1/0/2] commit
[~SPE1-GigabitEthernet1/0/2] quit
# Configure UPE.
[~UPE] interface gigabitethernet 1/0/0
[~UPE-GigabitEthernet1/0/0] ptp enable
[*UPE-GigabitEthernet1/0/0] commit
[~UPE-GigabitEthernet1/0/0] quit
[~UPE] interface gigabitethernet 1/0/1
[~UPE-GigabitEthernet1/0/1] ptp enable
[*UPE-GigabitEthernet1/0/1] commit
[~UPE-GigabitEthernet1/0/1] quit
# Configure NPE.
[~NPE] interface gigabitethernet 1/0/2
[~NPE-GigabitEthernet1/0/2] ptp enable
[*NPE-GigabitEthernet1/0/2] commit
[~NPE-GigabitEthernet1/0/2] quit
[~NPE] interface gigabitethernet 1/0/3
[~NPE-GigabitEthernet1/0/3] ptp enable
[*NPE-GigabitEthernet1/0/3] commit
[~NPE-GigabitEthernet1/0/3] quit

Step 10 Configure hop-by-hop packet loss and delay measurement on the UPE, SPE1, and
the NPE; configure two ACHs on the link between the UPE and NPE: ACH1
{TLP100, TLP200} and ACH2 {TLP200, TLP310}.
# Configure UPE.
● Configure the MCP.
[~UPE] nqa ipfpm mcp
[*UPE-nqa-ipfpm-mcp] mcp id 1.1.1.1
[*UPE-nqa-ipfpm-mcp] protocol udp port 2048
[*UPE-nqa-ipfpm-mcp] authentication-mode hmac-sha256 key-id 1 cipher Huawei-123
[*UPE-nqa-ipfpm-mcp] instance 1
[*UPE-nqa-ipfpm-mcp] description Instanceforpoint-by-pointtest
[*UPE-nqa-ipfpm-mcp-instance-1] dcp 1.1.1.1
[*UPE-nqa-ipfpm-mcp-instance-1] dcp 2.2.2.2
[*UPE-nqa-ipfpm-mcp-instance-1] dcp 4.4.4.4
[*UPE-nqa-ipfpm-mcp-instance-1] ach 1
[*UPE-nqa-ipfpm-mcp-instance-1-ach-1] flow forward
[*UPE-nqa-ipfpm-mcp-instance-1-ach-1] in-group dcp 1.1.1.1 tlp 100
[*UPE-nqa-ipfpm-mcp-instance-1-ach-1] out-group dcp 2.2.2.2 tlp 200
[*UPE-nqa-ipfpm-mcp-instance-1-ach-1] quit
[*UPE-nqa-ipfpm-mcp-instance-1] ach 2
[*UPE-nqa-ipfpm-mcp-instance-1-ach-2] flow forward
[*UPE-nqa-ipfpm-mcp-instance-1-ach-2] in-group dcp 2.2.2.2 tlp 200
[*UPE-nqa-ipfpm-mcp-instance-1-ach-2] out-group dcp 4.4.4.4 tlp 310
[*UPE-nqa-ipfpm-mcp-instance-1-ach-2] quit
[*UPE-nqa-ipfpm-mcp-instance-1] quit
[*UPE-nqa-ipfpm-mcp] quit
[*UPE] commit
After completing the configuration, run the display ipfpm mcp command on
the UPE. The command output shows MCP configurations on the UPE.
[~UPE] display ipfpm mcp
Specification Information:
Max Instance Number :64
Max DCP Number Per Instance :256
Max ACH Number Per Instance :16
Max TLP Number Per ACH :16

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 57

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Configuration Information:
MCP ID :1.1.1.1
Status :Active
Protocol Port :2048
Current Instance Number :1

● Configure a DCP.
[~UPE] nqa ipfpm dcp
[*UPE-nqa-ipfpm-dcp] dcp id 1.1.1.1
[*UPE-nqa-ipfpm-dcp] mcp 1.1.1.1 port 2048
[*UPE-nqa-ipfpm-dcp] authentication-mode hmac-sha256 key-id 1 cipher Huawei-123
[*UPE-nqa-ipfpm-dcp] color-flag loss-measure tos-bit 3 delay-measure tos-bit 4
[*UPE-nqa-ipfpm-dcp] instance 1
[*UPE-nqa-ipfpm-dcp-instance-1] description Instanceforpointbypointtest
[*UPE-nqa-ipfpm-dcp-instance-1] interval 10
[*UPE-nqa-ipfpm-dcp-instance-1] flow forward source 10.1.1.1 destination 10.2.1.1
[*UPE-nqa-ipfpm-dcp-instance-1] tlp 100 in-point ingress
[*UPE-nqa-ipfpm-dcp-instance-1] quit
[*UPE-nqa-ipfpm-dcp] quit
[*UPE] commit

Configuration Information:
DCP ID : 1.1.1.1
Loss-measure Flag : tos-bit3
Delay-measure Flag : tos-bit4
Authentication Mode : hmac-sha256
Test Instances MCP ID : 1.1.1.1
Test Instances MCP Port : 2048
Current Instance Number :1

● Bind the TLP to an interface.

[~UPE] interface GigabitEthernet1/0/0
[~UPE-GigabitEthernet1/0/0] ipfpm tlp 100
[*UPE-GigabitEthernet1/0/0] quit
[*UPE] commit

● Enable hop-by-hop packet loss and delay measurement.

[~UPE] nqa ipfpm dcp
[*UPE-nqa-ipfpm-dcp] instance 1
[*UPE-nqa-ipfpm-dcp-instance-1] loss-measure enable time-range 30
[*UPE-nqa-ipfpm-dcp-instance-1] delay-measure enable one-way tlp 100 time-range 30
[*UPE-nqa-ipfpm-dcp-instance-1] commit

# Configure SPE1.
● Configure a DCP.
[~SPE1] nqa ipfpm dcp
[*SPE1-nqa-ipfpm-dcp] dcp id 2.2.2.2
[*SPE1-nqa-ipfpm-dcp] authentication-mode hmac-sha256 key-id 1 cipher Huawei-123
[*SPE1-nqa-ipfpm-dcp] color-flag loss-measure tos-bit 3 delay-measure tos-bit 4
[*SPE1-nqa-ipfpm-dcp] mcp 1.1.1.1 port 2048
[*SPE1-nqa-ipfpm-dcp] instance 1
[*SPE1-nqa-ipfpm-dcp-instance-1] description Instanceforpointbypointtest
[*SPE1-nqa-ipfpm-dcp-instance-1] interval 10
[*SPE1-nqa-ipfpm-dcp-instance-1] flow forward source 10.1.1.1 destination 10.2.1.1
[*SPE1-nqa-ipfpm-dcp-instance-1] tlp 200 mid-point flow forward ingress vpn-label 17 lsp-label 18
[*SPE1-nqa-ipfpm-dcp-instance-1] quit
[*SPE1-nqa-ipfpm-dcp] quit
[*SPE1] commit

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 58

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

After completing the configuration, run the display ipfpm dcp command on
SPE1. The command output shows DCP configurations on SPE1.
[~SPE1] display ipfpm dcp
Specification Information(Main Board):
Max Instance Number :64
Max 10s Instance Number :64
Max 1s Instance Number :--
Max TLP Number :512
Max TLP Number Per Instance :8

Configuration Information:
DCP ID : 2.2.2.2
Loss-measure Flag : tos-bit3
Delay-measure Flag : tos-bit4
Authentication Mode : hmac-sha256
Test Instances MCP ID : 1.1.1.1
Test Instances MCP Port : 2048
Current Instance Number :1

● Bind the TLP to an interface.

[~SPE1] interface GigabitEthernet1/0/1
[~SPE1-GigabitEthernet1/0/1] ipfpm tlp 200
[*SPE1-GigabitEthernet1/0/1] quit
[*SPE1] commit

● Enable hop-by-hop packet loss and delay measurement.

[~SPE1] nqa ipfpm dcp
[*SPE1-nqa-ipfpm-dcp] instance 1
[*SPE1-nqa-ipfpm-dcp-instance-1] loss-measure enable mid-point time-range 30
[*SPE1-nqa-ipfpm-dcp-instance-1] delay-measure enable one-way mid-point time-range 30
[*SPE1-nqa-ipfpm-dcp-instance-1] commit

# Configure the NPE.

● Configure a DCP.
[~NPE] nqa ipfpm dcp
[*NPE-nqa-ipfpm-dcp] dcp id 4.4.4.4
[*NPE-nqa-ipfpm-dcp] authentication-mode hmac-sha256 key-id 1 cipher Huawei-123
[*NPE-nqa-ipfpm-dcp] color-flag loss-measure tos-bit 3 delay-measure tos-bit 4
[*NPE-nqa-ipfpm-dcp] mcp 1.1.1.1 port 2048
[*NPE-nqa-ipfpm-dcp] instance 1
[*NPE-nqa-ipfpm-dcp-instance-1] description Instanceforpointbypointtest
[*NPE-nqa-ipfpm-dcp-instance-1] interval 10
[*NPE-nqa-ipfpm-dcp-instance-1] flow forward source 10.1.1.1 destination 10.2.1.1
[*NPE-nqa-ipfpm-dcp-instance-1] tlp 310 out-point egress
[*NPE-nqa-ipfpm-dcp-instance-1] quit
[*NPE-nqa-ipfpm-dcp] quit
[*NPE] commit

Configuration Information:
DCP ID : 4.4.4.4
Loss-measure Flag : tos-bit3
Delay-measure Flag : tos-bit4
Authentication Mode : hmac-sha256
Test Instances MCP ID : 1.1.1.1
Test Instances MCP Port : 2048
Current Instance Number :1

● Bind the TLPs to interfaces.

[*NPE] interface GigabitEthernet1/0/3

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 59

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

[*NPE-GigabitEthernet1/0/3] ipfpm tlp 310

[*NPE-GigabitEthernet1/0/3] quit
[*NPE] commit
● Enable hop-by-hop packet loss and delay measurement.
[~NPE] nqa ipfpm dcp
[*NPE-nqa-ipfpm-dcp] instance 1
[*NPE-nqa-ipfpm-dcp-instance-1] loss-measure enable time-range 30
[*NPE-nqa-ipfpm-dcp-instance-1] delay-measure enable one-way tlp 310 time-range 30
[*NPE-nqa-ipfpm-dcp-instance-1] commit

Step 11 Configure alarm thresholds and clear alarm thresholds for IP FPM performance
counters on the UPE.
# Configure the packet loss alarm threshold and its clear alarm threshold.
[~UPE] nqa ipfpm mcp
[*UPE-nqa-ipfpm-mcp] instance 1
[*UPE-nqa-ipfpm-mcp-instance-1] loss-measure ratio-threshold upper-limit 10 lower-limit 5
[*UPE-nqa-ipfpm-mcp-instance-1] commit

Step 12 Verify the configuration.

Run the display ipfpm statistic-type { loss | oneway-delay } instance instance-id
ach ach-id command on the UPE to check the performance statistics for a
specified IP FPM instance.
● # The following example uses the packet loss statistics for ACH1.
[~UPE] display ipfpm statistic-type loss instance 1 ach 1
Latest loss statistics of forward flow:
Unit: p - packet, b - byte
------------------------------------------------------------------------------------------
Period Loss(p) LossRatio(p) Loss(b) LossRatio(b)
------------------------------------------------------------------------------------------
136190088 10 10.000000% 1000 10.000000%
136190087 10 10.000000% 1000 10.000000%
136190086 10 10.000000% 1000 10.000000%
136190085 10 10.000000% 1000 10.000000%
136190084 10 10.000000% 1000 10.000000%
136190083 10 10.000000% 1000 10.000000%
136190082 10 10.000000% 1000 10.000000%

Latest loss statistics of backward flow:

Unit: p - packet, b - byte
------------------------------------------------------------------------------------------
Period Loss(p) LossRatio(p) Loss(b) LossRatio(b)
------------------------------------------------------------------------------------------
● # The following example uses the delay statistics for ACH1.
[~UPE] display ipfpm statistic-type oneway-delay instance 1 ach 1
Latest one-way delay statistics of forward flow:
--------------------------------------------------
Period Delay(usec) Delay
Variation(usec)
--------------------------------------------------
136190120 100 0
136190119 100 0
136190118 100 0
136190117 100 0
136190116 100 0
136190115 100 0
136190114 100 0

Latest one-way delay statistics of backward flow:

--------------------------------------------------

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 60

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

Period Delay(usec) Delay

Variation(usec)
--------------------------------------------------

----End

Configuration Files
● UPE configuration file
#
sysname UPE
#
ptp enable
ptp domain 1
ptp device-type bc
ptp clock-source local clock-class 185
ptp clock-source bits0 on
#
clock source ptp synchronization enable
clock source ptp priority 1
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 100:1
apply-label per-instance
tnl-policy policy1
vpn-target 1:1 export-extcommunity
vpn-target 1:1 import-extcommunity
#
mpls lsr-id 1.1.1.1
mpls
mpls te
label advertise non-null
mpls rsvp-te
mpls te cspf
#
ntp-service sync-interval 180
ntp-service refclock-master 1
#
interface GigabitEthernet1/0/0
undo shutdown
ip binding vpn-instance vpna
ip address 192.168.1.1 255.255.255.0
ptp enable
ipfpm tlp 100
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.16.1.1 255.255.255.0
mpls
mpls te
mpls rsvp-te
ptp enable
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.2.1 255.255.255.0
mpls
mpls te
mpls rsvp-te
#
interface LoopBack1
ip address 1.1.1.1 255.255.255.255
#
interface Tunnel11
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 2.2.2.2

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 61

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

mpls te tunnel-id 100

mpls te reserved-for-binding
#
interface Tunnel12
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 3.3.3.3
mpls te tunnel-id 200
mpls te reserved-for-binding
#
bgp 100
router-id 1.1.1.1
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack1
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
peer 3.3.3.3 enable
#
ipv4-family vpnv4
policy vpn-target
peer 2.2.2.2 enable
peer 3.3.3.3 enable
#
ipv4-family vpn-instance vpna
import-route direct
auto-frr
#
ospf 1
opaque-capability enable
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 172.16.1.0 0.0.0.255
network 172.16.2.0 0.0.0.255
mpls-te enable
#
tunnel-policy policy1
tunnel binding destination 2.2.2.2 te Tunnel11
tunnel binding destination 3.3.3.3 te Tunnel12
#
nqa ipfpm dcp
dcp id 1.1.1.1
mcp 1.1.1.1 port 2048
authentication-mode hmac-sha256 key-id 1 cipher #%#%=%uP:z;!;4\TdYHU#$z/1IR]#%#
%
color-flag loss-measure tos-bit 3 delay-measure tos-bit 4
instance 1
description Instanceforpointbypointtest
flow forward source 10.1.1.1 destination 10.2.1.1
tlp 100 in-point ingress
#
nqa ipfpm mcp
mcp id 1.1.1.1
protocol udp port 2048
authentication-mode hmac-sha256 key-id 1 cipher #%#%i`R<<=hGt>i:|a;Ypy%~1E(U#%#%
instance 1
description Instanceforpoint-by-pointtest
dcp 1.1.1.1
dcp 2.2.2.2
dcp 4.4.4.4
loss-measure ratio-threshold upper-limit 10.000000 lower-limit 5.000000
delay-measure two-way delay-threshold upper-limit 100000 lower-limit 50000
ach 1
flow forward
in-group dcp 1.1.1.1 tlp 100
out-group dcp 2.2.2.2 tlp 200

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 62

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

ach 2
flow forward
in-group dcp 2.2.2.2 tlp 200
out-group dcp 4.4.4.4 tlp 310
#
return
● SPE1 configuration file
#
sysname SPE1
#
ptp enable
ptp domain 1
ptp device-type bc
ptp clock-source local clock-class 185
ptp clock-source bits0 on
#
clock source bits0 synchronization enable
clock source bits0 priority 1
clock source ptp synchronization enable
clock source ptp priority 1
clock bits-type bits0 2mhz
#
tunnel-selector bindTE permit node 10
apply tunnel-policy policy1
#
mpls lsr-id 2.2.2.2
mpls
mpls te
label advertise non-null
mpls rsvp-te
mpls te cspf
#
mpls ldp
#
ntp-service sync-interval 180
ntp-service unicast-server 172.16.1.1
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.16.1.2 255.255.255.0
mpls
mpls te
mpls rsvp-te
ptp enable
ipfpm tlp 200
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.4.1 255.255.255.0
mpls
mpls ldp
ptp enable
#
interface GigabitEthernet1/0/3
undo shutdown
ip address 172.16.3.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet1/0/4
undo shutdown
ip address 172.16.6.1 255.255.255.0
ptp enable
#
interface LoopBack1
ip address 2.2.2.2 255.255.255.255
#
interface Tunnel11
ip address unnumbered interface LoopBack1

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 63

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

tunnel-protocol mpls te
destination 1.1.1.1
mpls te tunnel-id 100
mpls te reserved-for-binding
#
bgp 100
router-id 2.2.2.2
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack1
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack1
peer 4.4.4.4 as-number 100
peer 4.4.4.4 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
peer 3.3.3.3 enable
peer 4.4.4.4 enable
#
ipv4-family vpnv4
undo policy vpn-target
tunnel-selector bindTE
peer 1.1.1.1 enable
peer 1.1.1.1 reflect-client
peer 1.1.1.1 next-hop-local
peer 3.3.3.3 enable
peer 4.4.4.4 enable
peer 4.4.4.4 reflect-client
peer 4.4.4.4 next-hop-local
#
ospf 1
opaque-capability enable
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 172.16.1.0 0.0.0.255
network 172.16.3.0 0.0.0.255
network 172.16.4.0 0.0.0.255
mpls-te enable
#
tunnel-policy policy1
tunnel binding destination 1.1.1.1 te Tunnel11
#
nqa ipfpm dcp
dcp id 2.2.2.2
mcp 1.1.1.1 port 2048
authentication-mode hmac-sha256 key-id 1 cipher #%#%/#(8ARUz1+=(sUrXdsM1P.x#%#%
color-flag loss-measure tos-bit 3 delay-measure tos-bit 4
instance 1
description Instanceforpointbypointtest
flow forward source 10.1.1.1 destination 10.2.1.1
tlp 200 mid-point flow forward ingress vpn-label 17 lsp-label 18
#
return
● SPE2 configuration file
#
sysname SPE2
#
tunnel-selector bindTE permit node 10
apply tunnel-policy policy1
#
mpls lsr-id 3.3.3.3
mpls
mpls te
label advertise non-null
mpls rsvp-te
mpls te cspf
#
mpls ldp

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 64

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.16.5.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.2.2 255.255.255.0
mpls
mpls te
mpls rsvp-te
#
interface GigabitEthernet1/0/3
undo shutdown
ip address 172.16.3.2 255.255.255.0
mpls
mpls te
mpls ldp
#
interface LoopBack1
ip address 3.3.3.3 255.255.255.255
#
interface Tunnel12
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 1.1.1.1
mpls te tunnel-id 200
mpls te reserved-for-binding
#
bgp 100
router-id 3.3.3.3
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack1
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack1
peer 4.4.4.4 as-number 100
peer 4.4.4.4 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
peer 2.2.2.2 enable
peer 4.4.4.4 enable
#
ipv4-family vpnv4
undo policy vpn-target
tunnel-selector bindTE
peer 1.1.1.1 enable
peer 1.1.1.1 reflect-client
peer 1.1.1.1 next-hop-local
peer 2.2.2.2 enable
peer 4.4.4.4 enable
peer 4.4.4.4 reflect-client
peer 4.4.4.4 next-hop-local
#
ospf 1
opaque-capability enable
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 172.16.2.0 0.0.0.255
network 172.16.3.0 0.0.0.255
network 172.16.5.0 0.0.0.255
mpls-te enable
#
tunnel-policy policy1
tunnel binding destination 1.1.1.1 te Tunnel12

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 65

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

#
return
● NPE configuration file
#
sysname NPE
#
ptp enable
ptp domain 1
ptp device-type bc
ptp clock-source local clock-class 185
ptp clock-source bits0 on
#
clock source ptp synchronization enable
clock source ptp priority 1
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 100:1
apply-label per-instance
vpn-target 1:1 export-extcommunity
vpn-target 1:1 import-extcommunity
#
mpls lsr-id 4.4.4.4
mpls
#
mpls ldp
#
ntp-service sync-interval 180
ntp-service unicast-server 172.16.4.1
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.16.5.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.4.2 255.255.255.0
mpls
mpls ldp
ptp enable
#
interface GigabitEthernet1/0/3
undo shutdown
ip binding vpn-instance vpna
ip address 192.168.2.1 255.255.255.0
ptp enable
ipfpm tlp 310
#
interface LoopBack1
ip address 4.4.4.4 255.255.255.255
#
bgp 100
router-id 4.4.4.4
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack1
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
peer 3.3.3.3 enable
#
ipv4-family vpnv4
policy vpn-target
peer 2.2.2.2 enable
peer 3.3.3.3 enable

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 66

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 2 IP FPM Configuration

#
ipv4-family vpn-instance vpna
import-route direct
auto-frr
#
ospf 1
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 172.16.4.0 0.0.0.255
network 172.16.5.0 0.0.0.255
#
nqa ipfpm dcp
dcp id 4.4.4.4
mcp 1.1.1.1 port 2048
authentication-mode hmac-sha256 key-id 1 cipher #%#%Se9P>q>D>~v\Es$K{z2H1VW##%#%
color-flag loss-measure tos-bit 3 delay-measure tos-bit 4
instance 1
description Instanceforpointbypointtest
flow forward source 10.1.1.1 destination 10.2.1.1
tlp 310 out-point egress
#
return

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 67

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

3 NetStream Configuration

About This Chapter

NetStream is a technique used to sample and distribute traffic information on

networks. It collects traffic statistics based on the volume and resource
consumption and helps users implement management and accounting on various
services.

Context

The NetStream feature may be used to analyze the communication information of terminal
customers for network traffic statistics and management purposes. Before enabling the
NetStream feature, ensure that it is performed within the boundaries permitted by
applicable laws and regulations. Effective measures must be taken to ensure that
information is securely protected.

3.1 Overview of NetStream

As the Internet develops rapidly, more bandwidth resources are provided for users,
and at the same time a higher requirement for delicate network monitoring and
management is raised. To address this issue, NetStream has been introduced.
NetStream is a technique that collects highly granular per-flow traffic statistics. It
classifies traffic flow statistics and calculates resource usage on networks.
NetStream also helps monitor and manage networks based on the types of
services and resources.
3.2 NetStream Licensing Requirements and Configuration Precautions
3.3 Collecting Statistics About IPv4 Original Flows
Before collecting statistics about IPv4 original flows, familiarize yourself with the
usage scenario, complete the pre-configuration tasks, and obtain the data
required for the configuration.
3.4 Collecting Statistics About IPv4 Aggregated Flows
Before collecting statistics about IPv4 aggregated flows, familiarize yourself with
the usage scenario, complete the pre-configuration tasks, and obtain the data
required for the configuration.
3.5 Collecting Statistics About IPv6 Original Flows

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 68

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Before collecting statistics about IPv6 original flows, familiarize yourself with the
usage scenario, complete the pre-configuration tasks, and obtain the data
required for the configuration.
3.6 Collecting Statistics About IPv6 Aggregated Flows
Before collecting statistics about IPv6 aggregated flows, familiarize yourself with
the usage scenario, complete the pre-configuration tasks, and obtain the data
required for the configuration.
3.7 Collecting Statistics About IPv4 Flexible Flows
Before collecting statistics about IPv4 flexible flows, familiarize yourself with the
applicable environment and complete the pre-configuration tasks. This can help
you complete the configuration task quickly and accurately.
3.8 Collecting Statistics About IPv6 Flexible Flows
Before collecting statistics about IPv6 flexible flows, familiarize yourself with the
applicable environment and complete the pre-configuration tasks. This can help
you complete the configuration task quickly and accurately.
3.9 Collecting Statistics About MPLS IPv4 Packets
Collecting packet statistics on MPLS networks helps you monitor MPLS network
status.
3.10 Collecting Statistics About MPLS IPv6 Packet
Collecting packet statistics on MPLS networks helps you to monitor MPLS network
conditions.
3.11 Collecting Statistics About BGP/MPLS VPN Flows
Collecting traffic statistics on BGP/MPLS VPN networks helps monitor the BGP/
MPLS VPN network condition.
3.12 Maintaining NetStream
This section describes how to maintain NetStream.
3.13 Configuration Examples for NetStream
This section provides NetStream configuration examples.

3.1 Overview of NetStream

As the Internet develops rapidly, more bandwidth resources are provided for users,
and at the same time a higher requirement for delicate network monitoring and
management is raised. To address this issue, NetStream has been introduced.
NetStream is a technique that collects highly granular per-flow traffic statistics. It
classifies traffic flow statistics and calculates resource usage on networks.
NetStream also helps monitor and manage networks based on the types of
services and resources.
NetStream provides the following functions:
● Accounting statistics
NetStream provides detailed accounting statistics, including IP addresses,
number of packets, number of bytes, time, type of service (ToS), and
application types. Based on the collected statistics, the Internet service
provider (ISP) can charge users flexibly based on resource information, such
as time periods, bandwidth, applications, or QoS, and enterprises can estimate
their expenses and assign costs to efficiently use resources.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 69

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

● Network planning and analysis

NetStream provides key information for advanced network management tools
to optimize the network design and plan. This helps achieve the best network
performance and reliability with the lowest network operation cost.
● Network monitoring
NetStream monitors network traffic in real time.
● Application monitoring and analysis
NetStream provides detailed network application information. For example, it
allows a network administrator to view the proportion of each application,
such as web, the File Transfer Protocol (FTP), Telnet, and other TCP/IP
applications, to communication traffic. Based on the information, the Internet
Content Provider (ICP) and ISP can properly plan and allocate network
application resources.
● Abnormal traffic detection
By analyzing NetStream flows, the NMS can detect abnormal traffic, such as
different types of attacks on networks in real time. The NMS uses alarm
information reported by NetStream to monitor devices to secure network
operation.
NetStream is implemented using the following devices:
● NetStream Data Exporter (NDE): samples and outputs traffic statistics.
● NetStream Collector (NSC): collects and stores traffic statistics sent by the
NDE.
● NetStream Data Analyzer (NDA): analyzes traffic statistics. The analysis result
is used as the reference for various functions, such as network accounting,
network planning, network monitoring, application monitoring, and traffic
analysis.
The NetEngine 8000 is used as an NDE to sample packets, aggregate flows, and
output flows.
Figure 3-1 illustrates the relationship among the NDE, NSC, and NDA.

Figure 3-1 NetStream device roles

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 70

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

3.2 NetStream Licensing Requirements and

Configuration Precautions
Licensing Requirements
For details, see "Licensing Requirements" in Feature Description.

Configuration Precautions
Restrictions Guidelines Impact

IPv4 private network N/A Route information is

routes and IPv6 private missing in the data
network routes support sampled in multi-PE load
multi-PE load balancing. balancing scenarios.
Route information is
missing in the data
sampled.

In an L3VXLAN access to None The sampling

L3VPN scenario, information is
NetStream fails to collect incomplete.
outbound interface
information of packets
entering the VXLAN
tunnel nor inbound
interface and subnet
mask information of
packets leaving the
VXLAN tunnel.

SR TE supports only None In the case of

upstream sampling for downstream sampling
an ingress PE and for an ingress PE and
downstream sampling upstream sampling for
for an egress PE. P device an egress PE, outbound
sampling is not interface information
supported. fails to be collected, or a
sampling error occurs.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 71

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Restrictions Guidelines Impact

If the NetStream feature Configure centralized The function does not

needs to be configured sampling on a board take effect.
on a board, but the that supports this
board does not support function.
sampling data
processing, you can
configure a centralized
sampling board that
supports centralized
service processing to
process data.

3.3 Collecting Statistics About IPv4 Original Flows

Before collecting statistics about IPv4 original flows, familiarize yourself with the
usage scenario, complete the pre-configuration tasks, and obtain the data
required for the configuration.

Usage Scenario
On the network shown in Figure 3-2, a carrier enables NetStream on the router
functioning as a NetStream Data Exporter (NDE) to obtain detailed network
application information. The carrier can use the information to monitor abnormal
network traffic, analyze users' operation modes, and plan networks between ASs.
Statistics about original flows are collected based on the 7-tuple information. The
NDE samples IPv4 flows passing through it, collects statistics about sampled flows,
encapsulates the aging NetStream original flows into UDP packets, and sends the
packets to the NetStream Collector (NSC) for processing. Unlike collecting
statistics about aggregated flows, collecting statistics about original flows imposes
less impact on NDE performance. Original flows consume more storage space and
network bandwidth resources because the volume of original flows is greater than
that of aggregated flows.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 72

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Figure 3-2 Networking diagram for collecting IPv4 flow statistics

Pre-configuration Tasks
Before collecting the statistics about IPv4 original flows, configure static routes or
enable an IGP to implement network connectivity.

3.3.1 Specifying a NetStream Service Processing Mode

After t sampling packets, each NetStream-enabled interface board sends sampled
packets to the NetStream service processing board for aggregation and output. If
the NetEngine 8000 has more than one NetStream service processing board, these
NetStream services boards work in redundancy mode to back up each other and
balance traffic, which improves system reliability.

Context
NetStream services can be processed in the following modes:

● Distributed mode
An interface board samples packets, aggregates flows, and outputs flows.

The ip netstream sampler to slot command has the same function as the ipv6
netstream sampler to slot command.

● The execution of either command takes effect on all packets, and there is no
need to configure both of them. If it is required to configure both of them,
ensure that NetStream service processing modes are the same. A mode
inconsistency causes an error.

Procedure
● Configure the distributed NetStream service processing mode.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 73

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

a. Run system-view

The system view is displayed.

b. Run slot slot-id

The view of the slot in which the interface board for NetStream sampling
resides is displayed.
c. Run ip netstream sampler to slot self

The distributed NetStream service processing mode is specified.

d. Run commit

The configuration is committed.

----End

3.3.2 Outputting Original Flows

To ensure that original flows can be correctly output to the NMS, configure the
aging time, output format, and source and destination addresses for original
flows.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 (Optional) Run ip netstream export version { 5 [ origin-as | peer-as ] | 9

[ origin-as | peer-as ] [ bgp-nexthop ] [ ttl ] | ipfix [ origin-as | peer-as ] [ bgp-
nexthop ] [ ttl ] }

The output format of original flows is configured.

NetStream original flow packets support V5 and V9 as well as IPFIX packet

formats. V5, IPFIX, and V9 packet formats are mutually exclusive.

The V9 format allows the output original flows to carry more variable statistics, to
expand newly defined flow elements more flexibly, and to generate new records
more easily.

Compared with the V9 format, the IPFIX format improves packet extensibility and
compatibility, security, and reliability. In addition, the IPFIX format has an
enterprise identifier field added. When setting this field, you must use the IPFIX
format for the outputting of NetStream IPv4 original flows.

The V5 format is fixed, and the system cost is low. In most cases, NetStream
original flows are output in V5 format. In any of the following situations,
NetStream original flows must be output in V9 format or IPFIX:
● NetStream original flows need to carry BGP next-hop information.
● Interface indexes carried in the output NetStream original flows need to be
extended from 16 bits to 32 bits.

Step 3 (Optional) Configure NetStream packets to carry the flow sequence field.
1. Run slotslot-id

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 74

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

The view of the slot in which the interface board for NetStream sampling
resides is displayed.
2. Run ip netstream export sequence-mode flow
NetStream packets are configured to carry the flow sequence field.
3. Run quit
The system view is displayed.

The command applies to the V9 format only.

Step 4 (Optional) Run ip netstream export template sequence-number fixed

The sequence numbers of template packets and option template packets in IPFIX
format are configured to remain unchanged, but data packets and option data
packets in IPFIX format are still consecutively numbered.

Step 5 (Optional) Run ip netstream export template timeout-rate timeout-interval

The interval at which the template for outputting original flows in the V9 or IPFIX
format is refreshed.

Step 6 Run ip netstream export source { ip-address | ipv6ipv6-address } [ port ]

A source IP address and a source port are specified for original flows.

Step 7 Specify the destination IP address and UDP port number of the peer NetStream
Collector (NSC) for NetStream original flows in the system or slot view.
● In the system view:
Run ip netstream export host [ ipv6 ] ip-address port [ vpn-instancevpn-
instance-name ] [ dscpdscp-value ]
The destination IP address and UDP port number of the peer NSC are
specified for NetStream original flows to be output.
● In the slot view:
a. Run slotslot-id
The view of the slot in which the interface board for NetStream sampling
resides is displayed.
b. Run ip netstream export host [ ipv6 ] ip-address port [ vpn-
instancevpn-instance-name ] [ dscpdscp-value ]
The destination IP address and UDP port number of the peer NSC are
specified for NetStream original flows to be output.
c. Run quit
The system view is displayed.

Step 8 (Optional) Set parameters for aging original flows as needed.

● Run ip netstream timeout active { active-interval | interval-second active-
interval-second }
The active aging time is set for NetStream original flows.
● Run ip netstream timeout inactive inactive-interval
The inactive aging time is set for NetStream original flows.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 75

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Step 9 Run commit

The configuration is committed.

----End

3.3.3 (Optional) Configuring NetStream Monitoring Services

NetStream monitoring services can be configured on the NetStream Data Exporter
(NDE), which enables carriers to implement more delicate traffic statistics and
management over IPv4 original flows.

Context
Increasing types of services and applications on networks urge carriers to provide
more delicate management and accounting services.

If NetStream is configured on multiple interfaces on an NDE, all interfaces send

traffic statistics to a single NetStream Collector (NSC). The NSC cannot distinguish
interfaces, and therefore, cannot manage or analyze traffic statistics based on
interfaces. In addition, the NSC will be overloaded due to a great amount of
information.

NetStream monitoring configured on an NDE allows the NDE to send traffic

statistics collected on specified interfaces to specified NSCs for analysis, which
achieves interface-specific service monitoring. Traffic statistics can be balanced
among these NSCs.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run ip netstream monitor monitor-name

A NetStream monitoring service is created and its view is displayed. If a NetStream

monitoring service view already exists, the view is displayed.

Step 3 (Optional) Run ip netstream export source {ip-address | ipv6 ipv6-address}

[ port ]

A source IP address and a source port are configured for output NetStream flows.

Step 4 Run ip netstream export host [ ipv6 ] ip-address port [ vpn-instance vpn-
instance-name ] [ version { 5 | 9 | ipfix } ] [ dscp dscp-value ]
The destination IP address and destination port number for traffic statistics are
specified.

Step 5 Run quit

Return to the system view.

Step 6 Run interface interface-type interface-number

The interface view is displayed.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 76

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Step 7 Run ip netstream monitor monitor-name { inbound | outbound }

NetStream monitoring services are configured in the inbound or outbound
direction of the interface.

If NetStream monitoring services have been configured on the interface, statistics about original
flows are sent to the destination IP address specified in the NetStream monitoring service view,
not the system view. The source address and source port configured in the NetStream
monitoring service view are also used for output NetStream flows.

Step 8 Run commit

The configuration is committed.

----End

3.3.4 (Optional) Adjusting the AS Field Mode and Interface

Index Type
Before the NetStream Collector (NSC) can properly receive and parse NetStream
packets output by the NetStream Data Exporter (NDE), the AS field modes and
interface index types configured on the NDE must be the same as those on the
NSC.

Context
Before you enable the NSC to properly receive and parse NetStream packets
output by the NDE, specify the same AS field mode and interface index type on
the NDE and NSC.
● AS field mode: The length of the AS field in IP packets can be set to 16 bits
or 32 bits. Devices on a network must use the same AS field mode. An AS
field mode inconsistency causes NetStream to fail to sample inter-AS traffic.

NOTICE

If the 32-bit AS field mode is used, the NMS must identify the 32-bit AS field.
If the NMS cannot identify the 32-bit AS field, the NMS fails to identify inter-
AS traffic sent by devices.

● Interface index: The NMS uses an interface index carried in a NetStream

packet output by the NDE to query information about the interface that sends
the packet. The interface index can be 16 or 32 bits long. The index length is
determined by NMS devices of different vendors. Therefore, the NDE must use
a proper interface index type that is also supported by the NMS. For example,
if the NMS can parse 32-bit interface indexes, set the format of the interface
indexes contained in output NetStream packets to 32-bit.

Procedure
Step 1 Run system-view
The system view is displayed.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 77

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Step 2 Run ip netstream as-mode { 16 | 32 }

The AS field mode is specified on the router.

Step 3 Run ip netstream export index-switch { 16 | 32 }

The type of the interface index carried in the NetStream packet output by the
router is configured. By default, the interface index carried in the NetStream
packet output by the router is 16 bits long. An interface index can be changed
from 16 bits to 32 bits only after the following conditions are met:
● Original flows are output in V9 or IPFIX format.
● The NetStream packet format for all aggregated flows is V9 or IPFIX format.

----End

3.3.5 (Optional) Enabling Statistics Collection of TCP Flags

There are six flag bits (URG, ACK, PSH, RST, SYN, and FIN) in a TCP packet header.
The flag bits, together with the destination IP address, source IP address,
destination port number, and source port number of a TCP packet, identify the
function and status of the TCP packet on a TCP connection. TCP flags can be
extracted from packets. Their statistics can be collected and sent to the NMS. The
NMS checks the traffic volume of each flag and determines whether the network
is attacked by TCP packets.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run ip netstream tcp-flag enable

Statistics collection of TCP flags is enabled.

An original flow for each flag value is created. If statistics collection for TCP flags
is enabled, the number of original flows will greatly increase.

Step 3 Run commit

The configuration is committed.

----End

3.3.6 (Optional) Configuring NetStream Interface Option

Packets and Setting Option Template Refreshing Parameters
This section describes how to configure NetStream interface option packets and
set option template refreshing parameters.

Context
No matter whether traffic statistics are exported as original flows or aggregated
flows, option packet data is exported to the NetStream Collector (NSC) as a
supplement. In this way, the NetStream Data Exporter (NDE) can obtain

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 78

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

information, such as the sampling ratio and whether the sampling function is
enabled, to reflect the actual network traffic.

At present, the following option packets are supported:

● Interface option packets: These packets are used to send the NetStream
configurations of all the boards on the NDE to the NSC in a scheduled
manner. The configurations cover the interface index, statistics collection
direction, and sampling value in the inbound/outbound direction.
● Time application label (TAL) option packets: These packets are used to send
application label data to the NSC. The application label option function
provides data, such as the application type of system labels, for users to
collect L3VPN NetStream statistics.

Option packets, which are independent of statistics packets, are exported to the
NSC in V9 or IPFIX format. Therefore, the required option template is sent to the
NMS for parsing option packets. You can set option template refreshing
parameters as needed to regularly refresh the template to notify the NSC of the
latest option template format.

Procedure
● Configure interface option packets to be exported in V9 or IPFIX format.
a. Run system-view

The system view is displayed.

b. Run ip netstream export template option sampler

The function of exporting statistics about interface option packets is

enabled.
● Set option template refreshing parameters for interface option packets to be
exported in V9 or IPFIX format.
a. Run system-view

The system view is displayed.

b. Run ip netstream export template option { refresh-rate packet-number
| timeout-rate timeout-interval }

The packet sending interval and timeout interval are set for option
template refreshing. An option template can be refreshed at a fixed
packet sending interval or timeout interval. The two intervals can both
take effect. In the command, refresh-rate packet-interval indicates that
the option template is refreshed at a fixed packet sending interval, and
timeout-rate timeout-interval indicates that the option template is
refreshed at a fixed timeout interval.

----End

3.3.7 (Optional) Enabling the Storage Function for Aged

Original Flows
After enabling the storage function for aged original flows, you can query
historical information about the original flows from the CF card.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 79

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run ip netstream log enable

The storage function is enabled for aged original flows.

Step 3 Run commit

The configuration is committed.

----End

3.3.8 Sampling IPv4 Flows

You can enable NetStream to sample and analyze the incoming or outgoing flows
on an interface.

Context

If a NetStream-enabled interface is bound to a VPN instance, all packets in the VPN

instance are sampled.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Configure sampling mode and sampling ratio, perform at least one of the
following steps:
● Configure a sampling mode and sampling ratio globally.
a. Run ip netstream sampler { fix-packets packet-interval | random-
packets packet-interval | fix-time time-interval } { inbound | outbound }
undo ip netstream sampler { inbound | outbound }
The sampling mode and sampling ratio are configured globally.
b. Run interfaceinterface-typeinterface-number
The interface view is displayed.
● Configure sampling mode and sampling ratio for the interface.
a. Run interfaceinterface-typeinterface-number
The interface view is displayed.
b. Run ip netstream sampler { fix-packets packet-interval | random-
packets packet-interval | fix-time time-interval } { inbound | outbound }
undo ip netstream sampler { inbound | outbound }
The sampling mode and sampling ratio are configured for the interface.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 80

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

The sampling mode and sampling ratio configured in the system view are
applicable to all interfaces on the device. The sampling mode and sampling ratio
configured in the interface view takes precedence over those configured in the
system view.

Step 3 Run ip netstream { inbound | outbound }

NetStream is enabled on the interface.

Statistics about packets' BGP next-hop information can also be collected. Original
flows output in V5 format, however, cannot carry the BGP next-hop information.

Step 4 (Optional) Run ip netstream sampler except deny-action

NetStream is not applied to traffic matching the ACL rule or traffic behavior that
contains deny.

The traffic behavior view must be displayed before you run this command.

Step 5 Run commit

The configuration is committed.

----End

3.3.9 (Optional) Disabling MPLS Packet Sampling on an

Interface
If you do not need to sample MPLS traffic on an interface, disable MPLS packet
sampling on the interface.

Prerequisites
NetStream has been enabled on an interface.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run interface interface-type interface-number

The interface view is displayed.

Step 3 Run ip netstream mpls exclude

MPLS packet sampling is disabled on the interface.

Step 4 Run commit

The configuration is committed.

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 81

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

3.3.10 Verifying the Configuration of Statistics Collection of

IPv4 Original Flows
In routine maintenance or after NetStream configurations are complete, you can
run the display commands in any view to view the running status of NetStream
functions.

Procedure
● Run the display ip netstream cache origin slot [ source-ip source-ip ]
[ source-port source-port ] [ destination-ip destination-ip ] [ destination-
port destination-port ] [ protocol { udp | tcp | protocol-number } ] [ time-
range from start-time to end-time ] slot slot-id command to check
information about the NetStream buffer.

If the netstream sampling function configured in the outbound logical interface,

running the command can only display the information about the NetStream buffer of
the physical interface on which the logical interface configured.
To view historical sampling information about IPv4 original flows on the CF card of a
main control board, run the display ip netstream cache origin log command.
● Run the display ip netstream statistics slot slot-id command to check
statistics about NetStream flows.
● Run the display ip netstream statistics interface interface-type interface-
number command to check the statistics about the sampled packets on an
interface.
● Run the display netstream { all | global | interface interface-type interface-
number } command to check NetStream configurations in different views.
● Run the display ip netstream monitor { all | monitor-name } command to
check the monitoring information about IPv4 original flows.
● Run the display ip netstream cache origin statistics slot slot-id to check
original flow table specifications and the number of current flows of a specific
board.
----End

3.4 Collecting Statistics About IPv4 Aggregated Flows

Before collecting statistics about IPv4 aggregated flows, familiarize yourself with
the usage scenario, complete the pre-configuration tasks, and obtain the data
required for the configuration.

Usage Scenario
On the network shown in Figure 3-3, a carrier enables NetStream on the router
functioning as a NetStream Data Exporter (NDE) to obtain detailed network
application information. The carrier can use the information to monitor abnormal
network traffic, analyze users' operation modes, and plan networks between ASs.
Statistics about NetStream aggregated flows contain information about original
flows with the same attributes, whereas statistics about NetStream original flows

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 82

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

contain information about sampled packets. The volume of aggregated flow

statistics is greater than that of original flow statistics.

Figure 3-3 Networking diagram for collecting IPv4 flow statistics

Pre-configuration Tasks
Before collecting statistics about IPv4 aggregated flows, complete the following
tasks:
● Configure static routes or enable an IGP to implement network connectivity.
● Enable statistics collection for NetStream original flows.

3.4.1 Specifying a NetStream Service Processing Mode

Context
NetStream services can be processed in the following modes:
● Distributed mode
An interface board samples packets, aggregates flows, and outputs flows.
The ip netstream sampler to slot command has the same function as the ipv6
netstream sampler to slot command.
● The execution of either command takes effect on all packets, and there is no
need to configure both of them. If it is required to configure both of them,

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 83

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

ensure that NetStream service processing modes are the same. A mode
inconsistency causes an error.

Procedure
● Configure the distributed NetStream service processing mode.
a. Run system-view
The system view is displayed.
b. Run slot slot-id
The view of the slot in which the interface board for NetStream sampling
resides is displayed.
c. Run ip netstream sampler to slot self
The distributed NetStream service processing mode is specified.
d. Run commit
The configuration is committed.
----End

3.4.2 Configuring an Aggregation Mode for IPv4 Flows

Configuring an aggregation mode is to specify an attribute type for original flows
to be aggregated. Original flows with the same attributes can be combined into a
single aggregated flow based on a specified aggregation mode and output to the
NetStream Collector (NSC).

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run ip netstream aggregation { as | as-tos | bgp-nexthop-tos | destination-
prefix | destination-prefix-tos | index-tos | mpls-label | prefix | prefix-tos |
protocol-port | protocol-port-tos | source-prefix | source-prefix-tos | source-
index-tos | vlan-id | bgp-community | vni-sip-dip } The NetStream aggregation
view is created

If the NetStream flow aggregation function is enabled on a device, the device classifies and
aggregates original flows based on specified rules and sends the aggregated flows to the
NetStream Data Analyzer (NDA) for analysis. Aggregating original flows minimizes the
consumption of network bandwidths, CPU resources, and memory resources. Flow
attributes based on which flows are aggregated vary according to flow aggregation modes.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 84

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Table 3-1 Mapping between aggregation modes and flow attributes

Aggregation mode Description

as NetStream combines flows with the same source AS

number, destination AS number, inbound interface
index, and outbound interface index into an
aggregated flow and generates one aggregation
record.

as-tos NetStream combines flows with the same source AS

number, destination AS number, inbound interface
index, outbound interface index, and ToS into an
aggregated flow and generates one aggregation
record.

bgp-nexthop-tos NetStream combines flows with the same destination

AS number, source AS number, BGP next hop,
inbound interface index, and outbound interface
index into an aggregated flow and generates one
aggregation record.

destination-prefix NetStream combines flows with the same destination

AS number, destination mask length, destination
prefix, and outbound interface index into an
aggregated flow and generates one aggregation
record.

destination-prefix-tos NetStream combines flows with the same destination

AS number, destination mask length, destination
prefix, ToS, and outbound interface index into an
aggregated flow and generates one aggregation
record.

index-tos NetStream combines flows with the same inbound

interface index, outbound interface index, and ToS
into an aggregated flow and generates one
aggregation record.

mpls-label Indicates the MPLS label aggregation, which

aggregates flows with the same first layer label,
second layer label, third layer label,
TopLabelIpAddress, stack bottom symbol of the first
layer label, and the EXP value of the first layer label.

prefix NetStream combines flows with the same source AS

number, destination AS number, source mask length,
destination mask length, source prefix, destination
prefix, inbound interface index, and outbound
interface index into an aggregated flow and
generates one aggregation record.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 85

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Aggregation mode Description

prefix-tos NetStream combines flows with the same source AS

number, destination AS number, source mask length,
destination mask length, source prefix, destination
prefix, ToS, inbound interface index, and outbound
interface index into an aggregated flow and
generates one aggregation record.

protocol-port NetStream combines flows with the same protocol

number, source port, and destination port into an
aggregated flow and generates one aggregation
record.

protocol-port-tos NetStream combines flows with the same protocol

number, source port, destination port, ToS, inbound
interface index, and outbound interface index into an
aggregated flow and generates one aggregation
record.

source-prefix NetStream combines flows with the same source AS

number, source mask length, source prefix, and
inbound interface index into an aggregated flow and
generates one aggregation record.

source-prefix-tos NetStream combines flows with the same source AS

number, source mask length, source prefix, ToS, and
inbound interface index into an aggregated flow and
generates one aggregation record.

source-index-tos NetStream combines flows with the same source

interface index, ToS and BGP next hop into an
aggregated flow and generates one aggregation
record.

vlan-id Indicates the BGP community aggregation, which

aggregates flows with the same inbound and
outbound interface indexes and BGP community.

bgp-community NetStream combines flows with the same VLAN ID

and inbound interface index into an aggregated flow
and generates one aggregation record.

vni-sip-dip Indicates a VNI aggregation mode. NetStream

combines flows with the same VNI ID and the same
source and destination IP addresses of tenants into
an aggregated flow and generates one aggregation
record.

Step 3 Run enable

Statistics collection of flows aggregated in a specified aggregation mode is

enabled.

Step 4 (Optional) Run mask { source | destination } minimummask-length

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 86

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

The length of the aggregate mask is set. The effective mask is the greater one
between the mask in the FIB table and the configured mask. If no aggregate mask
is set, the system uses the mask in the FIB table for flow aggregation.

The aggregate mask takes effect only on flows aggregated in the following modes:
destination-prefix, destination-prefix-tos, prefix, prefix-tos, source-prefix, and source-prefix-
tos.

Step 5 Run commit

The configuration is committed.

----End

3.4.3 Outputting Aggregated Flows

To ensure that aggregated flows are correctly output to the NMS, specify the
aging time, output format, and source and destination addresses for aggregated
flows.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run ip netstream export host [ ipv6 ] ip-address port [ vpn-instance vpn-
instance-name ] [ dscp dscp-value ]

The destination IP address and UDP port number of the peer NSC are specified for
NetStream original flows to be output.

If the destination IP addresses are specified in both the system and the
aggregation views, the configuration in the aggregation view takes effect.

Step 3 Run ip netstream aggregation { as | as-tos | bgp-nexthop-tos | destination-

prefix | destination-prefix-tos | index-tos | mpls-label | prefix | prefix-tos |
protocol-port | protocol-port-tos | source-prefix | source-prefix-tos | source-
index-tos | vlan-id | bgp-community | vni-sip-dip}

The IPv4 NetStream aggregation view is displayed.

Step 4 Run enable

The NetStream aggregation mode is enabled.

Step 5 (Optional) Run export version { 8 | 9 | ipfix }

The output format is specified for the aggregated flows. Flows aggregated in as,
as-tos, destination-prefix, destination-prefix-tos, prefix, prefix-tos, protocol-
port, protocol-port-tos, source-prefix, or source-prefix-tos mode are output in
V8 format by default. You can specify the output format for aggregated flows as
needed.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 87

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

For the vlan-id, bgp-nhp-tos, vni-sip-dip, and index-tos aggregation modes, aggregated
packets can be encapsulated only in the default V9 format. You can change the format to
IPFIX using the export version command.

Step 6 (Optional) Configure NetStream packets to carry the flow sequence field.
1. Run slotslot-id
The view of the slot in which the interface board for NetStream sampling
resides is displayed.
2. Run ip netstream export sequence-mode flow
NetStream packets are configured to carry the flow sequence field.
3. Run quit
Return to the system view.

The command applies to the V9 format only.

Step 7 (Optional) Run template timeout-ratetimeout-interval

The interval at which the template for outputting aggregated flows in the V9 or
IPFIX format is refreshed is set.

Step 8 Run ip netstream export source { ip-address | ipv6ipv6-address } [ port ]

The source IP address and source port are specified for aggregated flows.

The source IP address and source port specified in the aggregation view take
precedence over that specified in the system view. If no source IP address or
source port is specified in the aggregation view, the source IP address and source
port specified in the system view take effect.

Step 9 Run ip netstream export host [ ipv6 ] ip-address port [ vpn-instancevpn-

instance-name ] [ vpn-instancevpn-instance-name ] [ dscpdscp-value ]

The destination IP address and UDP port number of the peer NSC are specified for
NetStream original flows to be output.

The destination IP address specified in the NetStream aggregation view takes precedence
over that specified in the system view.

Step 10 (Optional) Set parameters for aging aggregated flows.

● Run ip netstream aggregation timeout active { active-interval | interval-
second active-interval-second }
The active aging time is set for NetStream aggregated flows.
● Run ip netstream aggregation timeoutinactiveinactive-interval
The inactive aging time is set for NetStream aggregated flows.

Step 11 (Optional) Exit the IPv4 aggregated configuration mode view. In the system view,
run ip netstream export template sequence-number fixed

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 88

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

3.4.4 (Optional) Adjusting the AS Field Mode and Interface

NOTICE

If the 32-bit AS field mode is used, the NMS must identify the 32-bit AS field.
If the NMS cannot identify the 32-bit AS field, the NMS fails to identify inter-
AS traffic sent by devices.

● Interface index: The NMS uses an interface index carried in a NetStream

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run ip netstream as-mode { 16 | 32 }
The AS field mode is specified on the router.
Step 3 Run ip netstream export index-switch { 16 | 32 }
The type of the interface index carried in the NetStream packet output by the
router is configured. By default, the interface index carried in the NetStream

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 89

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

packet output by the router is 16 bits long. An interface index can be changed
from 16 bits to 32 bits only after the following conditions are met:
● Original flows are output in V9 or IPFIX format.
● The NetStream packet format for all aggregated flows is V9 or IPFIX format.

----End

3.4.5 Sampling IPv4 Flows

You can enable NetStream to sample and analyze the incoming or outgoing flows
on an interface.

Context

If a NetStream-enabled interface is bound to a VPN instance, all packets in the VPN

instance are sampled.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Configure sampling mode and sampling ratio, perform at least one of the
following steps:
● Configure a sampling mode and sampling ratio globally.
a. Run ip netstream sampler { fix-packets packet-interval | random-
packets packet-interval | fix-time time-interval } { inbound | outbound }
undo ip netstream sampler { inbound | outbound }
The sampling mode and sampling ratio are configured globally.
b. Run interfaceinterface-typeinterface-number
The interface view is displayed.
● Configure sampling mode and sampling ratio for the interface.
a. Run interfaceinterface-typeinterface-number
The interface view is displayed.
b. Run ip netstream sampler { fix-packets packet-interval | random-
packets packet-interval | fix-time time-interval } { inbound | outbound }
undo ip netstream sampler { inbound | outbound }
The sampling mode and sampling ratio are configured for the interface.

Step 3 Run ip netstream { inbound | outbound }

NetStream is enabled on the interface.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 90

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Statistics about packets' BGP next-hop information can also be collected. Original
flows output in V5 format, however, cannot carry the BGP next-hop information.

Step 4 (Optional) Run ip netstream sampler except deny-action

NetStream is not applied to traffic matching the ACL rule or traffic behavior that
contains deny.

The traffic behavior view must be displayed before you run this command.

Step 5 Run commit

The configuration is committed.

----End

3.4.6 (Optional) Disabling MPLS Packet Sampling on an

Interface
If you do not need to sample MPLS traffic on an interface, disable MPLS packet
sampling on the interface.

Prerequisites
NetStream has been enabled on an interface.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run interface interface-type interface-number

The interface view is displayed.

Step 3 Run ip netstream mpls exclude

MPLS packet sampling is disabled on the interface.

Step 4 Run commit

The configuration is committed.

----End

3.4.7 Verifying the Configuration of Statistics Collection of

IPv4 Aggregated Flows
In routine maintenance or after pertaining configurations of NetStream are
complete, you can run the display commands in any view to check whether
NetStream is enabled on the device.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 91

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Procedure
● Run the display ip netstream cache { as | as-tos | bgp-nexthop-tos | bgp-
community | destination-prefix | destination-prefix-tos | index-tos | mpls-
label | prefix | prefix-tos | protocol-port | protocol-port-tos | source-prefix |
source-prefix-tos | source-index-tos | vni-sip-dip | vlan-id | flexflowtpl
record-name } slot slot-id command to check flows aggregated in different
modes in the buffer.
● Run the display ip netstream statistics slot slot-id command to check
statistics about NetStream flows.
● Run the display ip netstream statistics interface interface-type interface-
number command to check the statistics about the sampled packets on an
interface.
● Run the display netstream { all | global | interface interface-type interface-
number } command to check NetStream configurations in different views.
● Run the display ip netstream cache aggregation statistics slot slot-id
command to check aggregation flow table specifications and the number of
current flows of a specific board.
----End

3.5 Collecting Statistics About IPv6 Original Flows

Before collecting statistics about IPv6 original flows, familiarize yourself with the
usage scenario, complete the pre-configuration tasks, and obtain the data
required for the configuration.

Usage Scenario
On the network shown in Figure 3-4, a carrier enables NetStream on the router
functioning as a NetStream Data Exporter (NDE) to obtain detailed network
application information. The carrier can use the information to monitor abnormal
network traffic, analyze users' operation modes, and plan networks between ASs.
Statistics about original flows are collected based on the 7-tuple information. The
NetStream Data Exporter (NDE) samples IPv6 flows passing through it, collects
statistics about sampled flows, encapsulates the aging NetStream original flows
into UDP packets, and sends the packets to the NetStream Collector (NSC) for
processing. Unlike collecting statistics about aggregated flows, collecting statistics
about original flows imposes less impact on NDE performance. Original flows
consume more storage space and network bandwidth resources because the
volume of original flows is greater than that of aggregated flows.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 92

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Figure 3-4 Networking diagram for collecting IPv6 flow statistics

Pre-configuration Tasks
Before collecting the statistics about IPv6 original flows, complete the following
task:

● Configure parameters of the link layer protocol and IP addresses for interfaces
so that the link layer protocol on the interfaces can go Up.
● Configure static routes or enable an IGP to implement network connectivity.

3.5.1 Specifying a NetStream Service Processing Mode

After sampling packets, each NetStream-enabled interface board sends sampled
packets to the NetStream service processing board for aggregation and output. If
the NetEngine 8000 has more than one NetStream service processing board, these
NetStream services boards work in redundancy mode to back up each other and
balance traffic, which improves system reliability.

Context
NetStream services can be processed in the following modes:

● Distributed mode
An interface board samples packets, aggregates flows, and outputs flows.

The ip netstream sampler to slot command has the same function as the ipv6
netstream sampler to slot command.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 93

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Procedure
● Specify the distributed NetStream service processing mode.
a. Run system-view
The system view is displayed.
b. Run slot slot-id
The view of the slot in which the interface board for NetStream sampling
resides is displayed.
c. Run ipv6 netstream sampler to slot self
The distributed NetStream service processing mode is specified.
d. Run commit
The configuration is committed.
----End

3.5.2 Outputting Original Flows

To ensure that original flows can be correctly output to the NMS, configure the
aging time, output format, and source and destination addresses for original
flows.

Context
IPv6 original flows can be output only in V9 or IPFIX format.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run ipv6 netstream export version{ 9 [ origin-as | peer-as ] [ bgp-nexthop ]
[ ttl ] | ipfix [ origin-as | peer-as ] [ bgp-nexthop ] [ ttl ] }
The output format of original flows is configured.
Step 3 (Optional) Configure NetStream packets to carry the flow sequence field.
1. Run slotslot-id
The view of the slot in which the interface board for NetStream sampling
resides is displayed.
2. Run ip netstream export sequence-mode flow
NetStream packets are configured to carry the flow sequence field.
3. Run quit
Return to the system view.

The command applies to the V9 format only.

Step 4 (Optional) Run ipv6 netstream export template sequence-number fixed

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 94

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Step 5 Run ipv6 netstream export template timeout-ratetimeout-interval

The interval at which the template for outputting original flows in the V9 or IPFIX
format is refreshed.

Step 6 Run ipv6 netstream export source { ip-address | ipv6ipv6-address } [ port ]

The source IP address and source port are specified for original flows.

Step 7 Specify the destination IP address and UDP port number of the peer NSC for
NetStream original flows in the system or slot view.
● In the system view:
Run ipv6 netstream export host [ ipv6 ] ip-address port [ vpn-instancevpn-
instance-name ] [ dscpdscp-value ]
The destination IP address and destination port number for traffic statistics
are specified.
● In the slot view:
a. Run slotslot-id
The view of the slot in which the interface board for NetStream sampling
resides is displayed.
b. Run ipv6 netstream export host [ ipv6 ] ip-address port [ vpn-
instancevpn-instance-name ] [ dscpdscp-value ]
The destination IP address and destination port number for traffic
statistics are specified.
c. Run quit
Return to the system view.

Step 8 (Optional) Set parameters for aging original flows.

● Run ipv6 netstream timeout{ activeactive-interval | active interval-
secondactive-interval-second }
The active aging time is set for NetStream original flows.
● Run ipv6 netstream timeoutinactiveinactive-interval
The inactive aging time is set for NetStream original flows.

Step 9 Run commit

The configuration is committed.

----End

3.5.3 (Optional) Configuring NetStream Monitoring Services

NetStream monitoring services can be configured on the NetStream Data Exporter
(NDE), which enables carriers to implement more delicate traffic statistics and
management over IPv6 original flows.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 95

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Context
Increasing types of services and applications on networks urge carriers to provide
more delicate management and accounting services.
If NetStream is configured on multiple interfaces on an NDE, all interfaces send
traffic statistics to a single NetStream Collector (NSC). The NSC cannot distinguish
interfaces, and therefore, cannot manage or analyze traffic statistics based on
interfaces. In addition, the NSC will be overloaded due to a great amount of
information.
NetStream monitoring configured on an NDE allows the NDE to send traffic
statistics collected on specified interfaces to specified NSCs for analysis, which
achieves interface-specific service monitoring. Traffic statistics can be balanced
among these NSCs.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run ipv6 netstream monitor monitor-name
A NetStream monitoring service view is created and displayed. If a NetStream
monitoring service view already exists, the view is displayed.
Step 3 Run ipv6 netstream export host [ ipv6 ] ip-address port [ vpn-instance vpn-
instance-name ] [ version { 9 | ipfix } ] [ dscp dscp-value ]
The destination IP address and destination port number for traffic statistics are
specified.

Step 4 (Optional) Run ipv6 netstream export source {ip-address | ipv6 ipv6-address}
[ port ]
A source IP address and a source port are configured for output NetStream flows.
Step 5 Run quit
Return to the system view.
Step 6 Run interface interface-type interface-number
The interface view is displayed.
Step 7 Run ipv6 netstream monitor monitor-name { inbound | outbound }
NetStream monitoring services are configured in the inbound or outbound
direction of the interface.

Step 8 Run commit

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 96

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

The configuration is committed.

----End

3.5.4 (Optional) Adjusting the AS Field Mode and Interface

NOTICE

If the 32-bit AS field mode is used, the NMS must identify the 32-bit AS field.
If the NMS cannot identify the 32-bit AS field, the NMS fails to identify inter-
AS traffic sent by devices.

● Interface index: The NMS uses an interface index carried in a NetStream

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run ipv6 netstream as-mode { 16 | 32}
The AS field mode is specified on the router.
Step 3 Run ipv6 netstream export index-switch { 16 | 32 }
The type of the interface index carried in the NetStream packet output by the
router is specified.
An interface index can be changed from 16 bits to 32 bits only after the following
conditions are met:
● Original flows are output in V9 or IPFIX format.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 97

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

● Aggregated flows are output in V9 or IPFIX format.

----End

3.5.5 (Optional) Enabling Statistics Collection of TCP Flags in

Original Flows
There are six flag bits (URG, ACK, PSH, RST, SYN, and FIN) in a TCP packet header.
The flag bits, together with the destination IP address, source IP address,
destination port number, and source port number of a TCP packet, identify the
function and status of the TCP packet on a TCP connection. TCP flags can be
extracted from packets. Their statistics can be collected and sent to the NMS. The
NMS checks the traffic volume of each flag and determines whether the network
is attacked by TCP packets.

Context
Perform the following steps on the router on which TCP flag statistics are to be
collected.

By enabling statistics collection of TCP flags, you can extract the TCP-flag
information from network packets and send it to the NMS. The NMS can
determine whether there are flood attacks to the network.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run ipv6 netstream tcp-flag enable

Statistics collection of TCP flags in original flows is enabled.

Step 3 Run commit

The configuration is committed.

----End

3.5.6 (Optional) Enabling the Storage Function for Aged

Original Flows
After enabling the storage function for aged original flows, you can query
historical information about the original flows from the CF card.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run ip netstream log enable

The storage function is enabled for aged original flows.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 98

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Step 3 Run commit

The configuration is committed.

----End

3.5.7 Sampling IPv6 Flows

You can enable NetStream to sample and analyze the incoming or outgoing flows
on an interface.

Context

If a NetStream-enabled interface is bound to a VPN instance, all packets in the VPN

instance are sampled.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Configure sampling mode and sampling ratio, perform at least one of the
following steps:
● Configure a sampling mode and sampling ratio globally.
a. Run ipv6 netstream sampler { fix-packets fix-packet-number | random-
packets random-packet-number | fix-time fix-time-number } { inbound |
outbound }
The sampling mode and sampling ratio are configured globally.
b. Run interface interface-type interface-number
The interface view is displayed.
● Configure sampling mode and sampling ratio for the interface.
a. Run interface interface-type interface-number
The interface view is displayed.
b. Run ipv6 netstream sampler { fix-packets fix-packet-number | random-
packets random-packet-number | fix-time fix-time-number } { inbound |
outbound }
The sampling mode and sampling ratio are configured for the interface.
By default, NetStream is disabled from sampling packets. Instead, it
collects statistics about all packets.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 99

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

▪ The execution of either command takes effect on all packets, and

there is no need to configure both of them.

▪ Packets are sampled at the set sampling ratio, regardless of packet

types. For example, if the sampling ratio in fixed packet sampling
mode is set to 1000:1, one packet will be sampled every 1000
packets, regardless of these packets are IPv4 or IPv6 packets.
Step 3 Run ipv6 netstream { inbound | outbound }
NetStream is enabled on the interface.
Statistics about packets' BGP next-hop information can also be collected. Original
flows output in V5 format, however, cannot carry the BGP next-hop information.
Step 4 Run commit
The configuration is committed.

----End

3.5.8 (Optional) Disabling MPLS Packet Sampling on an

Interface
If you do not need to sample MPLS traffic on an interface, disable MPLS packet
sampling on the interface.

Prerequisites
NetStream has been enabled on an interface.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run interface interface-type interface-number
The interface view is displayed.
Step 3 Run ip netstream mpls exclude
MPLS packet sampling is disabled on the interface.
Step 4 Run commit
The configuration is committed.

----End

3.5.9 Verifying the Configuration of Statistics Collection of

IPv6 Original Flows
In routine maintenance or after NetStream configurations are complete, you can
run the display commands in any view to check whether NetStream is enabled on
the device.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 100

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Prerequisites
NetStream IPv6 flow statistics have been collected.

Procedure
● Run the display ipv6 netstream cache origin slot [ source-ipv6 source-ip ]
[ source-port source-port ] [ destination-ipv6 destination-ip ] [ destination-
port destination-port ] [ protocol { udp | tcp | protocol-number } ] [ time-
range from start-time to end-time ] slot slot-id command to check
information about the NetStream buffer.

To view historical sampling information about IPv6 original flows on the CF card of a
main control board, run the display ipv6 netstream cache origin log command.
● Run the display ipv6 netstream statistics slot slot-id command to check
statistics about NetStream flows.
● Run the display ipv6 netstream monitor { all | monitor-name } command to
check the monitoring information about IPv6 original flows.
----End

3.6 Collecting Statistics About IPv6 Aggregated Flows

Before collecting statistics about IPv6 aggregated flows, familiarize yourself with
the usage scenario, complete the pre-configuration tasks, and obtain the data
required for the configuration.

Usage Scenario
On the network shown in Figure 3-5, a carrier enables NetStream on the router
functioning as a NetStream Data Exporter (NDE) to obtain detailed network
application information. The carrier can use the information to monitor abnormal
network traffic, analyze users' operation modes, and plan networks between ASs.
Statistics about NetStream aggregated flows contain information about original
flows with the same attributes, whereas statistics about NetStream original flows
contain information about sampled packets. The volume of aggregated flow
statistics collection is greater than that of original flow statistics.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 101

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Figure 3-5 Networking diagram for collecting IPv6 flow statistics

Pre-configuration Tasks
Before collecting statistics about IPv6 aggregated flows, complete the following
tasks:
● Configure parameters of the link layer protocol and IP addresses for interfaces
so that the link layer protocol on the interfaces can go Up.
● Configure static routes or enable an IGP to implement network connectivity.
● Enable statistics collection for NetStream original flows.

3.6.1 Specifying a NetStream Service Processing Mode

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 102

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

3.6.2 Configuring an Aggregation Mode for IPv6 Flows

Configuring an aggregation mode is to specify an attribute type for original flows
to be aggregated. An aggregation mode must be specified before original flows
with the same attributes are aggregated as one flow and output to the NetStream
Collector (NSC).

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Runipv6 netstream aggregation { as | as-tos | bgp-nexthop-tos | destination-
prefix | destination-prefix-tos | index-tos | mpls-label | prefix | prefix-tos |
protocol-port | protocol-port-tos | source-prefix | source-prefix-tos | vlan-id }
The NetStream aggregation view is created.

After collecting statistics about NetStream original flows, the router aggregates original
flows into aggregated flows based on specified rules, encapsulates aggregated flows into
UDP packets, and sends UDP packets after the aging timer expires. Aggregating original
flows minimizes the consumption of network bandwidths, CPU resources, and memory
resources. Attributes based on which flows are aggregated vary according to aggregation
modes. Table 3-2 describes the mapping between aggregation modes and flow attributes.

Table 3-2 Mapping between aggregation modes and flow attributes

Aggregation mode Description

as NetStream combines flows with the same source AS

number, destination AS number, inbound interface
index, and outbound interface index into an
aggregated flow and generates one aggregation
record.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 103

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Aggregation mode Description

as-tos NetStream combines flows with the same source AS

number, destination AS number, inbound interface
index, outbound interface index, and Type of Service
(ToS) into an aggregated flow and generates one
aggregation record.

bgp-nexthop-tos NetStream combines flows with the same destination

AS number, source AS number, BGP next hop,
inbound interface index, and outbound interface
index into an aggregated flow and generates one
aggregation record.

destination-prefix NetStream combines flows with the same destination

AS number, destination mask length, destination
prefix, and outbound interface index into an
aggregated flow and generates one aggregation
record.

destination-prefix-tos NetStream combines flows with the same destination

AS number, destination mask length, destination
prefix, ToS, and outbound interface index into an
aggregated flow and generates one aggregation
record.

index-tos NetStream combines flows with the same inbound

interface index, outbound interface index, and ToS
into an aggregated flow and generates one
aggregation record.

mpls-label Indicates the MPLS label aggregation, which

aggregates flows with the same first layer label,
second layer label, third layer label,
TopLabelIpAddress, stack bottom symbol of the first
layer label, and the EXP value of the first layer label.

prefix NetStream combines flows with the same source AS

prefix-tos NetStream combines flows with the same source AS

protocol-port NetStream combines flows with the same protocol

number, source port, and destination port into an
aggregated flow and generates one aggregation
record.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 104

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Aggregation mode Description

protocol-port-tos NetStream combines flows with the same protocol

number, source port, destination port, ToS, inbound
interface index, and outbound interface index into an
aggregated flow and generates one aggregation
record.

source-prefix NetStream combines flows with the same source AS

number, source mask length, source prefix, and
inbound interface index into an aggregated flow and
generates one aggregation record.

source-prefix-tos NetStream combines flows with the same source AS

number, source mask length, source prefix, ToS, and
inbound interface index into an aggregated flow and
generates one aggregation record.

vlan-id NetStream combines flows with the same VLAN ID

and inbound interface index into an aggregated flow
and generates one aggregation record.

Step 3 Run enable

Statistics collection of flows aggregated in a specified aggregation mode is

enabled.

Step 4 (Optional) Run mask { source | destination } minimum mask-length

The length of the aggregate mask is set. The mask used by the system is the
greater one between the mask in the FIB table and the configured mask. If no
aggregate mask is set, the system uses the mask in the FIB table for flow
aggregation.

The aggregate mask takes effect only on flows aggregated in the following modes:
destination-prefix, destination-prefix-tos, prefix, prefix-tos, source-prefix, and source-prefix-
tos.

Step 5 Run commit

The configuration is committed.

----End

3.6.3 Outputting Aggregated Flows

To ensure that aggregated flows are correctly output to the NMS, configure the
aging time, source address, and destination address for aggregated flows.

Context
IPv6 aggregated flows can be output in V9or IPFIX format.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 105

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run ipv6 netstream export host ip-address port [ vpn-instance vpn-instance-
name ] [ dscp dscp-value ]
The destination IP address and destination port number for traffic statistics are
specified.
The destination IP address specified in the system view takes precedence over that
specified in the NetStream aggregation view.
Step 3 Run ipv6 netstream aggregation { as | as-tos | bgp-nexthop-tos | destination-
prefix | destination-prefix-tos | index-tos | mpls-label | prefix | prefix-tos |
protocol-port | protocol-port-tos | source-prefix | source-prefix-tos | vlan-id }
The IPv6 NetStream aggregation view is displayed.
Step 4 Run enable
The NetStream aggregation mode is enabled.
Step 5 (Optional) Run template timeout-rate timeout-interval
The interval at which the template for outputting aggregated flows in the V9or
IPFIX format is refreshed is set.
Step 6 Run ipv6 netstream export source { ip-address | ipv6 ipv6-address } [ port ]
The source IP address and source port are specified for aggregated flows.
The source IP address and source port specified in the aggregation view take
precedence over those specified in the system view. If no source IP address or
source port is specified in the aggregation view, the source IP address and source
port specified in the system view take effect.
Step 7 Run ipv6 netstream export host [ ipv6 ] ip-address port [ vpn-instance vpn-
instance-name ] [ dscp dscp-value ]
The destination IP address and destination port number for traffic statistics are
specified.

● You can specify eight destination IP addresses in the system view, IPv4 NetStream
aggregation view, and IPv4 NetStream aggregation view.
● The destination IP address specified in the system view takes precedence over that
specified in the NetStream aggregation view.

Step 8 (Optional) Set parameters for aging aggregated flows as needed.

● Run ipv6 netstream aggregation timeout active { active-interval | interval-
second active-interval-second }
The active aging time is set for NetStream aggregated flows.
● Run ipv6 netstream aggregation timeout inactive inactive-interval
The inactive aging time is set for NetStream aggregated flows.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 106

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Step 9 (Optional) Exit the IPv6 aggregated configuration mode view. In the system view,
run ipv6 netstream export template sequence-number fixed

Step 10 Run commit

The configuration is committed.

----End

3.6.4 (Optional) Adjusting the AS Field Mode and Interface

NOTICE

If the 32-bit AS field mode is used, the NMS must identify the 32-bit AS field.
If the NMS cannot identify the 32-bit AS field, the NMS fails to identify inter-
AS traffic sent by devices.

● Interface index: The NMS uses an interface index carried in a NetStream

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run ipv6 netstream as-mode { 16 | 32}

The AS field mode is specified on the router.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 107

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Step 3 Run ipv6 netstream export index-switch { 16 | 32 }

The type of the interface index carried in the NetStream packet output by the
router is specified.

An interface index can be changed from 16 bits to 32 bits only after the following
conditions are met:
● Original flows are output in V9 or IPFIX format.
● Aggregated flows are output in V9 or IPFIX format.

----End

3.6.5 Sampling IPv6 Flows

You can enable NetStream to sample and analyze the incoming or outgoing flows
on an interface.

Context

If a NetStream-enabled interface is bound to a VPN instance, all packets in the VPN

instance are sampled.

Procedure
Step 1 Run system-view

The system view is displayed.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 108

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

▪ The execution of either command takes effect on all packets, and

there is no need to configure both of them.

▪ Packets are sampled at the set sampling ratio, regardless of packet

----End

3.6.6 (Optional) Disabling MPLS Packet Sampling on an

Interface
If you do not need to sample MPLS traffic on an interface, disable MPLS packet
sampling on the interface.

Prerequisites
NetStream has been enabled on an interface.

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 109

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

3.6.7 Verifying the Configuration of Statistics Collection of

IPv6 Aggregated Flows
In routine maintenance or after NetStream configurations are complete, you can
run the display commands in any view to check whether NetStream is enabled on
the device.

Context
Run the following command to check the previous configuration.

Procedure
● Run the display netstream { all | global | interface interface-type interface-
number } command to check NetStream configurations in different views.
● Run the display ipv6 netstream cache { as | as-tos | bgp-nexthop-tos |
destination-prefix | destination-prefix-tos | index-tos | prefix | prefix-tos |
protocol-port | protocol-port-tos | source-prefix | source-prefix-tos | mpls-
label | vlan-id | flexflowtpl record-name } slot slot-id command to check
various aggregated flows in the buffer.
● Run the display ipv6 netstream statistics slot slot-id command to check
statistics about NetStream flows.
----End

3.7 Collecting Statistics About IPv4 Flexible Flows

Before collecting statistics about IPv4 flexible flows, familiarize yourself with the
applicable environment and complete the pre-configuration tasks. This can help
you complete the configuration task quickly and accurately.

Usage Scenario
On the network shown in Figure 3-6, a carrier enables NetStream on the router
functioning as an NDE to obtain detailed network application information. The
user can use the information to monitor abnormal network traffic, analyze users'
operation modes, and plan networks between ASs.
Flexible flow packets provide user-defined templates for users to customize
matching and collected fields as required. The user-defined template improves
traffic analysis accuracy and reduces network bandwidth occupation, CPU usage,
and storage space usage.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 110

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Figure 3-6 Networking diagram for collecting IPv4 flow statistics

Pre-configuration Tasks
Before collecting the statistics about IPv4 flexible flows, configure static routes or
enable an IGP to implement network connectivity.

3.7.1 Specifying a NetStream Service Processing Mode

After sampling packets, each NetStream-enabled interface board sends sampled
packets to the NetStream service processing board for aggregation and output.

Context
NetStream services can be processed in the following modes:

● Distributed mode
An interface board samples packets, aggregates flows, and outputs flows.

Procedure
● Configure the distributed NetStream service processing mode.
a. Run system-view

The system view is displayed.

b. Run slot slot-id

The view of the slot in which the interface board for NetStream sampling
resides is displayed.
c. Run ip netstream sampler to slot self

The distributed NetStream service processing mode is specified.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 111

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

d. Run commit

The configuration is committed.

----End

3.7.2 Configuring a Flexible Flow Statistics Template

When configuring the flexible flow statistics output function, configure a flexible
flow statistics template, customize matching and collected fields, and apply the
template to an interface.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run ip netstream record record-name

An IPv4 flexible flow statistics template is created, and its recording view is
displayed.

Aggregation keywords of the flexible flow statistics template are configured.

Step 4 Run collect { { first | last } switched | input { packets | bytes } length }

The flexible flow statistics sent to the NSC is configured to contain the number of
bytes, number of packets, and first and last forwarding time.

Step 5 Run commit

The configuration is committed.

----End

3.7.3 Outputting Flexible Flows

To ensure that flexible flows can be correctly output to the NMS, specify the
related parameters for flexible flows.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run ip netstream export version9 [ origin-as | peer-as ] [ bgp-nexthop ]

The output version number and AS option of flexible flow packets are specified.

NetStream flexible flow packets support only the V9 packet format.

Step 3 (Optional) Configure NetStream packets to carry the flow sequence field.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 112

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

1. Run slotslot-id
The view of the slot in which the interface board for NetStream sampling
resides is displayed.
2. Run ip netstream export sequence-mode flow
NetStream packets are configured to carry the flow sequence field.
3. Run quit
The system view is displayed.

The command applies to the V9 format only.

Step 4 Run ip netstream apply recordrecord-name

Flexible flows are applied in the system view.
Flexible flow packets can be output only in the V9 format. If the ip netstream
export version command is run in the system view to specify the V5 or IPFIX
packet output format, the ip netstream apply record command does not take
effect.
Step 5 (Optional) Run ip netstream export template timeout-ratetimeout-interval
The interval at which the template for outputting flexible flows in the V9 format is
updated.
Step 6 Run ip netstream export sourceip-address [ port ]
The source IP address and source port are specified for flexible flows.
Step 7 Specify the destination IP address and UDP port number of the peer NSC for
NetStream flexible flows in the system or slot view.
● In the system view:
Run ip netstream export hostip-addressport [ vpn-instancevpn-instance-
name ] [ dscpdscp-value ]
The destination IP address and UDP port number of the peer NSC are
specified for NetStream flexible flows to be output.
● In the slot view:
a. Run slotslot-id
The view of the slot in which the interface board for NetStream sampling
resides is displayed.
b. Run ip netstream export hostip-addressport [ vpn-instancevpn-
instance-name ] [ dscpdscp-value ]
The destination IP address and UDP port number of the peer NSC are
specified for NetStream flexible flows to be output.
c. Run quit
The system view is displayed.
Step 8 (Optional) Set parameters for aging flexible flows as needed.
● Run ip netstream timeout active { active-interval | interval-second active-
interval-second }
The active aging time is set for NetStream flexible flows.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 113

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

● Run ip netstream timeoutinactiveinactive-interval

The inactive aging time is set for NetStream flexible flows.
Step 9 Run commit
The configuration is committed.

----End

3.7.4 (Optional) Configuring NetStream Monitoring Services

NetStream services can be configured on the NetStream Data Exporter (NDE) to
enable carriers to implement more delicate traffic statistics and management over
IPv4 flexible flows.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run ip netstream monitor monitor-name
A NetStream monitoring service is created and its view is displayed. If a NetStream
monitoring service view already exists, the view is displayed.
Step 3 (Optional) Run ip netstream export source {ip-address | ipv6 ipv6-address}
[ port ]
A source IP address and a source port are configured for output NetStream flows.
Step 4 Run ip netstream export host [ ipv6 ] ip-address port [ vpn-instance vpn-
instance-name ] [ version { 5 | 9 | ipfix } ] [ dscp dscp-value ]
The destination IP address and destination port number for traffic statistics are
specified.
Step 5 Run apply record record-name
Flexible flows are applied to monitoring services.
Step 6 Run quit

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 114

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Return to the system view.

Step 7 Run interface interface-type interface-number

The interface view is displayed.

Step 8 Run ip netstream monitor monitor-name { inbound | outbound }

NetStream monitoring services are configured in the inbound or outbound

direction of the interface.

If flexible flows are applied to both the NetStream monitoring service view and system view,
statistics about flexible flows are sent to the destination IP address specified in the NetStream
monitoring service view, not the system view. The source address and source port configured in
the NetStream monitoring service view are also used for output NetStream flows.

Step 9 Run commit

The configuration is committed.

----End

3.7.5 (Optional) Adjusting the AS Field Mode and Interface

Context
The NSC can properly receive and parse NetStream packets output by the NDE
only when the AS field modes and interface index types on the NDE and NSC are
the same.
● AS field mode: The length of the AS field in IP packets can be set to 16 bits
or 32 bits. Devices on a network must use the same AS field mode. An AS
field mode inconsistency causes NetStream to fail to sample inter-AS traffic.

NOTICE

If the 32-bit AS field mode is used, the NMS must identify the 32-bit AS field.
If the NMS cannot identify the 32-bit AS field, the NMS fails to identify inter-
AS traffic sent by devices.

● Interface index: The NMS uses an interface index carried in a NetStream

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 115

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run ip netstream as-mode { 16 | 32 }

The AS field mode is specified on the router.

Step 3 Run ip netstream export index-switch { 16 | 32 }

The type of the interface index carried in the NetStream packet output by the
router is configured.

Step 4 Run commit

The configuration is committed.

----End

3.7.6 Sampling IPv4 Flows

You can enable NetStream to sample and analyze the incoming or outgoing flows
on an interface.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Configure sampling mode and sampling ratio, perform at least one of the
following steps:
● Configure a sampling mode and sampling ratio globally.
a. Run ip netstream sampler { fix-packets fix-packet-number | random-
packets random-packet-number | fix-time fix-time-number } { inbound |
outbound }
The sampling mode and sampling ratio are configured globally.
b. Run interface interface-type interface-number
The interface view is displayed.
● Configure sampling mode and sampling ratio for the interface.
a. Run interface interface-type interface-number
The interface view is displayed.
b. Run ip netstream sampler { fix-packets fix-packet-number | random-
packets random-packet-number | fix-time fix-time-number } { inbound |
outbound }
The sampling mode and sampling ratio are configured for the interface.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 116

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Step 3 Run ip netstream { inbound | outbound }

NetStream is enabled on the interface. Statistics about packets' BGP next-hop
information can also be collected.
Step 4 (Optional) Run ip netstream sampler except deny-action
NetStream is not applied to traffic matching the ACL rule or traffic behavior that
contains deny.
Step 5 Run commit
The configuration is committed.

----End

3.7.7 (Optional) Disabling MPLS Packet Sampling on an

Interface
If you do not need to sample MPLS traffic on an interface, disable MPLS packet
sampling on the interface.

Prerequisites
NetStream has been enabled on an interface.

----End

3.7.8 Verifying the Configuration of IPv4 Flexible Flow

Statistics Collection
After NetStream configurations are complete, you can run the display commands
in any view to verify the running status of NetStream functions.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 117

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Procedure
● Run the display ip netstream statistics slot slot-id command to check
NetStream packet statistics.
● Run the display ip netstream statistics interface interface-type interface-
number command to check the statistics about the sampled packets on an
interface.
● Run the display netstream { all | global | interface interface-type interface-
number } command to check NetStream configurations in different views.
● Run the display ip netstream monitor { all | monitor-name } command to
check monitoring information about IPv4 flexible flows.

----End

3.8 Collecting Statistics About IPv6 Flexible Flows

Before collecting statistics about IPv6 flexible flows, familiarize yourself with the
applicable environment and complete the pre-configuration tasks. This can help
you complete the configuration task quickly and accurately.

Usage Scenario
On the network shown in Figure 3-7, a carrier enables NetStream on the router
functioning as an NDE to obtain detailed network application information. The
user can use the information to monitor abnormal network traffic, analyze users'
operation modes, and plan networks between ASs.

Flexible flow packets provide user-defined templates for users to customize

matching and collected fields as required. The user-defined template improves
traffic analysis accuracy and reduces network bandwidth occupation, CPU usage,
and storage space usage.

Figure 3-7 Networking diagram for collecting IPv6 flow statistics

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 118

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Pre-configuration Tasks
Before collecting the statistics about IPv6 flexible flows, configure static routes or
enable an IGP to implement network connectivity.

3.8.1 Specifying a NetStream Service Processing Mode

After sampling packets, each NetStream-enabled interface board sends sampled
packets to the NetStream service processing board for aggregation and output.

Context
NetStream services can be processed in the following modes:

● Distributed mode
An interface board samples packets, aggregates flows, and outputs flows.

Procedure
● Configure the distributed NetStream service processing mode.
a. Run system-view

The system view is displayed.

b. Run slot slot-id

The view of the slot in which the interface board for NetStream sampling
resides is displayed.
c. Run ipv6 netstream sampler to slot self

The distributed NetStream service processing mode is specified.

d. Run commit

The configuration is committed.

----End

3.8.2 Configuring a Flexible Flow Statistics Template

When configuring the flexible flow statistics output function, configure a flexible
flow statistics template, customize matching and collected fields, and apply the
template to an interface.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run ipv6 netstream record record-name

An IPv6 flexible flow statistics template is created, and its recording view is
displayed.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 119

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Step 3 Run match { { source | destination } { vlan | as | port | address | mask } | mpls
top-label ip-address | mpls label position | { protocol | tos | direction | tcp-
flag } | { input | output } interface | next-hop [ bgp ] }
Aggregation keywords of the flexible flow statistics template are configured.
Step 4 Run collect { { first | last } switched | input { packets | bytes } length }
The flexible flow statistics sent to the NSC is configured to contain the number of
bytes, number of packets, and first and last forwarding time.
Step 5 Run commit
The configuration is committed.

----End

3.8.3 Outputting Flexible Flows

To ensure that flexible flows can be correctly output to the NMS, specify the
related parameters for flexible flows.

Context
IPv6 flexible flow packets can be output only in the V9 format.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run ipv6 netstream export version9 [ origin-as | peer-as ] [ bgp-nexthop ]
The output version number and AS option of flexible flow packets are specified.
Step 3 (Optional) Configure NetStream packets to carry the flow sequence field.
1. Run slot slot-id
The view of the slot in which the interface board for NetStream sampling
resides is displayed.
2. Run ip netstream export sequence-mode flow
NetStream packets are configured to carry the flow sequence field.
3. Run quit
The system view is displayed.

The command applies to the V9 format only.

Step 4 Run ipv6 netstream apply record record-name

Flexible flows are applied in the system view.
Flexible flow packets can be output only in the V9 format. If the ipv6 netstream
export version command is run in the system view to specify the IPFIX packet
output format, the ipv6 netstream apply record command does not take effect.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 120

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Step 5 Run ipv6 netstream export template timeout-rate timeout-interval

The interval at which the template for outputting flexible flows in the V9 format is
updated.
Step 6 Run ipv6 netstream export source { ip-address | ipv6 ipv6-address } [ port ]
The source IP address and source port are specified for flexible flows.
Step 7 Specify the destination IP address and UDP port number of the peer NSC for
NetStream flexible flows in the system or slot view.
● In the system view:
Run ipv6 netstream export host [ ipv6 ] ip-address port [ vpn-instance vpn-
instance-name ] [ version { 9 | ipfix } ] [ dscp dscp-value ]
The destination IP address and destination port number for traffic statistics
are specified.
● In the slot view:
a. Run slot slot-id
The view of the slot in which the interface board for NetStream sampling
resides is displayed.
b. Run ipv6 netstream export host [ ipv6 ] ip-address port [ vpn-
instancevpn-instance-name ] [ version { 9 | ipfix } ] [ dscpdscp-value ]
The destination IP address and destination port number for traffic
statistics are specified.
c. Run quit
Return to the system view.
Step 8 (Optional) Set parameters for aging flexible flows as needed.
● Run ipv6 netstream timeout active { active-interval | interval-second
active-interval-second }
The active aging time is set for NetStream flexible flows.
● Run ipv6 netstream timeoutinactive inactive-interval
The inactive aging time is set for NetStream flexible flows.
Step 9 Run commit
The configuration is committed.
----End

3.8.4 (Optional) Configuring NetStream Monitoring Services

NetStream services can be configured on the NetStream Data Exporter (NDE) to
enable carriers to implement more delicate traffic statistics and management over
IPv6 flexible flows.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 121

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

interfaces, and therefore, cannot manage or analyze traffic statistics based on

interfaces. In addition, the NSC will be overloaded due to a great amount of
information.

NetStream monitoring configured on an NDE allows the NDE to send traffic

statistics collected on specified interfaces to specified NSCs for analysis, which
achieves interface-specific service monitoring. Traffic statistics can be balanced
among these NSCs.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run ipv6 netstream monitor monitor-name

An IPv6 NetStream monitoring service is created and its view is displayed. If an

IPv6 NetStream monitoring service view already exists, the view is displayed.

Step 3 Run ipv6 netstream export host [ ipv6 ] ip-address port [ vpn-instance vpn-
instance-name ] [ version { 9 | ipfix } ] [ dscp dscp-value ]
The destination IPv6 address and destination port number for traffic statistics are
specified.

Step 4 (Optional) Run ipv6 netstream export source {ip-address | ipv6 ipv6-address}
[ port ]

A source IP address and a source port are configured for output NetStream flows.

Step 5 Run apply record record-name

Flexible flows are applied to monitoring services.

Step 6 Run quit

Return to the system view.

Step 7 Run interface interface-type interface-number

The interface view is displayed.

Step 8 Run ipv6 netstream monitor monitor-name { inbound | outbound }

NetStream monitoring services are configured in the inbound or outbound

direction of the interface.

Step 9 Run commit

The configuration is committed.

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 122

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

3.8.5 (Optional) Adjusting the AS Field Mode and Interface

NOTICE

If the 32-bit AS field mode is used, the NMS must identify the 32-bit AS field.
If the NMS cannot identify the 32-bit AS field, the NMS fails to identify inter-
AS traffic sent by devices.

● Interface index: The NMS uses an interface index carried in a NetStream

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run ip netstream as-mode { 16 | 32 }
The AS field mode is specified on the router.
Step 3 Run ipv6 netstream export index-switch { 16 | 32 }
The type of the interface index carried in the NetStream packet output by the
router is configured.

Step 4 Run commit

The configuration is committed.

----End

3.8.6 Sampling IPv6 Flows

You can enable NetStream to sample and analyze the incoming or outgoing flows
on an interface.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 123

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Procedure
Step 1 Run system-view

The system view is displayed.

▪ The execution of either command takes effect on all packets, and

there is no need to configure both of them.

▪ Packets are sampled at the set sampling ratio, regardless of packet

types. For example, if the sampling ratio in fixed packet sampling
mode is set to 1000:1, one packet will be sampled every 1000
packets, regardless of these packets are IPv4 or IPv6 packets.

Step 3 Run ipv6 netstream { inbound | outbound }

NetStream is enabled on the interface. Statistics about packets' BGP next-hop

information can also be collected.

Step 4 Run commit

The configuration is committed.

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 124

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

3.8.7 (Optional) Disabling MPLS Packet Sampling on an

Interface
If you do not need to sample MPLS traffic on an interface, disable MPLS packet
sampling on the interface.

Prerequisites
NetStream has been enabled on an interface.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run interface interface-type interface-number

The interface view is displayed.

Step 3 Run ip netstream mpls exclude

MPLS packet sampling is disabled on the interface.

Step 4 Run commit

The configuration is committed.

----End

3.8.8 Verifying the Configuration of IPv6 Flexible Flow

Statistics Collection
After NetStream configurations are complete, you can run the display commands
in any view to verify the running status of NetStream functions.

Prerequisites
NetStream IPv6 flow statistics have been collected.

Procedure
● Run the display ipv6 netstream statistics slot slot-id command to check
statistics about NetStream flows.
● Run the display ipv6 netstream monitor { all | monitor-name } command to
check monitoring information about IPv6 flexible flows.

----End

3.9 Collecting Statistics About MPLS IPv4 Packets

Collecting packet statistics on MPLS networks helps you monitor MPLS network
status.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 125

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Usage Scenario
On the network shown in Figure 3-8, a carrier enables NetStream on the router
functioning as a NetStream Data Exporter (NDE) to obtain detailed network
application information. The carrier can use the information to monitor abnormal
network traffic, analyze users' operation modes, and plan networks between ASs.
If statistics about MPLS packets are collected on the P, the P sends statistics to
inform the NetStream Collector (NSC) of the MPLS label-specific traffic volume.

Figure 3-8 Networking diagram for collecting MPLS flow statistics

Context
Before collecting statistics about MPLS IPv4 packets, enable MPLS on the device
and interfaces and configure the MPLS network.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Output statistics about MPLS IPv4 packets in the form of original or aggregated
flows.

MPLS original and aggregated flows can be output in V9 or IPFIX format.

● Statistics about original flows
a. Run ip netstream mpls-aware { label-only | ip-only | label-and-ip }
Statistics collection of MPLS packets is enabled.
One of the following parameters can be configured to sample MPLS
packets:

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 126

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

▪ label-only: The device samples only MPLS labels, not inner IP

packets.

▪ ip-only: The device samples only inner IP packets, not MPLS labels.

▪ label-and-ip: The device samples both MPLS labels and inner IP

packets.
b. For other configurations, see 3.3 Collecting Statistics About IPv4
Original Flows.
● Statistics about aggregated flows
a. Run system-view
The system view is displayed.
b. Run ip netstream aggregation mpls-label
The NetStream aggregation view is displayed.
c. For other configurations, see 3.4 Collecting Statistics About IPv4
Aggregated Flows.

----End

3.10 Collecting Statistics About MPLS IPv6 Packet

Collecting packet statistics on MPLS networks helps you to monitor MPLS network
conditions.

Usage Scenario
On the network shown in Figure 3-9, a carrier enables NetStream on the router
functioning as a NetStream Data Exporter (NDE) to obtain detailed network
application information. The carrier can use the information to monitor abnormal
network traffic, analyze users' operation modes, and plan networks between ASs.
If statistics about MPLS packets are collected on the P, the P sends statistics to
inform the NetStream Collector (NSC) of the MPLS label-specific traffic volume.

The NetStream can be functioned only in the user side of the MPLS network, if the SR-
MPLS TE tunnel is applied in public network.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 127

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Figure 3-9 Networking diagram for collecting MPLS flow statistics

Context
Before collecting statistics about MPLS IPv6 packets, enable MPLS on the device
and interfaces and configure the MPLS network.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run ipv6 netstream mpls-aware { label-only | ip-only | label-and-ip }

Statistics collection of MPLS packets is enabled.

One of the following parameters can be configured to sample MPLS packets:

● label-only: The device samples only MPLS labels, not inner IP packets.
● ip-only: The device samples only inner IP packets, not MPLS labels.
● label-and-ip: The device samples both MPLS labels and inner IP packets.

Step 3 Output statistics about MPLS IPv6 packets in the form of original or aggregated
flows. For application details, see 3.5 Collecting Statistics About IPv6 Original
Flows and 3.6 Collecting Statistics About IPv6 Aggregated Flows.

MPLS original and aggregated flows can be output only in V9 or IPFIX format.

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 128

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

3.11 Collecting Statistics About BGP/MPLS VPN Flows

Collecting traffic statistics on BGP/MPLS VPN networks helps monitor the BGP/
MPLS VPN network condition.

Usage Scenario
In Figure 3-10, statistics about MPLS flows sent by the P to the NetStream
Collector (NSC) inform the NSC of the traffic volume and traffic type
corresponding to each label. Such statistics, however, cannot tell to which VPN
each traffic belongs. In this case, the PE sends the meaning of each label to the
NSC so that the NSC can determine to which VPN the received traffic belongs. The
NSC can analyze the traffic data of each VPN and display the result.

Figure 3-10 Networking diagram for collecting statistics about BGP/VPLS VPN
flows

Context
Before collecting statistics about BGP/VPLS VPN flows, deploy the BGP/MPLS VPN
network.

Procedure
● Enable the P to collect statistics about MPLS flows.

Follow the configuration procedures described in 3.9 Collecting Statistics

About MPLS IPv4 Packets or 3.10 Collecting Statistics About MPLS IPv6
Packet.
● Enable the output of TAL options on the PE.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 129

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

a. Run ip netstream export template option application-label

The output of TAL options is enabled, and the corresponding TAL option
template is sent to the NSC.
b. Run ip netstream export template option { refresh-rate packet-number
| timeout-rate timeout-interval }
The packet interval and time interval at which the TAL option template is
refreshed are set.
TAL option packets are output to the NSC in V9 or IPFIX format. To
ensure that the NSC successfully parses the TAL option packets, the
corresponding TAL option template must be sent to the NSC.
The TAL option template can be refreshed at the fixed packet and time
intervals. Both the packet and time intervals can be configured, without
affecting each other.

▪ refresh-rate packet-number: The TAL option template is refreshed at

the fixed packet interval.

▪ timeout-rate timeout-interval: The TAL option template is refreshed

at the fixed time interval.
----End

3.12 Maintaining NetStream

This section describes how to maintain NetStream.

3.12.1 Monitoring the NetStream Operating Status

In routine maintenance, you can run the following command in any view to check
the NetStream operating status.

Procedure
● Run the display ip netstream cache origin slot slot-id command to check
information about the NetStream flow buffer.
● Run the display ip netstream statistics slot slot-id command to check
statistics about NetStream flows.
● Run the display ip netstream statistics interface interface-type interface-
number command to check statistics about the sampled packets on an
interface.
● Run the display netstream { all | global | interface interface-type interface-
number } command to check NetStream configurations in different views.
● Run the display ip netstream cache { as | as-tos | bgp-nexthop-tos |
destination-prefix | destination-prefix-tos | index-tos | mpls-label | prefix |
prefix-tos | protocol-port | protocol-port-tos | source-prefix | source-prefix-
tos | source-index-tos | vni-sip-dip | vlan-id } slot slot-id command to check
information about various aggregated flows in the buffer.
● Run the display ip netstream export option command to check information
about the output option template.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 130

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

● Run the display ipv6 netstream cache { origin | as | as-tos | bgp-nexthop-

tos | destination-prefix | destination-prefix-tos | index-tos | prefix | prefix-
tos | protocol-port | protocol-port-tos | source-prefix | source-prefix-tos |
mpls-label | vlan-id } slot slot-id command to check information about
various aggregated flows in the buffer.
● Run the display ipv6 netstream statistics slot slot-id command to check
statistics about NetStream flows.
● Run the display ip netstream sampler-id allocated-info [ slot slot-id ]
command to check sampling ID allocation information on a specified
interface board.

----End

3.12.2 Deleting NetStream Template Statistics

You can delete existing NetStream template statistics before collecting up-to-date
statistics.

Procedure
● Run the reset ip netstream statistics command to delete IPv6 NetStream
template statistics.
● Run the reset ipv6 netstream statistics command to delete IPv6 NetStream
template statistics.

----End

3.13 Configuration Examples for NetStream

This section provides NetStream configuration examples.

3.13.1 Example for Collecting Statistics About Abnormal IPv4

Flows on the User Side
This section provides an example for configuring NetStream to collect statistics
about abnormal IPv4 packets on the user side. The NetStream traffic statistics
collection function helps rapidly analyze the type and location of abnormal traffic.

Networking Requirements
On the network shown in Figure 3-11, NetStream is configured to collect statistics
about the source IP address, destination IP address, port, and protocol information
of network packets on the user side. Such statistics help analyze users' behaviors
and detect the virus-infected terminals, source and destination of Denial of service
(DoS) and Distributed Denial of service (DDoS) attacks, source of spams, and
unauthorized websites. In addition, NetStream allows users to rapidly identify virus
types and locate the IP address of abnormal traffic. Based on other NetStream
flow attributes, users can filter out virus-infected traffic and prevent it from
spreading over the network.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 131

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Figure 3-11 Networking diagram for collecting statistics about abnormal IPv4
flows on the user side

● Interfaces 1 and 2 in this example represent GE 1/0/0 and GE 2/0/0, respectively.

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure PEs and CEs to communicate.
2. Configure NetStream to collect statistics about incoming and outgoing flows
on the user-side interface of the PE.

Data Preparation
To complete the configuration, you need the following data:
● Name of the user-side interface of the PE
● Output format of NetStream flows
● Destination IP address, destination port number, and source IP address of
NetStream flows to be output
● Number of the slot in which the NetStream service processing board resides
(In this example, the NetStream service processing board is in slot 1.)

Procedure
Step 1 Configure PEs and CEs to communicate.
# Assign the IP address and mask to each interface according to Figure 3-11. For
configuration details, see "Configuration Files" in this section.
Step 2 Enable the NetStream statistics collection function on GE 1/0/0 of the PE.
# Configure the interface board on the PE to process NetStream services in
distributed mode.
[*PE] slot 1
[*PE-slot-1] ip netstream sampler to slot self

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 132

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

[*PE-slot-1] quit

# Enable the statistics collection for TCP flags in original flows.

[*PE] ip netstream tcp-flag enable

# Specify the destination address, destination port number, and source address for
NetStream flows output in V5 format.
[*PE] ip netstream export host 192.168.2.2 9001
[*PE] ip netstream export source 192.168.2.1

# Enable NetStream sampling and configure the fixed packet sampling mode.
[*PE] ip netstream sampler fix-packets 10000 inbound
[*PE] ip netstream sampler fix-packets 10000 outbound
[*PE] commit

# Configure NetStream to collect statistics about incoming and outgoing flows on

GE 1/0/0 of the PE.
[*PE] interface GigabitEthernet 1/0/0
[*PE-GigabitEthernet1/0/0] undo shutdown
[*PE-GigabitEthernet1/0/0] ip netstream inbound
[*PE-GigabitEthernet1/0/0] ip netstream outbound
[*PE-GigabitEthernet1/0/0] quit
[*PE] commit

Step 3 Verify the configuration.

# Run the display ip netstream cache origin slot 1 command in the user view.
You can view information about various original flows in the NetStream flow
buffer.
<HUAWEI> display ip netstream cache origin slot 1
DstIf
SrcIf
DstP Msk Pro Tos
SrcP Msk Flags Ttl
Packets Bytes
NextHop Direction
DstIP DstAs
SrcIP SrcAs
BGP: BGP NextHop TopLabelType
Label1 Exp1 Bottom1
Label2 Exp2 Bottom2
Label3 Exp3 Bottom3
TopLabelIpAddress VlanId VniId
CreateFlowTime LastRefreshTime VPN
--------------------------------------------------------------------------

Unknown
GigabitEthernet1/0/0
0 0 253 0
0 0 0 60
3 384
0.0.0.0 in
192.168.1.3 0
192.168.1.4 0
0.0.0.0 UNKNOWN
0 0 0
0 0 0
0 0 0
0.0.0.0 0 0
2018-05-09 11:38:07 2018-05-09 11:40:30 vpn1

Unknown
GigabitEthernet1/0/1
0 0 253 0

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 133

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

0 0 0 60
1 128
0.0.0.0 in
192.168.1.5 0
192.168.1.6 0
0.0.0.0 UNKNOWN
0 0 0
0 0 0
0 0 0
0.0.0.0 0 0
2018-05-09 11:38:07 2018-05-09 11:40:30 vpn1

----End

Configuration Files
● CE configuration file
#
sysname CE
#
interface GigabitEthernet 1/0/0
ip address 192.168.1.2 255.255.255.0
#
return

● PE configuration file
#
slot 1
ip netstream sampler to slot self
#
sysname PE
#
ip netstream tcp-flag enable
ip netstream sampler fix-packets 10000 inbound
ip netstream sampler fix-packets 10000 outbound
ip netstream export source 192.168.2.1
ip netstream export host 192.168.2.2 9001
#
interface gigabitethernet 2/0/0
ip address 192.168.2.1 255.255.255.0
#
interface GigabitEthernet 1/0/0
ip address 192.168.1.1 255.255.255.0
ip netstream inbound
ip netstream outbound
#
return

3.13.2 Example for Collecting Statistics About IPv4 Flows

Aggregated Based on the AS Number
This section provides an example for configuring NetStream to collect statistics
about IPv4 flows aggregated based on the AS number. NetStream allows flows to
be aggregated based on the AS number, which makes accounting or management
easier.

Networking Requirements
On the network shown in Figure 3-12, Device D connects network A and network
B to the wide area network (WAN). Device D samples and aggregates flows
before sending them to the NetStream Collector (NSC).

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 134

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Figure 3-12 Networking diagram for collecting statistics about IPv4 flows
aggregated based on the AS number

● Interfaces 1 through 4 in this example represent GE 1/0/0, GE 2/0/0, GE 3/0/0, and GE

4/0/0, respectively.

Configuration Roadmap
The configuration roadmap is as follows:

1. Configure reachable routes between the egress router of the LAN and the
WAN.
2. Configure reachable routes between the ingress router of the LAN and the
NSC.
3. Configure the ingress router of the LAN to sent traffic statistics to the
specified NSC.
4. Configure the ingress router of the LAN to sent traffic statistics to the
inbound interface on the NSC.
5. Aggregate sampled flows to reduce the data sent to the NSC.
6. Enable NetStream on the inbound interface of the ingress router.

Data Preparation
To complete the configuration, you need the following data:

● IP address of each interface

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 135

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

● IP address of the NSC

● Output format of NetStream flows
● NetStream sampling ratio
● Number of the slot in which the NetStream service processing board resides
(In this example, the NetStream service processing board is in slot 1.)

Procedure
Step 1 Assign an IP address to each interface on each router. For configuration details,
see "Configuration Files" in this section.
Step 2 Configure reachable routes between the WAN, Device A, and Device B.
# Configure reachable routes between Device A and Device D.
[*DeviceA] ip route-static 1.1.1.1 24 GigabitEthernet 1/0/0
[*DeviceA] commit

# Configure reachable routes between Device B and Device D.

[*DeviceB] ip route-static 1.1.1.1 24 GigabitEthernet 1/0/0
[*DeviceB] commit

Step 3 Configure reachable routes between Device D and the NSC.

# Configure reachable routes between Device D and Device C.
[*DeviceD] ip route-static 2.2.2.1 24 3.3.3.2

Step 4 Enable NetStream on Device D.

# Configure the interface board on Device D to process NetStream services in
distributed mode.
[*DeviceD] slot 1
[*DeviceD-slot-1] ip netstream sampler to slot self
[*DeviceD-slot-1] return

# Enable the NetStream statistics function for incoming traffic.

[*DeviceD] interface gigabitethernet 3/0/0
[*DeviceD-GigabitEthernet3/0/0] ip netstream inbound

# Output aggregated flows in V9 format.

[*DeviceD] ip netstream aggregation as
[*DeviceD-aggregation-as] enable
[*DeviceD-aggregation-as] ip netstream export host 2.2.2.1 3000
[*DeviceD-aggregation-as] ip netstream export source 3.3.3.1
[*DeviceD-aggregation-as] export version 9

# Enable the NetStream packet sampling function.

[*DeviceD-GigabitEthernet3/0/0] ip netstream sampler fix-packets 1000 inbound
[*DeviceD-GigabitEthernet3/0/0] quit
[*DeviceD] commit

Step 5 Verify the configuration.

# Run the display ip netstream cache command to view information about flows
in the NetStream flow buffer on router D.
<HUAWEI> display ip netstream cache as slot 1
DstIf
SrcIf

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 136

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

DstAs Streams Packets Direction SrcAs

--------------------------------------------------------------------------
GI2/0/0
Unknown
0 985988 985988 out 0

----End

Configuration Files
● Device A configuration file
#
sysname DeviceA
#
interface GigabitEthernet1/0/0
ip address 172.16.0.1 255.255.255.0
#
ip route-static 1.1.1.1 255.255.255.0 GigabitEthernet1/0/0
#
return

● Device B configuration file

#
sysname DeviceB
#
interface GigabitEthernet1/0/0
ip address 172.17.1.1 255.255.255.0
#
ip route-static 1.1.1.1 255.255.255.0 GigabitEthernet1/0/0
#
return

● Device C configuration file

#
sysname DeviceC
#
interface GigabitEthernet1/0/0
ip address 3.3.3.2 255.255.255.0
#
return

● Device D configuration file

#
slot 1
ip netstream sampler to slot self
#
sysname DeviceD
#
interface GigabitEthernet1/0/0
ip address 172.16.0.2 255.255.255.0
#
interface GigabitEthernet2/0/0
ip address 172.17.1.2 255.255.255.0
#
interface GigabitEthernet3/0/0
ip address 1.1.1.1 255.255.255.0
ip netstream inbound
ip netstream sampler fix-packets 1000 inbound
#
interface GigabitEthernet4/0/0
ip address 3.3.3.1 255.255.255.0
#
ip netstream aggregation as
enable
export version 9
ip netstream export source 3.3.3.1
ip netstream export host 2.2.2.1 3000
#

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 137

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

return

3.13.3 Example for Collecting Statistics About MPLS Original

Flows
This section provides an example for configuring NetStream to collect statistics
about MPLS original flows. Statistics about MPLS original flows with a specified
label can be collected.

Networking Requirements
In Figure 3-13, Device A, Device B, and Device C support MPLS and use OSPF as
an IGP protocol on the MPLS backbone network.
Local LDP sessions are established between Device A and Device B and between
Device B and Device C. A remote LDP session is established between Device A and
Device C. NetStream is enabled on Device B to collect statistics about MPLS flows.

Figure 3-13 Networking diagram for collecting statistics about MPLS original
flows

● Interfaces 1 and 2 in this example represent GE 1/0/0 and GE 2/0/0, respectively.

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure the LDP session between every two routers.
2. Specify the remote peer and its IP address on the two routers that have
established a remote LDP session.
3. Specify the destination IP address, destination port number, and source IP
address of NetStream flows to be output.

Data Preparation
To complete the configuration, you need the following data:
● IP addresses of interfaces on each router as shown in Figure 3-13, OSPF
process 1, and area 0

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 138

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

● Device A's remote peer with name Device C and IP address 3.3.3.9
● Device C's remote peer with name Device A and IP address 1.1.1.9
● Number of the slot in which the NetStream service processing board resides
(In this example, the NetStream service processing board is in slot 1.)

Procedure
Step 1 Assign an IP address to each interface.

# Assign an IP address and a mask to each interface (including loopback

interfaces) according to Figure 3-13. For configuration details, see "Configuration
Files" in this section.

Step 2 Configure the LDP session between every two routers.

# Configure OSPF to advertise host routes to the specified Label Switching Router
(LSR) ID and of the network segments to which interfaces on the router are
connected. Enable basic MPLS functions on each router and its interfaces.

For configurations of the static MPLS TE tunnel, see the chapter "Basic MPLS
Configurations" in HUAWEI NetEngine 8000 X SeriesNetEngine 8000 Configuration
Guide - MPLS.
Step 3 Enable NetStream on GE 1/0/0 of Device B.

# Configure the NetStream service processing mode on an interface board.

[*DeviceB] slot 1
[*DeviceB-slot-1] ip netstream sampler to slot self
[*DeviceB-slot-1] return

# Configure NetStream to collect statistics about incoming and outgoing packets

on GE 1/0/0 of Device B.
[*DeviceB] interface GigabitEthernet 1/0/0
[*DeviceB-GigabitEthernet1/0/0] ip netstream inbound
[*DeviceB-GigabitEthernet1/0/0] ip netstream outbound
[*DeviceB-GigabitEthernet1/0/0] quit

# Configure NetStream to sample both inner IP packets and labels of MPLS

packets.
[*DeviceB] ip netstream mpls-aware label-and-ip

# Specify the destination address, destination port number, and source address for
NetStream flows output.
[*DeviceB] ip netstream export host 192.168.1.2 2100
[*DeviceB] ip netstream export source 10.1.2.1

# Enable NetStream sampling and configure the fixed packet sampling mode.
[*DeviceB] ip netstream sampler fix-packets 10000 inbound
[*DeviceB] ip netstream sampler fix-packets 10000 outbound
[*DeviceB] commit

Step 4 Verify the configuration.

# Run the display ip netstream cache origin slot 1 command in the user view.
You can view information about the NetStream flow buffer and statistics about
output flows.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 139

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

<HUAWEI> display ip netstream cache origin slot 1

DstIf
SrcIf
DstP Msk Pro Tos
SrcP Msk Flags Ttl
Packets Bytes
NextHop Direction
DstIP DstAs
SrcIP SrcAs
BGP: BGP NextHop TopLabelType
Label1 Exp1 Bottom1
Label2 Exp2 Bottom2
Label3 Exp3 Bottom3
TopLabelIpAddress VlanId VniId
CreateFlowTime LastRefreshTime VPN
--------------------------------------------------------------------------

Unknown
GigabitEthernet1/0/0
0 0 253 0
0 0 0 60
3 384
0.0.0.0 in
192.168.1.3 0
192.168.1.4 0
0.0.0.0 UNKNOWN
0 0 0
0 0 0
0 0 0
0.0.0.0 0 0
2018-05-09 11:38:07 2018-05-09 11:40:30 vpn1

Unknown
GigabitEthernet1/0/1
0 0 253 0
0 0 0 60
1 128
0.0.0.0 in
192.168.1.5 0
192.168.1.6 0
0.0.0.0 UNKNOWN
0 0 0
0 0 0
0 0 0
0.0.0.0 0 0
2018-05-09 11:38:07 2018-05-09 11:40:30 vpn1

----End

Configuration Files
● Device A configuration file
#
sysname DeviceA
#
mpls lsr-id 1.1.1.9
#
mpls
lsp-trigger all
#
mpls ldp
#
mpls ldp remote-peer Devicec
remote-ip 3.3.3.9
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.1.1.1 255.255.255.0

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 140

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

mpls
mpls ldp
#
interface LoopBack1
ip address 1.1.1.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 1.1.1.9 0.0.0.0
#
return
● Device B configuration file
#
slot 1
ip netstream sampler to slot self
#
sysname DeviceB
#
ip netstream sampler fix-packets 10000 inbound
ip netstream sampler fix-packets 10000 outbound
ip netstream export host 10.1.2.1
ip netstream export source 192.168.1.2 2100
#
mpls lsr-id 2.2.2.9
#
mpls
lsp-trigger all
#
mpls ldp
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.1.1.2 255.255.255.0
ip netstream inbound
ip netstream outbound
mpls
mpls ldp
#
interface GigabitEthernet2/0/0
undo shutdown
ip address 10.1.2.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 2.2.2.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.1.2.0 0.0.0.255
network 2.2.2.9 0.0.0.0
#
return
● Device C configuration file
#
sysname DeviceC
#
ip netstream mpls-aware label-and-ip
#
mpls lsr-id 3.3.3.9
#
mpls
lsp-trigger all
#
mpls ldp
#

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 141

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

mpls ldp remote-peer Devicea

remote-ip 1.1.1.9
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.1.2.2 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 3.3.3.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 4.1.1.0 0.0.0.255
network 3.3.3.9 0.0.0.0
#
return

3.13.4 Example for Deploying NetStream on the BGP/MPLS IP

VPN Network
This section provides an example for configuring NetStream on a BGP/MPLS IP
VPN network to monitor VPN service traffic.

Networking Requirements
With the development of L3VPN services, users and carriers increasingly demand
higher quality of service (QoS). Carriers and users reach service level agreements
(SLAs) on Voice over Internet Protocol and video over IP services. Deploying
NetStream on the BGP/MPLS IP VPN network allows users to analyze the LSP
traffic between PEs and adjust the network to better meet service requirements.
On the IPv4 BGP/MPLS IP VPN network shown in Figure 3-14:
● Packets with specified application labels are sampled on PE2 and sent to the
NetStream Collector (NSC) and NetStream Data Analyzer (NDA).
● Statistics collection of incoming and outgoing packets with specified
application labels is enabled on the P. Packets with specified application labels
sent by the CE are sampled and sent to the NSC and NDA.
● Traffic statistics are analyzed on the NSC and NDA to obtain users' traffic
volume between PEs.

Figure 3-14 BGP/MPLS IP VPN

● Interfaces 1 through 3 in this example represent GE 1/0/0, GE 2/0/0, and GE 3/0/0,

respectively.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 142

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Configuration Roadmap
The configuration roadmap is as follows:

1. Assign an IP address to each interface.

2. Configure the BGP/MPLS IP VPN.
3. Enable NetStream to sample packets with specified labels on PE2.
4. Enable NetStream to collect statistics about incoming and outgoing packets
with specified labels.

Data Preparation
To complete the configuration, you need the following data:

● Output format for NetStream flows and the sampling interval

● Destination IP address, destination port number, and source IP address of
NetStream flows to be output
● Number of the slot in which the NetStream service processing board resides
(In this example, the NetStream service processing board is in slot 1.)

Procedure
Step 1 Assign an IP address to each interface.

Assign an IP address and a mask to each interface (including loopback interfaces)

according to Figure 3-14. For configuration details, see Configuration Files in this
section.

Step 2 Configure the BGP/MPLS IP VPN.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 143

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

For configuration details, see the chapter "BGP/MPLS IP VPN Configuration" in

HUAWEI NetEngine 8000 X Series NetEngine 8000 Configuration Guide - VPN.
Step 3 Enable NetStream to sample packets with specified application labels on PE2.
# Configure the interface board on PE2 to process NetStream services in
distributed mode.
<PE2> system-view
[*PE2] slot 1
[*PE2-slot-1] ip netstream sampler to slot self
[*PE2-slot-1] return

# Configure PE2 to send information about L3VPN application labels to the NMS.
[*PE2] ip netstream export template option application-label

# Specify the destination address, destination port number, and source address for
NetStream flows output in V9 format.
[*PE2] ip netstream export version 9
[*PE2] ip netstream export host 192.168.2.2 9000
[*PE2] ip netstream export source 192.168.2.1

Step 4 Enable NetStream to collect statistics about incoming and outgoing packets with
specified application labels on the P.
# Configure the interface board on the P to process NetStream services in
distributed mode.
<P> system-view
[*P] slot 1
[*P-slot-1] ip netstream sampler to slot self
[*P-slot-1] quit

This example uses the configuration of distributed NetStream service processing on a board.
To configure an interface board to process NetStream services in centralized mode, run the
ip netstream sampler to slot slot-id command.

# Collect statistics about incoming and outgoing packets on GE 2/0/0 of the P.

[*P] interface GigabitEthernet 2/0/0
[*P-GigabitEthernet2/0/0] ip netstream inbound
[*P-GigabitEthernet2/0/0] ip netstream outbound
[*P-GigabitEthernet2/0/0] quit

# Configure NetStream to sample both inner IP packets and labels of MPLS

packets.
[*P] ip netstream mpls-aware label-and-ip

# Specify the destination address, destination port number, and source address for
NetStream flows output in V9 format.
[*P] ip netstream export version 9
[*P] ip netstream export host 192.168.2.2 9001
[*P] ip netstream export source 172.16.3.1

# Enable NetStream sampling and configure the fixed packet sampling mode.
[*P] ip netstream sampler fix-packets 10000 inbound
[*P] ip netstream sampler fix-packets 10000 outbound
[*P] quit

Step 5 Verify the configuration.

# Run the display ip netstream cache origin slot 1 command in the user view. If
the configuration succeeds, you can view IP- and MPLS-related information about
VPN packets cached in the NetStream flow buffer.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 144

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

<P> display ip netstream cache origin slot 1

Unknown
GigabitEthernet1/0/0
0 0 253 0
0 0 0 60
3 384
0.0.0.0 in
192.168.1.3 0
192.168.1.4 0
0.0.0.0 UNKNOWN
0 0 0
0 0 0
0 0 0
0.0.0.0 0 0
2018-05-09 11:38:07 2018-05-09 11:40:30 vpn1

Unknown
GigabitEthernet1/0/1
0 0 253 0
0 0 0 60
1 128
0.0.0.0 in
192.168.1.5 0
192.168.1.6 0
0.0.0.0 UNKNOWN
0 0 0
0 0 0
0 0 0
0.0.0.0 0 0
2018-05-09 11:38:07 2018-05-09 11:40:30 vpn1

----End

Configuration Files
● PE1 configuration file
#
sysname PE1
#
ip vpn-instance vpna
route-distinguisher 100:1
apply-label per-instance
vpn-target 100:1 export-extcommunity
vpn-target 100:1 import-extcommunity
#
mpls lsr-id 1.1.1.9
#
mpls
#
interface GigabitEthernet1/0/0
ip binding vpn-instance vpna
ip address 10.2.1.2 255.255.255.0

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 145

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

#
interface GigabitEthernet3/0/0
ip address 172.16.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 1.1.1.9 255.255.255.255
#
bgp 100
peer 3.3.3.9 as-number 100
peer 3.3.3.9 connect-interface LoopBack1
#
ipv4-family unicast
peer 3.3.3.9 enable
#
ipv4-family vpnv4
policy vpn-target
peer 3.3.3.9 enable
#
ipv4-family vpn-instance vpna
import-route direct
peer 10.1.1.1 as-number 65440
#
ospf 1
area 0.0.0.0
network 1.1.1.9 0.0.0.0
network 172.16.1.0 0.0.0.255
#
return
● P configuration file
#
slot 1
ip netstream sampler to slot self
#
sysname P
#
ip netstream mpls-aware label-and-ip
ip netstream export version 9
ip netstream sampler fix-packets 10000 inbound
ip netstream sampler fix-packets 10000 outbound
ip netstream export source 172.16.2.1
ip netstream export host 172.16.2.2 9001
#
mpls lsr-id 2.2.2.9
#
mpls
lsp-trigger all
#
mpls ldp
#
interface GigabitEthernet1/0/0
ip address 172.16.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet2/0/0
ip address 172.16.3.1 255.255.255.0
ip netstream inbound
ip netstream outbound
mpls
mpls ldp
#
interface GigabitEthernet3/0/0
ip address 172.16.2.1 255.255.255.0
#
interface LoopBack1
ip address 2.2.2.9 255.255.255.255
#

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 146

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

ospf 1
area 0.0.0.0
network 172.16.1.0 0.0.0.255
network 172.17.1.0 0.0.0.255
network 2.2.2.9 0.0.0.0
#
return
● PE2 configuration file
#
slot 1
ip netstream sampler to slot self
#
sysname PE2
#
ip netstream export version 9
ip netstream export source 192.168.2.1
ip netstream export host 192.168.2.2 9000
ip netstream export template option application-label
#
ip vpn-instance vpna
route-distinguisher 200:1
apply-label per-instance
vpn-target 100:1 export-extcommunity
vpn-target 100:1 import-extcommunity
#
mpls lsr-id 3.3.3.9
#
mpls
lsp-trigger all
#
mpls ldp
#
interface GigabitEthernet1/0/0
ip binding vpn-instance vpna
ip address 10.3.1.2 255.255.255.0
#
interface GigabitEthernet3/0/0
ip address 172.16.3.2 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 3.3.3.9 255.255.255.255
#
bgp 100
peer 1.1.1.9 as-number 100
peer 1.1.1.9 connect-interface LoopBack1
#
ipv4-family unicast
peer 1.1.1.9 enable
#
ipv4-family vpnv4
policy vpn-target
peer 1.1.1.9 enable
#
ipv4-family vpn-instance vpna
import-route direct
peer 10.4.1.1 as-number 65440
#
ospf 1
area 0.0.0.0
network 172.17.1.0 0.0.0.255
network 3.3.3.9 0.0.0.0
#
return
● CE2 configuration file
#
sysname CE2

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 147

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

#
interface GigabitEthernet1/0/0
ip address 10.2.1.1 255.255.255.0
#
bgp 65420
peer 10.2.1.2 as-number 100
#
ipv4-family unicast
import-route direct
peer 10.2.1.2 enable
#
return

● CE4 configuration file

#
sysname CE4
#
interface GigabitEthernet1/0/0
ip address 10.4.1.1 255.255.255.0
#
bgp 65440
peer 10.4.1.2 as-number 100
#
ipv4-family unicast
import-route direct
peer 10.4.1.2 enable
#
return

3.13.5 Example for Collecting IPv6 Original Flow Statistics

This section provides an example for collecting IPv6 original flow statistics.
NetStream enabled on a network can collect network flow statistics.

Networking Requirements
As the Internet rapidly develops, ISP networks support increasing bandwidth and
planned QoS parameters, and carriers need to provide more delicate management
and accounting services. NetStream monitoring configured on an NetStream Data
Exporter (NDE) allows the NDE to send traffic statistics collected on specified
interfaces to specified NetStream Collectors (NSCs) for analysis, which achieves
interface-specific service monitoring.

On the network shown in Figure 3-15, Device A and Device B reside on different
IPv6 networks. GE 1/0/0 and GE 2/0/0 connect Device C to Device A and Device B,
respectively. Traffic statistics are collected on Device C and sent to NSC1 and NSC2
after traffic is aggregated.

To collect flow-specific statistics, configure NetStream monitoring services in the

inbound direction of GE 1/0/0 and GE 2/0/0 on Device C. Traffic statistics collected
on GE 1/0/0 are sent to NMS1 with an IPv4 address and traffic statistics collected
on GE 2/0/0 are sent to NMS2 with an IPv6 address.

Figure 3-15 Network diagram for NetStream traffic statistics

● Interfaces 1 and 2 in this example represent GE 1/0/0 and GE 2/0/0, respectively.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 148

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Configuration Roadmap
The configuration roadmap is as follows:
1. Assign an IP address to each interface on each router.
2. Configure NetStream statistics on router C.
3. Configure NetStream monitoring services on router C.

Data Preparation
To complete the configuration, you need the following data:
● IP address of each interface on each router
● Version of the NetStream packet format
● Source and destination addresses, destination port number, and monitoring
view for NetStream packets
● Number of the slot in which the NetStream service processing board resides
(In this example, the NetStream service processing board is in slot 1.)

Procedure
Step 1 Assign an IP address to each interface on each router. For configuration details,
see "Configuration Files" in this section.
Step 2 Configure NetStream statistics on Device C.
# Specify the distributed NetStream service processing mode on an interface
board.
[*DeviceC] slot 1
[*DeviceC-slot-1] ipv6 netstream sampler to slot self
[*DeviceC-slot-1] quit

# Collect statistics about original flows based on TCP flags.

[*DeviceC] ipv6 netstream tcp-flag enable

# Configure the NetStream sampling function and set the mode to fixed packet
sampling.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 149

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

[*DeviceC] ipv6 netstream sampler fix-packets 10000 inbound

# Configure NetStream to collect statistics about incoming flows on GE 1/0/0 and

GE 2/0/0.
[*DeviceC] interface GigabitEthernet1/0/0
[*DeviceC-GigabitEthernet1/0/0] undo shutdown
[*DeviceC-GigabitEthernet1/0/0] ipv6 netstream inbound
[*DeviceC-GigabitEthernet1/0/0] quit
[*DeviceC] interface GigabitEthernet2/0/0
[*DeviceC-GigabitEthernet2/0/0] undo shutdown
[*DeviceC-GigabitEthernet2/0/0] ipv6 netstream inbound
[*DeviceC-GigabitEthernet2/0/0] quit

Step 3 Configure NetStream monitoring services.

[*DeviceC] ipv6 netstream monitor monitor1
[*DeviceC-monitor-monitor1] ipv6 netstream export host 192.168.0.2 6000
[*DeviceC-monitor-monitor1] quit
[*DeviceC] ipv6 netstream monitor monitor2
[*DeviceC-monitor-monitor2] ipv6 netstream export host ipv6 2001:db8:100::1 6000
[*DeviceC-monitor-monitor2] quit
[*DeviceC] interface gigabitethernet 1/0/0
[*DeviceC-GigabitEthernet1/0/0] ipv6 netstream monitor monitor1 inbound
[*DeviceC-GigabitEthernet1/0/0] quit
[*DeviceC] interface gigabitethernet 2/0/0
[*DeviceC-GigabitEthernet2/0/0] ipv6 netstream monitor monitor2 inbound
[*DeviceC-GigabitEthernet2/0/0] quit
[*DeviceC] commit

Step 4 Verify the configuration.

Run the display ipv6 netstream monitor all command to view information about
all NetStream monitoring services.
[~DeviceC] display ipv6 netstream monitor all
Monitor monitor1
ID :1
AppCount : 1

Address Port
192.168.0.2 6000
------------------------------------------------------------
Monitor monitor2
ID :2
AppCount : 1

Address Port
2001:db8:100::1 6000
------------------------------------------------------------

# Run the display ipv6 netstream cache origin slot 1 command to view all types
of NetStream original flows in the buffer.
[~DeviceC] display ipv6 netstream cache origin slot 1
Show information of IP and MPLS cache of slot 1 is starting.
get show cache user data success.
DstIf DstIP SrcIP Pro Tos Flags Packets
SrcIf DstP Msk SrcP Msk NextHop
DstAs SrcAs
BGP: BGP NextHop TopLabelType Direction
Label1 Exp1 Bottom1
Label2 Exp2 Bottom2
Label3 Exp3 Bottom3
TopLabelIpAddress
--------------------------------------------------------------------------
Null 1:1::1:1 2:2::2:2 1 1 0 2746
GI3/0/0 0 32 0 24 3:3::3:3
0 0
0:0::0:0 0 in

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 150

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

0 0 0
0 0 0
0 0 0
0:0::0:0

----End

Configuration Files
● Device A configuration file
#
sysname DeviceA
#
interface GigabitEthernet1/0/0
undo shutdown
ipv6 enable
ipv6 address 2001:db8:200::2/96
#
return

● Device B configuration file

#
sysname DeviceB
#
interface GigabitEthernet1/0/0
undo shutdown
ipv6 enable
ipv6 address 2001:db8:300::2/96
#
return

● Device C configuration file

#
sysname DeviceC
#
ipv6 netstream tcp-flag enable
ip netstream sampler fix-packets 10000 inbound
#
ip netstream monitor monitor1
ipv6 netstream export host 192.168.0.1 6000
#
ip netstream monitor monitor2
ipv6 netstream export host ipv6 2001:db8:100::1 6000
#
interface GigabitEthernet1/0/0
undo shutdown
ipv6 enable
ipv6 address 2001:db8:200::1/96
#
interface GigabitEthernet2/0/0
undo shutdown
ipv6 enable
ipv6 address 2001:db8:300::1/96
#
interface GigabitEthernet1/0/0
ipv6 netstream inbound
ipv6 netstream monitor monitor1 inbound
#
interface GigabitEthernet2/0/0
ipv6 netstream inbound
ipv6 netstream monitor monitor2 inbound
#
slot 1
ipv6 netstream sampler to slot self
#
return

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 151

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

3.13.6 Example for Collecting IPv4 Flexible Flow Statistics

This section provides an example for collecting IPv4 flexible flow statistics.
NetStream enabled on a network can collect network flow statistics.

Networking Requirements
On the network shown in Figure 3-16, Device D connects network A and network
B to the wide area network (WAN). Device D samples and aggregates flows
before sending them to the NetStream Collector (NSC).

Figure 3-16 Networking diagram for collecting statistics about IPv4 flexible flows

● Interfaces 1 through 4 in this example represent GE 1/0/0, GE 2/0/0, GE 3/0/0, and GE

4/0/0, respectively.

Configuration Roadmap
The configuration roadmap is as follows:

1. Configure reachable routes between Device A and Device B of the LAN and
the WAN.
2. Configure reachable routes between Device D and the NSC.
3. Configure Device D to send traffic statistics to the specified NSC.
4. Configure the flexible flow output function for traffic.
5. Enable NetStream on the outbound interface of Device D.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 152

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

Data Preparation
To complete the configuration, you need the following data:
● IP address of each interface
● Output format of NetStream flows
● NetStream sampling ratio
● Number of the slot in which the NetStream service processing board resides
(In this example, the NetStream service processing board is in slot 1.)

Procedure
Step 1 Assign an IP address to each interface on each router. The configuration details
are not provided here.
Step 2 Configure reachable routes between the WAN, Device A, and Device B.
# Configure reachable routes between Device A and Device D.
[~DeviceA] ip route-static 192.168.1.1 24 gigabitethernet 1/0/0
[*DeviceA] commit

# Configure reachable routes between Device B and Device D.

[~DeviceB] ip route-static 192.168.1.1 24 gigabitethernet 1/0/0
[*DeviceB] commit

# Configure reachable routes between Device D and Device E.

[~DeviceD] ip route-static 172.17.1.3 24 gigabitethernet 3/0/0
[*DeviceD] commit

Step 3 Configure reachable routes between Device D and the NSC.

# Configure reachable routes between Device D and Device C.
[~DeviceD] ip route-static 192.168.2.1 24 192.168.2.2
[*DeviceD] commit

Step 4 Enable NetStream on Device D.

# Configure the interface board on Device D to process NetStream services in
distributed mode.
[~DeviceD] slot 1
[~DeviceD-slot-1] ip netstream sampler to slot self
[*DeviceD-slot-1] quit
[*DeviceD] commit

# Enable the NetStream statistics function for inbound traffic.

[~DeviceD] interface gigabitethernet 3/0/0
[*DeviceD-GigabitEthernet3/0/0] ip netstream inbound
[~DeviceD-GigabitEthernet3/0/0] quit
[*DeviceD] commit

# Configure the flexible flow template in V9 format.

[~DeviceD] ip netstream record aa
[*DeviceD-record-aa] match source as
[*DeviceD-record-aa] collect first switched
[*DeviceD] commit

# Output flexible flows in V9 format.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 153

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

[~DeviceD] ip netstream export version 9

[~DeviceD] ip netstream apply record aa
[~DeviceD] ip netstream export source 192.168.2.1
[~DeviceD] ip netstream export host 192.168.2.2 3000
[*DeviceD] commit

# Enable the NetStream packet sampling function.

[~DeviceD] interface gigabitethernet 3/0/0
[*DeviceD-GigabitEthernet3/0/0] ip netstream sampler fix-packets 1000 inbound
[*DeviceD-GigabitEthernet3/0/0] quit
[*DeviceD] commit

Step 5 Verify the configuration.

# Check whether the flexible flow template is output correctly.
[~DeviceD] display ip netstream export template
------------------------------------------------------
TemplateName Success Failed
------------------------------------------------------
origin 69 0
Record(system) 14 0

----End

Configuration Files
● Device A configuration file
#
sysname DeviceA
#
interface GigabitEthernet1/0/0
ip address 172.16.0.1 255.255.255.0
#
ip route-static 192.168.1.1 255.255.255.0 GigabitEthernet1/0/0
#
return

● Device B configuration file

#
sysname DeviceB
#
interface GigabitEthernet1/0/0
ip address 172.17.1.1 255.255.255.0
#
ip route-static 192.168.1.1 255.255.255.0 GigabitEthernet1/0/0
#
return

● Device C configuration file

#
sysname DeviceC
#
interface GigabitEthernet1/0/0
ip address 192.168.2.2 255.255.255.0
#
return

● Device D configuration file

#
slot 1
ip netstream sampler to slot self
#
sysname DeviceD
#
interface GigabitEthernet1/0/0
ip address 172.16.0.2 255.255.255.0

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 154

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 3 NetStream Configuration

#
interface GigabitEthernet2/0/0
ip address 172.17.1.2 255.255.255.0
#
interface GigabitEthernet3/0/0
ip address 192.168.1.1 255.255.255.0
ip route-static 172.17.1.3 24 gigabitethernet 3/0/0
ip netstream inbound
ip netstream sampler fix-packets 1000 inbound
#
interface GigabitEthernet4/0/0
ip address 192.168.2.1 255.255.255.0
#
ip netstream export version 9
ip netstream export source 192.168.2.1
ip netstream export host 192.168.2.2 3000
#
ip netstream record aa
match source address
collect first switched
#
ip netstream apply record aa
#
return

● Device E configuration file

#
sysname DeviceE
#
interface GigabitEthernet1/0/0
ip address 172.17.1.3 255.255.255.0
#
return

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 155

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

4 NQA Configuration

About This Chapter

This chapter describes how to configure Network Quality Analysis (NQA) to

monitor the network operating status and collect network operation indicators in
real time.

4.1 Overview of NQA

This section describes NQA background and NQA functions.
4.2 NQA Licensing Requirements and Configuration Precautions
4.3 Configuring NQA to Monitor an IP Network
When NQA is used to monitor an IP network, the following test instances can be
configured. Before configuring NQA to monitor an IP network, familiarize yourself
with the usage scenario of each test instance and complete the pre-configuration
tasks.
4.4 Configuring NQA to Monitor an MPLS Network
NQA can be configured to monitor an MPLS network. Before configuring NQA to
monitor an MPLS network, familiarize yourself with the usage scenario of each
test instance and complete the pre-configuration tasks.
4.5 Configuring NQA to Monitor VPNs
Before configuring NQA to monitor virtual private networks (VPNs), familiarize
yourself with the usage scenario and complete the pre-configuration tasks.
4.6 Configuring NQA to Check a Layer 2 Network
Before configuring network quality analysis (NQA) to check a Layer 2 network,
familiarize yourself with the usage scenario and complete the pre-configuration
tasks.
4.7 Configuring an RFC 2544 Generalflow Test Instance
This section describes how to configure a generalflow test instance to monitor the
performance of interconnected network devices.
4.8 Configuring a Y.1564 Ethernet Service Activation Test
This section describes how to configure an Ethernet service activation test. This
test is conducted before network services are activated and verifies whether the
configurations are correct and network performance satisfies SLA requirements.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 156

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

4.9 Configuring Test Results to Be Sent to the FTP Server

The NMS needs to obtain test results of devices. If the NMS cannot poll test
results in time, test results are lost. Delivering the test results to the FTP server can
save the test results to the maximum extent.
4.10 Maintaining NQA
Maintaining NQA involves stopping or restarting NQA test instances, deleting
statistics, and deleting test records.
4.11 Configuration Examples for NQA
This section describes several NQA configuration examples.

4.1 Overview of NQA

This section describes NQA background and NQA functions.
As value-added services develop, users and carriers demand higher quality of
service (QoS). After Voice over Internet Protocol and video over IP services are
carried out, carriers and users reach service level agreements (SLAs) to implement
QoS guaranteed services.
To provide committed bandwidth for users, carriers configure devices to collect
statistics on delay time, jitter time, and the packet loss ratio. The information
helps them analyze network performance.
The NetEngine 8000 provides NQA to meet the preceding requirements.
NQA measures the performance of each protocol running on a network and helps
carriers collect network operation indicators, such as the delay time of a TCP
connection, packet loss ratio, and path maximum transmission unit (MTU).
Carriers provide users with differentiated services and charge users differently
based on these indicators. NQA is also an effective tool to diagnose and locate
faults in a network.

4.2 NQA Licensing Requirements and Configuration

Precautions
Licensing Requirements
For details, see "Licensing Requirements" in Feature Description.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 157

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Configuration Precautions
Restrictions Guidelines Impact

1. IPv6 addresses can None No impact.

only be set to global
addresses but not link-
local addresses.
2. The ICMP jitter IPv6
instance supports echo
packets and does not
support timestamp
packets.

1. Y.1564 supports only None No impact.

unicast detection and
does not support
broadcast detection.
2. Y.1564 does not
support flexible access of
EVC sub-interfaces.

1. A third-party None No impact.

responder does not send
response packets
carrying the payload that
contains Huawei
proprietary extended
information. In this
scenario, the ICMP jitter
single-ended detection
function is used. The
delay and jitter, however,
are large in inter-board
scenarios.
2. A third-party
responder does not
support ICMP timestamp
packets (standard non-
private packets). ICMP
timestamp packets are
parsed as ICMP echo
packets. In this scenario,
ICMP jitter single-ended
detection supports only
two-way frame delay
measurement but does
not support one-way
frame delay
measurement.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 158

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Restrictions Guidelines Impact

If a destination IP Do not deploy any test Hardware-based packet

address is configured for instance for which the sending measurement
the client end, the outbound interface of a results obtained during a
outbound interface of a route is a management jitter test are inaccurate.
route cannot be any interface.
management interface.

If the client end supports Select a board that Hardware-based packet

hardware-based packet supports 1588v2 clock sending measurement
sending, the board that synchronization for results obtained during a
sends packets must packet sending. jitter test are inaccurate.
support 1588v2 clock
synchronization.

The server and client of None The test fails or is

an ICMP jitter, UDP jitter, inaccurate.
or TCP test instance
must be VRP-based
devices. The test result
depends on the board
hardware capability.

When testing VPLS or None When testing VPLS or

VLL PWs with tunnel VLL PWs with tunnel
overlapping, L2VPN PW overlapping, L2VPN PW
ping/tracert can test only ping/tracert can test only
the outer backup plane. the outer backup plane.

L2VPN PW ping/tracert None L2VPN PW ping/tracert

can test a PW with only can test a PW with only
one segment, not a PW one segment, not a PW
with multiple segments. with multiple segments.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 159

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Restrictions Guidelines Impact

NQA ICMP jitter supports None If the reflector does not

hardware-based packet meet the requirements,
sending and reflector the measurement related
interconnection. to NQA ICMP jitter's
The reflector must hardware-based packet
support standard ICMP sending fails.
timestamp packets. If the
reflector does not
support ICMP timestamp
packets, the reflector
cannot be
interconnected.
Additionally, when
replying with an ICMP
timestamp response
packet, the reflector
must include the request
packet's private extended
load information in the
response packet. If the
reflector allows load
information to be
carried, the hardware-
based packet sending
process is used and the
delay is more accurate. If
the reflector does not
allow load information
to be carried, the
software-based packet
sending process is used.

The MTU of the tested Configure the MTU of Jitter measurement

link cannot be less than the tested link to be no results are inaccurate.
64, less than 64,

In the ping and trace None No impact.

functions, IPv6 SIDs
support only unicast
addresses.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 160

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Restrictions Guidelines Impact

For the ping/tracert ipv6- Initiate detection with Detection fails, but
sid function, if the the -a parameter traffic forwarding is not
End.OP SID outbound specified. affected.
interface does not have a
global IPv6 address, the
source IP address
contained in the
detection packets sent by
the local device may be
an unreachable IPv6
address. This causes a
detection failure.

The RFC 2544 initiator's Initiate measurements If different sub-interfaces

inward measurement separately if different of an interface are
supports flexible access sub-interfaces of an configured with the
sub-interfaces. If interface are configured same VLAN, only one
different sub-interfaces with the same VLAN. sub-interface can be
of an interface are measured.
configured with the
same VLAN, only one
sub-interface can be
measured.

When the RFC 2544 Configure dynamic ARP When the RFC 2544
initiator is bound to a entry learning for the initiator is bound to a
flexible access sub- source and destination IP flexible access sub-
interface to initiate a addresses when the RFC interface to initiate a
measurement, 2544 initiator is bound measurement, the
configuring static ARP to a flexible access sub- measurement fails.
entry learning for the interface to initiate a
source and destination IP measurement.
addresses causes the RFC
2544 measurement path
to fail to be learned.

If the server end Select a board that Hardware-based packet

supports hardware-based supports 1588v2 clock sending measurement
packet reply, the board synchronization for results obtained during a
that replies packets must packet reply. jitter test are inaccurate.
support 1588v2 clock
synchronization.

When the tracert lsp None After the tracert lsp

command is run to test command is run,
an LSP , cross-domain P timeout is displayed for
nodes are not supported. cross-domain P nodes.
The tracert test skips
cross-domain P nodes.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 161

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Restrictions Guidelines Impact

One-way delay To measure one-way Hardware-based packet

measurement requires delay, deploy 1588v2 sending measurement
the deployment of clock synchronization. results obtained during a
1588v2 clock jitter test are inaccurate.
synchronization.

If a static route is None The static route fails to

associated with NQA and be restored.
the path tested by NQA
also depends on the
static route, only direct
connection is supported.

When the lossy mode Do not configure the When the lossy mode
and the outward-facing lossy mode and the and the outward-facing
802,1ag function are outward-facing 802,1ag 802,1ag function are
both configured for an function for the same both configured for an
interface, the outward- interface. interface, the outward-
facing 802,1ag function facing 802,1ag function
fails. fails.

In a cross-domain or None When the tracert ipv4

private L3VPN detection command is run to test
scenario where a P node an MPLS tunnel in a
does not have any return cross-domain scenario,
route but supports MPLS information about cross-
forwarding, when the domain P nodes fails to
tracert ipv4 command is be displayed if the
run to test an MPLS associated board does
tunnel, the display of not support tracert fast
cross-domain P node reply.
information depends on
whether the associated
board supports tracert
fast reply.

Only one VXLAN None Only one VXLAN

segment can be segment can be
detected. End-to-end detected.
detection is not
supported in scenarios
where multi VXLAN
segments are combined.

4.3 Configuring NQA to Monitor an IP Network

When NQA is used to monitor an IP network, the following test instances can be
configured. Before configuring NQA to monitor an IP network, familiarize yourself
with the usage scenario of each test instance and complete the pre-configuration
tasks.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 162

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Usage Scenario

Table 4-1 NQA test instances used to monitor IP networks

Test Type Usage Scenario

DNS test This section describes how to detect

the speed at which a DNS name is
resolved to an IP address using a DNS
test.

ICMP test An Internet Control Message Protocol

(ICMP) test monitors the end-to-end
connectivity, packet loss ratio, and
delay time on an IP network.

TCP test A TCP test monitors the connectivity,

packet loss ratio, and delay time of a
TCP connection on an IP network.

UDP test A UDP test measures the round-trip

delay time of UDP packets exchanged
between Huawei devices.

SNMP test An SNMP test measures the

communication speed between a host
and an SNMP agent using UDP
packets.

Trace test A trace test monitors the connectivity,

packet loss ratio, and delay time hop
by hop on an IP network and the
packet forwarding path.

UDP jitter test A UDP jitter test measures the end-to-

end jitter time for various services or
simulates a voice test. Although the
Internet Control Message Protocol
(ICMP) reply function may be disabled
on devices on the public network to
defend against network attacks, the
UDP jitter test can still be conducted.

ICMP Jitter test An Internet Control Message Protocol

(ICMP) Jitter test measures the end-to-
end jitter time for various services.

Path Jitter test An NQA path jitter test instance,

however, can identify the router whose
jitter value is great.

Path MTU test A path MTU test can obtain the

maximum MTU value that does not
require packet fragmentation during
the packet transmission on the link.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 163

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Pre-configuration Tasks
Before configuring NQA to monitor an IP network, configure static routes or an
Interior Gateway Protocol (IGP) to implement network connectivity.

4.3.1 Configuring a DNS Test

This section describes how to detect the speed at which a DNS name is resolved to
an IP address using a DNS test.

Context
A DNS test is based on UDP packets. Only one probe packet is sent in one DNS
test to detect the speed at which a DNS name is resolved to an IP address. The
test result clearly reflects the performance of the DNS protocol on the network.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run dns resolve

Dynamic DNS is enabled.

Step 3 Create an NQA test instance and set the test instance type to DNS.
1. Run nqa test-instance admin-name test-name

An NQA test instance is created and the view of the test instance is displayed.
2. Run test-type dns

The test instance type is set to DNS.

3. (Optional) Run description description

The description is configured for the test instance.

Step 4 Run dns-serveripv4 ip-address

An IP address is configured for the DNS server in the DNS test instance.

Step 5 Run destination-addressurl url-address

A destination URL is specified for the NQA test instance.

Step 6 (Optional) Set optional parameters for the test instance and simulate packets
transmitted on an actual network.
1. Run agetime ageTimeValue

The aging time is set for the NQA test instance.

2. Run source-address ipv4 srcAddress

A source IP address is configured for the probe packet.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 164

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Step 7 (Optional) Configure test failure conditions. Run timeout time

A timeout period is configured for a response packet.
Step 8 (Optional) Configure NQA statistics collection. Run records { history number |
result number }
The maximum numbers of historical records and result records are set for the test
instance.
Step 9 (Optional) Enable the system to send traps to the NMS.
1. Run test-failtimes failTimes
The function that traps are sent to the NMS after the number of continuous
test failures reaches a certain value is configured.
2. Run thresholdrtd thresholdRtd
An RTD threshold is set.
3. Run send-trap { all | [ rtd | testfailure | probefailure | testcomplete ]* }
A condition for triggering a trap is configured.
Step 10 (Optional) Run vpn-instance vpn-instance-name
A VPN instance name is configured for the test instance.
Step 11 Schedule the test instance.
1. (Optional) Run frequency frequencyValue
A test interval is set for the test instance.
2. Run start
The NQA test instance is started.
An NQA test instance can be started immediately, at a specified time, or after
a specified delay.
– Run the start now [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay { seconds
second | hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ]
command to start the test instance immediately.
– Run the startat [ yyyy/mm/dd ] hh:mm:ss [ end { at [ yyyy/mm/dd ]
hh:mm:ss | delay { seconds second | hh:mm:ss } | lifetime { seconds
second | hh:mm:ss } } ] command to start the test instance at a specified
time.
– Run the start delay { seconds second | hh:mm:ss } [ end { at
[ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss } |
lifetime { seconds second | hh:mm:ss } } ] command to start the test
instance after a specified delay.
– Run the startdailyhh:mm:sstohh:mm:ss [ beginyyyy/mm/dd ]
[ endyyyy/mm/dd ] command to start the test instance at a specified
time every day.
Step 12 Run commit
The configuration is committed.

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 165

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

4.3.2 Configuring an ICMP Test

An Internet Control Message Protocol (ICMP) test monitors the end-to-end
connectivity, packet loss ratio, and delay time on an IP network.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Create an NQA test instance and set the test instance type to ICMP.
1. Run nqatest-instanceadmin-name test-name
An NQA test instance is created, and the view of the test instance is displayed.
2. Run test-type icmp
The test type is set to ICMP.
3. (Optional) Run descriptiondescription
A description is configured for the NQA test instance.
Step 3 Run destination-address{ ipv4 destAddress | ipv6 destAddress6 }
The destination address (that is, the NQA server address) of the client is specified.
Step 4 Set parameters for the test instance to simulate a specific type of packet.
1. Run the agetime ageTimeValue command to configure the aging time of an
NQA test instance.
2. Run the datafill fill-string command to configure padding characters in NQA
test packets.
3. Run the datasize datasizeValue command to set the size of the data field in
an NQA test packet.
4. Run probe-count number
The number of probes in a test is set for the NQA test instance.
5. Run interval seconds interval
The interval at which NQA test packets are sent is set for the NQA test
instance.
6. Run sendpacket passroute
The NQA test instance is configured to send packets without searching the
routing table.
7. Run source-address { ipv4 srcAddress | ipv6 srcAddr6 }
The source IP address of NQA test packets is set.
8. Run source-interface interface-type interface-number
The source interface for NQA test packets is set.
9. Run tos tos-value
The ToS value in NQA test packets is set.
10. Run ttl ttlValue

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 166

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

The TTL value in NQA test packets is set.

11. Run nexthop ipv4 ip-address
The next-hop address is configured for the test instance.
Step 5 Run path-type bypass
The Echo Request packets to be sent through an IP FRR bypass LSP is configured.
Step 6 (Optional) Configure test failure conditions.
1. Run timeout time
The response timeout period is set.
If no response packets are received before the set period expires, the probe is
regarded as a failure.
2. Run fail-percent percent
The failure percentage is set for the NQA test instance.
If the percentage of failed probes is greater than or equal to the failure
percentage, the test is regarded as a failure.
Step 7 (Optional) Configure the NQA statistics function. Run the records { history
number | result number } command to configure the maximum number of history
records and the maximum number of result records for the NQA test instance.
Step 8 (Optional) Enable the device to send traps to the NMS.
1. Run the test-failtimes failTimes command to configure the Trap message to
be sent to the NMS when the number of continuous probe failures reaches
the specified value in NAQ tests.
2. Run the threshold rtd thresholdRtd command to configure an RTD threshold.
3. Run the send-trap { all | [ rtd | testfailure | probefailure | testcomplete ]* }
command to configure the conditions for sending trap messages.
Step 9 (Optional) Run vpn-instance vpn-instance-name
The VPN instance name is configured for the NQA test instance.
Step 10 Schedule the test instance.
1. (Optional) Run frequencyinterval
The test period is set for the NQA test instance.

If the following conditions are met, the Completion field in the test results will be
displayed as no result:
– frequency configured ≤ (probe-count - 1) x interval + timeout.
2. Run the start command to start an NQA test.
An NQA test instance can be started immediately, at a specified time, or after
a specified delay.
– Run the start now [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay { seconds
second | hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ]
command to start an NQA test instance immediately.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 167

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

– Run the start at [ yyyy/mm/dd ] hh:mm:ss [ end { at [ yyyy/mm/dd ]

hh:mm:ss | delay { seconds second | hh:mm:ss } | lifetime { seconds
second | hh:mm:ss } } ] command to start an NQA test instance at a
specified time.
– Run the start delay { seconds second | hh:mm:ss } [ end { at
[ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss } |
lifetime { seconds second | hh:mm:ss } } ] command to start an NQA test
instance after a specified delay.
– Run the start daily hh:mm:ss to hh:mm:ss [ begin yyyy/mm/dd ] [ end
yyyy/mm/dd ] command to start the test instance at the specified time
every day.

Step 11 Run commit

The configuration is committed.

----End

4.3.3 Configuring a TCP Test

A TCP test monitors the connectivity, packet loss ratio, and delay time of a TCP
connection on an IP network.

Procedure
● Configure the NQA server for the TCP test.
a. Run system-view
The system view is displayed.
b. Run nqa-server tcpconnect [ vpn-instance vpn-instance-name ] ip-
address port-number
The IP address and number of the port used to monitor TCP services are
specified on the NQA server.
c. Run commit
The configuration is committed.
● Configure the NQA client for the TCP test.
a. Run system-view

The system view is displayed.

b. Create an NQA test instance and set the test instance type to TCP.
i. Run nqa test-instance admin-name test-name
An NQA test instance is created, and the view of the test instance is
displayed.
ii. Run test-type tcp
The test instance type is set to TCP.
iii. (Optional) Run description description
The description of the test instance is configured.
c. Specify the destination address and destination port number for the test
instance.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 168

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

The destination address and destination port number specified in this step must
be the same as ip-address and port-number specified for the NQA server.

i. Run destination-address ipv4 destAddress

The client's destination address that is the NQA server address is
specified.
ii. Run destination-port port-number
The destination port number is specified for the NQA test instance.
d. (Optional) Set parameters for the test instance to simulate packets.
i. Run probe-count number
The number of probes is set for an NQA test instance.
ii. Run interval { milliseconds interval | seconds interval }
The interval at which NQA test packets are sent is set for the NQA
test instance.
iii. Run sendpacket passroute
The NQA test instance is configured to send packets without
searching the routing table.
iv. Run source-address ipv4 srcAddress
The source IP address of NQA test packets is set.
v. Run source-port portValue
The source port number is set for the NQA test instance.
vi. Run tos tos-value
The ToS value in NQA test packets is set.
vii. Run ttl ttlValue
The TTL value in NQA test packets is set.
e. (Optional) Configure test failure conditions.

▪ Run timeout time

The response timeout period is set.
If no response packets are received before the configured period
elapses, the probe is considered as a failure.

▪ Run fail-percent percent

The failure percentage is set for the NQA test instance.
If the percentage of failed probes is greater than or equal to the
configured failure percentage, the test is considered as a failure.
f. (Optional) Configure the NQA statistics function.

Run records { history number | result number }

The maximum number of historical records and the maximum number of

result records that can be saved for the NQA test instance are set.
g. (Optional) Enable the device to send traps to the NMS.
i. Run probe-failtimes failTimes

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 169

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

The device enabled to send traps to the NMS after the number of
consecutive probe failures reaches the specified threshold.
ii. Run test-failtimes failTimes
The device is enabled to send traps to the NMS after the number of
consecutive failures of the test instance reaches the specified
threshold.

iii. Run threshold rtd thresholdRtd

The RTD threshold is set.
iv. Run send-trap { all | [ rtd | testfailure | probefailure |
testcomplete ]* }
The condition for triggering a trap is configured.
h. (Optional) Run vpn-instance vpn-instance-name

The VPN instance name is configured for the NQA test instance.
i. Schedule the test instance.
i. (Optional) Run frequency frequencyValue
The test period is set for the NQA test instance.
ii. Run start
An NQA test is started.
The start command has multiple formats. Choose one of the
following formats as needed.
○ To start an NQA test instance immediately, run the start now
[ end { at [ yyyy/mm/dd ] hh:mm:ss | delay { seconds second |
hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ]
command.
○ To start an NQA test instance at a specified time, run the start
at [ yyyy/mm/dd ] hh:mm:ss [ end { at [ yyyy/mm/dd ]
hh:mm:ss | delay { seconds second | hh:mm:ss } | lifetime
{ seconds second | hh:mm:ss } } ] command.
○ To start an NQA test instance after a specified delay, run the
start delay { seconds second | hh:mm:ss } [ end { at
[ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss }
| lifetime { seconds second | hh:mm:ss } } ] command.
○ To start an NQA test instance at a specified time every day, run
the start daily hh:mm:ss to hh:mm:ss [ begin yyyy/mm/dd ]
[ end yyyy/mm/dd ] command.
j. Run commit

The configuration is committed.

----End

4.3.4 Configuring a UDP Test

A UDP test measures the round-trip delay time of UDP packets exchanged
between Huawei devices.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 170

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Procedure
● Configure an NQA server.
a. Run system-view
The system view is displayed.
b. Run nqa-server udpecho [ vpn-instance vpn-instance-name ] ip-address
port-number
The IP address and port number of the NQA server for monitoring UDP
services are specified.
c. Run commit
The configuration is committed.
● Configure an NQA client.
a. Run system-view
The system view is displayed.
b. Create an NQA test instance, set the test instance type to UDP, and add
description information for the test instance.
i. Run nqa test-instance admin-name test-name
The NQA test instance is created, and the view of the test instance is
displayed.
ii. Run test-type udp
The test instance type is set to UDP.
iii. (Optional) Run description description
The description for of test instance is added.
c. Specify the destination IP address and destination port number for the
test instance.
i. Run destination-address{ ipv4 destAddress | ipv6 destAddress6 }
The destination IP address for the test instance (the IP address of the
NQA server) is specified.
ii. (Optional) Run destination-port port-number
The destination port number for the test instance is specified.
d. (Optional) Set parameters for the test instance and simulate packets.
i. Run agetime ageTimeValue
The aging time is set for the NQA test instance.
ii. Run datafill fill-string
The padding string in probe packets is set.
iii. Run datasize datasizeValue
The size of the data field in an NQA test packet.
iv. Run probe-count number
The number of probes to be sent each time is set.
v. Run interval seconds interval
The interval at which probe packets are sent is set.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 171

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

vi. Run sendpacket passroute

The NQA test instance is configured to send packets without
searching the routing table.
vii. Run source-address { ipv4 ip-address | ipv6 ipv6–address }
The source IP address of probe packets is set.
viii. Run source-port portValue
The source port number of probe packets is set.
ix. Run tos tos-value
The ToS value in probe packets is set.
x. Run ttl ttlValue
The TTL value in probe packets is set.
e. (Optional) Configure probe failure conditions.

▪ Run timeout time

Timeout period for response packets is set.
If no response is received when the timeout period elapses, the probe
fails.

▪ Run fail-percent percent

The probe failure percentage is set for the test instance.
If the percentage of failed probes is greater than or equal to the
configured failure percentage, the test is considered as a failure.
f. (Optional) Configure NQA statistics. Run records { history number |
result number }
The maximum numbers of historical records and result records are set for
the test instance.

g. (Optional) Enable the device to send traps to the NMS.

i. Run probe-failtimes failTimes
The device is enabled to send traps to the NMS after the number of
consecutive probe failures reaches the specified threshold.
ii. Run test-failtimes failTimes
The device is enabled to send traps to the NMS after the number of
consecutive failures of the test instance reaches the specified
threshold.
iii. Run threshold rtd thresholdRtd
The RTD threshold is set.
iv. Run send-trap { all | [ rtd | testfailure | probefailure |
testcomplete ]* }
The condition for triggering a trap is configured.
h. (Optional) Run vpn-instance vpn-instance-name
The VPN instance name is configured for the test instance.
i. Schedule the test instance.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 172

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

i. (Optional) Run frequency interval

The test period is set for the NQA test instance.
ii. Run start
An NQA test is started.
The start command has multiple formats. Select one of the following
formats:
○ To start an NQA test instance immediately, run the start now
[ end { at [ yyyy/mm/dd ] hh:mm:ss | delay { seconds second |
hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ]
command.
○ To start an NQA test instance at a specified time, run the start
at [ yyyy/mm/dd ] hh:mm:ss [ end { at [ yyyy/mm/dd ]
hh:mm:ss | delay { seconds second | hh:mm:ss } | lifetime
{ seconds second | hh:mm:ss } } ] command.
○ To start an NQA test instance after a specified delay, run the
start delay { seconds second | hh:mm:ss } [ end { at
[ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss }
| lifetime { seconds second | hh:mm:ss } } ] command.
○ To start an NQA test instance at a specified time every day, run
the start daily hh:mm:ss to hh:mm:ss [ begin yyyy/mm/dd ]
[ end yyyy/mm/dd ] command.
j. Run commit
The configuration is committed.
----End

4.3.5 Configuring an SNMP Test

An SNMP test measures the communication speed between a host and an SNMP
agent using UDP packets.

Procedure
Step 1 Run the system-view command to enter the system view.
Step 2 Create an NQA test instance and set the test instance type to SNMP.

Before configuring an NQA SNMP test instance, configure SNMP. The NQA SNMP test
instance supports SNMPv1, SNMPv2c, and SNMPv3.
1. Run the nqa test-instance admin-name test-name command to create an
NQA test instance and enter the test instance view.
2. Run test-type snmp
The test instance type is set to SNMP.
3. (Optional) Run the description description command to configure the test
instance description.
Step 3 Run destination-address ipv4 destAddress
The destination address (that is, the NQA server address) of the client is specified.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 173

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Step 4 (Optional) Run community read cipher community-name

A community name is specified.

If a target SNMP agent runs SNMPv1 or SNMPv2c, the read community name
specified in the community read cipher command must be the same as the read
community name configured on the SNMP agent. Otherwise, the SNMP test will
fail.

Step 5 (Optional) Set parameters for the test instance and simulate packets.
1. Run the probe-count number command to configure the number of probes in
an NQA test instance.
2. Run the interval seconds interval command to configure the interval for
sending NQA test packets.
3. Run the sendpacket passroute command to configure the NQA test instance
to send packets without searching the routing table.
4. Run source-address ipv4 srcAddress

The source IP address of NQA test packets is set.

5. Run source-port portValue

The source port number is set for the NQA test instance.
6. Run the tos tos-value command to configure the ToS value in NQA test
packets.
7. Run the ttl ttlValue command to configure the TTL value of NQA test packets.

Step 6 (Optional) Configure probe failure conditions.

1. Run the timeout time command to configure the timeout period of response
packets.
2. Run the fail-percent percent command to configure the failure percentage
for the NQA test instance.

Step 7 (Optional) Configure the NQA statistics function. Run the records { history
number | result number } command to configure the maximum number of history
records and the maximum number of result records for the NQA test instance.

Step 8 (Optional) Enable the device to send traps to the NMS.

1. Run probe-failtimes failTimes

The device is enabled to send traps to the NMS after the number of
consecutive probe failures reaches the specified threshold.
2. Run the test-failtimes failTimes command to configure the Trap message to
be sent to the NMS when the number of continuous probe failures reaches
the specified value in NAQ tests.
3. Run the threshold rtd thresholdRtd command to configure an RTD threshold.
4. Run the send-trap { all | [ rtd | testfailure | probefailure | testcomplete ]* }
command to configure the conditions for sending trap messages.

Step 9 (Optional) Run the vpn-instance vpn-instance-name command to configure the

VPN instance name for the NQA test instance.

Step 10 Schedule the test instance.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 174

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

1. (Optional) Run the frequency frequencyValue command to configure the test

period for an NQA test instance.
2. Run the start command to start an NQA test.
An NQA test instance can be started immediately, at a specified time, or after
a specified delay.
– Run the start now [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay { seconds
second | hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ]
command to start an NQA test instance immediately.
– Run the start at [ yyyy/mm/dd ] hh:mm:ss [ end { at [ yyyy/mm/dd ]
hh:mm:ss | delay { seconds second | hh:mm:ss } | lifetime { seconds
second | hh:mm:ss } } ] command to start an NQA test instance at a
specified time.
– Run the start delay { seconds second | hh:mm:ss } [ end { at
[ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss } |
lifetime { seconds second | hh:mm:ss } } ] command to start an NQA test
instance after a specified delay.
– Run the start daily hh:mm:ss to hh:mm:ss [ begin yyyy/mm/dd ] [ end
yyyy/mm/dd ] command to start the test instance at the specified time
every day.
Step 11 Run the commit command to commit the configuration.

----End

4.3.6 Configuring a Trace Test

A trace test monitors the connectivity, packet loss ratio, and delay time hop by
hop on an IP network and the packet forwarding path.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Create an NQA test instance and set the test instance type to trace.
1. Run nqa test-instanceadmin-name test-name
An NQA test instance is created, and the view of the test instance is displayed.
2. Run test-type trace
The test instance type is set to trace.
3. (Optional) Run description description
A description is configured for the NQA test instance.
Step 3 Specify the destination address and destination port number for the test instance.
1. Run destination-address { ipv4 destAddress | ipv6 destAddress6 }
The destination address (that is, the NQA server address) of the client is
specified.
2. (Optional) Run destination-port port-number

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 175

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

The destination port number is specified for the NQA test instance.
Step 4 (Optional) Set parameters for the test instance to simulate packets.
1. Run agetime ageTimeValue
The aging time of an NQA test is configured.
2. Run datafill fill-string
Padding characters in NQA test packets are configured.
3. Run datasize datasizeValue
The size of the data field in an NQA test packet is set.
4. Run probe-count number
The number of probes in a test is set for the NQA test instance.
5. Run sendpacket passroute
The NQA test instance is configured to send packets without searching the
routing table.
6. Run source-address { ipv4 srcAddress | ipv6 srcAddr6 }
The source IP address of NQA test packets is set.
7. Run source-interface interface-type interface-number
The source interface for NQA test packets is set.
8. Run tos tos-value
The ToS value in NQA test packets is set.
9. Run nexthop ipv4 ip-address
The next-hop address is configured for the test instance.
10. Run tracert-livetime first-ttl first-ttl max-ttl max-ttl
The TTL of test packets is set.
Step 5 (Optional) Run the set-df command to prevent packet fragmentation.
Use a trace test instance to obtain the path MTU as follows:
Run the set-df command to disable packet fragmentation. Then, run the datasize
command to set the size of the packet data area. After that, start the test
instance. If the test is successful, the size of the sent packet's data area is smaller
than the path MTU. Then, keep increasing the packet data area size using the
datasize command until the test fails. If the test fails, the size of the sent packet's
data area is greater than the path MTU. The maximum size of the packet that can
be sent without being fragmented is used as the path MTU.
Step 6 (Optional) Configure test failure conditions.
1. Run timeout time
The response timeout period is set.
If no response packets are received before the set period expires, the probe is
regarded as a failure.
2. Run tracert-hopfailtimes hopfailtimesValue

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 176

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

The maximum number of hop failures in a probe is set.

Step 7 (Optional) Configure the NQA statistics function.

Run records { history number | result number }

The maximum number of history records and the maximum number of result
records that can be saved for the NQA test instance are set.

Step 8 (Optional) Enable the device to send traps to the NMS.

1. Run test-failtimes failTimes

The NQA test instance is configured to send a trap message to the NMS when
the number of continuous test failures reaches the specified value.
2. Run threshold rtd thresholdRtd

The RTD threshold is set.

3. Run send-trap { all | [ rtd | testfailure | testcomplete ]* }

The condition for triggering a trap is configured.

Step 9 (Optional) Run vpn-instance vpn-instance-name

The VPN instance name is configured for the NQA test instance.

Step 10 Schedule the test instance.

1. (Optional) Run frequency frequencyValue

The test period is set for the NQA test instance.

2. Run start

An NQA test is started.

The start command has multiple formats. Choose one of the following as
needed.

– To start an NQA test instance immediately, run the start now [ end { at
[ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss } |
lifetime { seconds second | hh:mm:ss } } ] command.
– To start an NQA test instance at a specified time, run the startat
[ yyyy/mm/dd ] hh:mm:ss [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay
{ seconds second | hh:mm:ss } | lifetime { seconds second |
hh:mm:ss } } ] command.
– To start an NQA test instance after a specified delay, run the start delay
{ seconds second | hh:mm:ss } [ end { at [ yyyy/mm/dd ] hh:mm:ss |
delay { seconds second | hh:mm:ss } | lifetime { seconds second |
hh:mm:ss } } ] command.
– To start an NQA test instance at a specified time every day, run the
startdailyhh:mm:sstohh:mm:ss [ beginyyyy/mm/dd ] [ endyyyy/mm/dd ]
command.

Step 11 Run commit

The configuration is committed.

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 177

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

4.3.7 Configuring a UDP Jitter Test

A UDP jitter test measures the end-to-end jitter time for various services or
simulates a voice test. Although the Internet Control Message Protocol (ICMP)
reply function may be disabled on devices on the public network to defend against
network attacks, the UDP jitter test can still be conducted.

Procedure
● Configure the NQA server for the UDP jitter test.
a. Run system-view
The system view is displayed.
b. Run nqa-server udpecho [ vpn-instance vpn-instance-name ] ip-address
port-number
The IP address and number of the port used to monitor UDP services are
specified on the NQA server.
c. Run commit
The configuration is committed.
● Configure the NQA client for the UDP jitter test.
a. Run system-view
The system view is displayed.
b. (Optional) Run nqa-jitter tag-version version-number
The packet version is configured for a UDP jitter test instance.
Packet statistics collected in version 2 is more accurate than those in
version 1. Packet version 2 is recommended.
c. Create an NQA test instance and set the test instance type to UDP jitter.
i. Run nqa test-instance admin-name test-name
An NQA test instance is created, and the view of the test instance is
displayed.
ii. Run test-type jitter
The test instance type is set to UDP jitter.
iii. (Optional) Run description description
A description is configured for the test instance.
d. The destination address and destination port number are set for the test
instance.
i. (Optional) Run destination-address { ipv4 destAddress | ipv6
destAddress6 }
The client's destination address that is the NQA server address is
specified.
ii. Run destination-port port-number
The destination port number is specified for the UDP jitter test.
e. (Optional) Run hardware-based enable
The hardware forwarding engine on an interface board is enabled to send
packets and add timestamps to the packets.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 178

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

f. (Optional) Run timestamp-unit { millisecond | microsecond }

A timestamp unit is configured for the NQA test instance.
The timestamp units need to be configured only after the hardware-
based enable command is run.
g. (Optional) Configure the code type and advantage factor for simulated
voice test calculation.
i. Run jitter-codec { g711a | g711u | g729a }
The code type is set for the simulated voice test.
ii. Run adv-factor factor-value
The advantage factor for simulated voice test calculation is set.
h. (Optional) Set parameters for the test instance to simulate packets.
i. Run datasize datasizeValue
The size of the data field in an NQA test packet is configured.
ii. Run jitter-packetnum number
The number of packets sent each time in a probe is set.
iii. Run probe-count number
The number of probes is set for an NQA test instance.
iv. Run interval { milliseconds interval | seconds interval }
The interval at which NQA test packets are sent is set for the NQA
test instance.
v. Run sendpacket passroute
The NQA test instance is configured to send packets without
searching the routing table.

IPv6 network does not support this function.

vi. Run source-address{ ipv4 ip-address | ipv6 ipv6–address }
The source IP address of NQA test packets is set.
vii. Run source-port portValue
The source port number is set for the NQA test instance.
viii. Run tos tos-value
The ToS value in NQA test packets is set.
ix. Run ttl ttlValue
The TTL value in NQA test packets is set.
i. (Optional) Configure test failure conditions.

▪ Run timeout time

The response timeout period is set.
If no response packets are received after the configured period
elapses, the probe fails.

▪ Run fail-percent percent

The failure percentage is set for the NQA test instance.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 179

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

If the percentage of failed probes is greater than or equal to the

configured failure percentage, the test is considered as a failure.
j. (Optional) Configure the NQA statistics function.
Run records { history number | result number }
The maximum number of historical records and the maximum number of
result records that can be saved for the NQA test instance are set.
k. (Optional) Enable the device to send traps to the NMS.
i. Run test-failtimes failTimes
The NQA test instance is configured to send a trap message to the
NMS when the number of continuous probe failures reaches the
specified value.
ii. Run threshold { owd-ds owd-ds-value | owd-sd owd-sd-value | rtd
thresholdRtd }
The thresholds for the round-trip delay (RTD) and one-way delay
(OWD) are set.
iii. Run send-trap { all | [ owd-ds | owd-sd | rtd | testfailure ]* }
The condition for triggering a trap is configured.
l. (Optional) Run vpn-instance vpn-instance-name
The VPN instance name is configured for the NQA test instance.
m. Schedule the NQA test instance.
i. (Optional) Run frequency frequencyValue
The test period is set for the NQA test instance.
ii. Run start
An NQA test is started.
The start command has multiple formats. Choose one of the
following formats as needed.
○ To start an NQA test instance immediately, run the start now
[ end { at [ yyyy/mm/dd ] hh:mm:ss | delay { seconds second |
hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ]
command.
○ To start an NQA test instance at a specified time, run the start
at [ yyyy/mm/dd ] hh:mm:ss [ end { at [ yyyy/mm/dd ]
hh:mm:ss | delay { seconds second | hh:mm:ss } | lifetime
{ seconds second | hh:mm:ss } } ] command.
○ To start an NQA test instance after a specified delay, run the
start delay { seconds second | hh:mm:ss } [ end { at
[ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss }
| lifetime { seconds second | hh:mm:ss } } ] command.
○ To start an NQA test instance at a specified time every day, run
the start daily hh:mm:ss to hh:mm:ss [ begin yyyy/mm/dd ]
[ end yyyy/mm/dd ] command.
n. Run commit
The configuration is committed.
----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 180

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

4.3.8 Configuring an ICMP Jitter Test

An Internet Control Message Protocol (ICMP) Jitter test measures the end-to-end
jitter time for various services.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Create an NQA test instance and set the test instance type to ICMP Jitter.
1. Run nqa test-instance admin-name test-name
An NQA test instance is created, and the view of the test instance is displayed.
2. Run test-type icmpjitter
The test instance type is set to ICMP Jitter.
3. (Optional) Run description description
A description is configured for the NQA test instance.
Step 3 Run destination-address { ipv4 destAddress | ipv6 destAddress6 }
The destination address (that is, the NQA server address) of the client is specified.
Step 4 (Optional) Run hardware-based enable
The hardware forwarding engine on an interface board is enabled to send packets.

After you enable the interface board to send packets on a client, run the nqa-server icmp-
server [ vpn-instance vpn-instance-name ] ip-address command on the NQA server to
specify the IP address of the ICMP services monitored by the NQA server.

Step 5 (Optional) Set timestamp units for the NQA test instance.

The timestamp units need to be configured only after the hardware-based enable
command is run.
1. Run timestamp-unit { millisecond | microsecond }
A timestamp unit is configured for the source in the NQA test instance.
2. Run receive-timestamp-unit { millisecond | microsecond }
A timestamp unit is configured for the destination in the NQA test instance.
In a scenario where a Huawei device is connected to a non-Huawei device, an
ICMP jitter test in which the Huawei device functions as the source (client) is
configured to detect the delay, jitter, and packet loss on the network. To set
the timestamp unit of the ICMP timestamp packet returned by the
destination, run the receive-timestamp-unit command.
The source's timestamp unit configured using the timestamp-unit
{ millisecond | microsecond } command must be the same as the
destination's timestamp unit configured using the receive-timestamp-unit

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 181

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

command. If the timestamp unit is set to microseconds and the interface

board's precision that the device supports is milliseconds, the device uses
milliseconds as the timestamp unit.
Step 6 Set parameters for the test instance to simulate packets.
1. Run agetime ageTimeValue
The aging time of an NQA test is configured.
2. Run icmp-jitter-mode { icmp-echo | icmp-timestamp }
The mode for an ICMP jitter test is set.

IPv6 network does not support this function.

3. Run datafill fill-string
Padding characters in NQA test packets are configured.
This parameter can be configured only when icmp-jitter-mode is icmp-echo.
4. Run datasize datasizeValue
The size of the data field in an NQA test packet is set.
5. Run jitter-packetnum packetNum
The number of packets sent each time in a probe is set.
6. Run probe-count number
The number of probes in a test is set for the NQA test instance.
7. Run interval { milliseconds interval | seconds interval }
The interval at which NQA test packets are sent is set for the NQA test
instance.
8. Run source-address{ ipv4 srcAddress | ipv6 srcAddr6 }
The source IP address of NQA test packets is set.
9. Run ttl ttlValue
The TTL value in NQA test packets is set.
10. Run tos tos-value
The ToS value in NQA test packets is set.
Step 7 (Optional) Configure test failure conditions.
1. Run timeout time
The response timeout period is set.
2. Run fail-percent percent
The failure percentage is set for the NQA test instance.
Step 8 (Optional) Configure the NQA statistics function.
Run records { history number | result number }
The maximum number of history records and the maximum number of result
records that can be saved for the NQA test instance are set.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 182

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Step 9 (Optional) Run vpn-instance vpn-instance-name

The VPN instance name is configured for the NQA test instance.
Step 10 Schedule the test instance.
1. (Optional) Run frequency frequencyValue
The test period is set for the NQA test instance.
2. Run start
An NQA test is started.
The start command has multiple formats. Choose one of the following as
needed.
– To start an NQA test instance immediately, run the start now [ end { at
[ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss } |
lifetime { seconds second | hh:mm:ss } } ] command.
– To start an NQA test instance at a specified time, run the startat
[ yyyy/mm/dd ] hh:mm:ss [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay
{ seconds second | hh:mm:ss } | lifetime { seconds second |
hh:mm:ss } } ] command.
– To start an NQA test instance after a specified delay, run the start delay
{ seconds second | hh:mm:ss } [ end { at [ yyyy/mm/dd ] hh:mm:ss |
delay { seconds second | hh:mm:ss } | lifetime { seconds second |
hh:mm:ss } } ] command.
– To start an NQA test instance at a specified time every day, run the
startdailyhh:mm:sstohh:mm:ss [ beginyyyy/mm/dd ] [ endyyyy/mm/dd ]
command.
Step 11 Run commit
The configuration is committed.

----End

4.3.9 Configuring Parameters for the Path Jitter Test

An NQA path jitter test instance, however, can identify the router whose jitter
value is great.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run nqa test-instance admin-name test-name
An NQA test instance is created and the test instance view is displayed.
Step 3 Run test-type pathjitter
The type of the test instance is configured as path jitter.
Step 4 Run destination-address ipv4 destAddress
The destination IP address is configured.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 183

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Step 5 (Optional) Run the following commands to configure other parameters for the
path jitter test:
● Run icmp-jitter-mode { icmp-echo | icmp-timestamp }
The mode of the path jitter test is configured.
● Run vpn-instance vpn-instance-name
The VPN instance to be tested is configured.
● Run source-address ipv4 srcAddress
The source IP address is configured.
● Run probe-count number
The number of test probes to be sent each time is set.
● Run jitter-packetnum packetNum
The number of test packets to be sent during each test is set.

The probe-count command is used to configure the number of times for the jitter test
and the jitter-packetnum command is used to configure the number of test packets
sent during each test. In actual configuration, the product of the number of times for
the jitter test and the number of test packets must be less than 3000.
● Run interval seconds interval
The interval for sending jitter test packets is set.
The shorter the interval is, the sooner the test is complete. However, delays
arise when the processor sends and receives test packets. Therefore, if the
interval for sending test packets is set to a small value, a relatively greater
error may occur in the statistics of the jitter test.
● Run fail-percent percent
The percentage of the failed NQA tests is set.

Step 6 Run start

The NQA test is started.

Select the start mode as required because the start command has several forms.

● To perform the NQA test immediately, run the startnow [ end { at

[ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss } | lifetime
{ seconds second | hh:mm:ss } } ] command.
The test instance is started immediately.
● To perform the NQA test at the specified time, run the startat [ yyyy/mm/
dd ] hh:mm:ss [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay { seconds second |
hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ] command.
The test instance is started at a specified time.
● To perform the NQA test after a certain delay period, run the startdelay
{ seconds second | hh:mm:ss } [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay
{ seconds second | hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ]
command.
The test instance is started after a certain delay.

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 184

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

4.3.10 Configuring Parameters for the Path MTU Test

A path MTU test can obtain the maximum MTU value that does not require
packet fragmentation during the packet transmission on the link.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run nqa test-instance admin-name test-name

An NQA test instance is created and the test instance view is displayed.

Step 3 Run test-type pathmtu

The type of the test instance is configured as path MTU.

Step 4 Run destination-address ipv4 destAddress

The destination IP address is configured.

Step 5 (Optional) Run the following commands to configure other parameters for the
path MTU test.
● Run discovery-pmtu-max pmtu-max
The maximum value of the path MTU test range is set.
● Run step step
The value of the incremental step is set for the packet length in the path MTU
test.
● Run vpn-instance vpn-instance-name
The VPN instance to be tested is configured.
● Run source-address ipv4 srcAddress
The source IP address is configured.
● Run probe-count number
The maximum number of probe packets that are allowed to time out
consecutively is configured.

Step 6 Run start

The NQA test is started.

Select the start mode as required because the start command has several forms.

● To perform the NQA test immediately, run the startnow [ end { at

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 185

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

● To perform the NQA test after a certain delay period, run the startdelay
{ seconds second | hh:mm:ss } [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay
{ seconds second | hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ]
command.
The test instance is started after a certain delay.

----End

4.3.11 Verifying the NQA Configuration

After the test is complete, use the following commands to verify test results.

Prerequisites

NQA test results are not displayed automatically on the terminal. To view test results, run
the display nqa results command.

Procedure
● Run the display nqa results [ collection ] [ test-instance adminName
testName ] command to check NQA test results.
● Run the display nqa results [collection] this command to check NQA test
results in a specified NQA test instance view.
● Run the display nqa history [ test-instance adminName testName ]
command to check historical NQA test records.
● Run the display nqa history [ this ] command to check historical statistics on
NQA tests in a specified NQA test instance view.
● Run the display nqa-server command to check the NQA server status.

----End

4.4 Configuring NQA to Monitor an MPLS Network

NQA can be configured to monitor an MPLS network. Before configuring NQA to
monitor an MPLS network, familiarize yourself with the usage scenario of each
test instance and complete the pre-configuration tasks.

Usage Scenario

Table 4-2 NQA test instances used to monitor an MPLS network

Test Type Usage Scenario

LSP ping test A label switched path (LSP) ping test

monitors the end-to-end connectivity,
packet loss ratio, and delay time on an
MPLS network.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 186

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Test Type Usage Scenario

LSP trace test A label switched path (LSP) trace test

monitors the connectivity, packet loss
ratio, and delay time hop by hop on an
MPLS network and the forwarding
path for MPLS packets.

LSP jitter test A label switched path (LSP) jitter test

monitors the end-to-end jitter time on
an MPLS network.

Pre-configuration Tasks
Before configuring NQA to monitor an MPLS network, configuring basic MPLS
functions.

4.4.1 Configuring an LSP Ping Test

A label switched path (LSP) ping test monitors the end-to-end connectivity, packet
loss ratio, and delay time on an MPLS network.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Create an NQA test instance and set the test instance type to LSP ping.
1. Run nqa test-instance admin-name test-name

An NQA test instance is created, and the view of the test instance is displayed.
2. Run test-type lspping

The test instance type is set to LSP ping.

3. (Optional) Run description description

A description is configured for the NQA test instance.

Step 3 (Optional) Run fragment enable

MPLS packet fragmentation is enabled for the NQA test instance.

Step 4 (Optional) Run lsp-type { ipv4 | te | bgp | srte | srbe | srte-policy }

The LSP type is specified for the NQA test instance.

If the LSP type of the NQA test instance is srbe, you can run the remote-fec ldp
remoteIpAddr remoteMaskLen command to configure an IP address for a remote
FEC.

Step 5 Configure the destination address or tunnel interface based on the type of the
checked LSP.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 187

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

● To configure the destination address for a checked LDP LSP, run the
destination-address ipv4 destAddress [ { lsp-masklen maskLen } | { lsp-
loopback loopbackAddress } ] * command.
● To configure the tunnel interface for a checked TE tunnel, run the lsp-
tetunnel tunnel ifNum command.
● To configure the destination address for a BGP tunnel, run the destination-
address ipv4 destAddress [ { lsp-masklen maskLen } | { lsp-loopback
loopbackAddress } ] * command.
● To configure the tunnel interface for an SR-MPLS TE tunnel, run the lsp-
tetunnel tunnel ifNum command.
● To configure the destination address for an SR-MPLS BE tunnel, run the
destination-address ipv4 destAddress lsp-masklen maskLen command.
● To configure the name, binding segment ID, endpoint IP address, and color ID
of an SR-MPLS TE policy, run the policy { policy-name policyname | binding-
sid bsid | endpoint-ip endpointip color colorid } command.

Step 6 (Optional) Run lsp-nexthop nexthop-ip-address

An IP address is configured for the next hop when load balancing is enabled.

When load balancing is enabled on an ingress node, run the lsp-nexthop

nexthop-ip-address command to configure an IP address for the next hop.
Step 7 Set parameters for the test instance to simulate packets.
1. Run lsp-exp exp

The LSP EXP value is set for the NQA test instance.
2. Run lsp-replymode { level-control-channel | no-reply | udp | udp-via-vpls }

The reply mode in the NQA LSP test instance is configured.

The specified-tunnel-path parameter is supported only when lsp-typesrte is configured.

3. Run datafill fill-string

Padding characters in NQA test packets are configured.

4. Run datasize datasizeValue

The size of the data field in an NQA test packet is set.

5. Run probe-count number

The number of probes in a test is set for the NQA test instance.
6. Run interval seconds interval

The interval at which NQA test packets are sent is set for the NQA test
instance.
7. Run source-address ipv4 ip-address

The source IP address of NQA test packets is set.

8. Run ttl ttlValue

The TTL value in NQA test packets is set.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 188

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Step 8 (Optional) Configure test failure conditions.

1. Run timeout time

The response timeout period is set.

If no response packets are received before the set period expires, the probe is
regarded as a failure.
2. Run fail-percent percent

The failure percentage is set for the NQA test instance.

If the percentage of failed probes is greater than or equal to the failure

percentage, the test is regarded as a failure.

Step 9 (Optional) Configure the NQA statistics function.

Run records { history number | result number }

The maximum number of history records and the maximum number of result
records that can be saved for the NQA test instance are set.

Step 10 Schedule the test instance.

1. (Optional) Run frequency frequencyValue

The test period is set for the NQA test instance.

2. Run start

An NQA test is started.

The start command has multiple formats. Choose one of the following as
needed.

Step 11 Run commit

The configuration is committed.

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 189

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

4.4.2 Configuring an LSP Trace Test

A label switched path (LSP) trace test monitors the connectivity, packet loss ratio,
and delay time hop by hop on an MPLS network and the forwarding path for
MPLS packets.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Create an NQA test instance and set the test instance type to LSP trace.
1. Run nqa test-instance admin-name test-name
An NQA test instance is created, and the test instance view is displayed.
2. Run test-type lsptrace
The test instance type is set to LSP trace.
3. (Optional) Run description description
A description is configured for the NQA test instance.
Step 3 (Optional) Run fragment enable
MPLS packet fragmentation is enabled for the NQA test instance.
Step 4 Run lsp-type { ipv4 | te | bgp | srte | srbe | srte-policy }
The LSP type is specified for the NQA test instance.
If the LSP type of the NQA test instance is srbe, you can run the remote-fec ldp
remoteIpAddr remoteMaskLen command to configure an IP address for a remote
FEC.
Step 5 Configure the destination address or tunnel interface based on the type of the
checked LSP.
● To configure the destination address for a checked LDP LSP, run:
destination-address ipv4 destAddress [ { lsp-masklen maskLen } | { lsp-
loopback loopbackAddress } ] *
● To configure the tunnel interface for a checked TE tunnel, run:
lsp-tetunnel { tunnelName | ifType ifNum } [ hot-standby ]
● To configure the destination address for a BGP tunnel, run:
destination-address ipv4 destAddress [ { lsp-masklen maskLen } | { lsp-
loopback loopbackAddress } ] *
● To configure the tunnel interface for an SR-MPLS TE tunnel, run:
lsp-tetunnel { tunnelName | ifType ifNum } [ hot-standby ]
● To configure the destination address for an SR-MPLS BE tunnel, run:
destination-address ipv4 destAddress lsp-masklen maskLen
● To configure the name, binding segment ID, endpoint IP address, and color ID
of an SR-MPLS TE policy, run:
policy { policy-name policyname | binding-sid bsid | endpoint-ip endpointip
color colorid }

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 190

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Step 6 (Optional) Set optional parameters for the NQA test instance and simulate
packets transmitted on an actual network.
1. Run lsp-exp exp
The LSP EXP value is set for the NQA test instance.
2. Run lsp-replymode { level-control-channel | no-reply | udp }
The LSP packet return mode is configured for the NQA test instance.
3. Run probe-count number
The number of probes in an NQA test instance is configured.
4. Run source-address ipv4 srcAddress
The source IP address of NQA test packets is set.
5. Run tracert-livetime first-ttl first-ttl max-ttl max-ttl
The TTL of test packets is set.
Step 7 (Optional) Configure test failure conditions.
1. Run timeout time
The timeout period of response packets is set.
2. Run tracert-hopfailtimes hopfailtimesValue
The maximum number of hop failures in a probe is set.
Step 8 (Optional) Configure the NQA statistics function.
Run records { history number | result number }
The maximum number of history records and the maximum number of result
records are set for the NQA test instance.
Step 9 Schedule the test instance.
1. (Optional) Run frequency frequencyValue
The test period is set for the NQA test instance.
2. Run start
The NQA test instance is started.
You can start an NQA test instance immediately, at a specified time, after a
delay, or periodically.
– To start an NQA test instance immediately, run the start now [ end { at
[ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss } |
lifetime { seconds second | hh:mm:ss } } ] command.
– To start an NQA test instance at a specified time, run the start at
[ yyyy/mm/dd ] hh:mm:ss [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay
{ seconds second | hh:mm:ss } | lifetime { seconds second |
hh:mm:ss } } ] command.
– To start an NQA test instance after a specified delay, run the start delay
{ seconds second | hh:mm:ss } [ end { at [ yyyy/mm/dd ] hh:mm:ss |
delay { seconds second | hh:mm:ss } | lifetime { seconds second |
hh:mm:ss } } ] command.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 191

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

– To start an NQA test instance at a specified time every day, run the start
daily hh:mm:ss to hh:mm:ss [ begin yyyy/mm/dd ] [ end yyyy/mm/dd ]
command.
Step 10 Run commit
The configuration is committed.

----End

4.4.3 Configuring an LSP Jitter Test

A label switched path (LSP) jitter test monitors the end-to-end jitter time on an
MPLS network.

Procedure
Step 1 Run the system-view command to enter the system view.
Step 2 Create an NQA test instance and set the test instance type to LSP jitter.
1. Run the nqa test-instance admin-name test-name command to create an
NQA test instance and enter the test instance view.
2. Run test-type lspjitter
The test instance type is set to LSP jitter.
3. (Optional) Run the description description command to configure the test
instance description.
Step 3 (Optional) Run fragment enable
MPLS packet fragmentation is enabled for the NQA test instance.
Step 4 Run lsp-type { ipv4 | te }
The LSP type is specified for the NQA test instance.
Step 5 Configure the destination address or tunnel interface based on the type of the
checked LSP.
● To configure the destination address for a checked LDP LSP, run the
destination-address ipv4 destAddress [ { lsp-masklen maskLen } | { lsp-
loopback loopbackAddress } ] * command.
● To configure the tunnel interface for a checked TE tunnel, run the lsp-
tetunnel tunnel ifNum command.
● To configure the destination address for a BGP tunnel, run the destination-
address ipv4 destAddress [ { lsp-masklen maskLen } | { lsp-loopback
loopbackAddress } ] * command.
Step 6 (Optional) Set parameters for the test instance to simulate packets.
1. Run the lsp-exp exp command to set the LSP EXP value for the NQA test
instance.
2. Run the lsp-replymode { level-control-channel | no-reply | udp } command
to configure the LSP packet return mode for the NQA test instance.
3. Run the datafill fill-string command to configure padding characters in NQA
test packets.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 192

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

4. Run the datasize datasizeValue command to set the size of the data field in
an NQA test packet.
5. Run the jitter-packetnum packetNum command to configure the number of
packets sent each time in a probe.
6. Run the probe-count number command to configure the number of probes in
an NQA test instance.
7. Run interval seconds interval

The interval at which NQA test packets are sent is set for the NQA test
instance.
8. Run source-addressipv4srcAddress

The source IP address of NQA test packets is specified.

9. Run the ttl ttlValue command to configure the TTL value of NQA test packets.

Step 7 (Optional) Configure test failure conditions.

1. Run the timeout time command to configure the timeout period of response
packets.
2. Run the fail-percent percent command to configure the failure percentage
for the NQA test instance.

Step 8 (Optional) Configure the NQA statistics function. Run the records { history
number | result number } command to configure the maximum number of history
records and the maximum number of result records for the NQA test instance.

Step 9 Schedule the test instance.

1. (Optional) Run the frequency frequencyValue command to configure the test
period for an NQA test instance.
2. Run the start command to start an NQA test.

An NQA test instance can be started immediately, at a specified time, or after

a specified delay.

– Run the start now [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay { seconds

second | hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ]
command to start an NQA test instance immediately.
– Run the start at [ yyyy/mm/dd ] hh:mm:ss [ end { at [ yyyy/mm/dd ]
hh:mm:ss | delay { seconds second | hh:mm:ss } | lifetime { seconds
second | hh:mm:ss } } ] command to start an NQA test instance at a
specified time.
– Run the start delay { seconds second | hh:mm:ss } [ end { at
[ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss } |
lifetime { seconds second | hh:mm:ss } } ] command to start an NQA test
instance after a specified delay.
– Run the start daily hh:mm:ss to hh:mm:ss [ begin yyyy/mm/dd ] [ end
yyyy/mm/dd ] command to start the test instance at the specified time
every day.

Step 10 Run the commit command to commit the configuration.

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 193

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

4.4.4 Verifying the NQA Configuration

After the test is complete, use the following commands to verify test results.

Prerequisites

NQA test results are not displayed automatically on the terminal. To view test results, run
the display nqa results command.

4.5 Configuring NQA to Monitor VPNs

Before configuring NQA to monitor virtual private networks (VPNs), familiarize
yourself with the usage scenario and complete the pre-configuration tasks.

Usage Scenario

Table 4-3 NQA tests used to monitor VPNs

Test Type Usage Scenario

PWE3 ping test A PWE3 ping test helps detect the

pseudo wire (PW) connectivity, packet
loss rate, and delay on a virtual private
wire service (VPWS) network.

VPLS PW ping test A virtual private local area network

service (VPLS) pseudo wire (PW) ping
test instance monitors the PW
connectivity, packet loss ratios, and
delay time on a VPLS network.

PWE3 trace test A Pseudowire Emulation Edge-to-

Edge(PWE3) trace test monitors the
pseudo wire (PW) connectivity, packet
loss ratios, and delay time on virtual
private wire service (VPWS) networks.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 194

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Test Type Usage Scenario

VPLS PW trace test A virtual private local area network

service (VPLS) pseudo wire (PW) trace
test instance monitors the PW
connectivity, packet loss ratios, and
delay time on a VPLS network.

Pre-configuration Tasks
Before you configure NQA to check VPNs, configure basic VPN functions.

4.5.1 Configuring a PWE3 Ping Test

A PWE3 ping test helps detect the pseudo wire (PW) connectivity, packet loss rate,
and delay on a virtual private wire service (VPWS) network.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Create an NQA test instance and configure the test instance type as PWE3 ping.
1. Run nqa test-instance admin-name test-name

An NQA test instance is created, and the view of the test instance is displayed.
2. Run test-type pwe3ping

The test instance type is configured as PWE3 ping.

3. Run description description

A description is configured for the NQA test instance.

Step 3 (Optional) Run fragment enable

MPLS packet fragmentation is enabled for the NQA test instance.

Step 4 Set parameters for the L2VPN network to be tested.

1. Run local-pw-type pwTypeValue

An encapsulation type is configured for the local PW.

2. Run label-type { control-word | { { label-alert | normal } [ no-control-
word ] } }

A packet encapsulation type is configured.

3. Run local-pw-id pwIdValue

The local PW ID is configured.

Step 5 (Optional) Run peer-address peeraddress

The peer IP address is configured.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 195

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Step 6 (Optional) Configure information about the remote PE when a multi-segment PW

is to be tested.
A multi-segment PW can be tested only when the label-type is control-word or
normal.
1. Run destination-address ipv4 destAddress
The IP address for the remote PE is configured.
2. Run remote-pw-id pwIdValue
The remote PW ID is configured.
3. (Optional) Run sender-address ipv4 ip-address
The source IP address of the public network session between the device and
the remote PE is configured. This IP address is the IP address of the adjacent
SPE or UPE.
The sender-address command is configured only when the device interworks
with devices from other vendors.
4. (Optional) Run ttl-copymode { pipe | uniform }
A time to live (TTL) copy mode is set.
Step 7 Set optional parameters for the test instance and simulate packets transmitted on
an actual network.
1. Run lsp-exp exp
The LSP EXP value is set for the NQA test instance.
2. Run lsp-replymode { level-control-channel | no-reply | udp| udp-via-vpls }
The reply mode in the NQA LSP test instance is configured.
3. Run datafill fill-string
Padding characters in NQA test packets are configured.
4. Run datasize datasizeValue
The size of the data field in an NQA test packet is set.
5. Run probe-count number
The number of probes in a test is set for the NQA test instance.
6. Run interval seconds interval
The interval at which NQA test packets are sent is set for the NQA test
instance.
7. Run ttl ttlValue
The TTL value in NQA test packets is set.
Step 8 (Optional) Configure test failure conditions.
1. Run timeout time
The response timeout period is set.
If no response packets are received before the set period expires, the probe is
regarded as a failure.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 196

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

2. Run fail-percent percent

The failure percentage is set for the NQA test instance.

Step 9 Run records { history number | result number }

The maximum number of history records and the maximum number of result
records that can be saved for the NQA test instance are set.

Step 10 (Optional) Enable the system to send traps to the NMS.

1. Run the probe-failtimes failTimes command to enable the system to send
traps to the NMS when the number of consecutive probe failures reaches the
specified threshold.
2. Run the test-failtimes failTimes command to enable the system to send traps
to the NMS when the number of consecutive test failures reaches the
specified threshold.
3. Run the threshold rtd thresholdRtd command to configure an RTD threshold.
4. Run the send-trap { all | [ rtd | testfailure | probefailure | testcomplete ]* }
command to configure the condition for triggering a trap.

Step 11 Schedule the test instance.

1. (Optional) Run frequency frequencyValue

The test period is set for the NQA test instance.

2. Run start

An NQA test is started.

The start command has multiple formats. Choose one of the following as
needed.

Step 12 Run commit

The configuration is committed.

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 197

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

4.5.2 Configuring a VPLS MAC Ping Test

A VPLS MAC ping test can detect the connectivity of Layer 2 links on a VPLS
network.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Create an NQA test instance and configure the test instance type as VPLS MAC
ping.
1. Run nqa test-instance admin-name test-name
An NQA test instance is created, and the view of the test instance is displayed.
2. Run test-type vplsping
The test instance type is set to VPLS MAC ping.
3. Run description description
A description is configured for the NQA test instance.
Step 3 (Optional) Run fragment enable
MPLS packet fragmentation is enabled for the NQA test instance.
Step 4 Set the VPLS parameters to be checked.
1. Run vsi vsi-name
The name of the VSI to be detected is specified.
2. Run destination-address mac macAddress
The destination MAC address associated with the VSI is specified.
3. (Optional) Run vlan vlan-id
A VLAN ID is specified for the NQA test instance.
Step 5 (Optional) Set optional parameters for the NQA test instance and simulate
packets transmitted on an actual network.
1. Run lsp-exp exp
The LSP EXP value is set for the NQA test instance.
2. Run lsp-replymode { no-reply | udp | udp-via-vpls }
The reply mode in the NQA LSP test instance is configured.
3. Run datafill fill-string
Padding characters in NQA test packets are configured.
4. Run datasize datasizeValue
The size of the data field in an NQA test packet.
5. Run probe-count number
The number of probes in a test is set for the NQA test instance.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 198

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

6. Run interval seconds interval

The interval at which NQA test packets are sent is set for the NQA test
instance.
7. Run ttl ttlValue

The TTL value in NQA test packets is set.

Step 6 (Optional) Configure detection failure conditions and enable the function to send
traps to the NMS upon detection failures.
1. Run timeout time

The response timeout period is set.

2. Run fail-percent percent

The failure percentage is set for the NQA test instance.

3. Run probe-failtimes failTimes

The system is enabled to send traps to the NMS after the number of
consecutive probe failures reaches the specified threshold.
4. Run test-failtimes failTimes

The system is enabled to send traps to the NMS after the number of
consecutive failures of the NQA test instance reaches the specified threshold.
5. Run threshold rtd thresholdRtd

The RTD threshold is configured.

6. Run send-trap { all | [ rtd | testfailure | probefailure | testcomplete ]* }

The condition for triggering a trap is configured.

Step 7 (Optional) Configure the NQA statistics function.

Run records { history number | result number }

The maximum number of history records and the maximum number of result
records that can be saved for the NQA test instance are set.

Step 8 (Optional) Run agetime ageTimeValue

The aging time for the NQA test instance is set.

Step 9 Schedule the NQA test instance.

1. (Optional) Run frequency frequencyValue

The test period is set for the NQA test instance.

2. Run start

An NQA test is started.

The start command has multiple formats. Choose one of the following as
needed.

– To start an NQA test instance immediately, run the start now [ end { at
[ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss } |
lifetime { seconds second | hh:mm:ss } } ] command.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 199

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

– To start an NQA test instance at a specified time, run the startat

[ yyyy/mm/dd ] hh:mm:ss [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay
{ seconds second | hh:mm:ss } | lifetime { seconds second |
hh:mm:ss } } ] command.
– To start an NQA test instance after a specified delay, run the start delay
{ seconds second | hh:mm:ss } [ end { at [ yyyy/mm/dd ] hh:mm:ss |
delay { seconds second | hh:mm:ss } | lifetime { seconds second |
hh:mm:ss } } ] command.
– To start an NQA test instance at a specified time every day, run the
startdailyhh:mm:sstohh:mm:ss [ beginyyyy/mm/dd ] [ endyyyy/mm/dd ]
command.

Step 10 Run commit

The configuration is committed.

----End

4.5.3 Configuring a VPLS PW Ping Test

A virtual private local area network service (VPLS) pseudo wire (PW) ping test
instance monitors the PW connectivity, packet loss ratios, and delay time on a
VPLS network.

Procedure
Step 1 Run system-view

Step 2 Create an NQA test instance and set the test instance type to VPLS PW ping.
1. Run nqa test-instance admin-name test-name
2. Run test-type vplspwping

The test instance type is set to VPLS PW ping.

3. (Optional) Run description description

Step 3 (Optional) Run fragment enable

MPLS packet fragmentation is enabled for the NQA test instance.

Step 4 Set parameters for the VPLS network to be monitored.

1. Run vsi vsi-name

The name of a virtual switching instance (VSI) to be monitored is specified.

2. Run destination-address ipv4 ip-address

An IP address of the remote PE is specified.

3. (Optional) Run local-pw-id local-pw-id

A PW ID is set on the local PE.

If the VSI configured using the vsivsi-name command has a specified negotiation-vc-
id, the local-pw-idlocal-pw-id command must be run.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 200

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Step 5 (Optional) Set parameters for the test instance and simulate packets.
1. Run lsp-exp exp
2. Run lsp-replymode { level-control-channel | no-reply | udp | udp-via-vpls }
3. Run the datafill fill-string command to configure padding characters in NQA
test packets.
4. Run the datasize datasizeValue command to set the size of the data field in
an NQA test packet.
5. Run probe-count number
6. Run interval seconds interval
7. Run ttl number

Step 6 (Optional) Configure test failure conditions.

1. Run timeout time
2. Run fail-percent percent

Step 7 (Optional) Configure the NQA statistics function.

Step 8 (Optional) Enable the device to send traps to the NMS.

1. Run probe-failtimes failTimes
The device is enabled to send traps to the NMS after the number of
consecutive probe failures reaches the specified threshold.

2. Run test-failtimes failTimes

The device is enabled to send traps to the NMS after the number of
consecutive failures of the test instance reaches the specified threshold.

3. Run threshold rtd thresholdRtd

The RTD threshold is set.
4. Run send-trap { all | [ rtd | testfailure | probefailure | testcomplete ]* }
The condition for triggering a trap is configured.

Step 9 Schedule the test instance.

1. (Optional) Run frequency interval
2. Run the start command to start an NQA test.

An NQA test instance can be started immediately, at a specified time, or after

a specified delay.

– Run the start now [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay { seconds

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 201

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

– Run the start daily hh:mm:ss to hh:mm:ss [ begin yyyy/mm/dd ] [ end

yyyy/mm/dd ] command to start the test instance at the specified time
every day.

Step 10 Run commit

----End

4.5.4 Configuring a PWE3 Trace Test

A Pseudowire Emulation Edge-to-Edge(PWE3) trace test monitors the pseudo wire
(PW) connectivity, packet loss ratios, and delay time on virtual private wire service
(VPWS) networks.

Procedure
Step 1 Run the system-view command to enter the system view.

Step 2 Create an NQA test instance and set the test instance type to PWE3 trace.
1. Run the nqa test-instance admin-name test-name command to create an
NQA test instance and enter the test instance view.
2. Run test-type pwe3traceThe test instance type is set to PWE3 trace.
3. (Optional) Run the description description command to configure the test
instance description.

Step 3 (Optional) Run fragment enable

MPLS packet fragmentation is enabled for the NQA test instance.

Step 4 Set parameters for the Layer 2 virtual private network (L2VPN) to be monitored.
1. Run local-pw-type pwTypeValue

An encapsulation type is set for the PW on the local PE.

2. Run label-type { control-word | { { label-alert | normal } [ no-control-
word ] } }

An encapsulation type is set for packets.

3. Run lsp-version { rfc4379 | ptn-mode }

A protocol is configured for the LSP test instance.

4. Run local-pw-id pwIdValue

A PW ID is set on the local PE.

Step 5 (Optional) Run peer-address peeraddress

The peer IP address is configured.

Step 6 (Optional) Configure remote provider edge (PE) information for a multi-segment
PW to be monitored.

An MS-PW can be monitored only after you specify control-word or normal.

1. Run destination-address ipv4 destAddress

An IP address is configured for the remote PE.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 202

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

2. Run remote-pw-id pwIdValue

A PW ID is set for the remote PE.
3. (Optional) Run ttl-copymode { pipe | uniform }
A time to live (TTL) propagation mode is set.
Step 7 (Optional) Set parameters for the test instance and simulate packets.
1. Run the lsp-exp exp command to set the LSP EXP value for the NQA test
instance.
2. Run the lsp-replymode { level-control-channel | no-reply | udp | udp-via-
vpls } command to configure the LSP packet return mode for the NQA test
instance.
3. Run the probe-count number command to configure the number of probes in
an NQA test instance.
4. Run tracert-livetime first-ttl first-ttl max-ttl max-ttl
The TTL of an NQA traceroute test instance is set.
Step 8 (Optional) Configure test failure conditions.
1. Run the timeout time command to configure the timeout period of response
packets.
Step 9 (Optional) Configure the NQA statistics function. Run the records { history
number | result number } command to configure the maximum number of history
records and the maximum number of result records for the NQA test instance.
Step 10 (Optional) Enable the device to send traps to the NMS.
1. Run probe-failtimes failTimes
The device is enabled to send traps to the NMS after the number of
consecutive probe failures reaches the specified threshold.
2. Run test-failtimes failTimes
The device is enabled to send traps to the NMS after the number of
consecutive failures of the test instance reaches the specified threshold.
3. Run threshold rtd thresholdRtd
The RTD threshold is set.
4. Run send-trap { all | [ rtd | testfailure | probefailure | testcomplete ]* }
The condition for triggering a trap is configured.
Step 11 Schedule the test instance.
1. (Optional) Run the frequency frequencyValue command to configure the test
period for an NQA test instance.
2. Run the start command to start an NQA test.
An NQA test instance can be started immediately, at a specified time, or after
a specified delay.
– Run the start now [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay { seconds
second | hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ]
command to start an NQA test instance immediately.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 203

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

– Run the start at [ yyyy/mm/dd ] hh:mm:ss [ end { at [ yyyy/mm/dd ]

----End

4.5.5 Configuring a VPLS PW Trace Test

A virtual private local area network service (VPLS) pseudo wire (PW) trace test
instance monitors the PW connectivity, packet loss ratios, and delay time on a
VPLS network.

Procedure
Step 1 Run system-view
Step 2 Create an NQA test instance and set the test instance type to VPLS PW ping.
1. Run nqa test-instance admin-name test-name
2. Run test-type vplspwtrace
The test instance type is set to VPLS PW trace.
3. (Optional) Run description description
Step 3 (Optional) Run fragment enable
MPLS packet fragmentation is enabled for the NQA test instance.
Step 4 Set parameters for the VPLS network to be monitored.
1. Run vsi vsi-name
The name of a virtual switching instance (VSI) to be monitored is specified.
2. Run destination-address ipv4 destAddress
An IP address of the remote PE is specified.
3. (Optional) Run local-pw-id local-pw-id
A PW ID is set on the local PE.
Step 5 (Optional) Set parameters for the test instance and simulate packets.
1. Run lsp-exp exp
2. Run lsp-replymode { level-control-channel | no-reply | udp | udp-via-vpls }
3. Run probe-count number
4. Run ttl number

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 204

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Step 6 (Optional) Configure test failure conditions.

1. Run timeout time
2. Run fail-percent percent
Step 7 (Optional) Configure the NQA statistics function.
Step 8 (Optional) Enable the device to send traps to the NMS.
1. Run probe-failtimes failTimes
The device is enabled to send traps to the NMS after the number of
consecutive probe failures reaches the specified threshold.
2. Run test-failtimes failTimes
The device is enabled to send traps to the NMS after the number of
consecutive failures of the test instance reaches the specified threshold.
3. Run threshold rtd thresholdRtd
The RTD threshold is set.
4. Run send-trap { all | [ rtd | testfailure | probefailure | testcomplete ]* }
The condition for triggering a trap is configured.
Step 9 (Optional) Run lsp-path full-display
Enables all devices, including Ps along an LSP to be displayed in an NQA test
result.
Step 10 Schedule the test instance.
1. (Optional) Run frequency interval
2. Run the start command to start an NQA test.
An NQA test instance can be started immediately, at a specified time, or after
a specified delay.
– Run the start now [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay { seconds
second | hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ]
command to start an NQA test instance immediately.
– Run the start at [ yyyy/mm/dd ] hh:mm:ss [ end { at [ yyyy/mm/dd ]
hh:mm:ss | delay { seconds second | hh:mm:ss } | lifetime { seconds
second | hh:mm:ss } } ] command to start an NQA test instance at a
specified time.
– Run the start delay { seconds second | hh:mm:ss } [ end { at
[ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss } |
lifetime { seconds second | hh:mm:ss } } ] command to start an NQA test
instance after a specified delay.
– Run the start daily hh:mm:ss to hh:mm:ss [ begin yyyy/mm/dd ] [ end
yyyy/mm/dd ] command to start the test instance at the specified time
every day.
Step 11 Run commit

----End

4.5.6 Verifying the NQA Configuration

After the test is complete, verify the test results.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 205

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Prerequisites

NQA test results are not displayed automatically on the terminal. To view test results, run
the display nqa results command.

Procedure
● Run the display nqa results [ collection ] [ test-instance adminName
testName ] command to check NQA test results.
----End

4.6 Configuring NQA to Check a Layer 2 Network

Before configuring network quality analysis (NQA) to check a Layer 2 network,
familiarize yourself with the usage scenario and complete the pre-configuration
tasks.

Usage Scenario

Table 4-4 Usage scenario for checking a Layer 2 network using NQA

Test Type Usage Scenario

MAC ping test MAC ping can test the connectivity,

packet loss, and delay of links between
devices on a Layer 2 network,
facilitating fault locating.

Pre-configuration Tasks
Before configuring NQA to check a Layer 2 network, complete the following tasks:
● Complete basic configurations of the Layer 2 network.

4.6.1 Configuring a MAC Ping Test

MAC ping can test the connectivity, packet loss, and delay of links between
devices on a Layer 2 network, facilitating fault locating.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Create an NQA test instance and specify the test instance type as MAC ping.
1. Run nqa test-instance admin-name test-name
An NQA test instance is created, and the view of the test instance is displayed.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 206

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

2. Run test-type macping

The NQA test instance type is set to MAC ping.

3. Run description description

A description is configured for the NQA test instance.

Step 3 Configure the MEP ID, MD name, and MA name based on the MAC ping type.
1. Run mep mep-id mep-id

The local MEP ID is configured.

2. Run md md-name ma ma-name

The names of the MD and MA for sending NQA test packets are configured.

Step 4 Perform either of the following steps to configure the destination address for the
MAC ping test:
● Run destination-address mac macAddress
The destination MAC address is configured.

To query a destination MAC address, run the display cfm remote-mep command.
● Run destination-address remote-mep mep-id remoteMepID
The peer MEP ID is configured.

If the destination address type is remote-mep, you must configure the mapping between
the remote MEP and MAC address first.

Step 5 (Optional) Set optional parameters for the NQA test instance and simulate
packets transmitted on an actual network.
1. Run datasize datasizeValue

The size of the data field in an NQA test packet is set.

2. Run probe-count number

The number of probes in a test is set for the NQA test instance.
3. Run interval seconds interval

The interval at which NQA test packets are sent is set for the NQA test
instance.

Step 6 (Optional) Configure detection failure conditions and enable the function to send
traps to the NMS upon detection failures.
1. Run timeout time

The response timeout period is set.

If no response packets are received before the set period expires, the probe is
regarded as a failure.
2. Run fail-percent percent

The failure percentage is set for the NQA test instance.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 207

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

If the percentage of failed probes is greater than or equal to the failure

percentage, the test is regarded as a failure.
3. Run probe-failtimes failTimes
The system is enabled to send traps to the NMS after the number of
consecutive probe failures reaches the specified threshold.
4. Run test-failtimes failTimes
The system is enabled to send traps to the NMS after the number of
consecutive failures of the NQA test instance reaches the specified threshold.
5. Run threshold rtd thresholdRtd
The RTD threshold is configured.
6. Run send-trap { all | [ rtd | testfailure | probefailure | testcomplete ]* }
The condition for triggering a trap is configured.
7. Run jitter-packetnum packetNum
The number of test packets to be sent during each test is set.
Step 7 (Optional) Configure the NQA statistics function.
Run records { history number | result number }
The maximum number of history records and the maximum number of result
records that can be saved for the NQA test instance are set.
Step 8 (Optional) Run agetime ageTimeValue
The aging time for the NQA test instance is set.
Step 9 Schedule the NQA test instance.
1. (Optional) Run frequency frequencyValue
The test period is set for the NQA test instance.
2. Run start
An NQA test is started.
The start command has multiple formats. Choose one of the following as
needed.
– To start an NQA test instance immediately, run the start now [ end { at
[ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss } |
lifetime { seconds second | hh:mm:ss } } ] command.
– To start an NQA test instance at a specified time, run the startat
[ yyyy/mm/dd ] hh:mm:ss [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay
{ seconds second | hh:mm:ss } | lifetime { seconds second |
hh:mm:ss } } ] command.
– To start an NQA test instance after a specified delay, run the start delay
{ seconds second | hh:mm:ss } [ end { at [ yyyy/mm/dd ] hh:mm:ss |
delay { seconds second | hh:mm:ss } | lifetime { seconds second |
hh:mm:ss } } ] command.
– To start an NQA test instance at a specified time every day, run the
startdailyhh:mm:sstohh:mm:ss [ beginyyyy/mm/dd ] [ endyyyy/mm/dd ]
command.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 208

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Step 10 Run commit

The configuration is committed.

----End

4.6.2 Verifying the NQA Configuration

After the test is complete, verify the test results.

Prerequisites

NQA test results are not displayed automatically on the terminal. To view test results, run
the display nqa results command.

Procedure
● Run the display nqa results [ collection ] [ test-instance adminName
testName ] command to check NQA test results.
● Run the display nqa results [ collection ] this command to view NQA test
results in a specified NQA test instance view.
● Run the display nqa history [ test-instance adminName testName ]
command to check historical NQA test records.
● Run the display nqa history [ this ] command to check historical statistics on
NQA tests in a specified NQA test instance view.

----End

4.7 Configuring an RFC 2544 Generalflow Test Instance

This section describes how to configure a generalflow test instance to monitor the
performance of interconnected network devices.

Applicable Environment
An NQA generalflow test is a standard traffic testing method for evaluating
network performance and is in compliance with RFC 2544. This test can be used in
various networking scenarios that have different packet formats. NQA generalflow
tests are conducted using UDP packets with source UDP port 49184 and
destination UDP port 7.

Before a customer performs a service cutover, an NQA generalflow test helps the
customer evaluate whether the network performance counters meet the
requirements in the design. An NQA generalflow test has the following
advantages:

● Enables a device to send simulated service packets to itself before services are
deployed on the device.
Existing methods, unlike generalflow tests, can only be used when services
have been deployed on networks. If no services are deployed, testers must be
used to send and receive test packets.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 209

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

● Uses standard methods and procedures that comply with RFC 2544 so that
NQA generalflow tests can be conducted on a network on which both Huawei
and non-Huawei devices are deployed.
A generalflow test measures the following counters:
● Throughput: maximum rate at which packets are sent without loss.
● Packet loss rate: percentage of discarded packets to all sent packets.
● Latency: consists of the bidirectional delay time and jitter calculated based on
the transmission and receipt timestamps carried in test packets. The
transmission time in each direction includes the time the forwarding devices
process the test packet.
A generalflow test can be used in the following scenarios:
● Layer 2: native Ethernet, L2VPN (VLL and VPLS), EVPN
On the network shown in Figure 4-1, an initiator and a reflector perform a
generalflow test to monitor the forwarding performance for end-to-end
services exchanged between two user-to-network interfaces (UNIs).

Figure 4-1 General flow test in a Layer 2 scenario

● Layer 3: native IP scenario and L3VPN scenario

Layer 3 networking is similar to Layer 2 networking.
● L2VPN accessing L3VPN: VLL accessing L3VPN scenario

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 210

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Figure 4-2 General flow test in an L2VPN accessing L3VPN scenario

In the L2VPN accessing L3VPN networking shown in Figure 4-2, the initiator
and reflector can reside in different locations to represent different scenarios.
– If the initiator and reflector reside in locations 1 and 5 (or 5 and 1),
respectively, or the initiator and reflector reside in locations 4 and 6 (or 6
and 4), respectively, it is a native Ethernet scenario.
– If the initiator and reflector reside in locations 2 and 3 (or 3 and 2),
respectively, it is a native IP scenario.
– If the initiator resides in location 3 and the reflector in location 1, or the
initiator resides in location 2 and the reflector in location 4, it is similar to
an IP gateway scenario, and the simulated IP address must be configured
on the L2VPN device.
– If the initiator and reflector reside in locations 1 and 2 (or 2 and 1),
respectively, or the initiator and reflector reside in locations 3 and 4 (or 4
and 3), respectively, it is an IP gateway scenario.
– If the initiator resides in location 1 and the reflector in location 4, the
initiator resides in location 1 and the reflector in location 3, or the
initiator resides in location 4 and the reflector in location 2, it is an
L2VPN accessing L3VPN scenario. In this scenario, the destination IP and
MAC addresses and the source IP address must be specified on the
initiator, and the destination IP address for receiving test flows must be
specified on the reflector. If the initiator resides on the L2VPN, the
simulated IP address must be specified as the source IP address.
● IP gateway scenario
Layer 2 interface access to a Layer 3 device: IP gateway scenario
Figure 4-3 shows the networking of the Layer 2 interface's access to a Layer 3
device.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 211

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Figure 4-3 General flow test in the scenario in which a Layer 2 interface
accesses a Layer 3 device

Pre-configuration Tasks
Before configuring an NQA generalflow test, complete the following tasks:

● Layer 2:
– In a native Ethernet scenario, configure reachable Layer 2 links between
the initiator and reflector.
– In an L2VPN scenario, configure reachable links between CEs on both
ends of an L2VPN connection.
– In an EVPN scenario, configure reachable links between CEs on both ends
of an EVPN connection.
● Layer 3:
– In a native IP scenario, configure reachable IP links between the initiator
and reflector.
– In an L3VPN scenario, configure reachable links between CEs on both
ends of an L3VPN connection.
● L2VPN accessing L3VPN scenario: configure reachable links between the
L2VPN and L3VPN.
● IP gateway scenario: configure reachable Layer 2 links between an IP gateway
and the reflector.

4.7.1 Configuring a Reflector

This section describes how to configure a reflector, which loops traffic to an
initiator. You can set reflector parameters based on each scenario.

Context
On the network shown in Figure 4-1 of the "Configuring an RFC 2544
Generalflow Test Instance", the following two roles are involved in a generalflow
test:

● Initiator: sends simulated service traffic to a reflector.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 212

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

● Reflector: loops the service traffic to the initiator.

The reflector can loop all packets on a reflector interface or the packets matching
filter criteria to the initiator. The filter criteria include a destination unicast MAC
address or a port number.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Configure the reflector. The reflector settings vary according to usage scenarios.

● The reflector ID must be unique on a local node.

● The aging time can be set for a reflector.

Usa Configuration Procedure Configuration Note

ge
Sce
nar
io

Any nqa reflector reflector-id interface interface- On the network shown

sce type interface-number [ exclusive ] in Figure 4-1 of the
nari [ exchange-port ] "Configuring an RFC
o in 2544 Generalflow Test
whi Instance", UNI-B is used
ch as a reflector interface.
a
refl
ect
or
loo
ps
all
pac
ket
s

Lay nqa reflector reflector-id interface interface- On the network shown

er 2 type interface-number [ mac mac-address ] in Figure 4-1 of the
[ pe-vid pe-vid ce-vid ce-vid | vlan vlan-id ] "Configuring an RFC
[ source-port source-port ] [ destination-port 2544 Generalflow Test
destination-port ] [ exchange-port ] [ agetime Instance", the MAC
agetime | endtime { endtime | enddate address of the
endtime } ] [ share-mode ] reflector's UNI-B or a
MAC address that has
never been used is used
as the MAC address.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 213

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Usa Configuration Procedure Configuration Note

ge
Sce
nar
io

Lay nqa reflector reflector-id interface interface- On the network shown

er 3 type interface-number [ ipv4 ip-address ] [ pe- in Figure 4-1 of the
vid pe-vid ce-vid ce-vid | vlan vlan-id ] "Configuring an RFC
[ source-port source-port ] [ destination-port 2544 Generalflow Test
destination-port ] [ exchange-port ] [ agetime Instance", an IP address
agetime | endtime { endtime | enddate on the same network
endtime } ] [ share-mode ] segment as the
reflector's UNI-B is
used as the IP address.

IP nqa reflector reflector-id interface interface- On the network shown

gat type interface-number [ ipv4 ip-address | mac in Figure 4-1 of the
ew mac-address | simulate-ip ipv4 ip-address2 ] "Configuring an RFC
ay [ pe-vid pe-vid ce-vid ce-vid | vlan vlan-id ] 2544 Generalflow Test
[ source-port source-port ] [ destination-port Instance", an IP address
destination-port ] [ exchange-port ] [ agetime on the same network
agetime | endtime { endtime | enddate segment as the
endtime } ] [ share-mode ] reflector's UNI-B is
NOTE used as the simulated
In the IP and IP gateway scenario, need to run the IP address.
arp static ip-address mac-address command to
configure a static ARP entry for the source IP address.

Step 3 Run commit

The configuration is committed.

----End

4.7.2 Configuring an Initiator

This section describes how to configure an initiator that sends simulated service
traffic. You can set initiator parameters based on usage scenarios and test counter
types.

Context
On the network shown in Figure 4-1 of the "Configuring an RFC 2544
Generalflow Test Instance", the following two roles are involved in a generalflow
test:

● Initiator: sends simulated service traffic to a reflector.

● Reflector: loops the service traffic to the initiator.

The process of configuring the initiator is as follows:

1. Create a generalflow test instance.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 214

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

2. Set basic simulated service parameters.

3. Set key test parameters based on counters.
4. Set generalflow test parameters.
5. Start the generalflow test instance.

Procedure
Step 1 Create a generalflow test instance.
1. Run system-view
The system view is displayed.
2. Run nqa test-instance admin-name test-name
An NQA test instance is created, and the test instance view is displayed.
3. Run test-type generalflow
The test type is set to generalflow.
4. Run measure { throughput | loss | delay }
A test counter is specified.
Step 2 Set basic simulated service parameters.

The basic simulated service parameters on the initiator must be the same as those
configured on the reflector.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 215

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Us Configuration Procedure Configuration Note

ag
e
Sc
en
ari
o

La 1. Run the destination-address mac The initiator shown in

ye macAddress command to specify the Figure 4-1 of the
r2 destination MAC address of test packets. "Configuring an RFC 2544
2. (Optional) Run the source-address mac Generalflow Test Instance"
mac-address command to specify the has the following
source IP address of test packets. parameters:
3. Run the forwarding-simulation ● Destination MAC address:
inbound-interface interface-type the MAC address of the
interface-number [ share- reflector's UNI-B or a
mode ]command to specify the inbound MAC address that has
interface of simulated service packets. never been used
NOTE ● Source MAC address: the
If share-mode is set, both test flows and MAC address of the
non-test flows can pass through, otherwise, initiator's UNI-A or a
only test flows can pass through. MAC address that has
4. Run the vlan vlan-id or pe-vid pe-vid never been used
ce-vid ce-vid command to set VLAN IDs ● Simulated inbound
of simulated service packets. interface: UNI-A
● VLAN ID: VLAN IDs
configured on interfaces
NOTE
The display nqa reflector
command can be used on the
reflector to display the
configured destination MAC
address.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 216

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Us Configuration Procedure Configuration Note

ag
e
Sc
en
ari
o

La 1. Run the destination-address ipv4 The initiator shown in

ye destAddress command to specify the Figure 4-1 of the
r3 destination IP address of test packets. "Configuring an RFC 2544
2. Run the source-address ipv4 srcAddress Generalflow Test Instance"
command to specify the source IP has the following
address of test packets. parameters:
3. Run the forwarding-simulation ● Destination IP address: an
inbound-interface interface-type IP address on the same
interface-number command to specify network segment as the
the inbound interface of simulated reflector's UNI-B
service packets. ● Source IP address: an IP
4. (Optional) Run the vlan vlan-id or pe- address on the same
vid pe-vid ce-vid ce-vid command to set network segment as UNI-
VLAN IDs of simulated service packets. A's IP address
NOTE ● Simulated inbound
If the initiator does not have an ARP entry interface: UNI-A
corresponding to the source IP address in test
packets, run the arp static ip-address mac-
address command to configure a static ARP
entry for the source IP address.

IP 1. Run the destination-address ipv4 The initiator shown in

ga destAddress command to specify the Figure 4-1 of the
te destination IP address of test packets. "Configuring an RFC 2544
wa 2. Run the source-address ipv4 srcAddress Generalflow Test Instance"
y command to specify the source IP has the following
address of test packets. parameters:
3. Run the source-interface ifType ifNum ● Destination IP address:
command to specify the outbound the CE's IP address or an
interface of test packets. IP address on the same
network segment as the
4. (Optional) Run the vlan vlan-id or pe- CE.
vid pe-vid ce-vid ce-vid command to set
VLAN IDs of simulated service packets. ● Source IP address: an IP
address on the same
network segment as UNI-
A's IP address

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 217

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Us Configuration Procedure Configuration Note

ag
e
Sc
en
ari
o

L2 1. Run the destination-address ipv4 The initiator shown in

VP destAddress mac mac-address command Figure 4-1 of the
N to specify the destination IP and MAC "Configuring an RFC 2544
ac addresses of test packets. Generalflow Test Instance"
ce 2. Run the source-address ipv4 srcAddress has the following
ssi command to specify the source IP parameters:
ng address of test packets. ● Destination IP address:
L3 the CE's IP address or an
VP 3. Run the forwarding-simulation
inbound-interface interface-type IP address on the same
N network segment as the
interface-number command to specify
the inbound interface of simulated CE.
service packets. ● Destination MAC address:
the MAC address of the
reflector's UNI-B or a
MAC address that has
never been used
● Source IP address: an IP
address on the same
network segment as UNI-
A's IP address
● Simulated inbound
interface: UNI-A

Step 3 Set key test parameters based on counters.

Count Configuration Procedure
er

Throug 1. Run the rate rateL rateH command to set the upper and lower rate
hput thresholds.
2. Run the interval seconds interval command to set the interval at
which test packets are transmitted at a specific rate.
3. Run the precision precision-value command to set the throughput
precision.
4. Run the fail-ratio fail-ratio-value command to set the packet loss
rate during a throughput test. The value is expressed in 1/10000. If
the actual packet loss rate is less than 1/10000, the test is
successful and continues.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 218

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Count Configuration Procedure

Latenc 1. Run the rate rateL command to set the rate at which test packets
y are sent.
2. Run the interval seconds interval command to set the interval at
which test packets are sent.

Packet 1. Run the rate rateL command to set the rate at which test packets
loss are sent.
rate

Step 4 Configure common parameters for an NQA test instance.

1. Run datasize datasizeValue & <1-7>

The size of the data field in an NQA test packet.

In Layer 2 and Layer 3 scenarios, the data size of a generalflow test packet
cannot be greater than the maximum transmission unit (MTU) of the
simulated inbound interface.
2. Run duration duration

The test instance duration is set.

The duration value must be greater than twice the interval value in throughput and
delay tests.
3. Run records result number

The maximum number of results that can be recorded is set.

4. Run priority 8021p priority-value

The 802.1p priority is set for generalflow test packets in an Ethernet scenario.
5. Run tos tos-value

The IP packet priority is set.

6. (Optional) Run exchange-port enable

A UDP source port number is enabled to be switched with a UDP destination

port number.

Step 5 Run start now

The NQA test instance is started.

NOTICE

Running the start now command interrupts user services temporarily.

Step 6 Run commit

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 219

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

The configuration is committed.

----End

4.7.3 Verifying the Configuration of a Generalflow Test

Instance
After you configure the generalflow test instance, you can verify the generalflow
test configuration and test results.

Prerequisites
All generalflow test configurations are complete.

NQA test results cannot be displayed automatically on the terminal. Run the display nqa
results command to view test results. By default, the command output shows the results of
the latest five tests.

Procedure
● Run the display nqa results [ test-instance adminName testName ]
command on the initiator to view generalflow test results.
● Run the display nqa reflector [ reflector-id ] command on the reflector to
view reflector information.
----End

4.8 Configuring a Y.1564 Ethernet Service Activation

Test
This section describes how to configure an Ethernet service activation test. This
test is conducted before network services are activated and verifies whether the
configurations are correct and network performance satisfies SLA requirements.

Usage Scenario
An Ethernet service activation test is a method defined in Y.1564. This test helps
carriers rapidly and accurately verify whether network performance meets SLA
performance indexes before service rollouts.

Pre-configuration Tasks
Before configuring an Ethernet service activation test, complete the following
tasks:
● Layer 2 scenarios:
– In a native Ethernet scenario, configure reachable Layer 2 links between
the initiator and reflector.
– In an L2VPN scenario, configure reachable links between CEs on both
ends of an L2VPN connection.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 220

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

– In an EVPN VXLAN scenario, configure reachable links between devices

on both ends of an EVPN VXLAN connection.
● Layer 3 scenarios:
– In a native IP scenario, configure reachable IP links between the initiator
and reflector.
– In an L3VPN scenario, configure reachable links between CEs on both
ends of an L3VPN connection.
– In an EVPN VXLAN scenario, configure reachable links between devices
on both ends of an EVPN VXLAN connection.
● In an L2VPN accessing L3VPN scenario, configure reachable links between the
L2VPN and L3VPN.

4.8.1 Configuring the Reflector

This section describes how to configure a reflector, which loops traffic to an
initiator. Parameters configured on the reflector vary according to a specific
scenario.

Context
Devices performing an Ethernet service activation test play two roles: initiator and
reflector. An initiator sends simulated service traffic to a reflector, and the
reflector reflects the service traffic.

The reflector must be specified before a test is started.

A reflector can loop traffic based on either an interface or a flow.

● Interface-based mode: A reflector loops all traffic that its interface receives.
● Flow-based mode: A reflector loops only traffic meeting specified conditions.
In flow-based mode, a test flow must have been configured.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run nqa test-flow flow-id

A test flow is configured, and the test flow view is displayed.

Step 3 Configure service flow characteristics.

1. Run:
– traffic-type mac { destination destination-mac [ end-destination-mac ] |
source source-mac [ end-source-mac ] }
– traffic-type ipv4 { destination destination-ip [ end-destination-ip ] |
source source-ip [ end-source-ip ] }
A traffic type is configured, and the MAC or IP address of test packets is
specified. An address range can be specified here.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 221

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

MAC, IP, or both MAC and IP addresses are specified based on traffic types:
– For Ethernet Layer 2 switching and L2VPN services, a MAC address must be
specified, and an IP address is optional.
– For IP routing and L3VPN services, an IP address and a MAC address must be
specified. If no IP address or MAC address is specified, the reflector will reflect all
the traffic, which affects other service functions.
– For L2VPN accessing L3VPN, both MAC and IP addresses must be specified.
2. Configure the following parameters as needed:
– Run vlan vlan-id [ end-vlan-vid ]
A single VPN ID is specified for Ethernet packets in the NQA test flow
view.
– Run pe-vid pe-vid ce-vid ce-vid [ ce-vid-end ]
Double VPN IDs are specified for Ethernet packets in the NQA test flow
view.
– Run udp destination-port destination-port [ end-destination-port ]
A destination UDP port number or range is specified.
– Run udp source-port source-port [ end-source-port ]
A source UDP port number or range is specified.

▪ For the same test flow, a range can be specified only in one of the traffic-
type, vlan, pe-vid, udp destination-port, and udp source-port commands.
In addition, the difference between the start and end values cannot be more
than 127, and the end value must be greater than the start value.

▪ In the traffic-type command, the start MAC or IP address has only one
different octet from the end MAC or IP address. For example, the start IP
address is set to 1.1.1.1, and the end IP address can only be set to an IP
address in the network segment 1.1.1.0.

Step 4 Run nqa reflector reflector-id interface { interface-name | interface-type

interface-number } [ [ [ test-flow { testFlowId } &<1-16> ] | [ [ ipv4 ip-address |
simulate-ipipv4 ip-address2 | mac mac-address ] [ pe-vid pe-vid ce-vid ce-vid |
vlan vlan-id ] [ source-port source-port ] [ destination-port destination-port ] ] ]
| exclusive ] [ exchange-port ] [ agetime agetime | endtime { endtime |
enddateendtime } ]

The reflector is specified.

The test-flow flow-id & <1-16> command configures the reflector to reflect based
on a specified flow. If the flow ID is not specified, the reflector performs interface-
based reflection. The agetime age-time parameter is optional, and the default
value is 14400s.

Step 5 Run commit

The configuration is committed.

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 222

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

4.8.2 Configuring an Initiator

This section describes how to configure an initiator that sends simulated service
traffic. You can set initiator parameters based on usage scenarios and test counter
types.

The process of configuring the initiator is as follows:

1. Configure a test flow.

2. Configure a test instance.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run nqa test-flow flow-id

A test flow is configured, and the test flow view is displayed.

Step 3 Specify service flow characteristics.

1. Specify a traffic type, and specify a MAC or IP address or address range.
– To specify a traffic type and a MAC address or address range, run traffic-
type mac { destination destination-mac [ end-destination-mac ] |
source source-mac [ end-source-mac ] }
– To specify a traffic type and an IP address or address range, run traffic-
type ipv4 { destination destination-ip [ end-destination-ip ] | source
source-ip [ end-source-ip ] }

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 223

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

– Run udp destination-port destination-port [ end-destination-port ]

A destination UDP port number or range is specified.
– Run udp source-port source-port [ end-source-port ]
A source UDP port number or range is specified.

– For the same test flow, a range can be specified only in one of the traffic-type,
vlan, pe-vid, udp destination-port, and udp source-port commands. In addition,
the difference between the start and end values cannot be more than 127, and the
end value must be greater than the start value.
– In the traffic-type command, the start MAC or IP address has only one different
octet from the end MAC or IP address. For example, the start IP address is set to
1.1.1.1, and the end IP address can only be set to an IP address in the network
segment 1.1.1.0.

Step 4 Run bandwidth cir cir-value [ eir eir-value ]

A bandwidth profile, including the CIR, is specified for the NQA test flow.
The default EIR is 0 kbit/s. If the eireir-value parameter is not configured, the EIR
is not tested.
Step 5 Run sac flr flr-value ftd ftd-value fdv fdv-value
The frame loss ratio (FLR) is specified, expressed in 1/100000, the frame transfer
delay (FTD) is specified, expressed in us, and the frame delay variation (FDV) is
specified, expressed in us.
Step 6 Enable the simple CIR test, enable traffic policing test, configure the color mode,
and configure a test flow description as needed:
1. Run cir simple-test enable
The simple CIR test is enabled.
2. Run traffic-policing test enable
A traffic policing test is enabled.
3. Run color-mode { 8021p green begin-8021p-value [ end-8021p-value ]
yellow begin-8021p-value [ end-8021p-value ] | dscp green begin-dscp-value
[ end-dscp-value ] yellow begin-dscp-value [ end-dscp-value ] } *
The color mode is enabled, and the mapping between packet priorities and
colors is configured.
4. Run description description-string
A description is configured for the test flow.
Step 7 Configure an Ethernet service activation test.
1. Run nqa test-instance admin-name test-name
2. Run test-type ethernet-service
The test type is set to the Ethernet service activation test.
3. Run test-flow flow-id & <1-16>
A test flow is referenced. Multiple test flows can be specified.
4. Run forwarding-simulation inbound-interface { ifName | ifType ifNum }
A simulated inbound interface is configured.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 224

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

5. (Optional) Run packet-sizepacket-size & <1-10>

Different packet sizes are configured.

6. (Optional) Run duration { configuration-test configuration-test-time |

performance-test performance-test-time }
The periods of the configuration and performance tests are set.
7. Run start now
The test instance is started.
Step 8 Run commit
The configuration is committed.

----End

4.8.3 Verifying the Configuration of an Ethernet Service

Activation Test
After configuring an Ethernet service activation test, verify test results.

Prerequisites
An Ethernet service activation test has been configured and conducted.

NQA test results cannot be displayed automatically on the terminal. Run the display nqa
results command to view test results. By default, the command output shows the results of
the last five tests.

Procedure
● Run the display nqa results [ test-instance adminName testName ]
command on the initiator to view Ethernet service activation test results.
● Run the display nqa reflector [ reflector-id ] command on the reflector to
check reflector information.
----End

4.9 Configuring Test Results to Be Sent to the FTP

Server
The NMS needs to obtain test results of devices. If the NMS cannot poll test
results in time, test results are lost. Delivering the test results to the FTP server can
save the test results to the maximum extent.

Usage Scenario
The result table of NQA test instances records results of each test type. A
maximum of 5000 test result records are supported in total. If the number of
records reaches 5000, test results are uploaded and the new test result overwrites

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 225

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

the earliest one. If the NMS cannot poll test results in time, test results are lost.
You can send the statistics on the test results that reach the capacity of the local
storage or periodically send the statistics to the FTP server for storage through
FTP. This can effectively prevent the loss of test results and facilitate network
management based on the analysis of test results at different times.

Pre-configuration Tasks
Before configuring test results to be sent to the FTP server, complete the following
tasks:
● Configure the FTP server.
● Configure a reachable route between the NQA client and the NMS.
● Configure a test instance.

Data Preparation
Before configuring test results to be sent to the FTP server, you need the following
data.

No. Data

1 IP address of the FTP server

2 User name and password used for logging in to the FTP server

3 Name of a file in which test results are saved through FTP

4 Interval at which test results are uploaded through FTP

4.9.1 Setting Parameters for Configuring Test Results to Be

Sent to the FTP Server
Before starting a test instance, set the IP address of the FTP server that receives
test results, user name and password for logging in to the FTP server, name of the
file in which test results are saved, interval at which test results are uploaded, and
retransmission times.

Context
Perform the following operations on the NQA client.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run nqa upload test-type { icmp | icmpjitter | jitter | udp } ftp ipv4 ipv4-address
file-name file-name [ vpn-instance vpn-instance-name ] [ port port-number ]
username user-name password password [ interval upload-interval ] [ retry
retry-times ]

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 226

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

A device is enabled to upload test result files onto a specified server.

Step 3 Run commit
The configuration is committed.

----End

4.9.2 Starting a Test Instance

After a test instance is started, test results are periodically recorded in files.

Context
Perform the following operations on the NQA client.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run nqa test-instance admin-name test-name
The NQA view is displayed.
Step 3 Run test-type { icmp | icmpjitter | jitter | udp }
A test instance type is set.
Step 4 Run destination-address ipv4 destAddress
A destination address is configured.
Step 5 (Optional) Run destination-port port-number
A destination port number is configured.
Step 6 Run start
An NQA test instance is started.
An NQA test instance can be started immediately, at a specified time, or after a
specified delay.
● Run start now [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay { seconds second
| hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ]
The test instance is started immediately.
● Run start at [ yyyy/mm/dd ] hh:mm:ss [ end { at [ yyyy/mm/dd ] hh:mm:ss |
delay { seconds second | hh:mm:ss } | lifetime { seconds second |
hh:mm:ss } } ]
The test instance is started at a specified time.
● Run start delay { seconds second | hh:mm:ss } [ end { at [ yyyy/mm/dd ]
hh:mm:ss | delay { seconds second | hh:mm:ss } | lifetime { seconds second |
hh:mm:ss } } ]
The test instance is started after a specified delay.
● Run start daily hh:mm:ss to hh:mm:ss [ begin { yyyy/mm/dd | yyyy-mm-
dd } ] [ begin { yyyy/mm/dd | yyyy-mm-dd } ]

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 227

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

The test instance is started at a specified time every day.

Step 7 Run commit
The configuration is committed.

----End

4.9.3 Verifying the Configuration of Test Results to Be Sent to

the FTP Server
After configuring test results to be sent to the FTP server, verify the configuration.

Prerequisites
Test results have been configured to be sent to the FTP server.

Procedure
Step 1 Run the display nqa upload file-info command to check information about files
that a device is uploading and has attempted to upload onto a server.

----End

4.10 Maintaining NQA

Maintaining NQA involves stopping or restarting NQA test instances, deleting
statistics, and deleting test records.

4.10.1 Checking Test Types and Server Types Supported by the

NetEngine 8000
The display command can be used to display test types and server types
supported by the NetEngine 8000.

Procedure
● Run the display nqa support-test-type command to check the supported test
types.
<HUAWEI> display nqa support-test-type
NQA support test type information:
----------------------------------------------------
Type Description
tcp TCP type NQA test
udp UDP type NQA test
jitter JITTER type NQA test
icmp ICMP type NQA test
snmp SNMP type NQA test
trace TRACE type NQA test
lspping LSPPING type NQA test
lsptrace LSPTRACE type NQA test
dns DNS type NQA test
pwe3ping PWE3PING type NQA test
pwe3trace PWE3TRACE type NQA test
macping MACPING type NQA test
lspjitter LSPJITTER type NQA test

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 228

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

pathmtu PATHMTU type NQA test

icmpjitter ICMPJITTER type NQA test
pathjitter PATHJITTER type NQA test
vplsping VPLSPING type NQA test
vplspwping VPLSPWPING type NQA test
vplspwtrace VPLSPWTRACE type NQA test
generalflow GENERALFLOW type NQA test
ethernet-service ETHERNET-SERVICE type NQA test
----------------------------------------------------

● Run the display nqa support-server-type command to check the supported

server types.
<HUAWEI> display nqa support-server-type
NQA support server type information:
----------------------------------------------------
Type Description
tcp server NQA TCP server
udp server NQA UDP server
icmp server NQA ICMP server
----------------------------------------------------

----End

4.10.2 Stopping a Test Instance

This section describes how to stop a test instance when its test parameters need
to be changed.

Prerequisites
Run the following commands in the NQA view to stop an NQA test instance.

Procedure
Step 1 Run system-view
Step 2 Run nqa test-instance admin-name test-name
Step 3 Run stop
The NQA test instance is stopped.
Step 4 Run commit

----End

4.10.3 Restarting an NQA Test Instance

This section describes how to restart (namely, to stop and then immediately start)
an NQA test instance.

Prerequisites
Run the following commands in the NQA view to restart an NQA test instance.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 229

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Context

NOTICE

Restarting an NQA test instance terminates the running test instance.

Procedure
Step 1 Run system-view

Step 2 Run nqa test-instance admin-name test-name

Step 3 Run restart

The NQA test instance is restarted.

Step 4 Run commit

----End

4.10.4 Checking 802.1ag Packet Statistics

When the test initiated using the ping mac-8021ag or trace mac-8021ag
command fails, run the display cfm statistics lblt command to check statistics
about the 802.1ag packets sent, received, forwarded, and replied by the local
device. The command output helps determine whether the test failure is caused by
a device or link fault.

Procedure
● Run display cfm statistics lblt

802.1ag packet statistics are displayed.

----End

4.10.5 Deleting Statistics

This section describes how to delete test statistics before the next test is
conducted.

Prerequisites
Run the following commands in the user view to delete NQA statistics.

Context

NOTICE

Statistics cannot be restored after being deleted. Exercise caution when running
the reset command.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 230

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Procedure
Step 1 Run reset lspv statistics

LSPV statistics are deleted.

Step 2 Run reset cfm statistics lblt

802.1ag packet statistics are cleared.

----End

4.10.6 Deleting Test Records

This section describes how to delete test records before the next test is conducted.

Prerequisites
Before running the clear-records command, run the stop and commit commands
to stop the NQA test instance first.

Context

NOTICE

Test records cannot be restored after being deleted. Exercise caution when running
the clear-records command.

Procedure
Step 1 Run system-view

Step 2 Run nqa test-instance admin-name test-name

Step 3 Run clear-records

Historical records and result records of the NQA test instance are deleted.

Step 4 Run commit

----End

4.11 Configuration Examples for NQA

This section describes several NQA configuration examples.

4.11.1 Example for Configuring an NQA Test to Detect the

DNS Resolution Speed on an IP Network
This section provides an example for configuring an NQA test to measure the
performance of interaction between a client and the DNS server.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 231

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Networking Requirements
On the network shown in Figure 4-4, Device A needs to access host A using the
domain name Server.com. A DNS test instance can be configured on Device A to
measure the performance of interaction between Device A and the DNS server.

Figure 4-4 Networking diagram for detecting the DNS resolution speed

In this example, interface 1 is GigabitEthernet 1/0/0.

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure reachable routes between Device A, the DNS server, and host A at
the network layer.
2. Configure a DNS test instance on Device A and start the test instance to
detect the DNS resolution speed on an IP network.

Data Preparation
To complete the configuration, you need the following data:
● IP address of the DNS server
● Domain name and IP address of host A

Procedure
Step 1 Configure reachable routes between Device A, the DNS server, and host A at the
network layer. (Omitted)
Step 2 Configure a DNS test instance and start it.
<HUAWEI> system-view
[~HUAWEI] sysname DeviceA
[*HUAWEI] commit
[~DeviceA] dns resolve
[*DeviceA] dns server 10.3.1.1
[*DeviceA] nqa test-instance admin dns

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 232

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

[*DeviceA-nqa-admin-dns] test-type dns

[*DeviceA-nqa-admin-dns] dns-server ipv4 10.3.1.1
[*DeviceA-nqa-admin-dns] destination-address url Server.com
[*DeviceA-nqa-admin-dns] commit
[~DeviceA-nqa-admin-dns] start now
[*DeviceA-nqa-admin-dns] commit

Step 3 Verify the test result. Min/Max/Average Completion Time indicates the delay
between the time when a DNS request packet is sent and the time when a DNS
response packet is received. In this example, the delay is 208 ms.
[~DeviceA-nqa-admin-dns] display nqa results test-instance admin dns
NQA entry(admin, dns) :testflag is inactive ,testtype is dns
1 . Test 1 result The test is finished
Send operation times: 1 Receive response times: 1
Completion:success RTD OverThresholds number:0
Attempts number:1 Drop operation number:0
Disconnect operation number:0 Operation timeout number:0
System busy operation number:0 Connection fail number:0
Operation sequence errors number:0 RTT Status errors number:0
Destination ip address:10.3.1.1
Min/Max/Average Completion Time: 208/208/208 Sum/Square-Sum Completion Time: 208/43264
Last Good Probe Time: 2018-01-25 09:18:22.6
Lost packet ratio: 0 %

----End

Configuration Files
Device A configuration file
#
sysname DeviceA
#
dns resolve
dns server 10.3.1.1
#
nqa test-instance admin dns
test-type dns
destination-address url Server.com
dns-server ipv4 10.3.1.1
#
return

4.11.2 Example for Configuring an NQA TCP Test to Measure

the Response Time on an IP Network
This section provides an example for configuring an NQA TCP test to measure the
response time on an IP network.

Networking Requirements
On the network shown in Figure 4-5, the headquarters and a subsidiary of a
company often need to use TCP to exchange files with each other. The time taken
to respond to a TCP transmission request must be less than 800 ms. The NQA TCP
test can be configured to measure the TCP response time between Device A and
Device D that are connected to the IP backbone network.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 233

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Figure 4-5 Networking diagram for an NQA TCP test to measure the response
time on an IP network

● Interface 1 in this example is GE1/0/0, respectively.

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure Device D as the NQA client and Device A as the NQA server, and
create a TCP test instance.
2. Configure the test instance to start at 10:00 o'clock every day and start the
test instance.

Data Preparation
To complete the configuration, you need the following data:
● IP addresses of Device A and Device D that are connected to the IP backbone
network
● Number of the port used to monitor TCP services

Procedure
Step 1 Configure the NQA server Device A.
<DeviceA> system-view
[~DeviceA] nqa-server tcpconnect 10.1.1.1 4000
[*DeviceA] commit

Step 2 Configure the NQA client Device D. Create a TCP test instance. Set the destination
IP address to the IP address of Device A.
<DeviceD> system-view
[*DeviceD] nqa test-instance admin tcp
[*DeviceD-nqa-admin-tcp] test-type tcp
[*DeviceD-nqa-admin-tcp] destination-address ipv4 10.1.1.1
[*DeviceD-nqa-admin-tcp] destination-port 4000
[*DeviceD-nqa-admin-tcp] commit

Step 3 Start the test instance immediately.

[*DeviceD-nqa-admin-tcp] start now

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 234

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

[*DeviceD-nqa-admin-tcp] commit

Step 4 Verify the test result. Run the display nqa results test-instance admin tcp
command on Device D. The command output shows that the TCP response time is
less than 800 ms.
[~DeviceD-nqa-admin-tcp] display nqa results test-instance admin tcp
NQA entry(admin, tcp) :testflag is active ,testtype is tcp
1 . Test 1 result The test is finished
Send operation times: 3 Receive response times: 3
Completion:success RTD OverThresholds number:0
Attempts number:1 Drop operation number:0
Disconnect operation number:0 Operation timeout number:0
System busy operation number:0 Connection fail number:0
Operation sequence errors number:0 RTT Stats errors number:0
Destination ip address:10.1.1.1
Min/Max/Average Completion Time: 600/610/603
Sum/Square-Sum Completion Time: 1810/1092100
Last Good Probe Time: 2011-01-16 02:59:41.6
Lost packet ratio: 0 %

Step 5 Configure the test instance to start at 10:00 o'clock every day.
[~DeviceD-nqa-admin-tcp] stop
[*DeviceD-nqa-admin-tcp] start daily 10:00:00 to 10:30:00
[*DeviceD-nqa-admin-tcp] commit

----End

Configuration Files
● Device A configuration file
#
sysname DeviceA
#
nqa-server tcpconnect 10.1.1.1 4000
#
isis 1
network-entity 00.0000.0000.0001.00
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.1.1.1 255.255.255.0
isis enable 1
#
return

● Device D configuration file

#
sysname DeviceD
#
isis 1
network-entity 00.0000.0000.0002.00
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.2.2.1 255.255.255.0
isis enable 1
#
nqa test-instance admin tcp
test-type tcp
destination-address ipv4 10.1.1.1
destination-port 4000
start daily 10:00:00 to 10:30:00
#
return

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 235

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

4.11.3 Example for Configuring an NQA UDP Jitter Test to

Monitor the VoIP Service Jitter Time
This section provides an example for configuring an NQA UDP jitter test to
monitor the jitter time for Voice over Internet Protocol (VoIP) services.

Networking Requirements
On the network shown in Figure 4-6, the headquarters and a subsidiary of a
company often need to use VoIP to hold teleconferences. The round-trip delay
time must be less than 250 ms, and the jitter time must be less than 20 ms. The
UDP jitter test can be configured to simulate VoIP services.

Figure 4-6 Networking diagram for an NQA UDP jitter test to monitor the VoIP
service jitter time

● Interface 1 in this example is GE1/0/0, respectively.

Configuration Roadmap
The configuration roadmap is as follows:

1. Configure Device A as the NQA server and Device D as the NQA client, and
create a UDP jitter test instance on Device D.
2. Start the test instance.

Data Preparation
To complete the configuration, you need the following data:

● IP addresses of Device A and Device D that are connected to the IP backbone

network
● Code type for simulated VoIP services

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 236

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Procedure
Step 1 Configure the NQA server Device A.
<DeviceA> system-view
[~DeviceA] nqa-server udpecho 10.1.1.1 4000
[*DeviceA] commit

Step 2 Configure the NQA client Device D.

1. Configure the packet version for the test instance.
<DeviceD> system-view
[~DeviceD] nqa-jitter tag-version 2

2. Create a UDP jitter test instance and set the destination IP address to the IP
address of Device A.
[*DeviceD] nqa test-instance admin udpjitter
[*DeviceD-nqa-admin-udpjitter] test-type jitter
[*DeviceD-nqa-admin-udpjitter] destination-address ipv4 10.1.1.1
[*DeviceD-nqa-admin-udpjitter] destination-port 4000

3. Specify the code type for simulated VoIP services.

[*DeviceD-nqa-admin-udpjitter] jitter-codec g711a

Step 3 Start the test instance immediately.

[*DeviceD-nqa-admin-udpjitter] start now
[*DeviceD-nqa-admin-udpjitter] commit

Step 4 Verify the test result. Run the display nqa results test-instance admin udpjitter
command on Device D. The command output shows that the round-trip delay
time is less than 250 ms, and the jitter time is less than 20 ms.
[~DeviceD-nqa-admin-udpjitter] display nqa results test-instance admin udpjitter
NQA entry(admin, udpjitter) :testflag is active ,testtype is jitter

1 . Test 1 result The test is finished

SendProbe:1000 ResponseProbe:919
Completion:success RTD OverThresholds number:0
OWD OverThresholds SD number:0 OWD OverThresholds DS number:0
Min/Max/Avg/Sum RTT:1/408/5/4601 RTT Square Sum:1032361
NumOfRTT:919 Drop operation number:0
Operation sequence errors number:0 RTT Stats errors number:0
System busy operation number:0 Operation timeout number:81
Min Positive SD:1 Min Positive DS:1
Max Positive SD:2 Max Positive DS:9
Positive SD Number:67 Positive DS Number:70
Positive SD Sum:70 Positive DS Sum:80
Positive SD Square Sum:76 Positive DS Square Sum:156
Min Negative SD:1 Min Negative DS:1
Max Negative SD:24 Max Negative DS:25
Negative SD Number:72 Negative DS Number:82
Negative SD Sum:271 Negative DS Sum:287
Negative SD Square Sum:4849 Negative DS Square Sum:4937
Min Delay SD:0 Min Delay DS:0
Max Delay SD:203 Max Delay DS:204
Delay SD Square Sum:254974 Delay DS Square Sum:257072
Packet Loss SD:0 Packet Loss DS:0
Packet Loss Unknown:81 Average of Jitter:2
Average of Jitter SD:2 Average of Jitter DS:2
jitter out value:0.0000000 jitter in value:0.0000000
NumberOfOWD:919 Packet Loss Ratio:8 %
OWD SD Sum:1834 OWD DS Sum:1848
ICPIF value:23 MOS-CQ value:354
TimeStamp unit:ms

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 237

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Configuration Files
● Device A configuration file
#
sysname DeviceA
#
nqa-server udpecho 10.1.1.1 4000
#
isis 1
network-entity 00.0000.0000.0001.00
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.1.1.1 255.255.255.0
isis enable 1
#
return

● Device D configuration file

#
sysname DeviceD
#
nqa-jitter tag-version 2
#
isis 1
network-entity 00.0000.0000.0002.00
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.2.2.1 255.255.255.0
isis enable 1
#
nqa test-instance admin udpjitter
test-type jitter
destination-address ipv4 10.1.1.1
destination-port 4000
jitter-codec g711a
start now
#
return

4.11.4 Example for Configuring an NQA LSP Ping Test to

Monitor MPLS Network Connectivity
This section provides an example for configuring an NQA LSP ping test to monitor
MPLS network connectivity.

Networking Requirements
On the MPLS network shown in Figure 4-7, Device A and Device C are PEs. An
NQA LSP ping test can be configured to periodically monitor the connectivity
between these two PEs.

Figure 4-7 Networking diagram for an NQA LSP ping test to monitor MPLS
network connectivity

● Interfaces 1 through 2 in this example are GE1/0/0, and GE2/0/0, respectively.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 238

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Configuration Roadmap
The configuration roadmap is as follows:
1. Create an LSP ping test instance on Device A.
2. Start the test instance.

Data Preparation
To complete the configuration, you need the IP addresses of Device A and Device
C.

Procedure
Step 1 Create an LSP ping test instance.
<DeviceA> system-view
[~DeviceA] nqa test-instance admin lspping
[*DeviceA-nqa-admin-lspping] test-type lspping
[*DeviceA-nqa-admin-lspping] lsp-type ipv4
[*DeviceA-nqa-admin-lspping] destination-address ipv4 3.3.3.9 lsp-masklen 32

Step 2 Start the test instance.

[*DeviceA-nqa-admin-lspping] start now
[*DeviceA-nqa-admin-lspping] commit

Step 3 Verify the test result.

Run the display nqa results test-instance admin lspping command on Device A.
The command output shows that the ping is successful.
[~DeviceA-nqa-admin-lspping] display nqa results test-instance admin lspping
NQA entry(admin, lspping) :testFlag is inactive ,testtype is lspping
1 . Test 1 result The test is finished
Send operation times: 3 Receive response times: 3
Completion:success RTD OverThresholds number: 0
Attempts number:1 Drop operation number:0
Disconnect operation number:0 Operation timeout number:0
System busy operation number:0 Connection fail number:0
Operation sequence errors number:0 RTT Stats errors number:0
Destination ip address:3.3.3.9
Min/Max/Average Completion Time: 1/1/1

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 239

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Sum/Square-Sum Completion Time: 3/3

Last Good Probe Time: 2007-1-30 15:32:56.1
Lost packet ratio:0%

Step 4 Configure the test instance to start at 10:00 o'clock every day.
[*DeviceA-nqa-admin-lspping] stop
[*DeviceA-nqa-admin-lspping] start daily 10:00:00 to 10:30:00
[*DeviceA-nqa-admin-lspping] commit

----End

Configuration Files
● Device A configuration file
#
sysname DeviceA
#
mpls lsr-id 1.1.1.9
#
mpls
#
mpls ldp
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 1.1.1.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 1.1.1.9 0.0.0.0
#
nqa test-instance admin lspping
test-type lspping
destination-address ipv4 3.3.3.9 lsp-masklen 32
start daily 10:00:00 to 10:30:00
#
return

● Device B configuration file

#
sysname DeviceB
#
mpls lsr-id 2.2.2.9
#
mpls
#
mpls ldp
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet2/0/0
undo shutdown
ip address 10.2.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 240

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

ip address 2.2.2.9 255.255.255.255

#
ospf 1
area 0.0.0.0
network 2.2.2.9 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.1.0 0.0.0.255
#
return

● Device C configuration file

#
sysname DeviceC
#
mpls lsr-id 3.3.3.9
#
mpls
#
mpls ldp
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.2.1.2 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 3.3.3.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.9 0.0.0.0
network 10.2.1.0 0.0.0.255
#
return

4.11.5 Example for Configuring an NQA PWE3 Ping Test to

Monitor PW Connectivity on a VPWS Network
This section provides an example for configuring an NQA PWE3 ping test to
monitor pseudo wire (PW) connectivity on a virtual private wire service (VPWS)
network.

Networking Requirements
Figure 4-8 illustrates the networking of monitoring PW connectivity between U-
PE1 and U-PE2. CE-A and CE-B run PPP to access U-PE1 and U-PE2, respectively.
U-PE1 and U-PE2 are connected on an MPLS backbone network. A dynamic multi-
segment PW between U-PE1 and U-PE2 is established over an label switched path
(LSP), with an S-PE functioning as the transit node.
The PWE3 ping function can be configured to monitor the connectivity of the
multi-segment PW between U-PE1 and U-PE2.

Figure 4-8 VPWS networking

● Interfaces 1 through 2 in this example are GE1/0/0, and GE2/0/0, respectively.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 241

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Configuration Roadmap
The configuration roadmap is as follows:
1. Run an IGP on the backbone network to implement the connectivity of
routers on the backbone network.
2. Enable basic MPLS functions over the backbone and set up LSP tunnels.
Establish remote MPLS Label Distribution Protocol (LDP) peer relationship
between U-PE1 and S-PE, and between U-PE2 and S-PE.
3. Set up an MPLS Layer 2 virtual circuit (L2VC) connection between U-PEs.
4. Set up a switched PW on the switching node S-PE.
5. Configure the PWE3 Ping test on the multi-segment PW on U-PE1.

Data Preparation
To complete the configuration, you need the following data:
● Different L2VC IDs of U-PE1 and U-PE2
● MPLS LSR IDs of U-PE1, S-PE, and U-PE2
● IP address of the peer
● Encapsulation type of the switched PW
● Name of the PW template configured on the U-PEs and parameters of the
PW template

Procedure
Step 1 Configure a dynamic multi-segment PW.
Configure a dynamic multi-segment PW on the MPLS backbone network.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 242

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

For more information, see the chapter "VPWS Configuration" in HUAWEI

NetEngine 8000 X SeriesNetEngine 8000 Configuration Guide - VPN.
Step 2 Configure a PWE3 ping test instance on the multi-segment PW.
# Configure U-PE1.
[*U-PE1] nqa test-instance test pwe3ping
[*U-PE1-nqa-test-pwe3ping] test-type pwe3ping
[*U-PE1-nqa-test-pwe3ping] local-pw-id 100
[*U-PE1-nqa-test-pwe3ping] local-pw-type ppp
[*U-PE1-nqa-test-pwe3ping] label-type control-word
[*U-PE1-nqa-test-pwe3ping] remote-pw-id 200
[*U-PE1-nqa-test-pwe3ping] commit

Step 3 Start the test instance.

[*U-PE1-nqa-test-pwe3ping] start now

Step 4 Verify the test result.

Run the display nqa results command on PEs. The command output shows that
the test is successful.
[*U-PE1-nqa-test-pwe3ping] display nqa results
NQA entry(lh, 11) :testflag is inactive ,testtype is pwe3ping
1 . Test 1 result The test is finished
SendProbe:3 ResponseProbe:3
Completion:success RTD OverThresholds number:0
OWD OverThresholds SD number:0 OWD OverThresholds DS number:0
Min/Max/Avg/Sum RTT:3/5/4/11 RTT Square Sum:43
NumOfRTT:3 Drop operation number:0
Operation sequence errors number:0 RTT Status errors number:0
System busy operation number:0 Operation timeout number:0
Min Positive SD:0 Min Positive DS:1
Max Positive SD:0 Max Positive DS:1
Positive SD Number:0 Positive DS Number:1
Positive SD Sum:0 Positive DS Sum:1
Positive SD Square Sum:0 Positive DS Square Sum:1
Min Negative SD:1 Min Negative DS:1
Max Negative SD:2 Max Negative DS:1
Negative SD Number:2 Negative DS Number:1
Negative SD Sum:3 Negative DS Sum:1
Negative SD Square Sum:5 Negative DS Square Sum:1
Min Delay SD:0 Min Delay DS:0
Max Delay SD:0 Max Delay DS:0
Delay SD Square Sum:0 Delay DS Square Sum:0
Packet Loss SD:0 Packet Loss DS:0
Packet Loss Unknown:0 Average of Jitter:1
Average of Jitter SD:1 Average of Jitter DS:1
Jitter out value:0.1015625 Jitter in value:0.0611979
NumberOfOWD:0 Packet Loss Ratio:0 %
OWD SD Sum:0 OWD DS Sum:0
ICPIF value:0 MOS-CQ value:0
Attempts number:1 Disconnect operation number:0
Connection fail number:0 Destination ip address:10.4.1.2
Last Good Probe Time: 2016-11-15 20:33:43.8

----End

Configuration Files
● CE-A configuration file
#
sysname CE-A
#
interface GigabitEthernet1/0/0
undo shutdown

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 243

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

ip address 10.10.1.1 255.255.255.0

#
return
● U-PE1 configuration file
#
sysname U-PE1
#
mpls lsr-id 1.1.1.9
mpls
#
mpls l2vpn
#
mpls ldp
#
mpls ldp remote-peer 3.3.3.9
remote-ip 3.3.3.9
#
pw-template wwt
peer-address 3.3.3.9
control-word
#
interface GigabitEthernet1/0/0
undo shutdown
mpls l2vc 3.3.3.9 pw-template wwt 100
#
interface GigabitEthernet2/0/0
undo shutdown
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack0
ip address 1.1.1.9 255.255.255.255
#
nqa test-instance test pwe3ping
test-type pwe3ping
local-pw-id 100
local-pw-type ppp
remote-pw-id 200
#
ospf 1
area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 1.1.1.9 0.0.0.0
#
return
● P1 configuration file
#
sysname P1
#
mpls lsr-id 2.2.2.9
mpls
#
mpls ldp
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet2/0/0
undo shutdown
ip address 10.2.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack0

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 244

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

undo shutdown
ip address 2.2.2.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.9 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.1.0 0.0.0.255
#
return
● S-PE configuration file
#
sysname S-PE
#
mpls lsr-id 3.3.3.9
mpls
#
mpls l2vpn
#
mpls switch-l2vc 5.5.5.9 200 between 1.1.1.9 100 encapsulation ppp
#
mpls ldp
#
mpls ldp remote-peer 1.1.1.9
remote-ip 1.1.1.9
#
mpls ldp remote-peer 5.5.5.9
remote-ip 5.5.5.9
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.2.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet2/0/0
undo shutdown
ip address 10.3.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack0
undo shutdown
ip address 3.3.3.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.9 0.0.0.0
network 10.2.1.0 0.0.0.255
network 10.3.1.0 0.0.0.255
#
return
● P2 configuration file
#
sysname P2
#
mpls lsr-id 4.4.4.9
mpls
#
mpls ldp
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.3.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet2/0/0

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 245

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

undo shutdown
ip address 10.4.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack0
undo shutdown
ip address 4.4.4.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 4.4.2.9 0.0.0.0
network 10.3.1.0 0.0.0.255
network 10.4.1.0 0.0.0.255
#

● U-PE2 configuration file

#
sysname U-PE2
#
mpls lsr-id 5.5.5.9
mpls
#
mpls l2vpn
#
mpls ldp
#
mpls ldp remote-peer 3.3.3.9
remote-ip 3.3.3.9
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.4.1.2 255.255.255.0
mpls
mpls ldp
#
pw-template wwt
peer-address 3.3.3.9
control-word
#
interface GigabitEthernet2/0/0
undo shutdown
mpls l2vc 3.3.3.9 pw-template wwt 100
#
interface LoopBack0
ip address 5.5.5.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 5.5.5.9 0.0.0.0
network 10.4.1.0 0.0.0.255
#
return

● CE-B configuration file

#
sysname CE-B
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.10.1.2 255.255.255.0
#
return

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 246

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

4.11.6 Example for Configuring a Generalflow Test in a Native

Ethernet Scenario (RFC 2544)
This section describes how to configure a generalflow test in a native Ethernet
scenario. A generalflow test is used to monitor the native Ethernet network
performance.

Networking Requirements
A generalflow test needs to be configured to monitor the performance of an
Ethernet virtual connection (EVC) between Device A and Device B on the network
shown in Figure 4-9.

Figure 4-9 General flow test in a native Ethernet scenario

Interfaces 1 and 2 in this example are GE1/0/1, and GE1/0/2, respectively.

Configuration Roadmap
The configuration roadmap is as follows:

1. Configure reflector Device B to loop traffic with a specified destination MAC

address through reflector interface GE 1/0/1 to the initiator.
2. Configure initiator Device A and test the throughput, latency, and packet loss
rate.
3. Configure Device C's interface to join the specified VLAN.

Data Preparation
To complete the configuration, you need the following data:

● On reflector Device B: MAC address (00-e0-fc-12-34-56) of the interface

directly connected to UNI-B
● On initiator Device A:
– Destination MAC address (00-e0-fc-12-34-56) of the interface directly
connected to UNI-B

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 247

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

– Throughput test parameters: upper rate threshold (100000 Kbit/s), lower

rate threshold (10000 Kbit/s), throughput precision (1000 Kbit/s), packet
loss rate (81), interval (5s) at which test packets are transmitted at a
specified rate, data size (70 bytes) of each test packet, and test duration
(100s)
– Delay test parameters: packet rate (99000 Kbit/s), test duration (100s),
and interval (5s) at which the initiator sends test packets
– Packet loss rate test parameters: packet rate (99000 Kbit/s), and test
duration (100s)

Procedure
Step 1 Configure reachable Layer 2 links between the initiator and reflector and add
Layer 2 interfaces to VLAN 10. For configuration details, see "Configuration Files"
in this section.
Step 2 Configure the reflector.
<DeviceB> system-view
[~DeviceB] nqa reflector 1 interface gigabitethernet 1/0/1 mac 00-e0-fc-12-34-56 vlan 10

Step 3 Configure the initiator to conduct a throughput test and check the test results.
<DeviceA> system-view
[~DeviceA] nqa test-instance admin throughput
[*DeviceA-nqa-admin-throughput] test-type generalflow
[*DeviceA-nqa-admin-throughput] measure throughput
[*DeviceA-nqa-admin-throughput] destination-address mac 00-e0-fc-12-34-56
[*DeviceA-nqa-admin-throughput] forwarding-simulation inbound-interface gigabitethernet 1/0/1
[*DeviceA-nqa-admin-throughput] rate 10000 100000
[*DeviceA-nqa-admin-throughput] interval seconds 5
[*DeviceA-nqa-admin-throughput] precision 1000
[*DeviceA-nqa-admin-throughput] fail-ratio 81
[*DeviceA-nqa-admin-throughput] datasize 70
[*DeviceA-nqa-admin-throughput] duration 100
[*DeviceA-nqa-admin-throughput] vlan 10
[*DeviceA-nqa-admin-throughput] start now
[*DeviceA-nqa-admin-throughput] commit
[~DeviceA-nqa-admin-throughput] display nqa results test-instance admin throughput
NQA entry(admin, throughput) :testflag is inactive ,testtype is generalflow
1 . Test 1 result: The test is finished, test mode is throughput
ID Size Throughput(Kbps) Precision(Kbps) LossRatio Completion
1 70 100000 1000 0.00% success

Step 4 Configure the initiator to conduct a latency test and check the test results.
[*DeviceA] nqa test-instance admin delay
[*DeviceA-nqa-admin-delay] test-type generalflow
[*DeviceA-nqa-admin-delay] measure delay
[*DeviceA-nqa-admin-delay] destination-address mac 00-e0-fc-12-34-56
[*DeviceA-nqa-admin-delay] forwarding-simulation inbound-interface gigabitethernet 1/0/1
[*DeviceA-nqa-admin-delay] datasize 64
[*DeviceA-nqa-admin-delay] rate 99000
[*DeviceA-nqa-admin-delay] interval seconds 5
[*DeviceA-nqa-admin-delay] duration 100
[*DeviceA-nqa-admin-delay] vlan 10
[*DeviceA-nqa-admin-delay] start now
[*DeviceA-nqa-admin-delay] commit
[~DeviceA-nqa-admin-delay] display nqa results test-instance admin delay
NQA entry(admin, delay) :testflag is inactive ,testtype is generalflow
1 . Test 1 result: The test is finished, test mode is delay
ID Size Min/Max/Avg RTT(us) Min/Max/Avg Jitter(us) Completion
1 64 1/12/5 2/15/8 finished

Step 5 Configure the initiator to conduct a packet loss rate test and check the test results.
[*DeviceA] nqa test-instance admin loss

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 248

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

[*DeviceA-nqa-admin-loss] test-type generalflow

[*DeviceA-nqa-admin-loss] measure loss
[*DeviceA-nqa-admin-loss] destination-address mac 00-e0-fc-12-34-56
[*DeviceA-nqa-admin-loss] forwarding-simulation inbound-interface gigabitethernet 1/0/1
[*DeviceA-nqa-admin-loss] datasize 64
[*DeviceA-nqa-admin-loss] rate 99000
[*DeviceA-nqa-admin-loss] duration 100
[*DeviceA-nqa-admin-loss] vlan 10
[*DeviceA-nqa-admin-loss] start now
[*DeviceA-nqa-admin-loss] commit
[~DeviceA-nqa-admin-loss] display nqa results test-instance admin loss
NQA entry(admin, loss) :testflag is inactive ,testtype is generalflow
1 . Test 1 result: The test is finished, test mode is loss
ID Size TxRate/RxRate(Kbps) TxCount/RxCount LossRatio Completion
1 64 99000/99000 653265345/653265345 0.00% finished

----End

Configuration Files
● Configuration file of Device A
#
sysname DeviceA
#
vlan 10
#
interface GigabitEthernet 1/0/1
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet 1/0/2
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
nqa test-instance admin throughput
test-type generalflow
duration 100
measure throughput
fail-ratio 81
destination-address mac 00e0-fc12-3456
datasize 70
rate 10000 100000
precision 1000
forwarding-simulation inbound-interface GigabitEthernet1/0/1
vlan 10
nqa test-instance admin loss
test-type generalflow
duration 100
measure loss
destination-address mac 00e0-fc12-3456
datasize 64
rate 99000
forwarding-simulation inbound-interface GigabitEthernet1/0/1
vlan 10
nqa test-instance admin delay
test-type generalflow
duration 100
measure delay
interval seconds 5
destination-address mac 00e0-fc12-3456
datasize 64
rate 99000
forwarding-simulation inbound-interface GigabitEthernet1/0/1
vlan 10

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 249

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

#
return

● Configuration file of Device B

#
sysname DeviceB
#
vlan 10
nqa reflector 1 interface gigabitethernet 1/0/1 mac 00e0-fc12-3456 vlan 10
#
interface GigabitEthernet 1/0/1
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet 1/0/2
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
return

● Configuration file of Device C

#
sysname DeviceC
#
vlan 10
#
interface GigabitEthernet 1/0/1
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet 1/0/2
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
return

4.11.7 Example for Configuring a Generalflow Test in the IP

Gateway Scenario (RFC 2544)
This section describes how to configure a generalflow test in the IP gateway
scenario. The generalflow test monitors the Ethernet network performance.

Usage Scenario
A generalflow test needs to be configured to monitor the performance of the
Ethernet network shown in Figure 4-10 between Device A and IP gateway Device
B.

Figure 4-10 General flow test in the IP gateway scenario

Interfaces 1 through 2 in this example are GE1/0/1, and GE1/0/2, respectively.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 250

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure reflector Device A.
2. Configure initiator Device B and monitor the latency time.

Data Preparation
To complete the configuration, you need the following data:
● On reflector Device A: Set the simulated IP address to 10.1.1.1 (CE's IP
address) and the reflector interface to GE 1/0/1.
● On initiator Device B:
– Destination IP address: (10.1.1.1) of the CE connected to Device A's GE
1/0/1
– Source IP address: an address that resides on the same network segment
as the IP address of the initiator
– Latency test parameters: packet rate (99000 Kbit/s), packet loss ratio
(81%), test duration (100s), and interval (5s) at which the initiator sends
test packets

Procedure
Step 1 Configure Layer 2 devices so that Layer 3 routes between the CE and Device B are
reachable. For configuration details, see "Configuration Files" in this section.
Step 2 Configure the reflector.
[*DeviceA] vlan 10
[*DeviceA-vlan10] commit
[~DeviceA-vlan10] quit
[~DeviceA] nqa reflector 1 interface GigabitEthernet 1/0/1 ipv4 10.1.1.1 vlan 10
[*DeviceA] commit

Step 3 Configure the initiator to conduct a latency test and view test results.
[*DeviceB] vlan 10

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 251

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

[*DeviceB-vlan10] commit
[~DeviceB-vlan10] quit
[~DeviceB] interface gigabitethernet 1/0/2.1
[*DeviceB-GigabitEthernet1/0/2.1] vlan-type dot1q 10
[*DeviceB-GigabitEthernet1/0/2.1] ip address 10.1.1.2 24
[*DeviceB-GigabitEthernet1/0/2.1] quit
[*DeviceB] arp static 10.1.1.1 00e0-fc12-3456 vid 10 interface GigabitEthernet 1/0/2.1
[*DeviceB] nqa test-instance admin delay
[*DeviceB-nqa-admin-delay] test-type generalflow
[*DeviceB-nqa-admin-delay] measure delay
[*DeviceB-nqa-admin-delay] destination-address ipv4 10.1.1.1
[*DeviceB-nqa-admin-delay] source-address ipv4 10.1.1.2
[*DeviceB-nqa-admin-delay] source-interface gigabitethernet 1/0/2.1
[*DeviceB-nqa-admin-delay] rate 99000
[*DeviceB-nqa-admin-delay] interval seconds 5
[*DeviceB-nqa-admin-delay] datasize 64
[*DeviceB-nqa-admin-delay] duration 100
[*DeviceB-nqa-admin-delay] start now
[*DeviceB-nqa-admin-delay] commit
[~DeviceB-nqa-admin-delay] display nqa results test-instance admin delay
NQA entry(admin, delay) :testflag is inactive ,testtype is generalflow
1 . Test 1 result: The test is finished, test mode is delay
ID Size Min/Max/Avg RTT(us) Min/Max/Avg Jitter(us) Completion
1 64 1/12/5 2/15/8 finished

----End

Configuration Files
● Configuration file of Device A
#
sysname DeviceA
#
vlan 10
#
nqa reflector 1 interface GigabitEthernet 1/0/1 ipv4 10.1.1.1 vlan 10
#
interface GigabitEthernet 1/0/1
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet 1/0/2
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
return

● Configuration file of Device B

#
sysname DeviceB
#
vlan 10
#
interface GigabitEthernet 1/0/1
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet 1/0/2.1
vlan-type dot1q 10
ip address 10.1.1.2 255.255.255.0
#
nqa test-instance admin delay

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 252

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

test-type generalflow
destination-address ipv4 10.1.1.1
source-address ipv4 10.1.1.2
duration 100
measure delay
interval seconds 5
datasize 64
rate 99000
source-interface GigabitEthernet 1/0/2.1
#
return

● Configuration file of Device C

4.11.8 Example for Configuring a Layer 2 Ethernet Service

Activation Test (Y.1564)
This section describes how to configure a Layer 2 Ethernet service activation test
to check whether network performance complies with the SLA.

Networking Requirements
Figure 4-11 shows how to check the Ethernet frame transmission performance
between Device B and Device C complies with the SLA.

Figure 4-11 Configuring a Layer 2 Ethernet service activation test

● Interface 1 and interface 2 stand for GE1/0/1 and GE1/0/2, respectively.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 253

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Configuration Roadmap
1. Configure a reflector (Device C) and flow-based traffic filtering with the
reflection port being set to GE1/0/1.
2. Configure an initiator (Device B) as well as configuration and performance
tests.

Data Preparation
To complete the configuration, you need the following data:
● Configurations of the reflector (Device C): The MAC address of GE1/0/1 on
Device D connected to UNI B is 2-2-2, and the reflector is configured to
implement reflection based on flows.
● Configurations of the initiator (Device B)
– Service flow configurations and characteristics:

▪ Destination MAC address: 2-2-2, that is, the MAC address of GE1/0/1
on Device D connected to UNI B

▪ Source MAC address: 1-1-1, that is, the MAC address of GE1/0/1 on
Device A connected to UNI A

▪ VLAN ID 10 in single-tagged Ethernet packets

▪ UDP destination port number 1234

▪ UDP source port number 5678

– Bandwidth template with both the CIR and EIR being set to 10000 kbit/s
– Service acceptance criteria FLR with the FLR being set to 1000/100000
and both the FTD and FDV being set to 1000 microseconds
– Enabling of the simple CIR test, traffic policing test, and color mode
– Ethernet service activation test instance

Procedure
Step 1 Configure a reachable link between the initiator and reflector and add Layer 2
interfaces to VLAN 10.
Step 2 Configure the reflector.
[*DeviceC] nqa test-flow 1
[*DeviceC-nqa-testflow-1] vlan 10
[*DeviceC-nqa-testflow-1] udp destination-port 1234
[*DeviceC-nqa-testflow-1] udp source-port 5678
[*DeviceC-nqa-testflow-1] traffic-type mac destination 2-2-2
[*DeviceC-nqa-testflow-1] traffic-type mac source 1-1-1
[*DeviceC-nqa-testflow-1] quit
[*DeviceC] nqa reflector 1 interface GigabitEthernet 1/0/1 test-flow 1 exchange-port agetime 0
[*DeviceC] commit

Step 3 Configure the initiator to perform configuration and performance tests and view
test results.
[*DeviceB] nqa test-flow 1

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 254

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

[*DeviceB-nqa-testflow-1] vlan 10
[*DeviceB-nqa-testflow-1] udp destination-port 1234
[*DeviceB-nqa-testflow-1] udp source-port 5678
[*DeviceB-nqa-testflow-1] cir simple-test enable
[*DeviceB-nqa-testflow-1] bandwidth cir 10000 eir 10000
[*DeviceB-nqa-testflow-1] sac flr 1000 ftd 1000 fdv 1000
[*DeviceB-nqa-testflow-1] traffic-type mac destination 2-2-2
[*DeviceB-nqa-testflow-1] traffic-type mac source 1-1-1
[*DeviceB-nqa-testflow-1] traffic-policing test enable
[*DeviceB-nqa-testflow-1] color-mode 8021p green 0 7 yellow 0 7
[*DeviceB-nqa-testflow-1] quit
[*DeviceB] nqa test-instance admin ethernet
[*DeviceB-nqa-admin-ethernet] test-type ethernet-service
[*DeviceB-nqa-admin-ethernet] forwarding-simulation inbound-interface GigabitEthernet 1/0/1
[*DeviceB-nqa-admin-ethernet] test-flow 1
[*DeviceB-nqa-admin-ethernet] start now
[*DeviceB-nqa-admin-ethernet] commit
[~DeviceB-nqa-admin-ethernet] display nqa results test-instance admin ethernet
NQA entry(admin, ethernet) :testflag is inactive ,testtype is ethernet-service
1 . Test 1 result The test is finished
Status : Pass
Test-flow number : 1
Mode : Round-trip
Last step : Performance-test
Estimated total time :6
Real test time :6
1 . Configuration-test
Test-flow 1, CIR simple test
Begin : 2014-06-25 16:22:45.8
End : 2014-06-25 16:22:48.8
Status : Pass
Min/Max/Mean IR(kbit/s) : 9961/10075/10012
Min/Max/Mean FTD(us) : 99/111/104
Min/Max/Mean FDV(us) : 0/7/3
FL Count/FLR : 0/0.000%
Disorder packets :0
Unavail Count/AVAIL : 0/0.000%
Test-flow 1, CIR/EIR test, Green
Begin : 2014-06-25 16:23:15.8
End : 2014-06-25 16:23:18.8
Status : Pass
Min/Max/Mean IR(kbit/s) : 9979/10054/10012
Min/Max/Mean FTD(us) : 101/111/105
Min/Max/Mean FDV(us) : 0/10/3
FL Count/FLR : 0/0.000%
Disorder packets :0
Unavail Count/AVAIL : 0/0.000%
Test-flow 1, CIR/EIR test, Yellow
Begin : 2014-06-25 16:23:15.8
End : 2014-06-25 16:23:18.8
Status : --
Min/Max/Mean IR(kbit/s) : 9979/10057/10013
Min/Max/Mean FTD(us) : 98/111/104
Min/Max/Mean FDV(us) : 1/11/5
FL Count/FLR : 0/0.000%
Disorder packets :0
Unavail Count/AVAIL : 0/0.000%
Test-flow 1, Traffic policing test, Green
Begin : 2014-06-25 16:23:45.8
End : 2014-06-25 16:23:48.8
Status : Pass
Min/Max/Mean IR(kbit/s) : 10039/10054/10045
Min/Max/Mean FTD(us) : 96/110/104
Min/Max/Mean FDV(us) : 1/9/4
FL Count/FLR : 0/0.000%
Disorder packets :0
Unavail Count/AVAIL : 0/0.000%
Test-flow 1, Traffic policing test, Yellow
Begin : 2014-06-25 16:23:45.8

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 255

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

End : 2014-06-25 16:23:48.8

Status : --
Min/Max/Mean IR(kbit/s) : 12544/12566/12554
Min/Max/Mean FTD(us) : 101/111/105
Min/Max/Mean FDV(us) : 1/8/3
FL Count/FLR : 0/0.000%
Disorder packets :0
Unavail Count/AVAIL : 0/0.000%
2 . Performance-test
Test-flow 1, Performance-test
Begin : 2014-06-25 16:24:15.8
End : 2014-06-25 16:39:15.8
Status : Pass
Min/Max/Mean IR(kbit/s) : 9888/10132/10004
Min/Max/Mean FTD(us) : 101/111/105
Min/Max/Mean FDV(us) : 0/8/2
FL Count/FLR : 0/0.000%
Disorder packets :0
Unavail Count/AVAIL : 0/0.000%

----End

Configuration Files
● Device A configuration file
#
sysname DeviceA
#
vlan batch 10
#
interface GigabitEthernet 1/0/1
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
return

● Device B configuration file

#
sysname DeviceB
#
vlan batch 10
#
interface GigabitEthernet 1/0/1
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet 1/0/2
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
nqa test-flow 1
vlan 10
udp destination-port 1234
udp source-port 5678
cir simple-test enable
bandwidth cir 10000 eir 10000
sac flr 1000 ftd 1000 fdv 1000
traffic-type mac destination 00e0-fc12-3457
traffic-type mac source 00e0-fc12-3456
traffic-policing test enable
color-mode 8021p green 0 7 yellow 0 7
#

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 256

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

nqa test-instance admin ethernet

test-type ethernet-service
forwarding-simulation inbound-interface GigabitEthernet 1/0/1
test-flow 1
#
return

● Device C configuration file

#
sysname DeviceC
#
vlan batch 10
#
interface GigabitEthernet 1/0/1
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet 1/0/2
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
nqa test-flow 1
vlan 10
udp destination-port 1234
udp source-port 5678
traffic-type mac destination 00e0-fc12-3457
traffic-type mac source 00e0-fc12-3456
#
nqa reflector 1 interface GigabitEthernet 1/0/1 test-flow 1 exchange-port agetime 0
#
return

● Device D configuration file

#
sysname DeviceD
#
vlan batch 10
#
interface GigabitEthernet 1/0/1
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
return

4.11.9 Example for Configuring an Ethernet Service Activation

Test in a Layer 3 Scenario (Y.1564)
This section provides an example for configuring an Ethernet service activation
test in a Layer 3 scenario to check whether network performance meets SLAs.

Networking Requirements
The network shown in Figure 4-12 requires a check of the Ethernet frame
transmission between DeviceB and DeviceC to determine whether the
performance parameters meet SLAs.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 257

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Figure 4-12 Configuring an Ethernet service activation test in a Layer 3 scenario

● In this example, Interface 1 and Interface 2 stand for GE 1/0/1 and GE 1/0/2,
respectively.

Configuration Roadmap
1. Configure Device C as the reflector and set filter criteria based on flows.
2. Configure Device B as the initiator and execute configuration tests and
performance tests.

Data Preparation
To complete the configuration, you need the following data:
● Configurations on the reflector (DeviceC)
– Service flow configurations and characteristics:

▪ Destination MAC address: 4-4-4, that is, the MAC address of GE 1/0/1
on DeviceD connected to UNI B

▪ Source MAC address: 3-3-3, that is, the MAC address of UNI B

▪ Destination IP address: IP address of the downstream device or the IP

address of the network segment where UNI B resides. An example of
the IP address of the downstream device is 10.1.3.2.

▪ Source IP address: IP address of the downstream device or the IP

address of the network segment where UNI A resides. An example of
the IP address of the downstream device is 10.1.1.1.
● Configurations of the initiator DeviceB
– Service flow configurations and characteristics:

▪ Destination MAC address: 2-2-2, that is, the MAC address of UNI A

▪ Source MAC address: 1-1-1, that is, the MAC address of GE 1/0/1 on
DeviceA connected to UNI A

▪ Destination IP address: IP address of the downstream device or the IP

address of the network segment where UNI B resides. An example of
the IP address of the downstream device is 10.1.3.2.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 258

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

▪ Source IP address: IP address of the downstream device or the IP

address of the network segment where UNI A resides. An example of
the IP address of the downstream device is 10.1.1.1.
– Configure the bandwidth template: CIR as 500000 kbit/s and EIR as
20000 kbit/s.
– Configure service acceptance criteria: with the FLR set to 1000/100000,
FTD set to 1 microsecond, and FDV set to 10000000 microseconds.

The link between the two user networks must be reachable. Otherwise, static ARP entries
must be configured.

Procedure
Step 1 Configure the Layer 3 link reachability for the initiator and reflector.

Step 2 Configure the reflector.

[*DeviceC] nqa test-flow 1
[*DeviceC-nqa-testflow-1] traffic-type mac destination 4-4-4
[*DeviceC-nqa-testflow-1] traffic-type mac source 3-3-3
[*DeviceC-nqa-testflow-1] traffic-type ipv4 destination 10.1.3.2
[*DeviceC-nqa-testflow-1] traffic-type ipv4 source 10.1.1.1
[*DeviceC-nqa-testflow-1] traffic-policing test enable
[*DeviceC-nqa-testflow-1] quit
[*DeviceC] nqa reflector 1 interface GigabitEthernet 1/0/1.1 test-flow 1 exchange-port agetime 0
[*DeviceC] commit

Step 3 Configure the initiator to initiate a configuration test and a performance test and
view the test results.
[*DeviceB] nqa test-flow 1
[*DeviceB-nqa-testflow-1] bandwidth cir 500000 eir 20000
[*DeviceB-nqa-testflow-1] sac flr 1000 ftd 10000 fdv 10000000
[*DeviceB-nqa-testflow-1] traffic-type mac destination 2-2-2
[*DeviceB-nqa-testflow-1] traffic-type mac source 1-1-1
[*DeviceB-nqa-testflow-1] traffic-type ipv4 destination 10.1.3.2
[*DeviceB-nqa-testflow-1] traffic-type ipv4 source 10.1.1.1
[*DeviceB-nqa-testflow-1] traffic-policing test enable
[*DeviceC-nqa-testflow-1] color-mode 8021p green 0 7 yellow 0 7
[*DeviceB-nqa-testflow-1] quit
[*DeviceB] nqa test-instance admin ethernet
[*DeviceB-nqa-admin-ethernet] test-type ethernet-service
[*DeviceB-nqa-admin-ethernet] forwarding-simulation inbound-interface GigabitEthernet 1/0/1.1
[*DeviceB-nqa-admin-ethernet] test-flow 1
[*DeviceB-nqa-admin-ethernet] start now
[*DeviceB-nqa-admin-ethernet] commit
[~DeviceB-nqa-admin-ethernet] display nqa results test-instance admin ethernet
NQA entry(admin, ethernet) :testflag is inactive ,testtype is ethernet-service
1 . Test 1 result The test is finished
Status : Pass
Test-flow number : 1
Mode : Round-trip
Last step : Performance-test
Estimated total time :6
Real test time :6
1 . Configuration-test
Test-flow 1, CIR simple test
Begin : 2014-06-25 16:22:45.8
End : 2014-06-25 16:22:48.8
Status : Pass
Min/Max/Mean IR(kbit/s) : 9961/10075/10012
Min/Max/Mean FTD(us) : 99/111/104
Min/Max/Mean FDV(us) : 0/7/3

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 259

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

FL Count/FLR : 0/0.000%
Disorder packets :0
Unavail Count/AVAIL : 0/0.000%
Test-flow 1, CIR/EIR test, Green
Begin : 2014-06-25 16:23:15.8
End : 2014-06-25 16:23:18.8
Status : Pass
Min/Max/Mean IR(kbit/s) : 9979/10054/10012
Min/Max/Mean FTD(us) : 101/111/105
Min/Max/Mean FDV(us) : 0/10/3
FL Count/FLR : 0/0.000%
Disorder packets :0
Unavail Count/AVAIL : 0/0.000%
Test-flow 1, CIR/EIR test, Yellow
Begin : 2014-06-25 16:23:15.8
End : 2014-06-25 16:23:18.8
Status : --
Min/Max/Mean IR(kbit/s) : 9979/10057/10013
Min/Max/Mean FTD(us) : 98/111/104
Min/Max/Mean FDV(us) : 1/11/5
FL Count/FLR : 0/0.000%
Disorder packets :0
Unavail Count/AVAIL : 0/0.000%
Test-flow 1, Traffic policing test, Green
Begin : 2014-06-25 16:23:45.8
End : 2014-06-25 16:23:48.8
Status : Pass
Min/Max/Mean IR(kbit/s) : 10039/10054/10045
Min/Max/Mean FTD(us) : 96/110/104
Min/Max/Mean FDV(us) : 1/9/4
FL Count/FLR : 0/0.000%
Disorder packets :0
Unavail Count/AVAIL : 0/0.000%
Test-flow 1, Traffic policing test, Yellow
Begin : 2014-06-25 16:23:45.8
End : 2014-06-25 16:23:48.8
Status : --
Min/Max/Mean IR(kbit/s) : 12544/12566/12554
Min/Max/Mean FTD(us) : 101/111/105
Min/Max/Mean FDV(us) : 1/8/3
FL Count/FLR : 0/0.000%
Disorder packets :0
Unavail Count/AVAIL : 0/0.000%
2 . Performance-test
Test-flow 1, Performance-test
Begin : 2014-06-25 16:24:15.8
End : 2014-06-25 16:39:15.8
Status : Pass
Min/Max/Mean IR(kbit/s) : 9888/10132/10004
Min/Max/Mean FTD(us) : 101/111/105
Min/Max/Mean FDV(us) : 0/8/2
FL Count/FLR : 0/0.000%
Disorder packets :0
Unavail Count/AVAIL : 0/0.000%

----End

Configuration Files
● Device B configuration file
#
sysname DeviceB
#
interface GigabitEthernet 1/0/1
undo shutdown
#
interface GigabitEthernet 1/0/1.1
ip address 10.1.1.2 255.255.255.0

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 260

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

#
interface GigabitEthernet 1/0/2
undo shutdown
ip address 10.1.2.1 255.255.255.0
#
nqa test-flow 1
bandwidth cir 500000 eir 20000
sac flr 1000 ftd 10000 fdv 10000000
traffic-type mac destination 2-2-2
traffic-type mac source 1-1-1
traffic-type ipv4 destination 10.1.3.2
traffic-type ipv4 source 10.1.1.1
traffic-policing test enable
color-mode 8021p green 0 7 yellow 0 7
#
nqa test-instance admin ethernet
test-type ethernet-service
forwarding-simulation inbound-interface GigabitEthernet 1/0/1.1
test-flow 1
#
return

● Device C configuration file

#
sysname DeviceC
#
interface GigabitEthernet 1/0/1
undo shutdown
#
interface GigabitEthernet 1/0/1.1
ip address 10.1.3.1 255.255.255.0
#
interface GigabitEthernet 1/0/2
undo shutdown
ip address 10.1.2.2 255.255.255.0
#
nqa test-flow 1
traffic-type mac destination 4-4-4
traffic-type mac source 3-3-3
traffic-type ipv4 destination 10.1.3.2
traffic-type ipv4 source 10.1.1.1
traffic-policing test enable
#
nqa reflector 1 interface GigabitEthernet 1/0/1.1 test-flow 1 exchange-port agetime 0
#
return

4.11.10 Example for Configuring an Ethernet Service

Activation Test on an EVPN VXLAN (Y.1564)
An Ethernet service activation test is configured on an EVPN VXLAN to check
whether network performance meets SLA performance indexes.

Networking Requirements
An Ethernet service activation test can be configured to help users learn the
performance and running status of existing deployed networks before rolling out
services. Information obtained can help make business proposals and promote
services.
In Figure 4-13, the EVPN VXLAN to be tested resides on UNIs on the network side.
Device B is configured as the initiator, and Device C is configured as the reflector.
A test instance is configured to test whether Ethernet frame transmission
performance between the initiator and reflector meets the SLA.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 261

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Figure 4-13 Ethernet service activation test on an EVPN VXLAN

In this example, the destination MAC address is specified in a test instance to check the
network performance between CEs on both ends of a Layer 2 EVPN. In a Layer 3 scenario,
the destination IP address must be specified.
Interface 1 and interface 2 stand for GE 1/0/0 and GE 2/0/0, respectively.

Configuration Roadmap
The roadmap is as follows:

1. Configure a VXLAN network.

2. Configure Device A and Device B to communicate and Device C and Device D
to communicate.
3. Configure Device C as the reflector to reflect service traffic.
4. Configure Device B as the initiator to simulate and send service traffic.

Data Preparation
To complete the configuration, you need the following data:

● IP addresses of interconnected interfaces of devices

● Service flow characteristics:
– Destination MAC address: 00-e0-fc-12-34-67 of GE 2/0/0 on Device D
– Source MAC address: 00-e0-fc-12-34-65 of GE 2/0/0 on Device A
– VLAN ID carried in Ethernet frames: 10
– UDP destination port number: 1234
– UDP source port number: 5678

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 262

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

● Bandwidth profile: 10000 kbit/s for both the CIR and EIR
● Service acceptance criteria: 1000/100000 for FLR: 1000 microseconds for both
FTD and FDV

Procedure
Step 1 Assign an IP address and a loopback address to each interface.
For configuration details, see Configuration Files in this section.
Step 2 Configure an IGP on the backbone network. In this example, OSPF is used.
For configuration details, see Configuration Files in this section.
Step 3 Configure a VXLAN tunnel between Device B and Device C.
For configuration roadmap, see Configuring VXLAN. For configuration details, see
Configuration Files in this section.
After a VXLAN tunnel is established, run the display vxlan tunnel command on
Device B or Device C to check VXLAN tunnel information. The following example
uses the command output on Device B.
[~DeviceB] display vxlan tunnel
Number of vxlan tunnel : 1
Tunnel ID Source Destination State Type Uptime
-----------------------------------------------------------------------------------
4026531841 1.1.1.1 2.2.2.2 up dynamic 00:12:56

Step 4 Configure Device A and Device B to communicate and Device C and Device D to
communicate.
# Configure Device B.
[~DeviceB] interface gigabitethernet 2/0/0.1 mode l2
[*DeviceB-GigabitEthernet2/0/0.1] encapsulation dot1q vid 10
[*DeviceB-GigabitEthernet2/0/0.1] bridge-domain 10
[*DeviceB-GigabitEthernet2/0/0.1] commit
[~DeviceB-GigabitEthernet2/0/0.1] quit

The configuration of Device C is similar to that of Device B. The configuration

details are not provided. For configuration details, see Configuration Files in this
section.
# Configure Device A.
<HUAWEI> system-view
[~HUAWEI] sysname DeviceA
[*HUAWEI] commit
[~DeviceA] interface gigabitethernet 2/0/0.1
[*DeviceA-GigabitEthernet2/0/0.1] ip address 10.100.0.1 24
[*DeviceA-GigabitEthernet2/0/0.1] vlan-type dot1q 10
[*DeviceA-GigabitEthernet2/0/0.1] commit
[~DeviceA-GigabitEthernet2/0/0.1] quit

The configuration of Device D is similar to that of Device A. The configuration

details are not provided. For configuration details, see Configuration Files in this
section.
Step 5 Configure Device C as the reflector to reflect service traffic.
[~DeviceC] nqa test-flow 1
[*DeviceC-nqa-testflow-1] vlan 10
[*DeviceC-nqa-testflow-1] udp destination-port 1234

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 263

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

[*DeviceC-nqa-testflow-1] udp source-port 5678

[*DeviceC-nqa-testflow-1] traffic-type mac destination 00-e0-fc-12-34-67
[*DeviceC-nqa-testflow-1] traffic-type mac source 00-e0-fc-12-34-65
[*DeviceC-nqa-testflow-1] quit
[*DeviceC] nqa reflector 1 interface GigabitEthernet 2/0/0.1 test-flow 1 exchange-port agetime 0
[*DeviceC] commit

Step 6 Configure Device B as the initiator to simulate and send service traffic.
[~DeviceB] nqa test-flow 1
[*DeviceB-nqa-testflow-1] vlan 10
[*DeviceB-nqa-testflow-1] udp destination-port 1234
[*DeviceB-nqa-testflow-1] udp source-port 5678
[*DeviceB-nqa-testflow-1] cir simple-test enable
[*DeviceB-nqa-testflow-1] bandwidth cir 10000 eir 10000
[*DeviceB-nqa-testflow-1] sac flr 1000 ftd 1000 fdv 1000
[*DeviceB-nqa-testflow-1] traffic-type mac destination 00-e0-fc-12-34-67
[*DeviceB-nqa-testflow-1] traffic-type mac source 00-e0-fc-12-34-65
[*DeviceB-nqa-testflow-1] traffic-policing test enable
[*DeviceB-nqa-testflow-1] color-mode 8021p green 0 7 yellow 0 7
[*DeviceB-nqa-testflow-1] commit
[~DeviceB-nqa-testflow-1] quit

Step 7 Start the Ethernet service activation test.

[~DeviceB] nqa test-instance admin ethernet
[*DeviceB-nqa-admin-ethernet] test-type ethernet-service
[*DeviceB-nqa-admin-ethernet] forwarding-simulation inbound-interface GigabitEthernet 2/0/0.1
[*DeviceB-nqa-admin-ethernet] test-flow 1
[*DeviceB-nqa-admin-ethernet] start now
[*DeviceB-nqa-admin-ethernet] commit

Step 8 Verify the configuration.

Run the display nqa results test-instance admin ethernet command on Device
B. The command output shows that the test status is Pass, which indicates that
the test is successful.
[~DeviceB-nqa-admin-ethernet] display nqa results test-instance admin ethernet
NQA entry(admin, ethernet) :testflag is inactive ,testtype is ethernet-service
1 . Test 1 result The test is finished
Status : Pass
Test-flow number : 1
Mode : Round-trip
Last step : Performance-test
Estimated total time :6
Real test time :6
1 . Configuration-test
Test-flow 1, CIR simple test
Begin : 2014-06-25 16:22:45.8
End : 2014-06-25 16:22:48.8
Status : Pass
Min/Max/Mean IR(kbit/s) : 9961/10075/10012
Min/Max/Mean FTD(us) : 99/111/104
Min/Max/Mean FDV(us) : 0/7/3
FL Count/FLR : 0/0.000%
Disorder packets :0
Unavail Count/AVAIL : 0/0.000%
Test-flow 1, CIR/EIR test, Green
Begin : 2014-06-25 16:23:15.8
End : 2014-06-25 16:23:18.8
Status : Pass
Min/Max/Mean IR(kbit/s) : 9979/10054/10012
Min/Max/Mean FTD(us) : 101/111/105
Min/Max/Mean FDV(us) : 0/10/3
FL Count/FLR : 0/0.000%
Disorder packets :0
Unavail Count/AVAIL : 0/0.000%
Test-flow 1, CIR/EIR test, Yellow
Begin : 2014-06-25 16:23:15.8

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 264

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

End : 2014-06-25 16:23:18.8

Status : --
Min/Max/Mean IR(kbit/s) : 9979/10057/10013
Min/Max/Mean FTD(us) : 98/111/104
Min/Max/Mean FDV(us) : 1/11/5
FL Count/FLR : 0/0.000%
Disorder packets :0
Unavail Count/AVAIL : 0/0.000%
Test-flow 1, Traffic policing test, Green
Begin : 2014-06-25 16:23:45.8
End : 2014-06-25 16:23:48.8
Status : Pass
Min/Max/Mean IR(kbit/s) : 10039/10054/10045
Min/Max/Mean FTD(us) : 96/110/104
Min/Max/Mean FDV(us) : 1/9/4
FL Count/FLR : 0/0.000%
Disorder packets :0
Unavail Count/AVAIL : 0/0.000%
Test-flow 1, Traffic policing test, Yellow
Begin : 2014-06-25 16:23:45.8
End : 2014-06-25 16:23:48.8
Status : --
Min/Max/Mean IR(kbit/s) : 12544/12566/12554
Min/Max/Mean FTD(us) : 101/111/105
Min/Max/Mean FDV(us) : 1/8/3
FL Count/FLR : 0/0.000%
Disorder packets :0
Unavail Count/AVAIL : 0/0.000%
2 . Performance-test
Test-flow 1, Performance-test
Begin : 2014-06-25 16:24:15.8
End : 2014-06-25 16:39:15.8
Status : Pass
Min/Max/Mean IR(kbit/s) : 9888/10132/10004
Min/Max/Mean FTD(us) : 101/111/105
Min/Max/Mean FDV(us) : 0/8/2
FL Count/FLR : 0/0.000%
Disorder packets :0
Unavail Count/AVAIL : 0/0.000%

----End

Configuration Files
● Device A configuration file
#
sysname DeviceA
#
interface GigabitEthernet2/0/0
undo shutdown
#
interface GigabitEthernet2/0/0.1
vlan-type dot1q 10
ip address 10.100.0.1 255.255.255.0
#
ospf 1
import-route direct
area 0.0.0.0
network 10.100.0.0 0.0.0.255
#
return

● Device B configuration file

#
sysname DeviceB
#
evpn vpn-instance evpna bd-mode
route-distinguisher 1:1

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 265

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

apply-label per-instance
vpn-target 1:1 export-extcommunity
vpn-target 1:1 import-extcommunity
#
ip vpn-instance evpna
ipv4-family
route-distinguisher 1:1
apply-label per-instance
vpn-target 1:1 export-extcommunity evpn
vpn-target 1:1 import-extcommunity evpn
vxlan vni 100
#
bridge-domain 10
vxlan vni 1 split-horizon-mode
evpn binding vpn-instance evpna
#
interface Vbdif10
ip binding vpn-instance evpna
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.0.0.1 255.255.255.0
#
interface GigabitEthernet2/0/0
undo shutdown
#
interface GigabitEthernet2/0/0.1 mode l2
encapsulation dot1q vid 10
rewrite pop single
bridge-domain 10
#
interface LoopBack1
ip address 1.1.1.1 255.255.255.255
#
interface Nve1
source 1.1.1.1
vni 1 head-end peer-list protocol bgp
#
bgp 100
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
#
l2vpn-family evpn
undo policy vpn-target
peer 2.2.2.2 enable
peer 2.2.2.2 advertise irb
peer 2.2.2.2 advertise encap-type vxlan
#
ospf 1
import-route direct
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.0.0.0 0.0.0.255
#
nqa test-flow 1
vlan 10
udp destination-port 1234
udp source-port 5678
cir simple-test enable
bandwidth cir 10000 eir 10000
sac flr 1000 ftd 1000 fdv 1000
traffic-type mac destination 00e0-fc12-3457
traffic-type mac source 00e0-fc12-3456
traffic-policing test enable
color-mode 8021p green 0 7 yellow 0 7

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 266

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

#
nqa test-instance admin ethernet
test-type ethernet-service
forwarding-simulation inbound-interface GigabitEthernet 2/0/0.1
test-flow 1
#
return
● Device C configuration file
#
sysname DeviceC
#
evpn vpn-instance evpna bd-mode
route-distinguisher 1:1
apply-label per-instance
vpn-target 1:1 export-extcommunity
vpn-target 1:1 import-extcommunity
#
ip vpn-instance evpna
ipv4-family
route-distinguisher 1:1
apply-label per-instance
vpn-target 1:1 export-extcommunity evpn
vpn-target 1:1 import-extcommunity evpn
vxlan vni 100
#
bridge-domain 10
vxlan vni 1 split-horizon-mode
evpn binding vpn-instance evpna
#
interface Vbdif10
ip binding vpn-instance evpna
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.0.0.2 255.255.255.0
#
interface GigabitEthernet2/0/0
undo shutdown
#
interface GigabitEthernet2/0/0.1 mode l2
encapsulation dot1q vid 10
rewrite pop single
bridge-domain 10
#
interface LoopBack1
ip address 2.2.2.2 255.255.255.255
#
interface Nve1
source 2.2.2.2
vni 1 head-end peer-list protocol bgp
#
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
#
l2vpn-family evpn
undo policy vpn-target
peer 1.1.1.1 enable
peer 1.1.1.1 advertise irb
peer 1.1.1.1 advertise encap-type vxlan
#
ospf 1
import-route direct
area 0.0.0.0
network 2.2.2.2 0.0.0.0

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 267

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

● Device D configuration file

#
sysname DeviceD
#
interface GigabitEthernet2/0/0
undo shutdown
#
interface GigabitEthernet2/0/0.1
vlan-type dot1q 10
ip address 10.100.0.2 255.255.255.0
#
ospf 1
import-route direct
area 0.0.0.0
network 10.100.0.0 0.0.0.255
#
return

4.11.11 Example for Configuring Test Results to Be Sent to the

FTP Server
Delivering the test results to the FTP server can save the test results to the
maximum extent.

Networking Requirements
As shown in Figure 4-14, Device A serves as the client to perform an ICMP test
and send test results to the FTP server through FTP.

● Interface 1 and interface 2 in this example stand for GE 1/0/0 and GE 2/0/0, respectively.

Figure 4-14 Networking diagram of sending test results to the FTP server

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 268

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

Configuration Roadmap
The configuration roadmap is as follows:
1. Set parameters for configuring test results to be sent to the FTP server.
2. Start a test instance.
3. Verify the configurations.

Data Preparation
To complete the configuration, you need the following data:
● IP address of the FTP server
● User name and password used for logging in to the FTP server
● Name of a file in which test results are saved through FTP
● Interval at which test results are uploaded through FTP

Procedure
Step 1 Set parameters for configuring test results to be sent to the FTP server.
<DeviceA> system-view
[~DeviceA] nqa upload test-type icmp ftp ipv4 10.1.2.8 file-name test1 port 21 username ftp password
huawei-123 interval 600 retry 3
[*DeviceA] commit

Step 2 Start a test instance.

[~DeviceA] nqa test-instance admin icmp
[*DeviceA] test-type icmp
[*DeviceA] destination-address ipv4 10.1.1.10
[*DeviceA-admin-icmp] start now
[*DeviceA-admin-icmp] commit

Step 3 Check the configurations.

# Check information about files that a device is uploading and has attempted to
upload onto a server.
<*DeviceA> display nqa upload file-info
The total number of upload file records is : 2
---------------------------------------------------------------
FileName : NQA_38ba47987301_icmp_20171014112319701_test1.xml
Status : Upload success
RetryTimes : 3
UploadTime : 2017-10-14 11:23:21.697
---------------------------------------------------------------

FileName : NQA_38ba47987301_icmp_20171014112421710_test1.xml
Status : Uploading
RetryTimes : 3
UploadTime : --

----End

Configuration Files
● Device A configuration file
#
sysname DeviceA
#
interface GigabitEthernet 1/0/0

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 269

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 4 NQA Configuration

ip address 10.1.1.11 255.255.255.0

#
interface GigabitEthernet 2/0/0
ip address 10.1.2.1 255.255.255.0
#
nqa upload test-type icmp ftp ipv4 10.1.2.8 file-name test1 port 21 username ftp password %^%#`P'|
9L1x62lN*b+C~wMTT|$EA7+z0XOFC_,B$M+"%^%# interval 600 retry 3
nqa test-instance admin icmp
test-type icmp
destination-address ipv4 10.1.1.10
#
return

● Device B configuration file

#
sysname DeviceB
#
interface GigabitEthernet1/0/0
ip address 10.1.1.10 255.255.255.0
#
return

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 270

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

5 Ping/Tracert

About This Chapter

Ping and tracert monitor network connectivity and forwarding paths.

5.1 Ping/Tracert Licensing Requirements and Configuration Precautions

5.2 Using Ping/Tracert on an IP Network
The ping can monitor link connectivity, and the tracert operation can provide
information used to locate a faulty node.
5.3 Using Ping/Tracert on an MPLS Network
The ping and tracert operations can be used to monitor MPLS networks.
5.4 Using Ping/Tracert on a P2MP Network
This section describes how to use ping and tracert operations to check the P2MP
network connectivity.
5.5 Detecting the VLL Network Through the Ping or Tracert Operation
This section describes how to check the communication among PEs on a VLL
network through ping and tracert operations.
5.6 Using Ping/Tracert on a VPN Network
The ping and tracert operations monitor VPN networks.
5.7 Using Ping/Tracert on a Layer 2 Network
The ping or tracert operations provides information used to locate Ethernet link
faults.
5.8 Using a Ping Operation on an EVPN
If an EVPN tunnel fault occurs, use a ping operation to check EVPN LSPs and fast
locate a tunnel forwarding fault.
5.9 Using a Ping/Tracert Operation on an EVPN VPWS Network
If an EVPN VPWS network fault occurs, use a ping/tracert operation to check
EVPN VPWS LSPs and fast locate a forwarding fault.
5.10 Using Ping/Tracert to Test an SRv6 Network
Ping and tracert can be used to test and monitor a Segment Routing IPv6 (SRv6)
network.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 271

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

5.11 Using MTrace to Test a Multicast Network

Multicast trace route (MTrace) is a tool used to trace multicast paths. It can trace
the path from a receiver to a multicast source along a multicast distribution tree
(MDT).

5.1 Ping/Tracert Licensing Requirements and

Configuration Precautions
Licensing Requirements
For details, see "Licensing Requirements" in Feature Description.

Configuration Precautions
N/A

5.2 Using Ping/Tracert on an IP Network

The ping can monitor link connectivity, and the tracert operation can provide
information used to locate a faulty node.

5.2.1 Using Ping to Check Link Connectivity on an IPv4 or IPv6

Network
The ping operation monitors link connectivity and host reachability on a network.
In a ping operation, the source sends an Internet Control Message Protocol (ICMP)
Request message to the destination and the destination returns an ICMP Response
message to the source.

Context
Ping is a common debugging tool used to test the reachability of devices. It uses
ICMP Echo messages to determine the following:
● Whether the remote device is available.
● Round-trip delay of the communication with the remote host.
● Whether packet loss occurs.
The ping command labels each ICMP Echo Request message with a sequence ID
that starts from 1 and is increased by 1. The number of ICMP Echo Request
messages to be sent is determined by the device, and the default number is 5. The
number of ICMP Echo Request messages to be sent can also be set. If the
destination is reachable, it sends five ICMP Echo Reply messages to the source,
with their sequence numbers identical with that of ICMP Echo Request messages.
Perform the following steps in any view on the client:

Procedure
Step 1 Check whether network connectivity is proper. You can run a different command
to display detailed or brief information.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 272

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

● To display detailed information: Run the ping [ ip ] { [ -c count | { [ -i

{ interface-name | interface-type interface-number } | -nexthop nexthop-
address ] * | -si { interface-name | interface-type interface-number } } | { -s
packetsize | -range [ [ min min-value | max max-value | step step-value ] * ] }
| -t timeout | -m time | -a source-ip-address | -h ttl-value | -p pattern | { -tos
tos-value | -dscp dscp-value } | { -f | ignore-mtu } | -q | -r | -vpn-instance
vpn-instance-name | -v | -system-time | -ri | -8021p 8021p-value| | -name | -
detail ] * host [ ip-forwarding ] } [ bypass -si { interface-name | interface-
type interface-number } ] command.
● To display brief information:
Run the ping [ ip ] { [ -c count | {[ -i { interface-name | interface-type
interface-number } | -nexthop nexthop-address ] * | -si { interface-name |
interface-type interface-number } } | { -s packetsize | -range [ [ min min-
value | max max-value | step step-value ] * ] } | -t timeout | -m time | -a
source-ip-address | -h ttl-value | -p pattern | { -tos tos-value | -dscp dscp-
value } | { -f | ignore-mtu } | -vpn-instance vpn-instance-name | -ri | -8021p
8021p-value| | -name | -brief ] *host [ ip-forwarding ] } [ bypass -si
{ interface-name | interface-type interface-number } ] command.

The ping command output includes the following:

● Response to each ping packet: If no ICMP Echo Reply message is received

within a specified period of time, the message reading "Request time out" is
displayed. If a Reply message is received, the data bytes, packet sequence
number, TTL value, and response time carried in the message are displayed.
● Final statistics: The number of ICMP Echo Request messages, number of ICMP
Echo Reply messages, percentage of non-response packets, and the minimum,
maximum, and average values of the response time are displayed.
<HUAWEI> ping 10.1.1.2
PING 10.1.1.2 : 56 data bytes , press CTRL_C to break
Reply from 10.1.1.2 : bytes=56 sequence=1 ttl=255 time = 1ms
Reply from 10.1.1.2 : bytes=56 sequence=2 ttl=255 time = 2ms
Reply from 10.1.1.2 : bytes=56 sequence=3 ttl=255 time = 1ms
Reply from 10.1.1.2 : bytes=56 sequence=4 ttl=255 time = 3ms
Reply from 10.1.1.2 : bytes=56 sequence=5 ttl=255 time = 2ms

--10.1.1.2 ping statistics--

5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/2/3 ms

The ping ipv6 command is available for IPv6 networks.

Step 2 (Optional) Enable the fast ICMP reply function.

In VS mode, this command is supported only by the admin VS.

1. Run the icmp-reply fast command in the system view to enable the fast
ICMP reply function on a device.
2. Run the icmp-reply fast command in the slot view to enable the fast ICMP
reply function on a specified the interface board.
3. Run the commit command to commit the configuration.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 273

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

The jitter time and delay time in ping processes are great. This is because the
ICMP packets used in ping operations need to be processed by the CPUs of devices
and the processing produces great delays. The details are as follows:
● To minimize the impact of ping attacks on itself, the NetEngine 8000 reduces
the ICMP packet processing priority to the lowest level.
● The NetEngine 8000 uses a distributed processing system. ARP and ICMP
packets and routing information are processed on the interface board. In a
ping operation, the interface board sends ICMP packets to the interface board
for processing, and then the interface board returns the processed ICMP
packets to the interface board. Due to their low processing priority, ICMP
packets are always transmitted and processed after other packets. Their
transmission is delayed.
To resolve ping delay and jitter issues, devices provide the ICMP fast reply function.
After this function is enabled, received ICMP request packets are not sent to the
CPU for processing. Instead, the PFE of the interface board responds to the source
end with ICMP reply packets, greatly shortening the ping delay.

After the undo icmp-reply fast command is run in the system or slot view, the fast ICMP
reply function is disabled on the interface board. After the fast ICMP reply function is
disabled on the interface board, the fast ICMP reply function takes effect on the interface
board only after the icmp-reply fast command is run in both the system and slot views.

----End

5.2.2 Using Ping to Monitor the Reachability of Layer 3 Trunk

Member Interfaces
A ping command can be run to test the reachability of trunk member interfaces,
which helps you learn a physical link's status and locate faulty links.

Context
Multiple physical interfaces can be bundled into a logical trunk interface, and
these physical interfaces are trunk member interfaces. A specific transmission path
is used by each member interface. The path-specific service parameters, such as
delay time, jitter time, and packet loss ratio, are also different. Therefore, you
cannot determine which member interface is faulty when the quality of services
on a trunk interface deteriorates. To resolve this problem, perform a ping test to
detect each physical link to help locate the faulty link.

The ping test applies when two devices are directly connected through trunk interfaces or Eth-
Trunk sub-interfaces.

Procedure
Step 1 Enable the receive end to monitor Layer 3 trunk member interfaces.
1. Run system-view
The system view is displayed.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 274

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

2. Run trunk member-port-inspect

The receive end is enabled to monitor Layer 3 trunk member interfaces.
3. Run commit
The configuration is committed.
Step 2 Ping Layer 3 trunk member interfaces from the transmit end.
1. Run ping [ ip ] { [ -a source-ip-address | -c count | -d | { -f | ignore-mtu } | -h
ttl-value | { { -i interface-type interface-number | -nexthop nexthop-address }
* | -si source-interface-type source-interface-number } | -m time | -p pattern |

-q | -r | { -s packetsize | -range [ [ min min-size | max max-size | step step-

size ] * ] } | -system-time | -t timeout | { -tos tos-value | -dscp dscp-value } | -
v | -vpn-instance vpn-instance-name | -ri | -8021p 8021p-value | -detail ] *
host [ ip-forwarding ] }
The transmit end is enabled to monitor the reachability of a Layer 3 trunk
member interface.
The ping command output contains the following information:
– Response to each ping message: If an echo response message is not
received after the corresponding timer expires, a message reading
"Request time out" is displayed; if an echo response message is received,
the data bytes, message sequence number, and response time are
displayed.
– Final statistics: include the number of sent and received packets,
percentage of failure response packets, and minimum, maximum, and
average response time.
<HUAWEI> ping -a 192.168.1.1 -i gigabitethernet 2/0/0 10.1.1.2
PING 10.1.1.2: 56 data bytes, press CTRL_C to break
Reply from 10.1.1.2: bytes=56 Sequence=1 ttl=255 time=170 ms
Reply from 10.1.1.2: bytes=56 Sequence=2 ttl=255 time=30 ms
Reply from 10.1.1.2: bytes=56 Sequence=2 ttl=255 time=30 ms
Reply from 10.1.1.2: bytes=56 Sequence=2 ttl=255 time=50 ms
Reply from 10.1.1.2: bytes=56 Sequence=2 ttl=255 time=50 ms

--- 10.1.1.2 ping statistics ---

5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 30/66/170 ms

----End

5.2.3 Using Tracert to Monitor the Forwarding Path on an IPv4

or IPv6 Network
The tracert command is used to monitor link connectivity and locate network
faults.

Context
The tracert/tracert ipv6 command is used to discover gateways through which a
message passes from the source to the destination. The maximum TTL value set
for the UDP packet is 255. Each time the source does not receive a reply after the
configured time elapses, it displays the TTL of the UDP packet as expired and

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 275

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

sends another UDP packet with the TTL value increasing by 1. If the TTL value
remains expired for 255 times, the source considers that the UDP packet cannot
reach the destination and the trace test fails.

To reduce exposure of the IP/IPv6 addresses of device interfaces in order to

prevent against detection through Port Unreachable or Time Exceeded messages,
specify the source IP/IPv6 address of Port Unreachable or Time Exceeded
messages in the loopback interface view. If the tracert/tracert ipv6 command is
run to detect a remote IP/IPv6 address, the device uses the IP/IPv6 address of the
loopback interface to function as the source IP/IPv6 address of Port Unreachable
or Time Exceeded messages.

Procedure
● On an IPv4 network:
a. (Optional) Configure the IP address of the loopback interface as the
source IP address of ICMP Port Unreachable or Time Exceeded messages.
i. Run system-view
The system view is displayed.
ii. Run interface loopback loopback-number
A loopback interface is created, and the loopback interface view is
displayed.
iii. (Optional) Run ip binding vpn-instance vpn-instance-name
The interface is bound to a VPN instance.
iv. Run ip icmp { ttl-exceeded | port-unreachable } source-address
The IP address of the loopback interface is configured as the source
IP address of ICMP Port Unreachable or Time Exceeded messages.
v. Run commit
The configuration is committed.
b. Run tracert [ -a source-ip-address | -f initTtl | -m maxTtl | -p port | -q
nqueries | -vpn-instance vpn-instance-name | -w timeout | -v | -name | -
s size | -tos tos-value | -nexthop nexthop-address | -passroute | -i
interface-type interface-number ] * host
The fault position is tested.
The following example uses the tracert command to analyze the
network.
<HUAWEI> tracert -m 10 10.1.1.1
traceroute to 10.1.1.1 (10.1.1.1), max hops: 10 ,packet length: 40,press CTRL_C to break
1 172.16.112.1 19 ms 19 ms 1 ms
2 172.16.216.1 39 ms 39 ms 19 ms
3 172.16.136.23 39 ms 40 ms 39 ms
4 172.16.168.22 39 ms 39 ms 39 ms
5 172.16.197.4 40 ms 59 ms 59 ms
6 172.16.221.5 59 ms 59 ms 59 ms
7 172.31.70.13 99 ms 99 ms 80 ms
8 172.31.71.6 139 ms 239 ms 319 ms
9 172.31.81.7 220 ms 199 ms 199 ms
10 10.1.1.1 239 ms 239 ms 239 ms

● On an IPv6 network:

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 276

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

a. (Optional) Configure the IPv6 address of the loopback interface as the

source IPv6 address of ICMPv6 Port Unreachable or Time Exceeded
messages.
i. Run system-view
The system view is displayed.
ii. Run interface loopback loopback-number
A loopback interface is created, and the loopback interface view is
displayed.
iii. (Optional) Run ip binding vpn-instance vpn-instance-name
The interface is bound to a VPN instance.
iv. Run ipv6 enable
IPv6 is enabled on the interface.
v. Run ipv6 icmp { hop-limit-exceeded | port-unreachable } source-
address
The IPv6 address of the loopback interface is configured as the
source IPv6 address of ICMPv6 Port Unreachable or Time Exceeded
messages.
vi. Run commit
The configuration is committed.
b. Run tracert ipv6 [ -f first-hop-limit | -m max-hop-limit | -p port-number |
-q probes | -w timeout | vpn-instance vpn-instance-name | -s size | -a
source-ipv6-address | -name | -v ] * host-name
The fault position is tested.
The following example uses the tracert ipv6 command to analyze the
network.
<HUAWEI> tracert ipv6 -q 5 -w 8000 2001:db8:100::3
traceroute to 2001:db8:100::3 30 hops max,60 bytes packet
1 2001:db8:200::2 26 ms 23 ms 26 ms 30 ms 29 ms
2 2001:db8:100::3 3020 ms 3024 ms 4040 ms 6820 ms 5584 ms

----End

5.3 Using Ping/Tracert on an MPLS Network

The ping and tracert operations can be used to monitor MPLS networks.

5.3.1 Using Ping to Monitor Link Connectivity on an MPLS

Network
Ping operations can be used to check the connectivity of label distribution protocol
(LDP) label switched path (LSPs) that carry IPv4 or IPv6 packets and TE tunnels
that carry IPv4 packets.

Prerequisites
Before you start a test, run the lspv mpls-lsp-ping echo enable or lspv mpls-lsp-
ping echo enable ipv6 command to enable the device to respond to MPLS echo
request/MPLS echo request IPv6 packets.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 277

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

As NQA is deployed on the main control board of a device, both the initiator and
responder of an LSP ping test need to send LSP ping test packets to the main
control board for processing. If a large number of packets are sent to the main
control board, the CPU usage of the main control board increases, which adversely
affects device operation. To prevent this problem, run the lspv mpls-lsp-ping cpu-
defend cpu-defend command to set an upper limit for the rate of sending MPLS
Echo Request packets to the main control board.
If the MPLS packet length of an NQA test instance is greater than the MTU of a
specified MPLS tunnel, MPLS packets fail to pass through the tunnel. To allow the
packets to pass through the tunnel, run the fragment enable command to enable
MPLS packet fragmentation.

Context
Perform the following steps in any view on the NQA client:

For example:
<HUAWEI> ping lsp -v ip 3.3.3.3 32
LSP PING FEC: IPV4 PREFIX 3.3.3.3/32 : 100 data bytes, press CTRL_C to break
Reply from 3.3.3.3: bytes=100 Sequence=1 time = 4 ms Return Code 3, Subcode 1
Reply from 3.3.3.3: bytes=100 Sequence=2 time = 4 ms Return Code 3, Subcode 1
Reply from 3.3.3.3: bytes=100 Sequence=3 time = 4 ms Return Code 3, Subcode 1
Reply from 3.3.3.3: bytes=100 Sequence=4 time = 4 ms Return Code 3, Subcode 1
Reply from 3.3.3.3: bytes=100 Sequence=5 time = 5 ms Return Code 3, Subcode 1
--- FEC: IPV4 PREFIX 3.3.3.3/32/ ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 4/4/5 ms
● To test the connectivity of a TE tunnel (RSVP-TE tunnel, static TE tunnel, or
dynamic TE tunnel) that carries IPv4 packets, run:
ping lsp [ -a source-ip | -c count | -exp exp-value | -h ttl-value | -m interval | -r reply-mode | -s
packet-size | -t time-out | -v | -g ] * te { tunnelName | ifType ifNum } [ hot-standby ] [ compatible-
mode ] | auto-tunnel auto-tunnelname }

For example:
<HUAWEI> ping lsp te Tunnel 1
LSP PING FEC: TE TUNNEL IPV4 SESSION QUERY Tunnel1 : 100 data bytes, press CTRL_C to break
Reply from 1.1.1.1: bytes=100 Sequence=1 time = 4 ms
Reply from 1.1.1.1: bytes=100 Sequence=2 time = 2 ms
Reply from 1.1.1.1: bytes=100 Sequence=3 time = 2 ms
Reply from 1.1.1.1: bytes=100 Sequence=4 time = 2 ms
Reply from 1.1.1.1: bytes=100 Sequence=5 time = 2 ms

--- FEC: RSVP IPV4 SESSION QUERY Tunnel1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 2/2/4 ms
● Test SR-MPLS TE IPv4 tunnel connectivity.
– To test the connectivity of an SR-MPLS TE tunnel dynamically created,
run the ping lsp [ -a source-ip | -c count | -exp exp-value | -h ttl-value | -

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 278

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

m interval | -s packet-size | -t time-out | -v | -g ] * segment-routing

auto-tunnel auto-tunnelname version { draft2 | draft4 } [ remote
remote-address ] [ hot-standby ] command and specify auto-
tunnelname on the ingress to initiate a ping test to the egress.
<HUAWEI> ping lsp segment-routing auto-tunnel Tunnel10 version draft4
LSP PING FEC: AUTO TE TUNNEL IPV4 SESSION QUERY Tunnel10 : 100 data bytes, press
CTRL_C to break
Reply from 10.1.1.2: bytes=100 Sequence=1 time=11 ms
Reply from 10.1.1.2: bytes=100 Sequence=2 time=9 ms
Reply from 10.1.1.2: bytes=100 Sequence=3 time=6 ms

--- FEC: AUTO TE TUNNEL IPV4 SESSION QUERY Tunnel10 ping statistics ---
3 packet(s) transmitted
3 packet(s) received
0.00% packet loss
round-trip min/avg/max = 6/8/11 ms

– To test the connectivity of an SR-MPLS TE IPv4 tunnel manually

configured, run the ping lsp [ -a source-ip | -c count | -exp exp-value | -h
ttl-value | -m interval | -s packet-size | -t time-out | -v | -g ] * segment-
routing te { tunnelName | ifType ifNum } [ draft2 ] [ remote remote-
address ] [ hot-standby ] command to initiate a ping test to the egress.
<HUAWEI> ping lsp segment-routing te Tunnel10
LSP PING FEC: TE TUNNEL IPV4 SESSION QUERY Tunnel10 : 100 data bytes, press CTRL_C to
break
Reply from 10.1.1.2: bytes=100 Sequence=1 time=11 ms
Reply from 10.1.1.2: bytes=100 Sequence=2 time=9 ms
Reply from 10.1.1.2: bytes=100 Sequence=3 time=6 ms

--- FEC: TE TUNNEL IPV4 SESSION QUERY Tunnel10 ping statistics ---
3 packet(s) transmitted
3 packet(s) received
0.00% packet loss
round-trip min/avg/max = 6/8/11 ms

● Test SR-MPLS BE IPv4 tunnel connectivity.

To test the connectivity of an SR-MPLS BE IPv4 tunnel, run the ping lsp [ -a
source-ip | -c count | -exp exp-value | -h ttl-value | -m interval | -s packet-size
| -t time-out | -v | -g ] * segment-routing ip destination-address mask-length
version draft2 [ remote remote-ip ] command.
<HUAWEI> ping lsp segment-routing ip 3.3.3.9 32 version draft2
LSP PING FEC: SEGMENT ROUTING IPV4 PREFIX 3.3.3.9/32 : 100 data bytes, press CTRL_C to break
Reply from 3.3.3.9: bytes=100 Sequence=1 time=13 ms
Reply from 3.3.3.9: bytes=100 Sequence=2 time=9 ms
Reply from 3.3.3.9: bytes=100 Sequence=3 time=2 ms
Reply from 3.3.3.9: bytes=100 Sequence=4 time=3 ms
Reply from 3.3.3.9: bytes=100 Sequence=5 time=6 ms
--- FEC: SEGMENT ROUTING IPV4 PREFIX 3.3.3.9/32 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 2/6/13 ms

● Test the connectivity of the BGP LSP carrying IPv4 packets.

Run the ping lsp [ -a source-ip | -c count | -exp exp-value | -h ttl-value | -m
interval | -r reply-mode | -s packet-size | -t time-out | -v | -g ] * bgp
destination-iphost mask-length [ ip-address ] [ nexthop nexthop-address ]
command to test the connectivity.
<HUAWEI> ping lsp -c 2 bgp 4.4.4.4 32
LSP PING FEC: BGP LABELED IPV4 PREFIX 4.4.4.4/32/ : 100 data bytes, press CTRL_C to break
Reply from 4.4.4.4: bytes=100 Sequence=1 time=46 ms

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 279

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

Reply from 4.4.4.4: bytes=100 Sequence=2 time=2 ms

--- FEC: BGP LABELED IPV4 PREFIX 4.4.4.4/32 ping statistics ---
2 packet(s) transmitted
2 packet(s) received
0.00% packet loss
round-trip min/avg/max = 2/24/46 ms

● Test the connectivity of an LDP LSP connected with an SR-MPLS BE tunnel.

To test the connectivity of an LDP LSP connected with an SR-MPLS BE tunnel,

run the ping lsp [ -a source-ip | -c count | -exp exp-value | -h ttl-value | -m
interval | -r reply-mode | -s packet-size | -t time-out | -v | -g ] * ip destination-
iphost mask-length [ ip-address ] [ nexthop nexthop-address ] [ remote
remote-address ] command on the ingress to initiate a ping test to the egress
of the SR-MPLS BE tunnel.
<HUAWEI> ping lsp -c 3 ip 5.5.5.9 32 remote 5.5.5.9
LSP PING FEC: IPV4 PREFIX 5.5.5.9/32/ : 100 data bytes, press CTRL_C to break
Reply from 5.5.5.9: bytes=100 Sequence=1 time=3 ms
Reply from 5.5.5.9: bytes=100 Sequence=2 time=3 ms
Reply from 5.5.5.9: bytes=100 Sequence=3 time=3 ms

--- FEC: IPV4 PREFIX 5.5.5.9/32 ping statistics ---

3 packet(s) transmitted
3 packet(s) received
0.00% packet loss
round-trip min/avg/max = 3/3/3 ms

● Test the connectivity of an SR-MPLS BE tunnel connected with an LDP LSP.

To test the connectivity of an SR-MPLS BE tunnel connected with an LDP LSP,

When testing the connectivity of an SR-MPLS BE tunnel connected with an LDP LSP,
specify a remote IP address using the remote remote-ip parameter.

<HUAWEI> ping lsp -c 3 segment-routing ip 5.5.5.9 32 version draft2 remote 5.5.5.9

LSP PING FEC: IPV4 PREFIX 5.5.5.9/32 : 100 data bytes, press CTRL_C to break
Reply from 5.5.5.9: bytes=100 Sequence=1 time=9 ms
Reply from 5.5.5.9: bytes=100 Sequence=2 time=2 ms
Reply from 5.5.5.9: bytes=100 Sequence=3 time=3 ms

--- FEC: IPV4 PREFIX 5.5.5.9/32 ping statistics ---

3 packet(s) transmitted
3 packet(s) received
0.00% packet loss
round-trip min/avg/max = 2/4/9 ms

● Test the connectivity of an LDP LSP connected with an SR-MPLS BE tunnel

(the LDP end does not support interworking).

To test the connectivity of an LDP LSP connected with an SR-MPLS BE tunnel,

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 280

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

You must run the lspv echo-reply fec-validation ldp disable command on the SR-
MPLS BE side to disable the LSPV response end from checking the LDP FEC.
<HUAWEI> ping lsp -v ip 3.3.3.3 32
LSP PING FEC: IPV4 PREFIX 3.3.3.3/32 : 100 data bytes, press CTRL_C to break
Reply from 3.3.3.3: bytes=100 Sequence=1 time = 4 ms Return Code 3, Subcode 1
Reply from 3.3.3.3: bytes=100 Sequence=2 time = 4 ms Return Code 3, Subcode 1
Reply from 3.3.3.3: bytes=100 Sequence=3 time = 4 ms Return Code 3, Subcode 1
Reply from 3.3.3.3: bytes=100 Sequence=4 time = 4 ms Return Code 3, Subcode 1
Reply from 3.3.3.3: bytes=100 Sequence=5 time = 5 ms Return Code 3, Subcode 1
--- FEC: IPV4 PREFIX 3.3.3.3/32/ ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 4/4/5 ms
● Test the connectivity of an SR-MPLS BE tunnel connected with an LDP LSP
(the LDP end does not support interworking).
To test the connectivity of an SR-MPLS BE tunnel connected with an LDP LSP,
run the ping lsp [ -a source-ip | -c count | -exp exp-value | -h ttl-value | -m
interval | -s packet-size | -t time-out | -v | -g ] * segment-routing ip
destination-address mask-length version draft2 remote-fec { ldp
remoteipaddr remotemasklen | nil } command on the ingress to initiate a
ping test to the egress with the destination address being the LDP LSP.
<HUAWEI> ping lsp -c 3 segment-routing ip 5.5.5.9 32 version draft2 remote-fec ldp 5.5.5.9 32
LSP PING FEC: IPV4 PREFIX 5.5.5.9/32 : 100 data bytes, press CTRL_C to break
Reply from 5.5.5.9: bytes=100 Sequence=1 time=9 ms
Reply from 5.5.5.9: bytes=100 Sequence=2 time=2 ms
Reply from 5.5.5.9: bytes=100 Sequence=3 time=3 ms

--- FEC: IPV4 PREFIX 5.5.5.9/32 ping statistics ---

3 packet(s) transmitted
3 packet(s) received
0.00% packet loss
round-trip min/avg/max = 2/4/9 ms
● Test the connectivity of an SR-MPLS TE policy tunnel carrying IPv4 packets.
To test the connectivity of an SR-MPLS TE policy tunnel carrying IPv4 packets,
run the ping lsp [ -a source-ip | -c count | -exp exp-value | -h ttl-value | -m
interval | -s packet-size | -t time-out | -v | -g ] * sr-te policy { policy-name
policyname | endpoint-ip endpoint-ip color colorid | binding-sid bsid }
command.
<HUAWEI> ping lsp sr-te policy policy-name test
LSP PING FEC: Nil FEC : 100 data bytes, press CTRL_C to break
sr-te policy's segment list:
Preference : 300; Path Type: main; Protocol-Origin : local; Originator: 0, 0.0.0.0; Discriminator: 300;
Segment-List ID : 1; Xcindex : 1
Reply from 3.3.3.9: bytes=100 Sequence=1 time=13 ms Reply from 3.3.3.9: bytes=100 Sequence=2
time=9 ms
Reply from 3.3.3.9: bytes=100 Sequence=3 time=2 ms
Reply from 3.3.3.9: bytes=100 Sequence=4 time=3 ms
Reply from 3.3.3.9: bytes=100 Sequence=5 time=6 ms
--- FEC: Nil FEC ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 2/6/13 ms
sr-te policy's segment list:
Preference : 400; Path Type: backup; Protocol-Origin : local; Originator: 0, 0.0.0.0; Discriminator: 400;
Segment-List ID : 2; Xcindex : 2
Reply from 3.3.3.9: bytes=100 Sequence=1 time=13 ms

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 281

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

Reply from 3.3.3.9: bytes=100 Sequence=2 time=9 ms

Reply from 3.3.3.9: bytes=100 Sequence=3 time=2 ms
Reply from 3.3.3.9: bytes=100 Sequence=4 time=3 ms
Reply from 3.3.3.9: bytes=100 Sequence=5 time=6 ms
--- FEC: Nil FEC ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
● Test the connectivity of an inter-AS E2E SR-MPLS TE tunnel.
To test the connectivity of an inter-AS E2E SR-MPLS TE tunnel, run the ping
lsp [ -a source-ip | -c count | -exp exp-value | -h ttl-value | -m interval | -s
packet-size | -t timeout | -v | -g | -r reply-mode ] * segment-routing { { auto-
tunnel srAutoTnlName version { draft2 | draft4 } } | te { tunnelName | ifType
ifNum } [ draft2 ] } [ remote remoteAddress ] [ hot-standby ] command.
<HUAWEI> ping lsp segment-routing te Tunnel 11 draft2
LSP PING FEC: SEGMENT ROUTING TE TUNNEL IPV4 SESSION QUERY Tunnel11 : 100 data bytes,
press CTRL_C to break
Reply from 5.5.5.9: bytes=100 Sequence=1 time=14 ms
Reply from 5.5.5.9: bytes=100 Sequence=2 time=12 ms
Reply from 5.5.5.9: bytes=100 Sequence=3 time=9 ms
Reply from 5.5.5.9: bytes=100 Sequence=4 time=11 ms
Reply from 5.5.5.9: bytes=100 Sequence=5 time=8 ms
--- FEC: SEGMENT ROUTING TE TUNNEL IPV4 SESSION QUERY Tunnel11 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 8/10/14 ms

----End

Follow-up Procedure
After the test is completed, you are advised to run the undo lspv mpls-lsp-ping
echo enable or undo lspv mpls-lsp-ping echo enable ipv6 command to disable
the device from responding to MPLS Echo Request/MPLS Echo Request IPv6
packets to prevent system resource occupation.

5.3.2 Using Tracert to Test the Forwarding Path on an MPLS

Network
A tracert operation tests the path over which a label distribution protocol (LDP)
label switched path (LSP) or a TE tunnel that carries IPv4 packets is established or
locate the fault point on the path.

Prerequisites
Before you start a test, run the lspv mpls-lsp-ping echo enable/lspv mpls-lsp-
ping echo enable ipv6 command to enable the device to respond to MPLS echo
request/MPLS echo request IPv6 packets.

If the device interworks with a non-Huawei device, run the lspv echo-reply compatible fec
enable command to enable the device to respond to MPLS Echo Request packets with
MPLS Echo Reply packets that do not carry FEC information.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 282

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

control board, the CPU usage of the main control board increases, which adversely
affects device operation. To prevent this problem, run the lspv mpls-lsp-ping cpu-
defend cpu-defend command to set an upper limit for the rate of sending MPLS
Echo Request packets to the main control board.

Context
Perform the following steps in any view on the NQA client:

Procedure
● To test the path over which an LDP LSP that carries IPv4 packets is established
or locate the fault point on the path, run:
tracert lsp [ -a source-ip | -exp exp-value | -h ttl-value | -r reply-mode | -t time-out | -s size | -g ] * ip
destination-iphost mask-length [ ip-address ] [ nexthop nexthop-address ] [ detail ]

For example:
<HUAWEI> tracert lsp ip 1.1.1.1 32
LSP Trace Route FEC: IPV4 PREFIX 1.1.1.1/32 , press CTRL_C to break.
TTL Replier Time Type Downstream
0 Ingress 10.1.1.1/[3 ]
1 1.1.1.1 5 Egress
● To test the path over which a TE tunnel (RSVP-TE tunnel, static TE tunnel, or
dynamic TE tunnel) that carries IPv4 packets is established or locate the fault
point on the path, run:
tracert lsp [ -a source-ip | -exp exp-value | -h ttl-value | -r reply-mode | -t
time-out | -s size | -g ] * te { tunnelName | ifType ifNum } [ hot-standby ]
[ compatible-mode ] | auto-tunnel auto-tunnelname [ detail ]
<HUAWEI> tracert lsp te Tunnel 1
LSP Trace Route FEC: TE TUNNEL IPV4 SESSION QUERY Tunnel1 , press CTRL_C to break.
TTL Replier Time Type Downstream
0 Ingress 10.1.1.1/[3 ]
1 1.1.1.1 4 Egress
● Test the path over which an SR-MPLS TE IPv4 tunnel is established or locate
the fault point on the path.
– To test an SR-MPLS TE tunnel dynamically created, run the tracert lsp [ -
a source-ip | -exp exp-value | -h ttl-value | -t time-out | -s size | -g ] *
segment-routing auto-tunnel auto-tunnelname version { draft2 |
draft4 } [ hot-standby ] [ detail ] command and specify auto-
tunnelname on the ingress to initiate a tracert test to the egress.
<HUAWEI> tracert lsp segment-routing auto-tunnel Tunnel10 version draft4
LSP Trace Route FEC: AUTO TE TUNNEL IPV4 SESSION QUERY Tunnel10 , press CTRL_C to
break.
TTL Replier Time Type Downstream
0 Ingress 10.1.1.2/[284688 ]
1 10.1.1.2 7 ms Egress
– To test an SR-MPLS TE IPv4 tunnel manually configured, run the tracert
lsp [ -a source-ip | -exp exp-value | -h ttl-value | -t time-out | -s size | -g ]
* segment-routing te { tunnelName | ifType ifNum } [ draft2 ] [ hot-

standby ] [ detail ] command and specify tunnelName or ifType ifNum

on the ingress to initiate a tracert test to the egress.
<HUAWEI> tracert lsp segment-routing te Tunnel10
LSP Trace Route FEC: AUTO TE TUNNEL IPV4 SESSION QUERY Tunnel10 , press CTRL_C to
break.
TTL Replier Time Type Downstream

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 283

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

0 Ingress 10.1.1.2/[284688 ]
1 10.1.1.2 7 ms Egress

● Test the path over which an SR-MPLS BE IPv4 tunnel is established or the
fault point on the path.

To test the fault point on an SR-MPLS BE IPv4 tunnel, run the tracert lsp [ -a
source-ip | -exp exp-value | -h ttl-value | -s size | -g ] * segment-routing ip
ip-address mask-length version draft2 [ remote remote-ip ] command.
<HUAWEI> tracert lsp segment-routing ip 2.2.2.2 32 version draft2
LSP Trace Route FEC: SEGMENT ROUTING IPV4 PREFIX 2.2.2.2/32 , press CTRL_C to break.
TTL Replier Time Type Downstream
0 Ingress 192.168.1.2/[1001 ]
1 192.168.1.2 6 ms Transit 192.168.2.2/[3 ]
2 192.168.2.2 6 ms Egress

● Test the BGP LSP carrying IPv4 packets or locate the fault point on the path.

Run the tracert lsp [ -a source-ip | -exp exp-value | -h ttl-value | -r reply-

mode | -t time-out | -s size | -g ] * bgp destination-iphost mask-length [ ip-
address ] [ detail ] [ nexthop nexthop-address ] command to test the BGP
LSP carrying IPv4 packets or locate the fault point on the path.
<HUAWEI> tracert lsp -h 5 bgp 4.4.4.4 32
LSP Trace Route FEC: IPV4 PREFIX 4.4.4.4/32 , press CTRL_C to break.
TTL Replier Time Type Downstream
0 Ingress 10.1.1.2/[32967 3 ]
1 10.1.1.2 5 ms Transit 10.2.1.2/[32938 3 ]
2 10.2.1.2 6 ms Transit 10.3.1.2/[32989 3 ]
3 4.4.4.4 1 ms Egress

● Locate a fault point on an LDP LSP connected with an SR-MPLS BE tunnel.

To locate a fault point on an LDP LSP connected with an SR-MPLS BE tunnel,

run the tracert lsp [ -a source-ip | -exp exp-value | -h ttl-value | -r reply-
mode | -t time-out | -s size | -g ] * ip destination-iphost mask-length [ ip-
address ] [ nexthop nexthop-address ] [ detail ] [ ddmap ] command on the
ingress to initiate a tracert test to the egress of the SR-MPLS BE tunnel.
<HUAWEI> tracert -h 10 ip 1.1.1.1 32 ddmap
LSP Trace Route FEC: IPV4 PREFIX 5.5.5.9/32 , press CTRL_C to break.
TTL Replier Time Type Downstream
0 Ingress 10.1.1.1/[66010 ]
1 10.1.1.1 9 ms Transit 10.1.1.2/[33182 ]
2 10.1.1.2 7 ms Transit 10.1.1.3/[319836 ]
3 10.1.1.3 9 ms Transit 192.168.1.2/[3 ]
4 5.5.5.9 3 ms Egress

● Locate a fault point on an SR-MPLS BE tunnel connected with an LDP LSP.

To locate a fault point on an SR-MPLS BE tunnel connected with an LDP LSP,

run the tracert lsp [ -a source-ip | -exp exp-value | -h ttl-value | -s size | -g ] *
segment-routing ip ip-address mask-length version draft2 remote remote-
ip command on the ingress to initiate a tracert test to the egress with the
destination address being the LDP LSP.
<HUAWEI> tracert lsp -h 10 segment-routing ip 5.5.5.9 32 version draft2 remote 5.5.5.9
LSP Trace Route FEC: SEGMENT ROUTING IPV4 PREFIX 5.5.5.9/32 , press CTRL_C to break.
TTL Replier Time Type Downstream
0 Ingress 10.1.1.1/[319546 ]
1 10.1.1.1 7 ms Transit 10.1.1.2/[319546 ]
2 10.1.1.2 7 ms Transit 10.1.1.3/[33517 3 ]
3 10.1.1.3 11 ms Transit 192.168.1.2/[3 ]
4 5.5.5.9 2 ms Egress

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 284

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

● Locate a fault point on an LDP LSP connected with an SR-MPLS BE tunnel

(the LDP end does not support interworking).

To locate a fault point on an LDP LSP connected with an SR-MPLS BE tunnel,

You must run the lspv echo-reply fec-validation ldp disable command on the SR-
MPLS BE side to disable the LSPV response end from checking the LDP FEC.
<HUAWEI> tracert lsp ip 1.1.1.1 32
LSP Trace Route FEC: IPV4 PREFIX 1.1.1.1/32 , press CTRL_C to break.
TTL Replier Time Type Downstream
0 Ingress 10.1.1.1/[3 ]
1 1.1.1.1 5 Egress

● Locate a fault point on an SR-MPLS BE tunnel connected with an LDP LSP

(the LDP end does not support interworking).

To locate a fault point on an SR-MPLS BE tunnel connected with an LDP LSP,

run the tracert lsp [ -a source-ip | -exp exp-value | -h ttl-value | -s packet-size
| -g | -t time-out ] * segment-routing ip ip-address mask-length version
draft2 [ remote-fec ldp remoteipaddr remotemasklen ] command on the
ingress to initiate a tracert test to the egress with the destination address
being the LDP LSP.
<HUAWEI> tracert lsp -h 10 segment-routing ip 5.5.5.9 32 version draft2 remote-fec ldp 5.5.5.9 32
LSP Trace Route FEC: SEGMENT ROUTING IPV4 PREFIX 5.5.5.9/32 , press CTRL_C to break.
TTL Replier Time Type Downstream
0 Ingress 10.1.1.1/[319546 ]
1 10.1.1.1 7 ms Transit 10.1.1.2/[319546 ]
2 10.1.1.2 7 ms Transit 10.1.1.3/[33517 3 ]
3 10.1.1.3 11 ms Transit 192.168.1.2/[3 ]
4 5.5.5.9 2 ms Egress

● Test the path over which an SR-MPLS TE policy tunnel carrying IPv4 packets is
established or the fault point on the path.

To locate a fault point on an SR-MPLS TE policy tunnel, run the tracert lsp [ -
a source-ip | -exp exp-value | -h ttl-value | -s packet-size | -t time-out | -g ] *
sr-te policy { policy-name policyname | endpoint-ip endpoint-ip color
colorid | binding-sid bsid } command.
<HUAWEI> tracert lsp sr-te policy policy-name test
LSP Trace Route FEC: Nil FEC, press CTRL_C to break.
sr-te policy¡¯s segment list:
Preference : 300; Path Type: main; Protocol-Origin : local; Originator: 0, 0.0.0.0; Discriminator: 300;
Segment-List ID : 1; Xcindex : 1
TTL Replier Time Type Downstream
0 Ingress 10.1.2.1/[13312 12]
1 10.1.2.1 63 ms Transit 10.1.2.2/[12 ]
2 6.6.6.6 93 ms Egress

sr-te policy¡¯s segment list:

Preference : 400; Path Type: backup; Protocol-Origin : local; Originator: 0, 0.0.0.0; Discriminator: 400;
Segment-List ID : 1; Xcindex : 1
TTL Replier Time Type Downstream
0 Ingress 10.1.2.1/[13312 12]
1 10.1.2.1 63 ms Transit 10.1.2.2/[12 ]
2 6.6.6.6 93 ms Egress

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 285

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

● Test the path over which an inter-AS E2E SR-MPLS TE tunnel is established or
locate the fault point on the path.
To locate a fault point on an inter-AS E2E SR-MPLS TE tunnel, run the tracert
lsp [ -a source-ip | -exp exp-value | -h ttl-value | -t time-out | -s packet-size | -
g | -r reply-mode ] * segment-routing { { auto-tunnel srAutoTunnelName
version { draft2 | draft4 } } | te { tunnelName | ifType ifNum } [ draft2 ] }
[ hot-standby ] [ detail ] command.
<HUAWEI> tracert lsp segment-routing te Tunnel 11 draft2
LSP Trace Route FEC: SEGMENT ROUTING TE TUNNEL IPV4 SESSION QUERY Tunnel11 , press
CTRL_C to break.
TTL Replier Time Type Downstream
0 Ingress 10.1.1.2/[48061 48120 2000 ]
1 10.1.1.2 393 ms Transit 10.2.1.2/[48120 2000 ]
2 10.2.1.2 18 ms Transit 10.3.1.2/[2000 ]
3 10.3.1.2 23 ms Transit 10.4.1.2/[3 ]
4 5.5.5.9 30 ms Egress

----End

Follow-up Procedure
After the test is completed, you are advised to run the undo lspv mpls-lsp-ping
echo enable/undo lspv mpls-lsp-ping echo enable ipv6 command to disable the
device from responding to MPLS Echo Request/MPLS Echo Request IPv6 packets to
prevent system resource occupation.

5.4 Using Ping/Tracert on a P2MP Network

This section describes how to use ping and tracert operations to check the P2MP
network connectivity.

5.4.1 Using Ping to Check Link Connectivity on a P2MP

Network
Run the ping commands to check the connectivity between nodes on a Point-to-
Multipoint (P2MP) network.

Usage Scenario
On a VPLS over P2MP network, ping can be used to check the following tunnels:
● P2MP label distribution protocol (LDP) label switched paths (LSPs)
● P2MP TE tunnels that are automatically generated

Pre-configuration Tasks
Before using ping to check the P2MP network connectivity, ensure that P2MP is
correctly configured.

Procedure
Step 1 Run the ping multicast-lsp command to check the connectivity of the following
tunnels on a P2MP network:

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 286

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

● P2MP LDP LSPs

ping multicast-lsp [ -a source-ip | -c count | -exp exp-value | -j jitter-value | -
m interval | -r reply-mode | -s packet-size | -t time-out | -v ] * mldp p2mp
root-ip root-ip-address { lsp lsp-id | opaque-value opaque-value } [ leaf-
destination leaf-destination ]
● P2MP TE tunnels that are automatically generated
ping multicast-lsp [ -a source-ip | -c count | -exp exp-value | -j jitter-value | -
m interval | -r reply-mode | -s packet-size | -t time-out | -v ] * te-auto-tunnel
auto-tunnel-name [ leaf-destination leaf-destination ]
# Use ping to check the P2MP LDP LSP connectivity.
<HUAWEI> ping multicast-lsp mldp p2mp root-ip 1.1.1.1 lsp-id 1
LSP PING FEC: root-ip 1.1.1.1 : 100 data bytes, press CTRL_C to break
Reply from 10.10.10.10: bytes=100 Sequence=1 time=60 ms
Reply from 10.10.10.10: bytes=100 Sequence=2 time=50 ms
Reply from 10.10.10.10: bytes=100 Sequence=3 time=30 ms
Reply from 10.10.10.10: bytes=100 Sequence=4 time=100 ms
Reply from 10.10.10.10: bytes=100 Sequence=5 time=80 ms

round-trip min/avg/max = 30/64/100 ms

# Use ping to check the P2MP TE tunnel connectivity.

<HUAWEI> ping multicast-lsp te-auto-tunnel P2MPoh5121
LSP PING FEC: RSVP P2MP IPv4 P2MP-Auto-tunnel : 100 data bytes, press CTRL_C to
break
Reply from 2.2.2.2: bytes=100 Sequence=1 time=10
ms
Reply from 3.3.3.3: bytes=100 Sequence=1 time=60
ms
Reply from 5.5.5.5: bytes=100 Sequence=1 time=60
ms
Reply from 6.6.6.6: bytes=100 Sequence=1 time=80
ms
Reply from 2.2.2.2: bytes=100 Sequence=2 time=20
ms
Reply from 5.5.5.5: bytes=100 Sequence=2 time=50
ms
Reply from 6.6.6.6: bytes=100 Sequence=2 time=70
ms
Reply from 3.3.3.3: bytes=100 Sequence=2 time=70
ms
Reply from 2.2.2.2: bytes=100 Sequence=3 time=50
ms
Reply from 6.6.6.6: bytes=100 Sequence=3 time=100
ms
Reply from 3.3.3.3: bytes=100 Sequence=3 time=110
ms
Reply from 5.5.5.5: bytes=100 Sequence=3 time=110
ms
Reply from 2.2.2.2: bytes=100 Sequence=4 time=30
ms
Reply from 6.6.6.6: bytes=100 Sequence=4 time=50
ms
Reply from 5.5.5.5: bytes=100 Sequence=4 time=60
ms
Reply from 3.3.3.3: bytes=100 Sequence=4 time=60
ms
Reply from 2.2.2.2: bytes=100 Sequence=5 time=30
ms
Reply from 6.6.6.6: bytes=100 Sequence=5 time=40
ms
Reply from 5.5.5.5: bytes=100 Sequence=5 time=80
ms
Reply from 3.3.3.3: bytes=100 Sequence=5 time=80

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 287

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

--- Destination: 2.2.2.2 ping statistics ---

5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/28/50 ms

--- Destination: 3.3.3.3 ping statistics ---

5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 60/76/110 ms

--- Destination: 5.5.5.5 ping statistics ---

5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 50/72/110 ms

--- Destination: 6.6.6.6 ping statistics ---

5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 40/68/100 ms

----End

5.4.2 Using Tracert to Check the Forwarding Path on a P2MP

Network
Run the tracert commands to check path information on a Point-to-Multipoint
(P2MP) network so that faults can be located.

Usage Scenario
On a VPLS over P2MP network, tracert can be used to check the following tunnels:
● P2MP label distribution protocol (LDP) label switched paths (LSPs)
● P2MP TE tunnels that are automatically generated

Pre-configuration Tasks
Before using tracert to check the P2MP network connectivity, ensure that P2MP is
correctly configured.

Procedure
Step 1 Run the tracert multicast-lsp command to check path information about the
following tunnels on a VPLS over P2MP network:
● VPLS over P2MP LDP LSPs
tracert multicast-lsp [ -a source-ip | -exp exp-value | -h ttl-value | -j jitter-
value | -r reply-mode | -t time-out | t-flag ] * mldp p2mp root-ip root-ip-
address { lsp lsp-id | opaque-value opaque-value } [ detail ]
● VPLS over P2MP TE tunnels that are automatically generated
tracert multicast-lsp [ -a source-ip | -exp exp-value | -h ttl-value | -j jitter-
value | -r reply-mode | -t time-out | t-flag ] * te-auto-tunnel auto-tunnel-
name [ leaf-destination leaf-destination ] [ detail ]

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 288

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

# Use tracert to check path information about a P2MP LDP LSP.

<HUAWEI> tracert multicast-lsp -h 10 mldp p2mp root-ip 1.1.1.1 lsp-id 1
LSP Trace Route FEC: Multicast P2MP LDP , press CTRL_C to break.
TTL Replier Time Type Downstream
1 192.168.1.9 40 ms Transit 192.168.2.12/[1024 ]
2 10.10.10.10 110 ms Egress
3 10.10.10.10 140 ms Egress
4 10.10.10.10 50 ms Egress
5 10.10.10.10 70 ms Egress
6 10.10.10.10 80 ms Egress
7 10.10.10.10 70 ms Egress
8 10.10.10.10 30 ms Egress
9 10.10.10.10 60 ms Egress
10 10.10.10.10 110 ms Egress

# Use tracert to check path information about a P2MP TE tunnel.

<HUAWEI> tracert multicast-lsp -h 2 te-auto-tunnel P2MPoh5121
LSP Trace Route FEC: RSVP P2MP IPv4 , press CTRL_C to break.
TTL Replier Time Type Downstream
1 2.2.2.2 30 ms Bud 172.16.3.2/[1048575 ]
1 4.1.1.2 40 ms Transit 5.1.1.2/[900001 ]
2 2.2.2.2 30 ms Bud 172.16.3.2/[1048575 ]
2 6.6.6.6 60 ms Egress
2 3.3.3.3 80 ms Egress
2 5.5.5.5 80 ms Egress

----End

5.5 Detecting the VLL Network Through the Ping or

Tracert Operation
This section describes how to check the communication among PEs on a VLL
network through ping and tracert operations.

5.5.1 Using Ping to Monitor Link Connectivity on a VLL

Network
This section describes how to check the communication among PEs on a VLL
network through the ping operation.

Context
Perform the following steps on the PE of a Kompella VLL network to check
connectivity:

Procedure
Step 1 Run the following commands as network requirements:
● To check connectivity of the VLL network through the control word channel,
run:
ping vc vpn-instance vpn-name local-ce-id remote-ce-id [ -c echo-number | -m time-value | -s data-
bytes | -t timeout-value | -v | -g ] * control-word
● To check connectivity of the VLL network through the MPLS Router Alert
channel, run:

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 289

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

ping vc vpn-instance vpn-name local-ce-id remote-ce-id [ -c echo-number | -m time-value | -s data-

bytes | -t timeout-value | -v | -g ] * label-alert

The following shows an example:

<HUAWEI> ping vc vpn-instance vpn1 1 2 -v label-alert
PW PING : FEC 128 PSEUDOWIRE (NEW). Type = vlan, ID = 100 : 100 data bytes, press CTRL_C to break
Reply from 4.4.4.4: bytes=100 Sequence=1 time = 110 ms Return Code 3, Subcode 1
Reply from 4.4.4.4: bytes=100 Sequence=2 time = 90 ms Return Code 3, Subcode 1
Reply from 4.4.4.4: bytes=100 Sequence=3 time = 60 ms Return Code 3, Subcode 1
Reply from 4.4.4.4: bytes=100 Sequence=4 time = 60 ms Return Code 3, Subcode 1
Reply from 4.4.4.4: bytes=100 Sequence=5 time = 90 ms Return Code 3, Subcode 1
--- FEC: L2 VPN ENDPOINT. Sender VEID = 1, Remote VEID = 2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 60/82/110 ms

Before using the ping vc vpn-instance command to check connectivity of a VLL

network, you must configure as follows:
● Configure the Kompella VLL network correctly.
● If the control word channel is used, run the control-word command in the
PW template view to enable the control word function.
For detailed information about each parameter and its description in the ping vc
vpn-instance command, refer to the HUAWEI NetEngine 8000 X Series Router
Command Reference.
The following information is displayed in the ping vc vpn-instance command
output:
● Information about responses to each Echo Request packet is displayed,
including the number of bytes, sequence number, sending time of the Echo
Reply packet. If no Echo Reply packet is received within a certain period, a
message of "Request time out" is displayed.
● Statistics are displayed, including the number of the sent Echo Request
packets, number of the received Echo Reply packets, percentage of the Echo
Request packets that are not replied, and the minimum, maximum and
average delay time of sending Echo Reply packets.
----End

5.5.2 Using Tracert to Monitor Link Connectivity on a VLL

Network
This section describes how to check the communication among PEs on a VLL
network through the tracert operation.

Context
Perform the following steps on the PE of the Kompella VLL network to check
connectivity:

Procedure
Step 1 Run any of the following commands as required:
● To check connectivity of the VLL network through the control word channel,
run:

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 290

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

tracert vc -vpn-instance vpn-name local-ce-id remote-ce-id [ -exp exp-value | -f first-ttl | -m max-ttl

| -r reply-mode | -t timeout-value | -g ] * control-word [ full-lsp-path ]

● To check connectivity of the VLL network through the ordinary channel, run:
tracert vc pw-type pw-id [ -exp exp-value | -f first-ttl | -m max-ttl | -r reply-mode | -t timeout-value |
-g ] * normal [ remote remote-ip-address ] } [ full-lsp-path ]

The following shows an example:

<HUAWEI> tracert vc -vpn-instance vpn1 1 2 label-alert full-lsp-path
TTL Replier Time Type Downstream
0 Ingress 10.2.2.2/[21505 1026 ]
1 10.2.2.2 60 ms Transit 10.3.3.3/[1026 ]
2 10.3.3.3 50 ms Transit 10.4.4.4/[3 ]
3 10.1.1.1 70 ms Egress

Before using the tracert vc -vpn-instance command to check connectivity of a

VLL network, you must configure as follows:
● Configure the Kompella VLL network correctly.
● If the control word channel is used, run the control-word command in the
PW template view to enable the control word function.

The control word channel and the ordinary mode cannot be configured together.

For detailed information about each parameter and its description in the tracert
vc -vpn-instance command, refer to the HUAWEI NetEngine 8000 X Series Router
Command Reference.

----End

5.6 Using Ping/Tracert on a VPN Network

The ping and tracert operations monitor VPN networks.

5.6.1 Using Ping to Monitor VPWS PW Connectivity

After you configure a virtual private wire service (VPWS) network, use pseudo wire
(PW) ping to monitor PW connectivity on the VPWS network.

Prerequisites
Before testing pseudo wire (PW) connectivity using the ping vc command, ensure
that the VPWS network has been configured correctly.

Context
To check whether a PW on the VPWS network is faulty, run the ping vc command.
When the PW is Up, you can locate faults, such as forwarding entry loss or errors.

Table 5-1 describes check modes and usage scenarios.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 291

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

Table 5-1 Check modes and usage scenarios

Detection Mode Usage Scenario Description

Control-word Supports Single-segment ● The MPLS echo

PW and multi-segment request packet carries
PW detection. the control word
between the PW label
and the IP header.
After the destination
device receives the
packet and finds that
it carries the control
word, the device
sends the packet to
the CPU for
processing.
● This detection mode
applies only when you
enable the control-
word on both ends of
the PW.

Label-alert Supports only Single- ● The MPLS echo

segment detection. request packet carries
the label-alert tag
between the PW label
and the LSP label.
After the destination
device receives the
packet and detects
that it carries the
label-alert tag, the
device sends the
packet to the CPU for
processing.
● This detection mode
applies only when you
enable the label-alert
for both ends of the
PW.

TTL Supports Single-segment A TTL specifies the

and multi-segment PW expiration value. You
detection. must specify a TTL value
to ensure that the TTL
expires on the
destination device so
that the device sends the
packet to the CPU for
processing.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 292

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

Procedure
● Control-word mode:

To monitor PW connectivity using the control-word mode, run the ping vc vc-
type pw-id [ peer-address ] [ -c echo-number | -m time-value | -s data-bytes |
-t timeout-value | -exp exp-value | -r reply-mode | -v | -g] * control-word
[ remote remote-ip-address peer-pw-id [ sender sender-address ] ] [ ttl ttl-
value ] [ pipe | uniform ] command.
To monitor multi-segment PW connectivity, specify an IP address and a PW ID
for the remote PE and a source IP address in the remote remote-ip-address
peer-pw-id [ sender sender-address ] command.
● Label-alert mode:

To monitor multi-segment PW connectivity, specify an IP address and a PW ID

for the remote PE and set a TTL value in the remote remote-ip-address peer-
pw-id [ ttl ttl-value ] [ pipe | uniform ] command.
The ping vc command output contains the following information:

– Response to each ping VC packet: If no response packet is received after

the corresponding timer expires, the message reading "Request time out"
is displayed. If a response packet is received, the number of data bytes,
packet sequence number, TTL, and response time are displayed.
– Final statistics: include the number of sent packets, number of received
packets, percentage of sent packets with failed responses, and minimum,
maximum, and average response times.

For example:
<HUAWEI> ping vc ethernet 100 control-word
PW PING : FEC 128 PSEUDOWIRE (NEW). Type = ethernet, ID = 100 : 100 data bytes, press CTRL_C
to break
Reply from 10.10.10.10: bytes=100 Sequence=1 time = 140 ms
Reply from 10.10.10.10: bytes=100 Sequence=2 time = 40 ms
Reply from 10.10.10.10: bytes=100 Sequence=3 time = 30 ms
Reply from 10.10.10.10: bytes=100 Sequence=4 time = 50 ms
Reply from 10.10.10.10: bytes=100 Sequence=5 time = 50 ms
--- FEC: FEC 128 PSEUDOWIRE (NEW). Type = ethernet, ID = 100 ping statistics---

5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 30/62/140 ms

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 293

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

5.6.2 Using PW Ping to Monitor PW Connectivity on a VPLS

Network
After you configure a virtual private LAN service (VPLS) network, use pseudo wire
(PW) ping to monitor PW connectivity on the VPLS network.

Prerequisites
Before you run the ping vpls command to check PW connectivity, ensure that the
VPLS network has been configured correctly.

Context
To check whether a PW on the VPLS network is faulty, run the ping vpls
command.

Procedure
Step 1 To locate the faulty node on the VPLS network, run either of the following
commands as required:
● In Kompella mode, run:
ping vpls [ -c echo-number | -m time-value | -s data-bytes | -t timeout-value | -exp exp-value | -r
reply-mode | -v | -g ] * vsi vsi-name local-site-id remote-site-id [ bypass -si interface-type interface-
number ]
● In Martini mode, run:
ping vpls [ -c echo-number | -m time-value | -s data-bytes | -t timeout-value | -exp exp-value | -r
reply-mode | -v | -g ] * vsi vsi-name peer peer-address [ negotiate-vc-id vc-id ] [ control-word
[ remote remote-address remote-pw-id [ sender sender-address ] ] ] [ bypass -si interface-type
interface-number ]

The ping vpls command output contains the following information:

● Response to each ping VPLS packet. If no response packet is received after the
corresponding timer expires, the message reading "Request time out" is
displayed. If a response packet is received, the number of data bytes, packet
sequence number, TTL, and response time are displayed.
● Final statistics: include the number of sent packets, number of received
packets, percentage of sent packets with failed responses, and minimum,
maximum, and average response times.
For example:
<HUAWEI> ping vpls vsi a2 peer 10.1.1.1
PW PING : FEC 128 PSEUDOWIRE (NEW). Type = vlan, ID = 2 : 100 data bytes, press CTRL_C to break
Reply from 10.1.1.1: bytes=100 Sequence=1 time=60 ms
Reply from 10.1.1.1: bytes=100 Sequence=2 time=50 ms
Reply from 10.1.1.1: bytes=100 Sequence=3 time=60 ms
Reply from 10.1.1.1: bytes=100 Sequence=4 time=60 ms
Reply from 10.1.1.1: bytes=100 Sequence=5 time=60 ms

--- FEC: FEC 128 PSEUDOWIRE (NEW). Type = vlan, ID = 2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 50/58/60 ms

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 294

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

5.6.3 Using Tracert to Monitor PWE3 Network Connectivity

You can run the tracert command to obtain information about the SPEs and Ps
through which packets pass from the source to the destination. Based on the
command output, you can monitor PW connectivity and locate faulty nodes.

Context
Perform the following steps on the PE of a PWE3 network:

Procedure
Step 1 To locate the faulty node on a PWE3 network, run any of the following commands
as required:
● To monitor connectivity of the PWE3 network through the control word
channel, run:
tracert vc vc-type pw-id [ peer-address ] [ -exp exp-value | -f first-ttl | -m
max-ttl | -r reply-mode | -t timeout-value | -g ] * control-word [ ptn-mode |
full-lsp-path ] [ pipe | uniform ] [ detail ]
tracert vc vc-type pw-id [ peer-address ] [ -exp exp-value | -f first-ttl | -m
max-ttl | -r reply-mode | -t timeout-value | -g ] * control-word remote
remote-ip-address [ ptn-mode | full-lsp-path ] [ pipe | uniform ] [ detail ]
● To monitor connectivity of the PWE3 network through the label alert channel,
run:
tracert vc vc-type pw-id [ peer-address ] [ -exp exp-value | -f first-ttl | -m
max-ttl | -r reply-mode | -t timeout-value | -g ] * label-alert [ no-control-
word ] [ full-lsp-path ] [ pipe | uniform ] [ detail ]
● To monitor check connectivity of the PWE3 network in ordinary mode, run:
tracert vc vc-type pw-id [ peer-address ] [ -exp exp-value | -f first-ttl | -m
max-ttl | -r reply-mode | -t timeout-value | -g ] * normal [ remote remote-ip-
address ] } [ full-lsp-path ] [ pipe | uniform ] [ detail ]

Before using the tracert vc command to monitor PWE3 network connectivity,

perform the following operations:
● Configure the PWE3 network correctly.
● If the control word channel is used, run the control-word command in the
PW template view to enable the control word function.
<HUAWEI> tracert vc ppp 100 control-word remote 4.1.1.2 full-lsp-path
TTL Replier Time Type Downstream
0 Ingress 1.1.1.2/[1025 ]
1 1.1.1.2 230 ms Transit 2.1.1.2/[1301 ]
2 2.1.1.2 230 ms Transit 3.1.1.2/[1208 ]
3 3.1.1.2 100 ms Transit 4.1.1.2/[3 ]
4 4.1.1.2 150 ms Egress

The preceding command output contains information about each node along the
PW and the response time of each hop.

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 295

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

5.6.4 Using Tracert to Monitor PW Connectivity on a VPLS

Network
Context
Perform the following steps on a PE of a VPLS network:

Procedure
Step 1 To locate the faulty node on the VPLS network, run either of the following
commands as required:
● In Kompella mode, run:
tracert vpls [ -exp exp-value | -f first-ttl | -m max-ttl | -r reply-mode | -t timeout-value | -g ] * vsi vsi-
name local-site-id remote-site-id [ full-lsp-path ] [ detail ] [ bypass -si interface-type interface-
number ]
● In Martini mode, run:
tracert vpls [ -exp exp-value | -f first-ttl | -m max-ttl | -r reply-mode | -t timeout-value | -g ] * vsi vsi-
name peer peer-address [ negotiate-vc-id vc-id ] [ full-lsp-path ] [ control-word ] [ pipe |
uniform ] [ detail ] [ bypass -si interface-type interface-number ]

Run the tracert vpls command to locate VPLS network faults.

<HUAWEI>tracert vpls vsi test 10 10 full-lsp-path
PW Trace Route FEC: L2 VPN ENDPOINT. Sender VEID = 10, Remote VEID = 20, press CTRL_C to break
TTL Replier Time Type Downstream
0 Ingress 10.1.1.2/[294929 32894 32888 ]
1 10.1.1.2 93 ms Transit 10.2.1.2/[32925 3 ]
2 10.2.1.2 1 ms Transit 10.3.1.2/[32881 ]
3 4.4.4.4 2 ms Egress

The preceding command output contains information about each node along the
PW and the response time of each hop.

----End

5.6.5 Using CE Ping to Monitor the Connectivity Between a PE

and a CE on a VPLS Network
After you configure a virtual private LAN service (VPLS) network, use customer
edge (CE) ping to monitor the connectivity between a provider edge (PE) and a CE
on the VPLS network.

Prerequisites
The VPLS network has been correctly configured, and the specified virtual service
instance (VSI) is Up.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 296

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

Context

NOTICE

When you specify a source IP address, note the following:

● The source IP address must be on the same network segment as the
destination IP address. If they are on different network segments, the
destination node considers Address Resolution Protocol (ARP) request packets
invalid and does not return ARP response packets.
● The specified source IP address must be unique on the L2VPN network. If the
specified source IP address is the same as a used IP address, packets cannot be
properly forwarded. As a result, user packets with the specified source IP
address cannot be sent to the network. If the specified source IP address is the
same as the gateway IP address, no users cannot access the network.
After you run the ce-ping command, the device displays a message to prompt to
confirm that you have specified a unused IP address as the source IP address.
Enter Y.

Procedure
Step 1 Run the following command to monitor the connectivity between a PE and a CE:
ce-ping ip-address vsi vsi-name source-ip source-ip-address [ mac mac-address ]
[ interval interval | count count ] *
For example:
<HUAWEI> ce-ping 10.1.1.1 vsi abc source-ip 10.1.1.2 mac E024-7FA4-D2CB interval 2 count 5
Info: If the designated source IP address is in use, it could cause the abnormal data transmission in VPLS
network. Are you sure the source-ip is unused in this VPLS? [Y/N]:y
Ce-ping is in process...

10.1.1.1 is used by 00e0-fc12-3456

----End

5.6.6 Using CE Ping to Check the Connectivity Between a PE

and a CE in an EVC Model
After configuring a Bridge Domain (BD), you can use CE ping to check the
connectivity between a PE and a CE in an Ethernet Virtual Connection (EVC)
model.

Prerequisites
The network has been correctly configured, and the specified BD is Up.

Context
An EVC model unifies the Layer 2 bearer service model and configuration model.
In an EVC model, you can use CE ping to check the link reachability between a PE
and a CE in a specified BD. For details about EVCs, see HUAWEI NetEngine 8000 X

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 297

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

Series Feature Description-Local Area Network. For configuration details, see EVC
Configuration.

When using CE ping to check the link reachability between a PE and a CE, you
must specify a source IP address that meets the following conditions:

● The source IP address must be on the same network segment as the CE's IP
address. If they are on different network segments, the CE considers received
CE Ping packets invalid and discards them.
● The source IP address must be an unused IP address in the specified BD. If you
specify a used IP address for the source IP address, CE Ping packets cannot be
properly forwarded. As a result, the user using the source IP address cannot
access the Internet. If you specify a gateway IP address for the source IP
address, all users cannot access the Internet.

To avoid this problem, do not specify a used IP address as the source IP address.

Procedure
Step 1 Run the ce-ping ip-address bd bd-id source-ip source-ip-address [ mac mac-
address ] [ interval interval | count count ] * command in any view to check the
link reachability between a PE and a CE.
<HUAWEI> ce-ping 10.1.1.1 bd 123 source-ip 10.1.1.2 mac e024-7fa4-d2cb interval 2 count 5
Info: If the designated source IP address is in use, it could cause the abnormal data transmission in EVC
network. Are you sure the source-ip is unused in this EVC? [Y/N]:y
Ce-ping is in process...

10.1.1.1 is used by 00e0-fc12-3456

----End

5.7 Using Ping/Tracert on a Layer 2 Network

The ping or tracert operations provides information used to locate Ethernet link
faults.

Context
To manually monitor the connectivity between two devices, you can send test
packets and wait for a reply to test whether the destination device is reachable.

● For the network on which the MD, MA, and MEP are not configured, you can
implement GMAC ping to monitor the connectivity between two devices.
● For the network on which the MD, MA, and MEP are configured, you can
implement 802.1ag MAC ping to monitor the connectivity between MEPs at
the same maintenance level or between MEPs and MIPs at the same
maintenance level.

Pre-configuration Tasks
No pre-configuration tasks are needed to implement GMAC ping.

Before implementing 802.1ag MAC ping, configure Ethernet CFM.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 298

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

5.7.1 Using GMAC Ping to Monitor Link Connectivity on a

Layer 2 Network
Generic MAC (GMAC) ping applies to a part of or a whole network for monitoring
connectivity without configuring a maintenance domain (MD), maintenance
association (MA), or maintenance association end point (MEP).

Context
GMAC ping has principles similar to those of 802.1ag MAC ping. The difference is
that a source device does not need to be a MEP, and a destination device does not
need to be a MEP or maintenance association intermediate point (MIP). In other
words, GMAC ping can be implemented without the need to configure an MD,
MA, or MEP on the source, intermediate, or destination device.
Enable the GMAC ping function on the source and destination devices. The
intermediate devices must have the bridge function to directly forward messages.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run ping mac enable
The GMAC ping function is enabled globally.
If the GMAC ping function is enabled:
● A source device starts the GMAC ping function by sending a loopback
message (LBM) to a destination device.
● After receiving the LBM, the destination device replies to the source device
with a loopback reply (LBR).
Step 3 Run commit
The configuration is committed.
Step 4 (Optional) In a VLAN scenario: Run ping mac mac-address vlan vlan-id
[ interface interface-type interface-number | -c count | -s packetsize | -t timeout -
p priority-value ] *
The VLAN network connectivity is checked.
The following shows an example:
<HUAWEI> system-view
[~HUAWEI] ping mac enable
[*HUAWEI] commit
[~HUAWEI] ping mac 00e0-fc12-3456 vlan 10 -c 2 -s 112
Reply from 00e0-fc12-3456: bytes = 112 time < 1ms
Reply from 00e0-fc12-3456: bytes = 112 time < 1ms
Packets: Sent = 2, Received = 2, loss = 0 (0.00% loss)
Minimum = 1ms, Maximum = 1ms, Average = 1ms

Step 5 (Optional) In a VLL scenario: Run ping mac mac-address l2vc l2vc-id { raw |
tagged } [ interface interface-type interface-number | { pe-vid pe-vid ce-vid ce-
vid | dot1q-vlan vlan-id } -c count | -s packetsize | -t timeout | -p priority-value ] *

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 299

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

The VLL network connectivity is checked.

The following shows an example:

<HUAWEI> system-view
[~HUAWEI] ping mac enable
[*HUAWEI] commit
[~HUAWEI] ping mac 00e0-fc12-3456 l2vc 1 raw -c 2 -s 112
Reply from 00e0-fc12-3456: bytes = 112 time < 1ms
Reply from 00e0-fc12-3456: bytes = 112 time < 1ms
Packets: Sent = 2, Received = 2, loss = 0 (0.00% loss)
Minimum = 1ms, Maximum = 1ms, Average = 1ms

Step 6 (Optional) In a VPLS scenario: Run ping mac mac-address vsi vsi-name
[ interface interface-type interface-number | { pe-vid pe-vid ce-vid ce-vid |
dot1q-vlan vlan-id } -c count | -s packetsize | -t timeout | -p priority-value ] *

The VPLS network connectivity is checked.

The following shows an example:

<HUAWEI> system-view
[~HUAWEI] ping mac enable
[*HUAWEI] commit
[~HUAWEI] ping mac 00e0-fc12-3456 vsi vsi1 -c 2 -s 112
Reply from 00e0-fc12-3456: bytes = 112 time < 1ms
Reply from 00e0-fc12-3456: bytes = 112 time < 1ms
Packets: Sent = 2, Received = 2, loss = 0 (0.00% loss)
Minimum = 1ms, Maximum = 1ms, Average = 1ms

----End

5.7.2 Using GMAC Trace to Monitor the Forwarding Path on a

Layer 2 Network
Generic MAC (GMAC) trace can be used to monitor paths and locate faults in a
part of or a whole network without configuring an MD, MA, or MEP.

Context
GMAC trace has principles similar to those of 802.1ag MAC trace. The difference is
that a source device does not need to be a MEP, and a destination device does not
need to be a MEP or MIP. In other words, GMAC trace can be implemented
without the need to configure an MD, MA, or MEP on the source, intermediate, or
destination device.

Enable the GMAC trace function on the source, intermediate, and destination
devices.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run trace mac enable

The GMAC trace function is enabled globally.

If the GMAC trace function is enabled:

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 300

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

● A source device starts the GMAC trace function by sending a linktrace

message (LTM) to a destination device.
● After receiving the LTM, the destination device replies to the source device
with a linktrace reply (LTR).

Step 3 Run commit

The configuration is committed.

Step 4 (Optional) In a VLAN scenario: Run trace mac mac-address vlan vlan-id
[ interface interface-type interface-number | -t timeout ] *

Paths on a VLAN are checked.

The following shows an example:

<HUAWEI> system-view
[~HUAWEI] trace mac enable
[*HUAWEI] commit
[~HUAWEI] trace mac 00e0-fc23-3459 vlan 2
Tracing the route to 00e0-fc23-3459 over a maximum of 255 hops:
-------------------------------------------------------------------------------
Hops Mac Ingress Ingress Action Relay Action
Forwarded Egress Egress Action
--------------------------------------------------------------------------------
1 00e0-fc12-3459 gigabitethernet2/0/1 IngOK RlyFDB
Forwarded gigabitethernet1/0/1 EgrOK
2 00e0-fc12-3457 gigabitethernet1/0/1 IngOK RlyFDB
Forwarded gigabitethernet1/0/0 EgrOk
3 00e0-fc23-3459 gigabitethernet1/0/0 IngOK RlyHit
Not Forwarded
Info: Succeed in tracing the destination address 00e0-fc23-3459.

Step 5 (Optional) In a VLL scenario: Run trace mac mac-address l2vc l2vc-id { raw |
tagged } [ interface interface-type interface-number | { [ pe-vid pe-vid ce-vid ce-
vid ] | [ dot1q-vlan vlan-id ] } | -t timeout | -h ] *
The VLL network connectivity is checked.

The following shows an example:

<HUAWEI> system-view
[~HUAWEI] trace mac enable
[*HUAWEI] commit
[~HUAWEI] trace mac 00e0-fc12-3458 l2vc 1 raw
Tracing the route to 00e0-fc12-3458 over a maximum of 255 hops:
Hops Host Name (IP Address)
Mac Ingress Ingress Action Relay Action
Forwarded Egress Egress Action
1 HUAWEIA (10.10.10.16)
00e0-fc22-3459 GigabitEthernet2/0/1 IngOK RlyFDB
Forwarded GigabitEthernet1/0/1.1 EgrOK
2 HUAWEIB (10.10.10.13)
00e0-fc12-3458 GigabitEthernet3/0/1 IngOK RlyHit
Not Forwarded
Info: Succeeded in tracing the destination address 00e0-fc12-3458.

Step 6 (Optional) In a VPLS scenario: Run trace mac mac-address vsi vsi-name
[ interface interface-type interface-number | { [ pe-vid pe-vid ce-vid ce-vid ] |
[ dot1q-vlan vlan-id ] } | -t timeout | -h ] *

The VPLS network connectivity is checked.

The following shows an example:

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 301

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

<HUAWEI> system-view
[~HUAWEI] trace mac enable
[*HUAWEI] commit
[~HUAWEI] trace mac 00e0-fc12-3458 vsi vsi1 -h
Tracing the route to 00e0-fc12-3458 over a maximum of 255 hops:
Hops Host Name (IP Address)
Mac Ingress Ingress Action Relay Action
Forwarded Egress Egress Action
1 HUAWEIA (10.10.10.16)
00e0-fc22-3459 GigabitEthernet2/0/1 IngOK RlyFDB
Forwarded GigabitEthernet1/0/1.1 EgrOK
2 HUAWEIB (10.10.10.13)
00e0-fc12-3458 GigabitEthernet3/0/1 IngOK RlyHit
Not Forwarded
Info: Succeeded in tracing the destination address 00e0-fc12-3458.

----End

5.7.3 Using 802.1ag MAC Ping to Monitor Link Connectivity on

a Layer 2 Network
802.1ag MAC ping monitors connectivity between MEPs or between MEPs and
MIPs within an MA.

Context
Similar to the ping operation, 802.1ag MAC ping checks whether the destination
device is reachable by sending test packets and receiving response packets. In
addition, the ping operation time can be calculated at the transmit end for
network performance analysis.
Before performing 802.1ag MAC ping, ensure that 802.1ag has been configured.
For more information, see Configuring Basic Ethernet CFM Functions.

Procedure
Step 1 A device is usually configured with multiple MDs and MAs. To monitor the
connectivity of a link between two or more devices, perform either of the
following steps on the router with a MEP on one end of the link to be monitored.
● In the MA view:
a. Run system-view
The system view is displayed.
b. Run cfm enable
CFM is globally enabled on the device.
c. Run cfm md md-name
The MD view is displayed.
d. Run ma ma-name
The MA view is displayed.
e. Run ping mac-8021ag mep mep-id mep-id [ md md-name ma ma-
name ] { mac mac-address | remote-mep mep-id mep-id } [ -c count | -s
packetsize | -t timeout | -p priority-value ] *
The connectivity between a MEP and an RMEP or between a MEP and a
MIP on other devices is monitored.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 302

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

The following shows an example:

<HUAWEI> system-view
[~HUAWEI] cfm enable
[*HUAWEI] cfm md md1
[*HUAWEI-md-md1] ma ma1
[*HUAWEI-md-md1-ma-ma1] ping mac-8021ag mep mep-id 1 md md1 ma ma1 remote-
mep mep-id 2
Pinging 00e0-fc12-3456 with 95 bytes of data:
Reply from 00e0-fc12-3456: bytes = 95, time = 11ms
Reply from 00e0-fc12-3456: bytes = 95, time = 2ms
Reply from 00e0-fc12-3456: bytes = 95, time = 3ms
Reply from 00e0-fc12-3456: bytes = 95, time = 3ms
Reply from 00e0-fc12-3456: bytes = 95, time = 2ms
Packets: Sent = 5, Received = 5, Lost = 0 (0% loss)
Minimum = 2ms, Maximum = 11ms, Average = 4ms

● In all views except the MA view:

Run ping mac-8021ag mep mep-id mep-id md md-name ma ma-name
{ mac mac-address | remote-mep mep-id mep-id } [ -c count | -s packetsize |
-t timeout | -p priority-value ] *
The connectivity between a MEP and an RMEP or between a MEP and a MIP
on other devices is monitored.

When implementing 802.1ag MAC ping, ensure that:

● The MEP is configured in the MA.

● If the outbound interface is specified, no inward-facing MEP is configured on
it. The interface must be added to the VLAN associated with the MA.
● If the destination node is a MEP, either mac mac-address or remote-mep
mep-id mep-id can be selected. If remote-mep mep-id mep-id is selected,
the remote maintenance association end point (RMEP) must already be
created using the remote-mep command.
● If the destination node is a MIP, select mac mac-address.

The intermediate device on the link to be tested only forwards LBMs and LBRs.
Therefore, the MD, MA, or MEP does not need to be configured on the
intermediate device.

----End

5.7.4 Using 802.1ag MAC Trace to Monitor the Forwarding

Path on a Layer 2 Network
802.1ag MAC trace monitors the connectivity between MEPs or between MEPs
and MIPs within an MA and provides information used to locate faults.

Context
Similar to traceroute or tracert, 802.1ag MAC trace tests the path between the
local device and a destination device or locates failure points by sending test
packets and receiving reply packets.

Before performing 802.1ag MAC trace, ensure that 802.1ag has been configured.
For more information, see Configuring Basic Ethernet CFM Functions.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 303

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

Procedure
Step 1 A device is usually configured with multiple MDs and MAs. To determine the
forwarding path for sending packets from a MEP to another MEP or a MIP in an
MA or failure points, perform either of the following operations on the router with
a MEP at one end of the link to be tested.
● In the MA view:
a. Run system-view
The system view is displayed.
b. (Optional) Run cfm portid-tlv type { interface-name | local }
The portid-tlv type for trace packets is set.
c. Run cfm md md-name
The MD view is displayed.
d. Run ma ma-name
The MA view is displayed.
e. Run trace mac-8021ag mep mep-id mep-id [ md md-name ma ma-
name ] { mac mac-address | remote-mep mep-id mep-id } [ -t timeout |
ttl ttl ] *
The connectivity fault between the local router and the remote router is
located.
– Run the trace mac-8021ag command without md md-name ma ma-
name in the MA view to monitor a forwarding path or locate a failure
point in the current MA.
– Run the trace mac-8021ag md md-name ma ma-name command in the
MA view to monitor a forwarding path or locate a failure point in the
specified MA.
● In all views except the MA view:
a. (Optional) Run cfm portid-tlv type { interface-name | local }
The portid-tlv type for trace packets is set.
b. Run trace mac-8021ag mep mep-id mep-id md md-name ma ma-name
{ mac mac-address | remote-mep mep-id mep-id } [ -t timeout | ttl ttl ]
*

The connectivity fault between the local router and the remote router is
located.

When implementing 802.1ag MAC trace, ensure that:

● The MEP is configured in the MA.

● If the outbound interface is specified, no inward-facing MEP is configured on
it. The interface must be added to the VLAN associated with the MA.
● If the destination node is a MEP, either mac mac-address or remote-mep
mep-id mep-id can be selected. If remote-mep mep-id mep-id is selected,
the RMEP must already be created using the remote-mep command.
● If the destination node is a MIP, select mac mac-address.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 304

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

● If the forwarding entry of the destination node does not exist in the MAC
address table, interface interface-type interface-number must be specified.

----End

5.8 Using a Ping Operation on an EVPN

If an EVPN tunnel fault occurs, use a ping operation to check EVPN LSPs and fast
locate a tunnel forwarding fault.

5.8.1 Checking EVPN Connectivity Using a Ping Operation

Use ping operations to check EVPN LSPs and fast locate an EVPN tunnel
forwarding fault.

Procedure
● Check the connectivity of an EVPN over MPLS LDP or EVPN over MPLS TE
tunnel when the EVPN public network is MPLS.
Run ping evpnvpn-instanceevpn-namemacmac-address [ -asource-ip | -
ccount | -minterval | -spacket-size | -ttime-out | -rreply-mode | -
nexthopnexthop-address ] *
The device is configured to check the connectivity of an EVPN over MPLS LDP
or EVPN over MPLS TE tunnel when the EVPN public network is MPLS.
<HUAWEI> ping evpn vpn-instance evpna mac 00e0-fc12-3456 -c 3 -s 200
Ping vpn-instance evpna mac 00e0-fc12-3456 : 200 data bytes, press CTRL_C to break
Reply from 1.1.1.1: bytes=200 sequence=1 time = 11ms
Reply from 1.1.1.1: bytes=200 sequence=2 time = 10ms
Reply from 1.1.1.1: bytes=200 sequence=3 time = 10ms
--- vpn-instance: evpna 00e0-fc12-3456 ping statistics ---
3 packet(s) transmitted
3 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/10/11 ms
● Check the connectivity of an EVPN over VXLAN tunnel when the EVPN public
network is VXLAN.
Run ping evpnbridge-domainbd-idmacmac-address [ -asource-ip | -ccount | -
minterval | -spacket-size | -ttime-out | -rreply-mode | -nexthopnexthop-
address ] *
The device is configured to check the connectivity of an EVPN over VXLAN
tunnel when the EVPN public network is VXLAN.
<HUAWEI> ping evpn bridge-domain 101 mac 00e0-fc12-3456 -c 3 -s 200
Ping bridge-domain 101 mac 00e0-fc12-3456 : 200 data bytes, press CTRL_C to break
Reply from 1.1.1.1: bytes=200 sequence=1 time = 11ms
Reply from 1.1.1.1: bytes=200 sequence=2 time = 10ms
Reply from 1.1.1.1: bytes=200 sequence=3 time = 10ms
--- bridge-domain: 101 00e0-fc12-3456 ping statistics ---
3 packet(s) transmitted
3 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/10/11 ms
● Check the connectivity of an EVPN over SR-MPLS BE or EVPN over SR-MPLS
TE tunnel when the EVPN public network is SR.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 305

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

Run ping evpn vpn-instance evpn-name mac mac-address [ -a source-ip | -c

The device is configured to check the connectivity of an EVPN over SR-MPLS

BE or EVPN over SR-MPLS TE tunnel when the EVPN public network is SR.
<HUAWEI> ping evpn vpn-instance evpna mac 00e0-fc12-3456 -c 3 -s 200
Ping vpn-instance evpna mac 00e0-fc12-3456 : 200 data bytes, press CTRL_C to break
Reply from 1.1.1.1: bytes=200 sequence=1 time = 11ms
Reply from 1.1.1.1: bytes=200 sequence=2 time = 10ms
Reply from 1.1.1.1: bytes=200 sequence=3 time = 10ms
--- vpn-instance: evpna 00e0-fc12-3456 ping statistics ---
3 packet(s) transmitted
3 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/10/11 ms

● Check the connectivity of an EVPN over BGP tunnel when the EVPN public
network is BGP.

Run ping evpn vpn-instance evpn-name mac mac-address [ -asource-ip | -c

The device is configured to check the connectivity of an EVPN over BGP

tunnel when the EVPN public network is BGP.
<HUAWEI> ping evpn vpn-instance evpna mac 00e0-fc12-3456 -c 3 -s 200
Ping vpn-instance evpna mac 00e0-fc12-3456 : 200 data bytes, press CTRL_C to break
Reply from 1.1.1.1: bytes=200 sequence=1 time = 11ms
Reply from 1.1.1.1: bytes=200 sequence=2 time = 10ms
Reply from 1.1.1.1: bytes=200 sequence=3 time = 10ms
--- vpn-instance: evpna 00e0-fc12-3456 ping statistics ---
3 packet(s) transmitted
3 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/10/11 ms

----End

5.9 Using a Ping/Tracert Operation on an EVPN VPWS

Network
If an EVPN VPWS network fault occurs, use a ping/tracert operation to check
EVPN VPWS LSPs and fast locate a forwarding fault.

5.9.1 Checking EVPN VPWS Network Connectivity Using a

Ping Operation
A ping operation can be performed to check EVPN VPWS network connectivity.

Context
After EVPN VPWS configurations are complete, perform the following operation in
any view of the client.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 306

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

Procedure
● Check the EVPN VPWS network connectivity.
– When the tunnel type of the EVPN VPWS network is MPLS:
Run the ping evpn vpws local-ce-id remote-ce-id [ -a source-ip | -c count
| -exp exp-value | -m interval | -s packet-size | -t time-out | -r reply-mode
| -tc tc ] * command to check the EVPN VPWS status. If the EVPN VPWS
status is up, locate the fault.
– When the tunnel type of the EVPN VPWS network is SRv6:
Run the ping evpn vpws local-ce-id remote-ce-id [ end-op endOp ] [ -a
source-ip | -c count | -exp exp-value | -m interval | -s packet-size | -t
time-out | -r reply-mode | -tc tc ] * command to check the EVPN VPWS
status. If the EVPN VPWS status is up, locate the fault.

The following shows an example:

# Perform a ping operation on the EVPN VPWS network.

<HUAWEI> ping evpn vpws 1 2 -c 2
EVPN VPWS PING FEC: Local Evpn Vpws Id = 1, Remote Evpn Vpws Id = 2 : 100 data bytes, press
CTRL_C to break
Reply from 10.1.1.1: bytes=100 Sequence=1 time=11 ms
Reply from 10.1.1.1: bytes=100 Sequence=2 time=15 ms
--- FEC: Local CeId = 1, Remote CeId = 2 ping statistics ---
2 packet(s) transmitted
2 packet(s) received
0.00% packet loss
round-trip min/avg/max = 11/13/15 ms

----End

5.9.2 Checking EVPN VPWS Network Connectivity Using a

Tracert Operation
A tracert operation can be performed to locate an EVPN VPWS tunnel forwarding
fault.

Context
After EVPN VPWS configurations are complete, perform the following operation in
any view of the client.

EVPN VPWS status is down, locate the faulty node on the EVPN VPWS
path.
– When the tunnel type of the EVPN VPWS network is SRv6:
Run the tracert evpn vpws local-ce-id remote-ce-id [ end-op endOp ] [ -
a source-ip | -exp exp-value | -s packet-size | -t timeout | -h max-ttl | -r

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 307

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

reply-mode | -tc tc ] * [ pipe | uniform ] command to check the EVPN

VPWS status. If the EVPN VPWS status is down, locate the faulty node on
the EVPN VPWS path.
The following shows an example:
# Perform a tracert operation on an EVPN VPWS network.
<HUAWEI> tracert evpn vpws 1 2
EVPN VPWS TRACE FEC: Local Evpn Vpws Id = 1, Remote Evpn Vpws Id = 2 , press CTRL_C to break
TTL Replier Time Type Downstream
0 Ingress 10.1.1.1/[3 1 32927]
1 10.1.1.1 52 ms Egress

----End

5.10 Using Ping/Tracert to Test an SRv6 Network

Ping and tracert can be used to test and monitor a Segment Routing IPv6 (SRv6)
network.

5.10.1 Using Ping to Test the Connectivity of an SRv6 Network

Ping can be used to test the connectivity of an SRv6 network.

Context
After SRv6 configurations are complete, you can perform the following operations
in any view of the client.

Procedure
● Specify SIDs to test the connectivity of an SRv6 network.
To test the connectivity of an SRv6 network, run the ping ipv6-sid [ -a
source-ipv6-address | -c echo-number | -m wait-time | -s packetsize | -t
timeout | -tc traffic-class-value ] * [ segment-by-segment ] sid & <1-11>
command on the ingress to specify SRv6 SIDs to initiate a ping test to the
egress.
<HUAWEI> ping ipv6-sid A2::C31 A4::C50 A4::C52
PING ipv6-sid A2::C31 A4::C50 A4::C52 : 56 data bytes, press CTRL_C to break
Reply from A4::C52
bytes=56 Sequence=1 hop limit=64 time=2 ms
Reply from A4::C52
bytes=56 Sequence=2 hop limit=64 time=1 ms
Reply from A4::C52
bytes=56 Sequence=3 hop limit=64 time=1 ms
Reply from A4::C52
bytes=56 Sequence=4 hop limit=64 time=1 ms
Reply from A4::C52
bytes=56 Sequence=5 hop limit=64 time=1 ms

--- ipv6-sid ping statistics---

5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max=1/1/2 ms

● Test the connectivity of an SRv6 TE Policy.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 308

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

a. (Optional) Configure an End.OP SID on the remote endpoint of the SRv6

TE Policy.
An End.OP SID is an OAM SID that specifies the punt behavior to be
implemented for an OAM packet in ping and tracert scenarios. If the
bottom SID in the SRv6 TE Policy's segment list is an End.X or binding
SID, you must manually specify an End.OP SID when initiating a ping
operation to the SRv6 TE Policy. Before specifying the end-op endop
parameter, you must configure the End.OP SID.
i. Run segment-routing ipv6
The SRv6 view is displayed.
ii. Run locator locator-name
The locator view is displayed.
Ensure that the locator has been created and advertised through IS-
IS. The locator is also used by the created SRv6 TE Policy.
iii. Run opcode func-opcode end-op
An opcode is configured for an End.OP SID.
iv. Run commit
The configuration is committed.
b. On the ingress of the SRv6 TE Policy, run the ping srv6-te policy
{ policy-name <policyname> | endpoint-ip <endpointipv6> color
<colorid> | binding-sid <bsid> } [ end-op <endop> ] [ -a <sourceaddr6> |
-c <count> | -m <interval> | -s <packetsize> | -t <timeout> | -tc <tc> | -h
<hoplimit> ] * command with the policy-name policyname, endpoint-ip
<endpointipv6> color <colorid>, or binding-sid <bsid> parameter to
initiate a ping operation on the specified SRv6 TE Policy for connectivity
check.
<HUAWEI> ping srv6-te policy policy-name test end-op 2001:db8:2::1 -a 2001:db8:1::1 -c 5 -m
2000 -t 2000 -s 100 -tc 0 -h 255
PING srv6-te policy : 100 data bytes, press CTRL_C to break
srv6-te policy's segment list:
Preference: 200; Path Type: primary; Protocol-Origin: local; Originator: 0, 0.0.0.0; Discriminator: 200;
Segment-List ID: 1; Xcindex: 1; end-op: 2001:db8:2::1
Reply from 2001:db8:2::1
bytes=100 Sequence=1 time=8 ms
Reply from 2001:db8:2::1
bytes=100 Sequence=2 time=2 ms
Reply from 2001:db8:2::1
bytes=100 Sequence=3 time=3 ms
Reply from 2001:db8:2::1
bytes=100 Sequence=4 time=3 ms
Reply from 2001:db8:2::1
bytes=100 Sequence=5 time=3 ms
--- srv6 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 2/3/8 ms

----End

5.10.2 Using Tracert to Test the Path Information of an SRv6

Network
Tracert can be used to test the path information of an SRv6 network.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 309

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

Context
After configuring SRv6, you can perform the following configurations in any view
of a client.

Procedure
● Specify SIDs to test the path information of an SRv6 network or locate the
fault point on the path.
To test the fault point on an SRv6 network, run the tracert ipv6-sid [ -f first-
hop-limit | -m max-hop-limit | -p port-number | -q probes | -w timeout | -s
packetsize | -a source-ipv6-address ] * [ overlay ] sid & <1-11> command on
the ingress to specify SRv6 SIDs to initiate a tracert test to the egress.
<HUAWEI> tracert ipv6-sid A2::C31 A4::C50 A4::C52
traceroute ipv6-sid A2::C31 A4::C50 A4::C52 30 hops max,60 bytes packet
1 2001:DB8:1:2::21[SRH: A4::C52, A4::C50, A2::C31, SL=2] 5 ms 3 ms 2 ms
2 2001:DB8:2:3::31[SRH: A4::C52, A4::C50, A2::C31, SL=1] 5 ms 2001:DB8:2:3::32[SRH: A4::C52, A4::OP,
A2::C31, SL=1] 2ms 2ms
3 A4::C52[SRH: A4::C52, A4::C50, A2::C31, SL=1] 5 ms 10 ms 0.759 ms
● Test the path over which an SRv6 TE Policy is established or locate the fault
point on the path.
a. (Optional) Configure an End.OP SID on the remote endpoint of the SRv6
TE Policy.
An End.OP SID is an OAM SID that specifies the punt behavior to be
implemented for an OAM packet in ping and tracert scenarios. If the
bottom SID in the SRv6 TE Policy's segment list is an End.X or binding
SID, you must manually specify an End.OP SID when initiating a tracert
operation to the SRv6 TE Policy. Before specifying the end-op endop
parameter, you must configure the End.OP SID.
i. Run segment-routing ipv6
The SRv6 view is displayed.
ii. Run locator locator-name
The locator view is displayed.
Ensure that the locator has been created and advertised through IS-
IS. The locator is also used by the created SRv6 TE Policy.
iii. Run opcode func-opcode end-op
An opcode is configured for an End.OP SID.
iv. Run commit
The configuration is committed.
b. On the ingress of the SRv6 TE Policy, run the tracert srv6-te policy
{ policy-name policyname | endpoint-ip endpointipv6 color colorId |
binding-sid bsid } [ end-op endop ] [ -a sourceaddr6 | -f initHl | -m
maxHl | -s packetsize | -w timeout | -p destport | -tc tc ] * command with
the policy-name policyname, endpoint-ip endpointipv6 color colorId, or
binding-sid bsid to initiate tracert to the corresponding SRv6 TE Policy to
detect all intermediate nodes along the tunnel.
<HUAWEI> tracert srv6-te policy policy-name test end-op 2001:db8:2::1 -a 2001:db8:1::1 -q 5 -m
20 -tc 0
Trace Route srv6-te policy : 100 data bytes, press CTRL_C to break
srv6-te policy's segment list:

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 310

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

Preference: 200; Path Type: primary; Protocol-Origin: local; Originator: 0, 0.0.0.0; Discriminator: 200;
Segment-List ID: 1; Xcindex: 1; end-op: 2001:db8:2::1
TTL Replier Time Type SRH
0 Ingress [SRH: 2001:db8:1::F:1, 2001:db8:2::F:1, 2001:db8:2::1,
SL=2]
1 2001:db8:A::192:168:103:2 22 ms Transit [SRH: 2001:db8:1::F:1, 2001:db8:2::F:1,
2001:db8:2::1, SL=2]
2 2001:db8:A::192:168:106:2 10 ms Transit [SRH: 2001:db8:1::F:1, 2001:db8:2::F:1,
2001:db8:2::1, SL=1]
3 2001:db8:2::1 4 ms Egress

----End

5.11 Using MTrace to Test a Multicast Network

Multicast trace route (MTrace) is a tool used to trace multicast paths. It can trace
the path from a receiver to a multicast source along a multicast distribution tree
(MDT).

Prerequisites
Before configuring an MTrace test instance, run the undo mtrace echo disable
command on each device along the multicast or RPF path to be detected to
enable the devices to respond to MTrace request and query messages.

Context
MTrace mainly has the following uses:
● The mtrace command can be used in multicast troubleshooting and routine
maintenance to locate a faulty device and reduce configuration errors.
● The mtrace command can be used to collect traffic statistics in path tracing
and calculate the multicast traffic rate in cyclic path tracing.
● The NMS analyzes faulty device information displayed in the mtrace
command output and generates alarms.

Perform the following steps in any view on the client.

Procedure
Step 1 (Optional) Run reset mtrace statistics

MTrace message statistics are cleared.

NOTICE

After the reset mtrace statistics command is run, the statistics cleared cannot be
restored.

Step 2 Perform the following operations as required.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 311

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

To ensure that the mtrace command is run successfully, the current device must have the
(S, G) entries and meet either of the following conditions:
● The current device is directly connected to the destination host.
● A ping test initiated from the current device to the last-hop device or destination host
succeeds.
● The current device is on the multicast path from the multicast source to the
destination host.
The following examples show some parameters. For detailed options and parameter
description, see mtrace.
● Run the mtrace source source-address command to trace the RPF path from
a multicast source to the current device.
<HUAWEI> mtrace source 10.1.0.1
Press Ctrl+C to break multicast traceroute facility
From the receiver(10.1.5.1), trace reverse path to source (10.1.0.1) according to RPF rules

Num Reverse-Path FwdTTL Protocol

0 10.1.5.1
-1 10.1.5.1 1 PIM
-2 10.1.2.1 1 PIM
-3 10.1.0.1 1 PIM
In maximum-hop mode, received the response message, and multicast traceroute finished.
● Run the mtrace -g group source source-address command to trace the
multicast path from a multicast source to the current device.
<HUAWEI> mtrace -g 225.0.0.1 -l 2 -st 10 source 10.1.0.1
Press Ctrl+C to break multicast traceroute facility
From the receiver(10.1.5.1), trace (10.1.0.1, 225.0.0.1)'s reverse path according to multicast routing-
table
In calculating-rate mode, current statistic times is: 1

-1 10.1.5.1
Incoming Interface Address: 10.1.5.1 Input packets rate: 0xffffffff
Outgoing Interface Address: 0.0.0.0 Output packets rate: 0xffffffff
Forwarding Cache (10.1.0.1, 225.0.0.1) Forwarding packets rate: 0
The packet loss rate of (10.1.0.1, 225.0.0.1) is 0.00%
-2 10.1.2.1
Incoming Interface Address: 10.1.2.1 Input packets rate: 0xffffffff
Outgoing Interface Address: 10.1.5.2 Output packets rate: 0xffffffff
Forwarding Cache (10.1.0.1, 225.0.0.1) Forwarding packets rate: 0
The packet loss rate of (10.1.0.1, 225.0.0.1) is 0.00%
-3 10.1.0.1
Incoming Interface Address: 10.1.0.1 Input packets rate: 0xffffffff
Outgoing Interface Address: 10.1.2.2 Output packets rate: 0xffffffff
Forwarding Cache (10.1.0.1, 225.0.0.1) Forwarding packets rate: 0
********************************************************
In calculating-rate mode, reach the demanded number of statistic,and multicast traceroute finished.
● Run the mtrace [ -gw last-hop-router | -d ] -r receiver source source-address
command to trace the RPF path from a multicast source to the destination
host.
<HUAWEI> mtrace -gw 10.1.6.3 -r 10.1.6.4 -v source 10.1.0.1
Press Ctrl+C to break multicast traceroute facility
From the receiver(10.1.6.4), trace reverse path to source (10.1.0.1) according to RPF rules

Num Reverse-Path FwdTTL Protocol

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 312

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

Total number of packets for this source-group pair: 0xffffffff

Forwarding TTL: 1
Forwarding Code: NO_ERROR
-2 10.1.2.1 1 PIM
Incoming Interface Address: 10.1.2.1
Outgoing Interface Address: 10.1.5.2
Previous-Hop Router Address: 10.1.2.2
Input packet count on incoming interface: 0xffffffff
Output packet count on outgoing interface: 0xffffffff
Total number of packets for this source-group pair: 0xffffffff
Forwarding TTL: 1
Forwarding Code: NO_ERROR
-3 10.1.0.1 1 PIM
Incoming Interface Address: 10.1.0.1
Outgoing Interface Address: 10.1.2.2
Previous-Hop Router Address: 0.0.0.0
Input packet count on incoming interface: 0xffffffff
Output packet count on outgoing interface: 0xffffffff
Total number of packets for this source-group pair: 0xffffffff
Forwarding TTL: 1
Forwarding Code: NO_ERROR
In maximum-hop mode, received the response message, and multicast traceroute finished.

● Run the mtrace [ -b | -gw last-hop-router | -d ] -r receiver -g group source

source-address command to trace the multicast path from a multicast source
to the destination host.
<HUAWEI> mtrace -gw 10.1.6.3 -r 10.1.6.4 -v source 10.1.0.1
Press Ctrl+C to break multicast traceroute facility
From the receiver(10.1.6.4), trace reverse path to source (10.1.0.1) according to RPF rules

Num Reverse-Path FwdTTL Protocol

0 10.1.6.4
-1 10.1.5.1 1 PIM
Incoming Interface Address: 10.1.5.1
Outgoing Interface Address: 10.1.6.3
Previous-Hop Router Address: 10.1.5.2
Input packet count on incoming interface: 0xffffffff
Output packet count on outgoing interface: 0xffffffff
Total number of packets for this source-group pair: 0xffffffff
Forwarding TTL: 1
Forwarding Code: NO_ERROR
-2 10.1.2.1 1 PIM
Incoming Interface Address: 10.1.2.1
Outgoing Interface Address: 10.1.5.2
Previous-Hop Router Address: 10.1.2.2
Input packet count on incoming interface: 0xffffffff
Output packet count on outgoing interface: 0xffffffff
Total number of packets for this source-group pair: 0xffffffff
Forwarding TTL: 1
Forwarding Code: NO_ERROR
-3 10.1.0.1 1 PIM
Incoming Interface Address: 10.1.0.1
Outgoing Interface Address: 10.1.2.2
Previous-Hop Router Address: 0.0.0.0
Input packet count on incoming interface: 0xffffffff
Output packet count on outgoing interface: 0xffffffff
Total number of packets for this source-group pair: 0xffffffff
Forwarding TTL: 1
Forwarding Code: NO_ERROR
In maximum-hop mode, received the response message, and multicast traceroute finished.

Step 3 (Optional) Run display mtrace statistics

MTrace message statistics are displayed.
Run this command if network connectivity is abnormal or you need to view
information about IGMP messages sent and received by devices on the multicast
network.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 313

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 5 Ping/Tracert

Step 4 (Optional) Run mtrace echo disable

A device is disabled from responding to MTrace request and query messages.

NOTICE

After the mtrace echo disable command is run, a device discards MTrace request
and query messages. As a result, MTrace detection is terminated on this device.

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 314

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

6 Telemetry Configuration

About This Chapter

Fast, accurate, and real-time network performance monitoring can be

implemented after telemetry is deployed.

6.1 Overview of Telemetry

Telemetry is a technology developed to fast collect data from physical or virtual
devices remotely. Devices use the push mode to proactively send their data
information, such as traffic statistics on interfaces, CPU usage, and memory data,
to the collector at a specific interval. In the conventional pull mode, devices
interact with the collector using questions and answers. The push mode
implements real-time and quick data collection.
6.2 Telemetry Licensing Requirements and Configuration Precautions
6.3 Configuring Static Telemetry Subscription (IPv4 Collector)
Static telemetry subscription indicates that a device functioning as a client initiates
a connection to a collector functioning as a server to send data collected.
6.4 Configuring Dynamic Telemetry Subscription (IPv4 Collector)
Dynamic telemetry subscription indicates that a collector functioning as a client
initiates a connection to a device functioning as a server to collect data.
6.5 Configuring Static Telemetry Subscription (IPv6 Collector)
Static telemetry subscription indicates that a device functioning as a client initiates
a connection to a collector functioning as a server to send data collected.
6.6 Configuring Dynamic Telemetry Subscription (IPv6 Collector)
In dynamic telemetry subscription, an IPv6 collector functioning as a client
initiates a connection to a device functioning as a server, and the device collects
and reports data.
6.7 Configuration Examples for Telemetry
This section describes the networking requirements, configuration roadmap, and
data preparation for telemetry configuration and provides configuration files.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 315

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

6.1 Overview of Telemetry

Telemetry is a technology developed to fast collect data from physical or virtual
devices remotely. Devices use the push mode to proactively send their data
information, such as traffic statistics on interfaces, CPU usage, and memory data,
to the collector at a specific interval. In the conventional pull mode, devices
interact with the collector using questions and answers. The push mode
implements real-time and quick data collection.
As the SDN network scale increases, more and more services need to be carried,
and users have higher requirements on intelligent SDN O&M. Specifically,
monitoring data should have a higher precision, so that microburst traffic can be
promptly detected and adjusted. The monitoring process should have little impact
on device functions and performance to improve device and network utilization.
Conventional network monitoring methods (such as SNMP get and CLI) are of low
management efficiency and cannot meet user requirements because of the
following disadvantages:
● The pull mode is used to obtain monitoring data of devices. This mode cannot
monitor a large number of network nodes, which limits the network growth.
● Monitoring data is accurate to minutes. To improve data precision, you can
only increase the query frequency. This causes the CPU usage of network
nodes to go high, affecting normal device functions.
● Monitored network node data is inaccurate due to transmission delays.
A new network monitoring mode is required to implement large-scale and high-
performance monitoring on network devices. The telemetry technology is
therefore developed to meet the requirement. With this technology, the intelligent
O&M system can manage more devices, monitoring data can be obtained in real
time with high precision, and the monitoring process has little impact on device
functions and performance. This technology provides the most important data
basis for fast fault locating and network quality optimization. It converts network
quality analysis into big data analysis, effectively supporting intelligent O&M.
Table 6-1 shows comparison between telemetry and conventional network
monitoring modes.

Table 6-1 Comparison between telemetry and conventional network monitoring

modes

Ite Telemetry SNMP Get SNMP Trap CLI Syslog

Wor Push Pull Push Pull Push

kin
g
mo
de

Prec Sub- Minutes Seconds Minutes Seconds

isio seconds
n

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 316

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

Ite Telemetry SNMP Get SNMP Trap CLI Syslog

Wh Structured Structured Structured Non- Non-

eth using the using MIB using MIB structured structured
er YANG
stru model
ctur
ed

As shown in Table 6-1, although SNMP trap and Syslog use the push mode, only alarms or
events are pushed. Monitoring data such as the interface traffic cannot be collected or sent.

6.2 Telemetry Licensing Requirements and

Configuration Precautions
Licensing Requirements
For details, see "Licensing Requirements" in Feature Description.

Configuration Precautions
Restrictions Guidelines Impact

● HQoS Telemetry None None

collects statistics only
about default SQ
data.
● Ethernet physical
interfaces and trunk
interfaces can only
support statistics
collection.
● Slow second-level
data collection is
supported.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 317

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

Restrictions Guidelines Impact

1. Telemetry starts to None The telemetry statistics

collect statistics after the are inconsistent with the
configuration is enabled. port statistics
However, port statistics
are collected when
traffic is running.
Therefore, the two
statistics results are
different.
2. When telemetry is
used to collect statistics
on an interface and
detection services (such
as BFD, twamp, 1ag,
y1731, nqa2544, y1564,
mpls oam, tp oam, and
APS) exist, the number
of incoming packets is
collected as detection
packets, causing the
number to be different
from the port statistics.
3. When telemetry is
used to collect statistics
on an interface and ETM
packet loss occurs, the
number of outgoing
packets is different from
the port statistics. In this
case, you are advised to
use the port-queue
statistics function of
HQoS to collect the
number of outgoing
packets.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 318

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

Restrictions Guidelines Impact

1. If the number of Reduce the number of Data collection efficiency

collected instances instances to be collected. is reduced.
exceeds the capability Configure a long
provided by the device, sampling period.
the sampling period is
automatically prolonged.
For example, if a user
configures a sampling
task to sample all
interfaces within 100 ms
and a total of 20
interfaces are available,
the 20 interfaces can be
sampled every 100 ms. If
there are 200 interfaces
in total, the interface
sampling can be
performed once a
second.
2. Telemetry supports
multi-level flow control
to avoid heavy traffic.
Each board is restricted
to report data to the
main control board at a
rate of 60 instances
every 100 ms.
3. For sampling tasks
with the minimum
sampling precision being
10 seconds or longer, if
the CPU usage of the
main control board is
greater than 90%,
Telemetry prolongs the
sampling task period of
the CPU and memory to
longer than 600 seconds
and suspends other
sampling tasks.
4. For sampling tasks
with the minimum
sampling precision being
10 seconds or longer, the
number of sampling
instances is limited to
about 200 per 10
seconds. Time required
for completing a
sampling task = (Total

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 319

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

Restrictions Guidelines Impact

number of instances/
200) x 10 seconds.
However, the sampling
task is always completed
10 seconds earlier due to
the actual number of
instances sampled at a
time.

● Shared policies cannot Do not use the shared ● Shared policies cannot
be used in conditional policies. be used in conditional
collection. collection.
● For the following ● The interval at which
policies, the smallest packets are sent
sampling interval is cannot be less than 1s
1s: even if the interval is
A, Policies that set to 100 ms.
contain if-match any
rules
B, Shared policies are
configured on multi-
NP-equipped boards.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 320

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

Restrictions Guidelines Impact

● If an eTM subcard is None The Telemetry statistics

installed and HQoS is are different from
configured for the common TE traffic
bandwidth, the HQoS statistics.
function of common
TE traffic statistics
collection is
implemented by the
eTM subcard
although the
Telemetry function is
implemented by the
NP. Therefore, the
Telemetry statistics
and common traffic
statistics may be
different.
● In inter-board
scenarios such as the
TE HSB switchover
and outbound
interface change,
Telemetry statistics
are reset and statistics
collection starts from
0 after the outbound
interface is changed,
which is different
from common TE
traffic statistics
collection.
● When common TE
traffic statistics
collection is switched
between the CAR and
statistics ID modes,
Telemetry statistics
and common TE
traffic statistics may
be different.
● In TE FRR protection,
if the primary tunnel
is faulty and traffic is
transmitted through
the bypass tunnel, the
telemetry statistics
about the primary
tunnel do not contain
traffic statistics after

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 321

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

Restrictions Guidelines Impact

FRR switching, which

are different from the
statistics queried on
the primary tunnel.

Telemetry supports a None None

four-level collection
period: 10 ms, 100 ms,
1s, and 30s. For a
collection object with a
collection period of 10
ms, if the number of
collected instances
exceeds the specification
at this level, the system
automatically enters the
next-level collection. If
the number of collected
instances exceeds the
specification at the level
with a collection period
of 30s, the instances will
not be monitored due to
insufficient resources.

For objects that support None None

the minimum collection
interval of 100 ms or 10
ms, when the number of
collected instances
exceeds a specified upper
limit of a matching level,
the system automatically
collects statistics about
instances of a next level.
If the number of
instances whose data is
collected within 30
seconds exceeds a
specified upper limit and
resources are insufficient,
the excess instances are
not monitored.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 322

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

Restrictions Guidelines Impact

There are restrictions on Reduce the number of Sampling performance

any sampling paths: any-path-sampling tasks. deteriorates.
1. The maximum depth
for any path sampling is
three layers (the layer
where the sampling path
is located, its sublayer,
and the grandchild
layer).
2. After memory usage
of a sampling task
exceeds 80%, the
sampling task is stopped
(except for memory and
CPU sampling).
3. After CPU usage of a
sampling task exceeds
90%, the sampling task
is stopped (except for
memory and CPU
sampling).

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 323

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

Restrictions Guidelines Impact

There are restrictions on None No data is reported

sampling for any paths: when sampling is
1. Although any path can performed for the
be sampled, sampling unsupported paths.
does not take effect for
some paths. For details
about the paths for
which sampling does not
take effect, see the proto
file released with the
version.
2. The affected nodes of
the paths for which
sampling does not take
effect are as follows:
(1) Parent and child
nodes with the same
name in the YANG
model
(2) Default-instance
nodes in the YANG
model
(3) Nodes defined by
Choice and Case
statements in the YANG
model
(4) Empty nodes in the
YANG model

6.3 Configuring Static Telemetry Subscription (IPv4

Collector)
Static telemetry subscription indicates that a device functioning as a client initiates
a connection to a collector functioning as a server to send data collected.

Usage Scenario
The controller uses commands to configure devices that support telemetry,
subscribe to data sources, and collect data. The protocol used to send data can be
gRPC or UDP.
If the connection between a device and the collection is interrupted, the device
connects to the collector and sends data again. However, the data sampled when
the connection is being re-established is lost.
After an active/standby switchover is performed or the system saves telemetry
service configurations and restarts, the telemetry service reloads its configurations

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 324

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

and continues to run. However, the data sampled during the restart or active/
standby switchover is lost. This poses high pressure on devices. Therefore,
telemetry static subscription is often used for coarse-grained data collection.

Pre-configuration Tasks
Before configuring static telemetry subscription, configure a static or dynamic
routing protocol so that devices can communicate at the network layer.

6.3.1 Configuring a Destination Collector

When you configure static telemetry subscription to the data sampled or a
customized event, you need to create a destination group and specify a
destination collector to which the data is sent.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run telemetry

The telemetry view is displayed.

Step 3 Run destination-group destination-group-name

A destination group to which the data sampled is sent is created, and the
Destination-group view is displayed.

Step 4 Run ipv4-address ip-address port port [ vpn-instance vpn-instance ] [ protocol

{ grpc [ no-tls ] | udp } ]

An IP address and a port number are configured for the destination collector, and
a protocol and an encryption mode are configured for data sending.

This command can be run for no more than five times for each destination group.
Both this command and the protocol command in the Subscription view can be run to
configure a protocol and encryption mode for the target collector. If the target collector is
associated with the subscription, command configurations take effect based on the
following rules:
● If the protocol command has been run in the Subscription view, the protocol and
encryption mode configured in the Subscription view take effect.
● If the protocol command is not run in the Subscription view, the protocol and
encryption mode configured in the Destination-group view take effect.

Step 5 Run commit

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 325

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

The configuration is committed.

----End

6.3.2 Configuring the Data to Be Sampled or a Customized

Event
When you configure static telemetry subscription to the data sampled or a
customized event, you need to create a sampling sensor group and specify a
sampling path and filter criteria.

Context
When static subscription is configured, a device functions as a client and a
collector functions as a server. To statically subscribe to the data sampled or a
customized event, you need to configure a source of the data to be sampled.
You can configure a telemetry customized event. If a performance indicator of a
resource object that telemetry monitors exceeds the user-defined threshold, the
customized event is reported to the collector in time for service policy
determination.

Procedure
● Configure the data to be sampled.
a. Run system-view
The system view is displayed.
b. Run telemetry
The telemetry view is displayed.
c. Run sensor-group sensor-name
A sampling sensor group is created, and the sensor-group view is
displayed.
d. Run sensor-path path
A sampling path is configured for the telemetry sensor group.

A maximum of 64 sampling paths can be configured for a sampling sensor

group, including sampling paths configured using the sensor-path and sensor-
path self-defined-event commands. When the number of sampling paths
reaches the upper limit, the device displays a message indicating that the
maximum number of paths is reached.
A sampling path name can be configured in a maximum of 10 sampling sensor
groups at the same time. When the number of sampling sensor groups for which
a sampling path name is configured reaches the upper limit, the device displays a
message indicating that the maximum number of sampling sensor groups is
reached.
e. (Optional) Run depth depth-value
A sampling depth is configured for the sampling path.
f. (Optional) Run policy reset-when-start

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 326

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

A sampling path is cleared during initial configuration.

Only the sampling path huawei-qos:qos/qosPortQueueStatInfos/

qosPortQueueStatInfo can be cleared during initial configuration.
g. Run filter filter-name

A filter is created for the sampling path, and the filter view is displayed.

If the sampling sensor group is subscribed to and configured with redundancy

suppression, sampling paths with filter criteria specified cannot be configured in
this sampling sensor group.
h. Run op-field field op-type { eq | gt | ge | lt | le } op-value value

A filter criterion is configured.

i. (Optional) Run condition-relation { and | or }

A logical operation mode between filter criteria is configured.

j. Run commit

The configuration is committed.

● Configure a customized event.
a. Run system-view

The system view is displayed.

b. Run telemetry

The telemetry view is displayed.

c. Run sensor-group sensor-name

A sampling sensor group is created, and the sensor-group view is

displayed.
d. Run sensor-path path self-defined-event

A telemetry customized event is configured.

A maximum of 64 sampling paths can be configured for a sampling sensor

group, including sampling paths configured using the sensor-path self-defined-
event and sensor-path commands. When the number of sampling paths reaches
the upper limit, the device displays a message indicating that the maximum
number of paths is reached.
A sampling path name can be configured in a maximum of 10 sampling sensor
groups at the same time. When the number of sampling sensor groups for which
a sampling path name is configured reaches the upper limit, the device displays a
message indicating that the maximum number of sampling sensor groups is
reached.
e. (Optional) Run description event-description

A description is configured for the customized event.

f. (Optional) Run suppress-period period

A suppression period is configured for the customized event.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 327

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

g. (Optional) Run level level-value

A level is configured for the customized event.

h. (Optional) Run depth depth-value

A sampling depth is configured for the sampling path.

i. Run filter filter-name

A filter is created for the sampling path, and the filter view is displayed.

If the sampling sensor group is subscribed to and configured with redundancy

suppression, sampling paths with filter criteria specified cannot be configured in
this sampling sensor group.
j. Run op-field field op-type { eq | gt | ge | lt | le } op-value value

A filter criterion is configured.

k. (Optional) Run condition-relation { and | or }

A logical operation mode between filter criteria is configured.

l. Run commit

The configuration is committed.

----End

6.3.3 Creating a Subscription

When you configure static telemetry subscription to the data sampled or a
customized event, you need to create a subscription to associate the configured
destination group with the configured sampling sensor group so that data can be
sent to the collector.

To configure an SSL policy for a client so that the server and client can establish a
secure SSL connection, you must ensure that the SSL policy has been created. For
details about how to create an SSL policy, see "Configuring and Binding an SSL
Policy" in "Basic Configuration" in the configuration guide.

Procedure
● Create a static subscription based on gRPC.
a. Run system-view

The system view is displayed.

b. Run telemetry

The telemetry view is displayed.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 328

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

c. Run subscription subscription-name

A subscription is created to associate a destination group with a sampling
sensor group, and the subscription view is displayed.
d. Run sensor-groupsensor-name [ sample-intervalsample-interval
{ [ suppress-redundant ] | [ heartbeat-intervalheartbeat-interval ] } * ]
A sampling sensor group is associated with the subscription, and a
sampling interval, redundancy suppression, and a heartbeat interval are
configured for the sampling sensor group.
e. Run destination-group destination-name
A destination group is associated with the subscription.
f. (Optional) Run local-source-address ipv4 ip-address
A source IP address is configured for gRPC-based data sending.
g. (Optional) Run dscp value
A DSCP value is set for data packets to be sent.
h. (Optional) Run encoding { json | gpb }
An encoding format is configured for data packets to be sent.
i. (Optional) Run protocol grpc [ no-tls ]
A protocol and encryption mode are configured for the target collector
that is associated with this subscription.

Both this command and the ipv4-address command in the destination-group

view can configure a protocol and encryption mode for the target collector. If the
target collector is associated with the subscription, command configurations take
effect based on the following rules:
● If this command has been run, the protocol and encryption mode
configured by running this command in the subscription view take effect.
● If this command is not run, the protocol and encryption mode configured by
running the ipv4-address command in the destination-group view take
effect.
j. (Optional) Configure a maximum usage for the main control board's CPU
used when telemetry collects data.
i. Run quit
Return to the telemetry view.
ii. Run cpu-usage max-percent usage
A maximum usage is configured for the main control board's CPU
used when telemetry collects data.

This command is supported only on the Admin-VS.

k. (Optional) Configure an SSL policy for the client or enable the client to
perform SSL verification on the server.

The certificate to be loaded must be supported by both the client and server.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 329

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

i. Run quit
Return to the system view.
ii. Run grpc
The gRPC view is displayed.
iii. Run grpc client
The gRPC client view is displayed.
iv. Run ssl-policy ssl-policy-name [ verify-cn cn-name ]
An SSL policy is configured for the client during static telemetry
subscription.

If the no-tls parameter has been configured by running the ipv4-address or

protocol (subscription view) command, the TLS encryption mode is not
used. In this case, the client-specific SSL policy configured by running this
command does not take effect.
v. Run ssl-verify peer
A client is enabled to perform SSL verification on a server during
static telemetry subscription.

If the no-tls parameter has been configured by running the ipv4-address or

protocol (subscription view) command, the TLS encryption mode is not
used. In this case, the configuration that enables the client to perform SSL
verification on a server does not take effect.
l. Run commit
The configuration is committed.
● Create a static subscription based on UDP.
a. Run system-view
The system view is displayed.
b. Run telemetry
The telemetry view is displayed.
c. Run subscription subscription-name
A subscription is created to associate a destination group with a sampling
sensor group, and the Subscription view is displayed.
d. Run sensor-groupsensor-name [ sample-intervalsample-interval
{ [ suppress-redundant ] | [ heartbeat-intervalheartbeat-interval ] } * ]
A sampling sensor group is associated with the subscription, and a
sampling interval, a heartbeat interval, and redundancy suppression are
configured for the sampling sensor group.
e. Run destination-group destination-name
A destination group is associated with the subscription.
f. (Optional) Run local-source-address ipv4ip-address [ port port ]
A source IP address and a port number are configured for UDP-based
data sending.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 330

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

g. (Optional) Run dscp value

A DSCP value is set for data packets to be sent.
h. (Optional) Run encoding { json | gpb }
An encoding format is configured for data packets to be sent.
i. (Optional) Run protocol udp
A protocol and encryption mode are configured for the target collector
that is associated with this subscription.

Both this command and the ipv4-address command in the Destination-group

6.3.4 Verifying the Telemetry Configuration

After configuring static telemetry subscription to the data sampled or a
customized event, check information about the sampling sensor group, destination
group, and subscription.

Prerequisites
The static telemetry subscription functions have been configured.

Procedure
● Run the display telemetry sensor [ sensor-name ] command to check the
sampling sensor information.
● Run the display telemetry destination [ dest-name ] command to check
information about a destination group to which the data sampled is sent.
● Run the display telemetry subscription [ subscription-name ] command to
check the subscription information.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 331

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

● Run the display telemetry sensor-path command to check the sampling

path of a telemetry sensor.
----End

6.4 Configuring Dynamic Telemetry Subscription (IPv4

Collector)
Dynamic telemetry subscription indicates that a collector functioning as a client
initiates a connection to a device functioning as a server to collect data.

Usage Scenario
If a collector functioning as a client initiates a connection to a device functioning
as a server, the data sampled is dynamically subscribed to. In this case, you need
to configure the source IP address and number for a port to be listened, and
enable the gRPC service. The protocol used to send data is gRPC.
If the connection where dynamic telemetry subscription resides is interrupted, the
device automatically cancels the subscription and stops data sampling and
reporting. The configuration cannot be restored unless the collector sends a
connection request again. For example, if a user wants to monitor an interface for
a period of time, configure dynamic telemetry subscription. To stop monitoring,
tear down the connection. The subscription is automatically canceled and cannot
be restored. This avoids the long-term load on devices and simplifies the
interaction between users and devices.

Pre-configuration Tasks
Before configuring dynamic telemetry subscription, complete the following tasks:
● Configure a static route or dynamic routing protocol to ensure that devices
can communicate at the network layer.
● Create an ACL, if needed, for the gRPC service to control which clients can
connect to the server. For details about how to create an ACL, see "ACL
Configuration" in "IP Services" in the configuration guide.
● Create an SSL policy, if needed, for the gRPC service so that the server and
client can establish a secure SSL connection. For details about how to create
an SSL policy, see "Configuring and Binding an SSL Policy" in "Basic
Configuration" in the configuration guide.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run grpc
The gRPC view is displayed.
Step 3 Run grpc server
The gRPC server view is displayed.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 332

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

Step 4 Run source-ip ip-address [ vpn-instance vpn-instance-name ]

A source IP address to be listened during dynamic telemetry subscription is

configured.

Step 5 Run server-port port-number

A port to be listened during dynamic telemetry subscription is set.

Step 6 (Optional) Run acl { acl-name | acl-number }

An ACL is configured for the gRPC service during dynamic telemetry subscription.

Step 7 (Optional) Run idle-timeout time

An idle timeout period is configured of the gRPC service during dynamic telemetry
subscription.

Step 8 (Optional) Run ssl-policy ssl-policy-name

An SSL policy is configured for the gRPC service during dynamic telemetry
subscription.

Step 9 (Optional) Run ssl-verify peer

A server is enabled to perform SSL verification on a client during dynamic

telemetry subscription.

Step 10 Run server enable

The gRPC service is enabled.

Step 11 (Optional) Configure a maximum usage for the main control board's CPU used
when telemetry collects data.
1. Run quit
Return to the gRPC view.
2. Run quit
Return to the system view.
3. Run telemetry
The telemetry view is displayed.
4. Run cpu-usage max-percent usage
A maximum usage is configured for the main control board's CPU used when
telemetry collects data.

This command is supported only on the Admin-VS.

Step 12 Run commit

The configuration is committed.

----End

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 333

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

Verifying the Configuration

After the preceding configurations are performed and the collector delivers the
data sampled, verify the configuration.

Run the display telemetry dynamic-subscription [ subName ] command to

check the dynamic subscription information.

6.5 Configuring Static Telemetry Subscription (IPv6

Collector)
Static telemetry subscription indicates that a device functioning as a client initiates
a connection to a collector functioning as a server to send data collected.

Usage Scenario
In static telemetry subscription mode, a device initiates a connection to a collector
to send data collected.

● If the connection is interrupted, the device connects to the collector and sends
data again. However, the data sampled when the connection is being
established again is lost.
● After an active/standby switchover is performed or the system saves telemetry
service configurations and restarts, the telemetry service reloads its
configurations and continues to run. However, the data sampled during the
restart or active/standby switchover is lost.

This poses high pressure on devices. Therefore, Telemetry static subscription is

often used for coarse-grained data collection.

Pre-configuration Tasks
Before configuring static telemetry subscription, configure a dynamic routing
protocol or static routes to ensure that devices can communicate at the network
layer.

6.5.1 Configuring an IPv6 Destination Collector

When you configure static telemetry subscription to the data sampled or a
customized event, you need to specify a destination collector to which the data is
sent.

Context
When static subscription is configured, a device functions as a client and an IPv6
collector functions as a server. To statically subscribe to the data sampled or a
customized event, you need to configure the IPv6 address and port number of an
IPv6 destination collector, and the protocol and encryption mode for data sending.

Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 334

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run telemetry

The telemetry view is displayed.

Step 3 Run destination-group destination-group-name

A destination group to which the data sampled is sent is created, and the
destination-group view is displayed.

Step 4 Run ipv6-address ip-address-ipv6 port port [ vpn-instance vpn-instance ]

[ protocol grpc [ no-tls ] ]

An IPv6 address and a port number are configured for the destination collector,
and a protocol and an encryption mode are configured for data sending.

This command can be run for no more than five times for each destination group.
Both this command and the protocol command in the subscription view can be run to
configure a protocol and encryption mode for the target collector. If the target collector is
associated with the subscription, command configurations take effect based on the
following rules:
● If the protocol command has been run in the subscription view, the protocol and
encryption mode configured in the subscription view take effect.
● If the protocol command is not run in the subscription view, the protocol and
encryption mode configured in the destination-group view take effect.

Step 5 Run commit

The configuration is committed.

----End

6.5.2 Configuring the Data to Be Sampled or a Customized

Event
When you configure static telemetry subscription to the data sampled or a
customized event, you need to create a sampling sensor group and specify a
sampling path and filter criteria.

You can configure a telemetry customized event. If a performance indicator of a

resource object that telemetry monitors exceeds the user-defined threshold, the
customized event is reported to the collector in time for service policy
determination.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

Procedure
● Configure the data to be sampled.
a. Run system-view

The system view is displayed.

b. Run telemetry

The telemetry view is displayed.

c. Run sensor-group sensor-name

A sampling sensor group is created, and the sensor-group view is

displayed.
d. Run sensor-path path

A sampling path is configured for the telemetry sensor group.

A maximum of 64 sampling paths can be configured for a sampling sensor

A sampling depth is configured for the sampling path.

f. (Optional) Run policy reset-when-start

A sampling path is cleared during initial configuration.

Only the sampling path huawei-qos:qos/qosPortQueueStatInfos/

qosPortQueueStatInfo can be cleared during initial configuration.
g. Run filter filter-name

A filter is created for the sampling path, and the filter view is displayed.

If the sampling sensor group is subscribed to and configured with redundancy

suppression, sampling paths with filter criteria specified cannot be configured in
this sampling sensor group.
h. Run op-field field op-type { eq | gt | ge | lt | le } op-value value

A filter criterion is configured.

i. (Optional) Run condition-relation { and | or }

A logical operation mode between filter criteria is configured.

j. Run commit

The configuration is committed.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

● Configure a customized event.

a. Run system-view

The system view is displayed.

b. Run telemetry

The telemetry view is displayed.

c. Run sensor-group sensor-name

A sampling sensor group is created, and the sensor-group view is

displayed.
d. Run sensor-path path self-defined-event

A telemetry customized event is configured.

A maximum of 64 sampling paths can be configured for a sampling sensor

A description is configured for the customized event.

f. (Optional) Run suppress-period period

A suppression period is configured for the customized event.

g. (Optional) Run level level-value

A level is configured for the customized event.

h. (Optional) Run depth depth-value

A sampling depth is configured for the sampling path.

i. Run filter filter-name

A filter is created for the sampling path, and the filter view is displayed.

If the sampling sensor group is subscribed to and configured with redundancy

suppression, sampling paths with filter criteria specified cannot be configured in
this sampling sensor group.
j. Run op-field field op-type { eq | gt | ge | lt | le } op-value value

A filter criterion is configured.

k. (Optional) Run condition-relation { and | or }

A logical operation mode between filter criteria is configured.

l. Run commit

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

The configuration is committed.

----End

6.5.3 Creating a Subscription

Context
When static subscription is configured, a device functions as a client and a
collector functions as a server. To statically subscribe to the data sampled or a
customized event, you need to create a subscription to set up a data sending
channel. The protocol used to send data can be gRPC or UDP.
Before configuring an SSL policy on the client to establish a secure SSL connection
between the client and server, ensure that the SSL policy has been created. For
details about how to create an SSL policy, see "Configuring and Binding an SSL
Policy" in Configuration Guide - Basic Configuration.

Procedure
● Create a static subscription based on gRPC.
a. Run system-view
The system view is displayed.
b. Run telemetry
The telemetry view is displayed.
c. Run subscriptionsubscription-name
A subscription is created, and the subscription view is displayed.
d. Run sensor-groupsensor-name [ sample-intervalsample-interval
{ [ suppress-redundant ] | [ heartbeat-intervalheartbeat-interval ] } * ]
A sampling sensor group is associated with the subscription, and a
sampling interval, a heartbeat interval, and redundancy suppression are
configured for the sampling sensor group.
e. Run destination-group destination-group-name
A destination group is associated with the subscription.
f. (Optional) Run local-source-address ipv6 ipv6-address
A source IPv6 address is configured for gRPC-based data sending.
g. (Optional) Run dscp value
A DSCP value is set for data packets to be sent.
h. (Optional) Run encoding { json | gpb }
An encoding format is configured for data packets to be sent.
i. (Optional) Run protocolgrpc [ no-tls ]

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

The protocol and encryption mode are configured for the destination
collector that is associated with this subscription.

Both this command and the ipv6-address command in the destination-group

view can configure a protocol and encryption mode for the destination collector.
If the destination collector is associated with the subscription, command
configurations take effect based on the following rules:
● If this command has been run, the protocol and encryption mode
configured by running this command in the subscription view take effect.
● If this command is not run, the protocol and encryption mode configured
using the ipv6-address command in the destination-group view take effect.
j. (Optional) Configure a maximum usage for the main control board's CPU
used when telemetry collects data.
i. Run quit
Return to the telemetry view.
ii. Run cpu-usage max-percent usage
A maximum usage is configured for the main control board's CPU
used when telemetry collects data.

This command is supported only by the admin VS.

k. (Optional) Configure an SSL policy for the client or enable the client to
perform SSL verification on the server.

The certificate to be loaded must be supported by both the client and server.

i. Run quit
Return to the system view.
ii. Run grpc
The gRPC view is displayed.
iii. Run grpc client
The gRPC client view is displayed.
iv. Run ssl-policy policy-name [ verify-cn cn-name ]
An SSL policy is configured for the client during static telemetry
subscription.

If the no-tls parameter is specified in the ipv6-address or protocol

(subscription view) command, the TLS encryption mode is not used. In this
case, the client-specific SSL policy configured by running this command does
not take effect.
v. Run ssl-verify peer
The client is configured to perform SSL verification on a server during
static telemetry subscription.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

If the no-tls parameter is specified in the ipv6-address or protocol

(subscription view) command, the TLS encryption mode is not used. In this
case, the configuration that enables the client to perform SSL verification on
a server does not take effect.
l. Run commit

The configuration is committed.

● Create a static subscription based on UDP.
a. Run system-view

The system view is displayed.

b. Run telemetry

The telemetry view is displayed.

c. Run subscriptionsubscription-name

A subscription is created, and the subscription view is displayed.

d. Run sensor-groupsensor-name [ sample-intervalsample-interval
{ [ suppress-redundant ] | [ heartbeat-intervalheartbeat-interval ] } * ]

A sampling sensor group is associated with the subscription, and a

sampling interval, a heartbeat interval, and redundancy suppression are
configured for the sampling sensor group.
e. Run destination-groupdestination-name

A destination group is associated with the subscription.

f. (Optional) Run local-source-address ipv6 ipv6-address [ port port-
value6 ]
A source IPv6 address and source port number are configured when UDP
is used for data sending.
g. (Optional) Run dscp value

A DSCP value is set for data packets to be sent.

h. (Optional) Run encoding { json | gpb }

An encoding format is configured for data packets to be sent.

i. (Optional) Run protocoludp

The protocol and encryption mode are configured for the destination
collector that is associated with this subscription.

Both this command and the ipv6-address command in the destination-group

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

j. (Optional) Configure a maximum usage for the main control board's CPU
used when telemetry collects data.
i. Run quit
Return to the telemetry view.
ii. Run cpu-usage max-percent usage
A maximum usage is configured for the main control board's CPU
used when telemetry collects data.
k. Run commit
The configuration is committed.
----End

6.5.4 Verifying the Telemetry Configuration

After configuring static telemetry subscription to the data sampled or a
customized event, verify information about the sampling sensor group, destination
group, and subscription.

Prerequisite
The static telemetry subscription functions have been configured.

Procedure
● Run the display telemetry sensor [ sensor-name ] command to check
sampling sensor information.
● Run the display telemetry destination [ dest-name ] command to check
information about a destination group to which the data sampled is sent.
● Run the display telemetry subscription [ subscription-name ] command to
check the subscription information.

6.6 Configuring Dynamic Telemetry Subscription (IPv6

Collector)
In dynamic telemetry subscription, an IPv6 collector functioning as a client
initiates a connection to a device functioning as a server, and the device collects
and reports data.

Usage Scenario
If an IPv6 collector functioning as a client initiates a connection to a device
functioning as a server, the data sampled is dynamically subscribed to. In this case,
you need to configure the source IPv6 address and port number for listening, and
enable the gRPC service.
If the connection that carries dynamic telemetry subscription is interrupted, the
device automatically cancels the subscription and stops data sampling and
reporting. The configuration cannot be restored unless the collector sends a
connection request again. For example, if a user wants to monitor an interface for

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

a period of time, configure dynamic telemetry subscription. To stop monitoring,

tear down the connection. The subscription is automatically canceled and cannot
be restored. This avoids the long-term load on devices and simplifies the
interaction between users and devices.

Pre-configuration Tasks
Before configuring dynamic telemetry subscription, complete the following tasks:

● configure a dynamic routing protocol or static routes to ensure that devices

can communicate at the network layer.
● Create an ACL if you need to configure an ACL for the gRPC IPv6 service to
control which clients can connect to the server. For details about how to
create an ACL, see "ACL6 Configuration" in Configuration Guide - IP Services.
● Create an SSL policy if you need to configure an SSL policy for the gRPC IPv6
service so that a secure SSL connection can be established between the server
and client. For details about how to create an SSL policy, see "Configuring and
Binding an SSL Policy" in Configuration Guide - Basic Configuration.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run grpc

The gRPC view is displayed.

Step 3 Run grpc server ipv6

The gRPC IPv6 service view is displayed.

Step 4 Run source-ip sourceIp [ vpn-instance vpnName ]

A source IPv6 address to be listened for during dynamic telemetry subscription is

configured.

Step 5 Run server-port port-number

A port number to be listened for during dynamic telemetry subscription is

configured.

Step 6 (Optional) Run acl { acl-name | acl-number }

An IPv6 ACL is configured for the gRPC service during dynamic telemetry
subscription.

Step 7 (Optional) Run idle-timeout time

An idle timeout period of the gRPC IPv6 service is set for dynamic telemetry
subscription.

Step 8 (Optional) Run ssl-policy policy-name

An SSL policy is configured for the gRPC IPv6 service during dynamic telemetry
subscription.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

Step 9 (Optional) Run ssl-verify peer

The server is configured to perform SSL verification on a client during dynamic
telemetry subscription.
Step 10 Run server enable
The gRPC IPv6 service is enabled.
Step 11 (Optional) Configure a maximum usage for the main control board's CPU used
when telemetry collects data.
1. Run quit
Return to the gRPC view.
2. Run quit
Return to the system view.
3. Run telemetry
The telemetry view is displayed.
4. Run cpu-usage max-percent usage
A maximum usage is configured for the main control board's CPU used when
telemetry collects data.

This command is supported only by the admin VS.

Step 12 Run commit

The configuration is committed.

----End

Verifying the Configuration

After the preceding configurations are performed and the collector delivers the
data sampled, verify the configuration.
Run the display telemetry dynamic-subscription [ subName ] command to
check the dynamic subscription information.

6.7 Configuration Examples for Telemetry

This section describes the networking requirements, configuration roadmap, and
data preparation for telemetry configuration and provides configuration files.

6.7.1 Example for Configuring Static Telemetry Subscription

Based on gRPC

Networking Requirements
As the network scale increases, carriers need to optimize networks and rectify
faults based on device information. For example, if the CPU usage of a device

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

exceeds a specified threshold, the device reports data to a collector so that

network traffic can be monitored and optimized in a timely manner.

As shown in Figure 6-1, Device A supports telemetry and establishes a gRPC

connection with the collector. When the CPU usage of Device A exceeds 40%, data
needs to be sent to the collector. When the system memory usage of Device A
exceeds 50%, a customized event needs to be sent to the collector.

Figure 6-1 Networking of configuring gRPC-based static telemetry subscription

In this example, Interface1 and Interface2 represent GE 1/0/1 and GE1/0/2, respectively.

Configuration Roadmap
The configuration roadmap is as follows:

1. Configure a destination collector.

2. Configure the data to be sampled and a customized event.
3. Create a subscription.

Data Preparation
To complete the configuration, you need the following data:

● Collector's IP address 10.20.2.1 and port number 10001. The Device A and the
collector must be routable.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

● Destination group name destination1

● Sampling sensor group name sensor1
● Subscription name subscription1

Procedure
Step 1 Configure an IP address and a routing protocol for each interface so that all
devices can communicate at the network layer.
Step 2 Configure a destination collector.
<HUAWEI> system-view
[~HUAWEI] sysname DeviceA
[*HUAWEI] commit
[~DeviceA] telemetry
[~DeviceA-telemetry] destination-group destination1
[*DeviceA-telemetry-destination-group-destination1] ipv4-address 10.20.2.1 port 10001 protocol grpc no-
tls

If the device connects to the collector using the IPv6 address, run the ipv6-address ip-
address-ipv6 port port [ vpn-instance vpn-instance ] [ protocol { grpc [ no-tls ] | udp } ]
command to configure the IPv6 address and port number of the destination collector.
[*DeviceA-telemetry-destination-group-destination1] quit

Step 3 Configure the data to be sampled and a customized event. When the value of
osMemoryUsage in the sampling path huawei-debug:debug/memory-infos/
memory-info is greater than 50, a customized event is reported.
[*DeviceA-telemetry] sensor-group sensor1
[*DeviceA-telemetry-sensor-group-sensor1] sensor-path huawei-debug:debug/cpu-infos/cpu-info
[*DeviceA-telemetry-sensor-group-sensor1-path] filter cpuinfo
[*DeviceA-telemetry-sensor-group-sensor1-path-filter-cpuinfo] op-field systemCpuUsage op-type gt op-
value 40
[*DeviceA-telemetry-sensor-group-sensor1-path-filter-cpuinfo] quit
[*DeviceA-telemetry-sensor-group-sensor1-path] quit
[*DeviceA-telemetry-sensor-group-sensor1] sensor-path huawei-debug:debug/memory-infos/memory-
info self-defined-event
[*DeviceA-telemetry-sensor-group-sensor1-self-defined-event-path] filter meminfo
[*DeviceA-telemetry-sensor-group-sensor1-self-defined-event-path-filter-meminfo] op-field
osMemoryUsage op-type gt op-value 50
[*DeviceA-telemetry-sensor-group-sensor1-self-defined-event-path-filter-meminfo] quit
[*DeviceA-telemetry-sensor-group-sensor1-self-defined-event-path] quit
[*DeviceA-telemetry-sensor-group-sensor1] quit

Step 4 Create a subscription.

[*DeviceA-telemetry] subscription subscription1
[*DeviceA-telemetry-subscription-subscription1] sensor-group sensor1
[*DeviceA-telemetry-subscription-subscription1] destination-group destination1
[*DeviceA-telemetry-subscription-subscription1] commit

----End

Configuration Files
Device A configuration file
#
sysname DeviceA
#
telemetry
#
sensor-group sensor1

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

sensor-path huawei-debug:debug/cpu-infos/cpu-info
filter cpuinfo
op-field systemCpuUsage op-type gt op-value 40
sensor-path huawei-debug:debug/memory-infos/memory-info self-defined-event
filter meminfo
op-field osMemoryUsage op-type gt op-value 50
#
destination-group destination1
ipv4-address 10.20.2.1 port 10001 protocol grpc no-tls
#
subscription subscription1
sensor-group sensor1
destination-group destination1
#
return

6.7.2 Example for Configuring Static Telemetry Subscription

Based on UDP

Networking Requirements
As the network scale increases, carriers need to optimize networks and rectify
faults based on device information. For example, if the CPU usage of a device
exceeds a specified threshold, the device reports data to a collector so that
network traffic can be monitored and optimized in a timely manner.
As shown in Figure 6-2, Device A supports telemetry and establishes a UDP
connection with the collector. When the CPU usage of Device A exceeds 40%, data
needs to be sent to the collector. When the system memory usage of Device A
exceeds 50%, a customized event needs to be sent to the collector.

Figure 6-2 Networking of configuring UDP-based static telemetry subscription

In this example, Interface1 and Interface2 represent GE 1/0/0 and GE 2/0/0, respectively.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure a destination collector.
2. Configure the data to be sampled and a customized event.
3. Create a subscription.

Data Preparation
To complete the configuration, you need the following data:
● Collector's IP address 10.20.2.1 and port number 10001; IP address of Device
A's Interface1 192.168.1.1 and port number 11111
● Destination group name destination1
● Sampling sensor group name sensor1
● Subscription name subscription1

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

[~DeviceA] telemetry
[~DeviceA-telemetry] destination-group destination1
[*DeviceA-telemetry-destination-group-destination1] ipv4-address 10.20.2.1 port 10001 protocol udp

If the device connects to the destination collector using an IPv6 address, you must run the
ipv6-address ip-address port port [ vpn-instance vpn-instance ] [ protocol udp ]
command to configure the IPv6 address and port number of the destination collector.
[*DeviceA-telemetry-destination-group-destination1] quit

Step 3 Configure the data to be sampled and a customized event.

[*DeviceA-telemetry] sensor-group sensor1
[*DeviceA-telemetry-sensor-group-sensor1] sensor-path huawei-debug:debug/cpu-infos/cpu-info
[*DeviceA-telemetry-sensor-group-sensor1-path] filter cpuinfo
[*DeviceA-telemetry-sensor-group-sensor1-path-filter-cpuinfo] op-field systemCpuUsage op-type gt op-
value 40
[*DeviceA-telemetry-sensor-group-sensor1-path-filter-cpuinfo] quit
[*DeviceA-telemetry-sensor-group-sensor1-path] quit
[*DeviceA-telemetry-sensor-group-sensor1] sensor-path huawei-debug:debug/memory-infos/memory-
info self-defined-event
[*DeviceA-telemetry-sensor-group-sensor1-self-defined-event-path] filter memoryinfo
[*DeviceA-telemetry-sensor-group-sensor1-self-defined-event-path-filter-memoryinfo] op-field
osMemoryUsage op-type gt op-value 50
[*DeviceA-telemetry-sensor-group-sensor1-self-defined-event-path-filter-memoryinfo] quit
[*DeviceA-telemetry-sensor-group-sensor1-self-defined-event-path] quit
[*DeviceA-telemetry-sensor-group-sensor1] quit

Step 4 Create a subscription.

If the device connects to the destination collector using an IPv6 address, run the local-
source-address ipv6 ip-address port port command to configure the source IPv6 address
and source port number.
[*DeviceA-telemetry-subscription-subscription1] commit

----End

Configuration Files
Device A configuration file
#
sysname DeviceA
#
telemetry
#
sensor-group sensor1
sensor-path huawei-debug:debug/cpu-infos/cpu-info
filter cpuinfo
op-field systemCpuUsage op-type gt op-value 40
sensor-path huawei-debug:debug/memory-infos/memory-info self-defined-event
filter memoryinfo
op-field osMemoryUsage op-type gt op-value 50
#
destination-group destination1
ipv4-address 10.20.2.1 port 10001 protocol udp
#
subscription subscription1
sensor-group sensor1
destination-group destination1

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

local-source-address ipv4 192.168.1.1 port 11111

#
return

6.7.3 Example for Configuring Dynamic Telemetry

Subscription Based on gRPC (IPv4 Collector)

Networking Requirements
As the network scale increases, carriers need to optimize networks and rectify
faults based on device information. For example, if a user wants to monitor an
interface for a period of time, configure dynamic telemetry subscription. To stop
monitoring, tear down the connection. The subscription is automatically canceled
and cannot be restored. This avoids the long-term load on devices and simplifies
the interaction between users and devices.
As shown in Figure 6-3, Device A supports telemetry and establishes a gRPC
connection with the collector. Interface1 of Device A needs to be monitored, and
data needs to be sent to the collector as required.

Figure 6-3 Networking of configuring gRPC-based dynamic telemetry subscription

In this example, Interface1 and Interface2 represent GE 1/0/1 and GE 1/0/2, respectively.

Configuration Roadmap
The configuration roadmap is as follows:

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

1. Configure a source IP address to be listened during dynamic telemetry

subscription and the name of a VPN instance to be bound to the source IP
address.
2. Configure the number of the port to be listened during dynamic telemetry
subscription.
3. Enable the gRPC service.

Data Preparation
To complete the configuration, you need the following data:
● IP address of Interface1: 192.168.1.1; Name of the VPN instance to be bound
to Interface1: vpn1
● Number of the port to be listened for: 20000

Procedure
Step 1 Configure an IP address and a routing protocol for each interface so that all
devices can communicate at the network layer.
Step 2 Configure a source IP address to be listened during dynamic telemetry subscription
and the name of a VPN instance to be bound to the source IP address.
<HUAWEI> system-view
[~HUAWEI] sysname DeviceA
[*HUAWEI] commit
[~DeviceA] grpc
[~DeviceA-grpc] grpc server
[~DeviceA-grpc-server] source-ip 192.168.1.1 vpn-instance vpn1

Step 3 Configure the number of the port to be listened during dynamic telemetry
subscription.
[*DeviceA-grpc-server] server-port 20000

Step 4 Enable the gRPC service.

[*DeviceA-grpc-server] server enable
[*DeviceA-grpc-server] commit

----End

Configuration Files
Device A configuration file
#
sysname DeviceA
#
grpc
#
grpc server
source-ip 192.168.1.1 vpn-instance vpn1
server-port 20000
server enable
#
return

6.7.4 Example for Configuring Dynamic Telemetry

Subscription Based on gRPC (IPv6 Collector)

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

As shown in Figure 6-4, Device A supports telemetry and establishes a gRPC

connection with the collector. Interface1 of Device A needs to be monitored, and
data needs to be sent to the collector as required.

Device A communicates with the collector using an IPv6 address.

Figure 6-4 Configuring gRPC-based dynamic telemetry subscription

In this example, Interface1 and Interface2 represent GE1/0/1 and GE1/0/2, respectively.

Configuration Roadmap
The configuration roadmap is as follows:

1. Configure a source IPv6 address to be listened for during dynamic telemetry

subscription and the name of a VPN instance to be bound to the source IPv6
address.
2. Configure the number of the port to be listened for during dynamic telemetry
subscription.
3. Enable the gRPC service.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 6 Telemetry Configuration

Data Preparation
To complete the configuration, you need the following data:
● IPv6 address of Interface1: 2001:db8:4::1 (Interface1 on Device A and the
collector must be routable.)
● Number of the port to be listened for: 20000

Procedure
Step 1 Configure an IPv6 address and a routing protocol for each interface so that all
devices can communicate at the network layer.
Step 2 Set the source IPv6 address to be listened for during dynamic telemetry
subscription.
<HUAWEI> system-view
[~HUAWEI] sysname DeviceA
[*HUAWEI] commit
[~DeviceA] grpc
[~DeviceA-grpc] grpc server ipv6
[~DeviceA-grpc-server-ipv6] source-ip 2001:db8:4::1

Step 3 Configure the number of the port to be listened for during dynamic telemetry
subscription.
[*DeviceA-grpc-server-ipv6] server-port 20000

Step 4 Enable the gRPC service.

[*DeviceA-grpc-server-ipv6] server enable
[*DeviceA-grpc-server-ipv6] commit

----End

Configuration Files
Device A configuration file
#
sysname DeviceA
#
interface GigabitEthernet1/0/0
undo shutdown
ipv6 enable
ipv6 address 2001:db8:4::1/64
#
ipv6 route-static 2001:db8:3:: 64 GigabitEthernet1/0/0 2001:db8:4::2
#
grpc
#
grpc server ipv6
source-ip 2001:db8:4::1
server-port 20000
server enable
#
return

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 7 TWAMP Configuration

7 TWAMP Configuration

About This Chapter

The Two-Way Active Measurement Protocol (TWAMP) allows users to quickly

obtain statistics on IP network performance.

7.1 Overview of TWAMP

The Two-Way Active Measurement Protocol (TWAMP) is a technology that
measures the round-trip performance of an IP network.TWAMP uses UDP packets
to collect statistics about the delay, jitter, and packet loss rate. In addition, TWAMP
intelligently separates session control and traffic measurement to provide high
security.
7.2 TWAMP Licensing Requirements and Configuration Precautions
7.3 Configuring TWAMP
This section describes how to configure TWAMP, including configuring the server
and session-reflector.
7.4 Configuring TWAMP
This section describes how to configure TWAMP, including configuring the server
and session-reflector.
7.5 Configuration Examples for TWAMP
This section provides TWAMP configuration examples.

7.1 Overview of TWAMP

Background
As networks rapidly develop and applications widely apply, various services are
deployed to meet requirements in different scenarios. Therefore, networks

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 7 TWAMP Configuration

encounter increasingly higher requirements for statistics collection. A tool that

rapidly provides statistics about IP network performance is in urgent need.
Traditionally, network elements (NEs) themselves generate and maintain statistics
about the IP network performance. To display statistics about the performance of
an entire network, a network management system (NMS) is required to manage
multiple NEs and collect statistics about these NEs. However, there may be no
NMS deployed or the NMS may be incapable of collecting statistics.
TWAMP is therefore introduced. NEs themselves no longer need to generate or
maintain statistics about the IP network performance. The performance
management system manages only the TWAMP client and easily obtains statistics
about the entire network.

Advantages
TWAMP has the following advantages over the traditional tools that collect
statistics about IP network performance:
● TWAMP is a standard protocol that has a unified measurement model and
packet format, facilitating deployment.
● Multiprotocol Label Switching Transport Profile (MPLS-TP) Operation,
Administration and Maintenance (OAM) can be deployed only on MPLS-TP
networks, whereas TWAMP can be deployed on IP networks, MPLS networks,
and Layer 3 virtual private networks (L3VPNs).
● Compared with IP Flow Performance Measurement (FPM), TWAMP boasts
stronger availability and easier deployment and requires no clock
synchronization.

Models
TWAMP uses the client/server mode and defines four logical entities, as shown in
Figure 7-1.
● Control-client: establishes, starts, and stops a test session and collects
statistics.
● Session-sender: proactively sends probes for performance statistics after being
notified by the control-client.
● Server: responds to the control-client's request for establishing, starting, or
stopping a test session.
● Session-reflector: replies to the probes sent by the session-sender with
response probes after being notified by the server.
In TWAMP, TCP packets are used as control signals, and UDP packets are used as
probes.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 7 TWAMP Configuration

Figure 7-1 Logical architecture of TWAMP

7.2 TWAMP Licensing Requirements and Configuration

Precautions
Licensing Requirements
For details, see "Licensing Requirements" in Feature Description.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 7 TWAMP Configuration

Configuration Precautions
Restrictions Guidelines Impact

When TWAMP Light is Configure the L2 TWAMP Light packets

performed in an E2E responder first. cannot be terminated on
L2+L3 scenario, the the L2 side and are
TWAMP Light sender is transparently transmitted
configured on the L3 to the terminal or device
side and the DIP is connected to the L2 AC
specified as the user-side side.
IP address to implement
a TWAMP Light test. If
the L2 responder is not
configured at this time
or the configuration is
delivered to the
responder after the
sender initiates the test,
TWAMP Light packets
cannot be terminated on
the L2 side and are
transparently transmitted
to the terminal or device
connected to the L2 AC
side.

7.3 Configuring TWAMP

This section describes how to configure TWAMP, including configuring the server
and session-reflector.

7.4 Configuring TWAMP

This section describes how to configure TWAMP, including configuring the server
and session-reflector.

Applicable Environment
TWAMP applies to scenarios in which statistics on the IP network performance
must be quickly obtained but do not need to be highly accurate.

Currently, a Huawei device can function only as the server and session-reflector. To
implement TWAMP, ensure that devices that can function as the control-client and session-
sender exist on the network.

Pre-configuration Tasks
Before configuring TWAMP, complete the following tasks:

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 7 TWAMP Configuration

● Ensure that some devices on the live network can function as the control-
client and session-sender and comply with relevant standards.
● Ensure that the control-client and server are routable and the links between
them work properly.

Data Preparation
To configure TWAMP, you need the following data.

No. Data

1 (Optional) TCP port number and inactive interval for a control session

2 (Optional) Inactive interval for a test session

7.4.1 Configuring the Server

This section describes how to configure the TWAMP server, which responds to the
control-client's request for establishing, starting, or stopping a TWAMP session.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run nqa twamp
The TWAMP view is displayed.
Step 3 Run server
The server function is enabled, and the server view is displayed.
Step 4 (Optional) Run tcp port port-number [ all | vpn-instance vpn-instance-name ]
A TCP port is specified.
Step 5 (Optional) Run control-session inactive time-out
An inactive interval is configured for a control session.
Step 6 (Optional) Run client acl { aclnumBasic | aclnumAdv | aclname }
The ACL rule to be referenced is configured.
Step 7 Run commit
The configuration is committed.

----End

7.4.2 Configuring the Session-Reflector

This section describes how to configure the session-reflector. The session-reflector
replies to the probes sent by the session-sender after being notified by the server.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 7 TWAMP Configuration

Context
After the session-reflector is configured, the session-reflector can reply to the
session-sender with timestamps and serial numbers to help collect statistics about
the delay, jitter, and packet loss rate.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run nqa twamp
The TWAMP view is displayed.
Step 3 Run reflector
The session-reflector function is enabled, and the session-reflector view is
displayed.
Step 4 (Optional) Run test-session inactive timeout
An inactive interval is configured for a test session.
Step 5 Run commit
The configuration is committed.

----End

7.4.3 Verifying the TWAMP Configuration

After configuring TWAMP, verify the configuration.

Prerequisites
TWAMP has been configured.

Procedure
● Run the display twamp global-info command to check global information
about TWAMP.
● Run the display twamp control-session [ verbose | client-ip client-ip-
address client-port client-port-number [ vpn-instance vpn-instance-name ] ]
command to check information about control sessions on the server.
● Run the display twamp test-session [ verbose | reflector-ip reflector-ip-
address reflector-port reflectort-port-number [ vpn-instance vpn-instance-
name ] ] command to check information about test sessions on the session-
reflector.
----End

7.5 Configuration Examples for TWAMP

This section provides TWAMP configuration examples.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 7 TWAMP Configuration

7.5.1 Example for Configuring TWAMP

This section provides an example for configuring TWAMP in typical networking.

Networking Requirements
As shown in Figure 7-2, DeviceA on an IP network functions as the server in a
TWAMP test. DeviceB functions as the control-client and specifies the IP address
of DeviceA to start collecting statistics. DeviceB sends statistics to the performance
management system.

Figure 7-2 Configuring TWAMP

Configuration Roadmap
The configuration roadmap for DeviceA is as follows:
1. Configure the server.
2. Configure the session-reflector.

Data Preparation
To complete the configuration, you need the following data:
● IP address of DeviceA
● TCP port number
● Inactive interval for a control session
● Inactive interval for a test session

Procedure
Step 1 Configure DeviceA, DeviceB, and the performance management system to be
routable. The configuration details are not provided here.
Step 2 Configure the server.
<DeviceA> system-view
[~DeviceA] nqa twamp
[~DeviceA-twamp] server
[*DeviceA-twamp-srv] tcp port 65530
[*DeviceA-twamp-srv] control-session inactive 600

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 7 TWAMP Configuration

[*DeviceA-twamp-srv] quit

Step 3 Configure the session-reflector.

[*DeviceA-twamp] reflector
[*DeviceA-twamp-ref] test-session inactive 600
[*DeviceA-twamp-ref] quit
[*DeviceA-twamp] quit
[*DeviceA] commit

Step 4 Verify the configuration.

# View global information about TWAMP on DeviceA.
[~DeviceA] display twamp global-info
Start Time : 2019-08-05 16:47:55
Control Session Numbers : 10
Control Session Rejected Numbers : 0
Test Session Numbers : 10
Test Session Completed Numbers : 10
Test Session Aborted Numbers :0
Test Tx Numbers : 100
Test Rx Numbers : 100

# View information about control sessions on DeviceA.

[~DeviceA] display twamp control-session verbose
State : active
Control Session ID : 0
Client IP : 1.1.1.1
Client Port : 65530
Server IP : 1.1.1.2
Server Port : 65530
VPN Instance :-
Mode : unauthenticated
Inactivity Time(s) : -
Test Session Number : 10
Created Time : 2019-08-05 16:47:55
Normal Stop : 100
Abort Stop : 10

# View information about test sessions on DeviceA.

[~DeviceA] display twamp test-session verbose
State : active
Sender IP : 1.1.1.1
Sender Port : 65530
Reflector IP : 1.1.1.2
Reflector Port : 65530
Session ID : 1.1.1.1:1039033631:FCF9C6DA
Control Session ID : 1
Mode : unauthenticated
DSCP : 03
Padding Length : 128
VPN Instance :-
Create Time : 2019-08-05 16:47:55
Last Start Time : 2019-08-05 16:47:55
Last Stop Time : never
Sequence Number : 2000
Test Tx Numbers : 100
Test Rx Numbers : 100
Test Discard Numbers : 0

----End

Configuration Files
● DeviceA configuration file
#

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 7 TWAMP Configuration

sysname DeviceA
#
nqa twamp
server
tcp port 65530
control-session inactive 600
reflector
test-session inactive 600
#
return

7.5.2 Example for Configuring TWAMP on an L3 VXLAN

This section provides an example for configuring TWAMP functions on an L3
VXLAN.

Networking Requirements
On the L3 VXLAN shown in Figure 7-3, DeviceB functions as the server in a
TWAMP test. DeviceA functions as the control-client and specifies the IP address
of DeviceB to start collecting statistics. DeviceA sends statistics to the performance
management system.

Figure 7-3 Configuring TWAMP on an L3 VXLAN

Interface 1 in this example represents GigabitEthernet 1/0/0.

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure a VXLAN tunnel between DeviceA and DeviceB.
2. Configure the server on DeviceB.
3. Configure the session-reflector on DeviceB.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 7 TWAMP Configuration

Data Preparation
To complete the configuration, you need the following data:
● IP addresses of interfaces connecting devices
● TCP port number

Procedure
Step 1 Assign an IP address to each node interface, including the loopback interface.
For configuration details, see Configuration Files.
Step 2 Configure an IGP (IS-IS in this example) on the backbone network.
For configuration details, see Configuration Files.
Step 3 Configure a VXLAN tunnel between DeviceA and DeviceB.
For the configuration roadmap, see VXLAN Configuration. For configuration
details, see Configuration Files.
After a VXLAN tunnel is established, you can run the display vxlan tunnel
command on DeviceA to view VXLAN tunnel information. Use the command
output on DeviceA as an example.
[~DeviceA] display vxlan tunnel
Number of vxlan tunnel : 1
Tunnel ID Source Destination State Type Uptime
-----------------------------------------------------------------------------------
4026531841 1.1.1.1 2.2.2.2 up dynamic 00:12:56

Step 4 Set the forwarding mode of the VXLAN tunnel to hardware loopback.
# Configure DeviceA.
[~DeviceA] global-gre forward-mode loopback

# Configure DeviceB.
[~DeviceB] global-gre forward-mode loopback

Step 5 Configure the server.

[*DeviceB] nqa twamp
[*DeviceB-twamp] server
[*DeviceB-twamp-srv] tcp port 65530 vpn-instance vpn1
[*DeviceB-twamp-srv] quit

Step 6 Configure the session-reflector.

[*DeviceB-twamp] reflector
[*DeviceB-twamp-ref] quit
[*DeviceB-twamp] quit
[*DeviceB] commit

Step 7 Verify the configuration.

# View global TWAMP information on DeviceB.
[~DeviceB] display twamp global-info
Start Time : 2019-08-05 16:47:55
Control Session Numbers : 10
Control Session Rejected Numbers : 0
Test Session Numbers : 10
Test Session Completed Numbers : 10

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 7 TWAMP Configuration

Test Session Aborted Numbers :0

Test Tx Numbers : 100
Test Rx Numbers : 100

# View TWAMP control session information on DeviceB.

[~DeviceB] display twamp control-session verbose
State : active
Control Session ID : 0
Client IP : 192.168.2.1
Client Port : 65530
Server IP : 192.168.2.2
Server Port : 65530
VPN Instance :-
Mode : unauthenticated
Inactivity Time(s) : -
Test Session Number : 10
Created Time : 2019-08-05 16:47:55
Normal Stop : 100
Abort Stop : 10

# View TWAMP test session information on DeviceB.

[~DeviceB] display twamp test-session verbose
State : active
Sender IP : 192.168.2.1
Sender Port : 65530
Reflector IP : 192.168.2.2
Reflector Port : 65530
Session ID : 192.168.2.1:1039033631:FCF9C6DA
Control Session ID : 1
Mode : unauthenticated
DSCP : 03
Padding Length : 128
VPN Instance : vpn1
Create Time : 2019-08-05 16:47:55
Last Start Time : 2019-08-05 16:47:55
Last Stop Time : never
Sequence Number : 2000
Test Tx Numbers : 100
Test Rx Numbers : 100
Test Discard Numbers : 0

----End

Configuration Files
● DeviceA configuration file
#
sysname DeviceA
#
evpn vpn-instance evrf3 bd-mode
route-distinguisher 10:1
apply-label per-instance
vpn-target 11:1 export-extcommunity
vpn-target 11:1 import-extcommunity
#
ip vpn-instance vpn1
ipv4-family
route-distinguisher 11:11
apply-label per-instance
vpn-target 1:1 export-extcommunity
vpn-target 11:1 export-extcommunity evpn
vpn-target 1:1 import-extcommunity
vpn-target 11:1 import-extcommunity evpn
vxlan vni 5010
#
bridge-domain 10

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 7 TWAMP Configuration

vxlan vni 10 split-horizon-mode

evpn binding vpn-instance evrf3
#
isis 1
network-entity 10.0000.0000.0001.00
#
interface Vbdif10
ip binding vpn-instance vpn1
ip address 10.1.1.1 255.255.255.0
arp distribute-gateway enable
arp collect host enable
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 192.168.2.1 255.255.255.0
isis enable 1
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
isis enable 1
#
interface Nve1
source 1.1.1.1
vni 10 head-end peer-list protocol bgp
#
bgp 100
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
#
l2vpn-family evpn
undo policy vpn-target
peer 2.2.2.2 enable
peer 2.2.2.2 advertise irb
peer 2.2.2.2 advertise encap-type vxlan
#
global-gre forward-mode loopback
#
return
● DeviceB configuration file
#
sysname DeviceB
#
evpn vpn-instance evrf3 bd-mode
route-distinguisher 20:1
apply-label per-instance
vpn-target 11:1 export-extcommunity
vpn-target 11:1 import-extcommunity
#
ip vpn-instance vpn1
ipv4-family
route-distinguisher 22:22
apply-label per-instance
vpn-target 2:2 export-extcommunity
vpn-target 11:1 export-extcommunity evpn
vpn-target 2:2 import-extcommunity
vpn-target 11:1 import-extcommunity evpn
vxlan vni 5010
#
bridge-domain 20
vxlan vni 20 split-horizon-mode
evpn binding vpn-instance evrf3
#
isis 1
network-entity 10.0000.0000.0002.00
#

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 7 TWAMP Configuration

interface Vbdif20
ip binding vpn-instance vpn1
ip address 10.2.1.1 255.255.255.0
arp distribute-gateway enable
arp collect host enable
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 192.168.2.2 255.255.255.0
isis enable 1
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
isis enable 1
#
interface Nve1
source 2.2.2.2
vni 20 head-end peer-list protocol bgp
#
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
#
l2vpn-family evpn
undo policy vpn-target
peer 1.1.1.1 enable
peer 1.1.1.1 advertise irb
peer 1.1.1.1 advertise encap-type vxlan
#
nqa twamp
server
tcp port 65530 vpn-instance vpn1
reflector
#
global-gre forward-mode loopback
#
return

7.5.3 Example for Configuring TWAMP on an EVPN L3VPN

This section provides an example for configuring TWAMP functions on an EVPN
L3VPN.

Networking Requirements
On the EVPN L3VPN shown in Figure 7-4, DeviceB functions as the server in a
TWAMP test. DeviceA functions as the control-client and specifies the IP address
of DeviceB to start collecting statistics. DeviceA sends statistics to the performance
management system.

Figure 7-4 Example for configuring TWAMP on an EVPN L3VPN

Interface 1 in this example represents GE 1/0/0.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 7 TWAMP Configuration

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure an EVPN L3VPN.
2. Configure the server.
3. Configure the session-reflector.

Data Preparation
To complete the configuration, you need the following data:
● IP addresses of interfaces connecting devices
● TCP port number

Procedure
Step 1 Assign an IP address to each node interface, including the loopback interface.
For configuration details, see Configuration Files.
Step 2 Configure an IGP (IS-IS in this example) on the backbone network.
For configuration details, see Configuration Files.
Step 3 Configure an IS-IS SR-MPLS BE tunnel between DeviceA and DeviceB.
For the configuration roadmap, see Configuring an IS-IS SR-MPLS BE Tunnel. For
configuration details, see Configuration Files.
Step 4 Configure an EVPN L3VPN between DeviceA and DeviceB.
For configuration details, see Configuring an EVPN to Carry Layer 3 Services. For
configuration details, see Configuration Files.
Step 5 Configure the server.
<DeviceB> system-view
[~DeviceB] nqa twamp
[*DeviceB-twamp] server

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 7 TWAMP Configuration

[*DeviceB-twamp-srv] tcp port 65530 vpn-instance vpna

[*DeviceB-twamp-srv] quit
[*DeviceB-twamp] quit
[*DeviceB] commit

Step 6 Configure the session-reflector.

[*DeviceB] nqa twamp
[*DeviceB-twamp] reflector
[*DeviceB-twamp-ref] quit
[*DeviceB-twamp] quit
[*DeviceB] commit

Step 7 Verify the configuration.

# View TWAMP test session information on DeviceB.
[~DeviceB] display twamp test-session verbose
State : active
Sender IP : 192.168.2.2
Sender Port : 65530
Reflector IP : 192.168.2.1
Reflector Port : 65530
Session ID : 192.168.2.2:1039033631:FCF9C6DA
Control Session ID : 1
Mode : unauthenticated
DSCP : 03
Padding Length : 128
VPN Instance : vpna
Create Time : 2012-08-05 16:47:55
Last Start Time : 2012-08-05 16:47:55
Last Stop Time : never
Sequence Number : 2000
Test Tx Numbers : 100
Test Rx Numbers : 100
Test Discard Numbers : 0

----End

Configuration Files
● DeviceA configuration file
#
sysname DeviceA
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 200:1
apply-label per-instance
tnl-policy SR-MPLS BE
vpn-target 111:1 export-extcommunity
vpn-target 111:1 import-extcommunity
#
mpls lsr-id 1.1.1.3
#
mpls
#
segment-routing
tunnel-prefer segment-routing
#
isis 1
is-level level-2
cost-style wide
network-entity 00.0005.0000.0000.0012.00
traffic-eng level-2
segment-routing mpls
segment-routing global-block 200000 201000
#
interface GigabitEthernet1/0/0

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 7 TWAMP Configuration

undo shutdown
ip binding vpn-instance vpna
ip address 192.168.2.2 255.255.255.0
#
interface LoopBack0
ip address 1.1.1.3 255.255.255.255
isis enable 1
isis prefix-sid index 20
#
bgp 100
peer 1.1.1.2 as-number 100
peer 1.1.1.2 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
import-route direct
peer 1.1.1.2 enable
#
ipv4-family vpnv4
policy vpn-target
peer 1.1.1.2 enable
#
ipv4-family vpn-instance vpna
import-route direct
peer 1.1.1.2 as-number 100
advertise l2vpn evpn
#
l2vpn-family evpn
undo policy vpn-target
peer 1.1.1.2 enable
#
tunnel-policy SR-MPLS BE
tunnel select-seq lsp load-balance-number 1
#
return
● DeviceB configuration file
#
sysname DeviceB
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 100:1
apply-label per-instance
tnl-policy SR-MPLS BE
vpn-target 111:1 export-extcommunity
vpn-target 111:1 import-extcommunity
#
mpls lsr-id 1.1.1.2
#
mpls
#
segment-routing
tunnel-prefer segment-routing
#
isis 1
is-level level-2
cost-style wide
network-entity 00.0005.0000.0000.0010.00
traffic-eng level-2
segment-routing mpls
segment-routing global-block 200000 201000
#
interface GigabitEthernet1/0/0
undo shutdown
ip binding vpn-instance vpna
ip address 192.168.2.1 255.255.255.0
#
interface LoopBack0
ip address 1.1.1.2 255.255.255.255

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 7 TWAMP Configuration

isis enable 1
isis prefix-sid index 10
#
bgp 100
peer 1.1.1.3 as-number 100
peer 1.1.1.3 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
import-route direct
peer 1.1.1.3 enable
#
ipv4-family vpnv4
policy vpn-target
peer 1.1.1.3 enable
#
ipv4-family vpn-instance vpna
import-route direct
peer 1.1.1.3 as-number 100
advertise l2vpn evpn
#
l2vpn-family evpn
undo policy vpn-target
peer 1.1.1.3 enable
#
nqa twamp
server
tcp port 65530 vpn-instance vpna
reflector
#
tunnel-policy SR-MPLS BE
tunnel select-seq lsp load-balance-number 1
#
return

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

8 TWAMP Light Configuration

About This Chapter

The Two-Way Active Measurement Protocol (TWAMP) Light function rapidly and
flexibly measures the round-trip performance of an IP network.

8.1 Overview of TWAMP Light

TWAMP Light, as a light version of the Two-Way Active Measurement Protocol
(TWAMP), simplifies the control protocol used to establish test sessions and
measures the round-trip performance of an IP network.
8.2 TWAMP Light Licensing Requirements and Configuration Precautions
8.3 Configuring TWAMP Light Functions
This section describes how to configure TWAMP Light functions, including
configuring the Controller and Responder.
8.4 Maintaining TWAMP Light
Maintaining TWAMP Light helps learn the device running condition.
8.5 TWAMP Light Configuration Examples
This section provides TWAMP Light configuration examples.

8.1 Overview of TWAMP Light

Background
TWAMP is an IP performance monitoring (IPPM) protocol and has two versions:
standard version and light version. Different from standard TWAMP, TWAMP Light
moves the control plane from the Responder to the Controller so that TWAMP
control modules can be simply deployed on the Controller. Therefore, TWAMP
Light greatly relaxes its requirements on the Responder performance, allowing the
Responder to be rapidly deployed..

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

Characteristic
TWAMP Light deploys the Session-Sender on the Controller, and deploys the
Session-Reflector on the Responder.

The Controller creates test sessions, collects performance statistics, and reports
statistics to the NMS using Performance Management (PM) or MIBs. After that,
the Controller parses NMS information and sends the results to the Responder
through private channels. The Responder merely responds to TWAMP-Test packets
received over test sessions.

Models

Figure 8-1 TWAMP Light models

In Figure 8-1, TWAMP-Test packets function as probes and carry the IP address
and UDP port number, and fixed TTL value 255 that are predefined for the test
session between the Controller and Responder. The Controller sends a TWAMP-
Test packet to the Responder, and the Responder replies to it. The Controller
collects TWAMP statistics.

TWAMP Light defines two types of TWAMP-Test packets: Test-request packets and
Test-response packets.
● Test-request packets are sent from the Controller to the Responder.
● Test-response packets are replied by the Responder to the Controller.

The Controller collects performance statistics based on TWAMP-Test packets and

reports results to the NMS. The NMS provides performance statistics for users.

8.2 TWAMP Light Licensing Requirements and

Configuration Precautions
Licensing Requirements
For details, see "Licensing Requirements" in Feature Description.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

Configuration Precautions
Restrictions Guidelines Impact

When the state machine None On-demand sessions can

where the TWAMP be measured only after
Sender session resides reconfiguration.
becomes faulty, proactive
sessions can be
measured after new
boards are selected,
while on-demand
sessions can be
measured only after
reconfiguration.

If the loop breaking In case of When the loop breaking

function is enabled, the interconnection with function is enabled, the
reserved Z field in devices from other involved device may fail
packets needs to be vendors, use commands to be interconnected
changed. In case of to prevent loop breaking. with devices from
interconnection with vendors.
other vendors, check
whether the vendors are
using or have modified
the reserved Z field.
Command:
test-session session-id
local-ip local-ip-address
remote-ip remote-ip-
address local-port port
remote-port port [ vpn-
instance vpn-name ]
[ anti-loop-on ]

During DSCP None TWAMP does not

configuration, priority support traffic entering
mapping can be queues based on the
performed based only on traffic policy configured
the default traffic on the interface.
classification policy
template.

8.3 Configuring TWAMP Light Functions

This section describes how to configure TWAMP Light functions, including
configuring the Controller and Responder.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

Usage Scenario
As TWAMP Light simplifies deployment and supports plug-and-play, you can use
TWAMP Light to rapidly and flexibly measure the round-trip performance of an IP
network, such as the two-way packet loss rate, jitter, and delay.

Pre-configuration Tasks
Before configuring TWAMP Light functions, complete the following tasks:

● Ensure that devices on the live network support TWAMP Light and comply
with standard protocols.
● Ensure that the Controller and Responder are routable and IP links between
them work properly.

8.3.1 Configuring the TWAMP Light Responder

The TWAMP Light Responder responds to TWAMP test packets sent by the
TWAMP Light Controller.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run nqa twamp-light

The TWAMP Light view is displayed.

Step 3 Run responder

The TWAMP Light Responder is enabled, and the TWAMP Light Responder view is
displayed.

Step 4 Run test-session session-id { local-ip local-ip-address remote-ip remote-ip-

address | local-ipv6 local-ipv6-address remote-ipv6 remote-ipv6-address } local-
port local-port remote-port remote-port [ interface { <interface-type>
<interface-number> | <interface-name> } | vpn-instance vpn-instance-name ]
[ anti-loop-on ] [ description description ]

A TWAMP Light test session is created.

● After a test session is configured, its parameters cannot be modified. To modify parameters
of a test session, delete the session and reconfigure it.
● The IP address configured for a test session must be a unicast address.
● The UDP port number of the Responder must be a port number not in use.
● The VPN instance configured for a test session must be existent. When you attempt to delete
the VPN instance, the system prompts that the VPN instance cannot be deleted because it
has been bound to a TWAMP test session.
● In a Layer 2 and Layer 3 hybrid network scenario where base stations are offline, static ARP
must be configured on Layer 3 virtual interfaces of devices at the edge of Layer 2 and Layer
3 networks.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

Step 5 Run commit

The configuration is committed.

----End

8.3.2 Configuring the TWAMP Light Controller

The TWAMP Light Controller integrates the Control-Client and Session-Sender. The
Control-Client establishes, starts, and stops a test session and collects statistics.
The Session-Sender starts or stops a test session and sends probes to the
Responder for performance statistics.

Context
To configure TWAMP Light, you must configure the Responder and then the
Controller. If only the Controller is configured, the Responder sends a large
number of TWAMP Light packets received from the Controller to the LDM, and
responds to the Controller with a large number of ICMP packets.

Procedure
Step 1 Configure the Control-Client and create a test session.
1. Run system-view
The system view is displayed.
2. Run nqa twamp-light
The TWAMP Light view is displayed.
3. Run client
The TWAMP Light Control-Client is enabled, and the TWAMP Light Control-
Client view is displayed.
4. Run test-session session-id { sender-ip sender-ip-address reflector-ip
reflector-ip-address | sender-ipv6 sender-address-v6 reflector-ipv6 reflector-
address-v6 } sender-port sender-port reflector-port reflector-port [ vpn-
instance vpn-instance-name ] [ dscp dscp-value | padding padding-length |
padding-type padding-type | description description ] *
A TWAMP Light test session is created.
– After a test session is configured, its parameters cannot be modified. To
modify parameters of a test session, delete the session and reconfigure it.
– The IP address configured for a test session must be a unicast address.
– The UDP port number of a Controller must be an unused port number.
– The VPN instance configured for a test session must be existent. When
you attempt to delete the VPN instance, the system prompts that the
VPN instance cannot be deleted because it has been bound to a TWAMP
test session.
– To test packets with different DSCP values, you can specify different UDP
port numbers for test sessions. For example:

▪ Session 1: test-session 1 sender-ip 1.1.1.1 reflector-ip 2.2.2.2

sender-port 1025 reflector-port 1025 dscp 3

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

▪ Session 2: test-session 2 sender-ip 1.1.1.1 reflector-ip 2.2.2.2

sender-port 1026 reflector-port 1025 dscp 6

When configuring a TWAMP Light client to send IPv6 packets, ensure that the length
of the IPv6 packets to be sent is smaller than the smallest MTU configured on
interfaces along the path. Otherwise, packets are discarded.
Before the configuration, perform the ping test. Ensure that the source address,
destination address, and packet length of the ping packet are the same as those of the
TWAMP Light IPv6 packet. Then run the display ipv6 pathmtu command to check the
PMTU value of each interface along the path. For details, see Path MTU Test.
5. (Optional) Run test-session <session-id> bind interface { interface-type
interface-number | interface-name }
An interface is bound to the TWAMP Light test session.

After a TWAMP Light test session is bound to an interface and valid statistics
are collected, the statistics are advertised to the bound interface. Other
function modules can obtain the statistics from the interface. For example, an
IGP obtains the statistics from the interface and reports the statistics to the
Controller for path calculation.

Step 2 Configure the TWAMP Light Session-Sender and start the TWAMP Light test
session.
1. Run system-view

The system view is displayed.

2. Run nqa twamp-light

The TWAMP Light view is displayed.

3. Run sender

The TWAMP Light Session-Sender is enabled, and the TWAMP Light Session-
Sender view is displayed.
4. Start the TWAMP Light function.
– To perform on-demand measurement, run the test start test-session
session-id { duration duration | packet-count packet-count } [ period
{ 10 | 100 | 1000 | 30000 } ] [ time-out time-out ] command.

On-demand statistics collection automatically stops after the specified period

elapses or the number of sent packets reaches the specified threshold. To
manually stop on-demand session statistics collection, run the test stop { all |
test-session session-id } command.
– To perform proactive measurement, run the test start-continual test-
session session-id [ period { 10 | 100 | 1000 | 30000 } ] [ time-out time-
out ] command.
– To perform proactive measurement periodically, run the test start-
regular test-session session-id [ regular-time timevalue ] [ packet-
count packet-count ] [ time-out time-out ] command.

Step 3 Run commit

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

The configuration is committed.

----End

8.3.3 Verifying the Configuration of the TWAMP Light

Statistics Collection Function
After configuring the TWAMP Light statistics collection function, verify the
configurations.

Prerequisites
The TWAMP Light statistics collection function has been configured.

Procedure
● Run the display twamp-light test-session [ verbose | session-id ] command
to check real-time statistics about a specified TWAMP Light test session.
● Run the display twamp-light statistic-type { twoway-delay | twoway-loss }
test-session session-id command to check statistics about the two-way
packet delay or loss of a specified TWAMP Light test session.
----End

8.4 Maintaining TWAMP Light

Maintaining TWAMP Light helps learn the device running condition.

8.4.1 Clearing TWAMP Light Session Statistics

This section describes how to clear TWAMP Light session statistics.

Context

NOTICE
TWAMP Light session statistics cannot be restored after being cleared. Exercise
caution when clearing the statistics.

Procedure
● Run the reset twamp-light statistics { all | test-session session-id }
command to clear TWAMP Light session statistics.
----End

8.5 TWAMP Light Configuration Examples

This section provides TWAMP Light configuration examples.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

8.5.1 Example for Configuring TWAMP Light Functions

This section provides an example for configuring TWAMP Light functions.

Networking Requirements
On the IP network shown in Figure 8-2, DeviceA functions as the Controller, and
DeviceB functions as the Responder.

● DeviceA: sends and receives packets over a test session, collects and calculates
performance statistics, and reports the statistics to the NMS.
● DeviceB: responds to the packets received over a test session.

Figure 8-2 TWAMP Light

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure an IP address and a routing protocol for each interface so that all
devices (Devices) can communicate at the network layer.
2. Configure the TWAMP Light Responder on DeviceB.
3. Configure the TWAMP Light Controller on DeviceA.

Data Preparation
To complete the configuration, you need the following data:

● Device B (Responder)
– IP address 2.2.2.2
– UDP port number 2010
● Device A (Controller)
– IP address 1.1.1.1
– UDP port number 2001

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

Procedure
Step 1 Configure an IP address and a routing protocol for each interface so that all
devices (Devices) can communicate at the network layer. The configuration details
are not provided here.
Step 2 Configure the TWAMP Light Responder.
<DeviceB> system-view
[~DeviceB] nqa twamp-light
[~DeviceB-twamp-light] responder
[~DeviceB-twamp-light-responder] test-session 1 local-ip 2.2.2.2 remote-ip 1.1.1.1 local-port 2010
remote-port 2001

Step 3 Configure the TWAMP Light Controller through TWAMP Light Client configuration.
<DeviceA> system-view
[~DeviceA] nqa twamp-light
[~DeviceA-twamp-light] client
[~DeviceA-twamp-light-client] test-session 1 sender-ip 1.1.1.1 reflector-ip 2.2.2.2 sender-port 2001
reflector-port 2010

Step 4 Configure the TWAMP Light Controller through TWAMP Light Sender
configuration.
<DeviceA> system-view
[~DeviceA] nqa twamp-light
[~DeviceA-twamp-light] sender
[~DeviceA-twamp-light-sender] test start-continual test-session 1 period 10

Step 5 Verify the configuration.

# Check real-time TWAMP Light session statistics on DeviceA.
[~DeviceA] display twamp-light test-session 1
Session ID :1
State : active
Type : continual
Sender IP : 1.1.1.1
Sender Port : 2001
Reflector IP : 2.2.2.2
Reflector Port : 2010
Mode : unauthenticated
DSCP :0
Padding Length : 128
Padding Type : 00
VPN Instance :-
Last Start Time : 2017-04-13 15:33:52
Last Stop Time : never
Period Time(in millisecond) : 10
Time Out(in second) :5
Duration Time(in second) :-
Packet Count :-

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

24 170 3
25 170 3
26 170 3
27 170 3
28 170 3
29 170 3
30 170 3
31 170 3
32 170 3
33 170 3
34 170 3
35 170 3
36 170 3
37 170 3
38 170 3
39 170 3
40 170 3
41 170 3
42 170 3
43 170 3
44 170 3
--------------------------------------------------------------------------------
Average Delay : 170 Average Jitter : 3
Maximum Delay : 187 Maximum Jitter : 22
Minimum Delay : 162 Minimum Jitter : 0

# Check statistics about the two-way packet loss of a TWAMP Light session on
DeviceA.
[~DeviceA] display twamp-light statistic-type twoway-loss test-session 1
Latest two-way loss statistics:
--------------------------------------------------------------------------------
Index Loss count Loss ratio
--------------------------------------------------------------------------------
26 0 0.0000%
27 0 0.0000%
28 0 0.0000%
29 0 0.0000%
30 0 0.0000%
31 0 0.0000%
32 0 0.0000%
33 0 0.0000%
34 0 0.0000%
35 0 0.0000%
36 0 0.0000%
37 0 0.0000%
38 0 0.0000%
39 0 0.0000%
40 0 0.0000%
41 0 0.0000%
42 0 0.0000%
43 0 0.0000%
44 0 0.0000%
45 0 0.0000%
46 0 0.0000%
47 0 0.0000%
48 0 0.0000%
49 0 0.0000%
50 0 0.0000%
51 0 0.0000%
52 0 0.0000%
53 0 0.0000%
54 0 0.0000%
55 0 0.0000%
--------------------------------------------------------------------------------
Average Loss Count : 0 Average Loss Ratio : 0.0000%
Maximum Loss Count : 0 Maximum Loss Ratio : 0.0000%
Minimum Loss Count : 0 Minimum Loss Ratio : 0.0000%

----End

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

Configuration Files
DeviceA configuration file
#
sysname DeviceA
#
nqa twamp-light
client
test-session 1 sender-ip 1.1.1.1 reflector-ip 2.2.2.2 sender-port 2001 reflector-port 2010
sender
#

DeviceB configuration file

#
sysname DeviceB
#
nqa twamp-light
responder
test-session 1 local-ip 2.2.2.2 remote-ip 1.1.1.1 local-port 2010 remote-port 2001
#

8.5.2 Example for Configuring TWAMP Light on an L3 VXLAN

This section provides an example for configuring TWAMP Light functions on an L3
VXLAN.

Networking Requirements
On the L3 VXLAN shown in Figure 8-3, DeviceA functions as the Responder and
DeviceB functions as the Controller.

● DeviceA: responds to the packets received over a test session.

● DeviceB: sends and receives packets over a test session, collects and calculates
performance statistics, and reports the statistics to the performance
management system.

Figure 8-3 Configuring TWAMP Light on an L3 VXLAN

Interface 1 in this example represents GigabitEthernet 1/0/0.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure a VXLAN tunnel between DeviceA and DeviceB.
2. Configure the TWAMP Light Responder on DeviceA.
3. Configure the TWAMP Light Controller on DeviceB.

Data Preparation
To complete the configuration, you need the following data:
● IP addresses of interfaces connecting devices
● UDP port number

Procedure
Step 1 Assign an IP address to each node interface, including the loopback interface.
For configuration details, see Configuration Files.
Step 2 Configure an IGP (IS-IS in this example) on the backbone network.
For configuration details, see Configuration Files.
Step 3 Configure a VXLAN tunnel between DeviceA and DeviceB.
For the configuration roadmap, see VXLAN Configuration. For configuration
details, see Configuration Files.
After a VXLAN tunnel is established, you can run the display vxlan tunnel
command on DeviceA to display VXLAN tunnel information. The following
example uses the command output on DeviceA.
[~DeviceA] display vxlan tunnel
Number of vxlan tunnel : 1
Tunnel ID Source Destination State Type Uptime
-----------------------------------------------------------------------------------
4026531841 1.1.1.1 2.2.2.2 up dynamic 00:12:56

Step 4 Set the forwarding mode of the VXLAN tunnel to hardware loopback.
# Configure DeviceA.
[~DeviceA] global-gre forward-mode loopback

# Configure DeviceB.
[~DeviceB] global-gre forward-mode loopback

Step 5 Configure the TWAMP Light Responder.

[*DeviceA] nqa twamp-light
[*DeviceA-twamp-light] responder
[*DeviceA-twamp-light-responder] test-session 1 local-ip 192.168.2.2 remote-ip 192.168.2.1 local-port
2010 remote-port 2001
[*DeviceA-twamp-light-responder] commit
[~DeviceA-twamp-light-responder] quit
[~DeviceA-twamp-light] quit

Step 6 Configure the TWAMP Light Controller.

[*DeviceB] nqa twamp-light
[*DeviceB-twamp-light] client

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

[*DeviceB-twamp-light-client] test-session 1 sender-ip 192.168.2.1 reflector-ip 192.168.2.2 sender-port

2001 reflector-port 2010
[*DeviceB-twamp-light-client] quit
[*DeviceB-twamp-light] sender
[*DeviceB-twamp-light-sender] test start-continual test-session 1 period 10
[*DeviceB-twamp-light-sender] commit
[~DeviceB-twamp-light-sender] quit
[~DeviceB-twamp-light] quit

Step 7 Verify the configuration.

# Check real-time TWAMP Light session statistics on DeviceB.
[~DeviceB] display twamp-light test-session 1
Session ID :1
State : active
Type : continual
Sender IP : 192.168.2.1
Sender Port : 2001
Reflector IP : 192.168.2.2
Reflector Port : 2010
Mode : unauthenticated
DSCP :0
Padding Length : 128
Padding Type : 00
VPN Instance :-
Last Start Time : 2017-04-13 15:33:52
Last Stop Time : never
Period Time(in millisecond) : 10
Time Out(in second) :5
Duration Time(in second) :-
Packet Count :-

# Check the two-way delay in TWAMP Light session statistics on DeviceB.

[~DeviceB] display twamp-light statistic-type twoway-delay test-session 1
Latest two-way delay statistics(usec):
--------------------------------------------------------------------------------
Index Delay(Avg) Jitter(Avg)
--------------------------------------------------------------------------------
15 170 3
16 170 3
17 171 3
18 170 3
19 170 3
20 170 3
21 170 3
22 170 3
23 170 3
24 170 3
25 170 3
26 170 3
27 170 3
28 170 3
29 170 3
30 170 3
31 170 3
32 170 3
33 170 3
34 170 3
35 170 3
36 170 3
37 170 3
38 170 3
39 170 3
40 170 3
41 170 3
42 170 3
43 170 3
44 170 3

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

--------------------------------------------------------------------------------
Average Delay : 170 Average Jitter : 3
Maximum Delay : 187 Maximum Jitter : 22
Minimum Delay : 162 Minimum Jitter : 0

# Check two-way packet loss in TWAMP Light session statistics on DeviceB.

[~DeviceB] display twamp-light statistic-type twoway-loss test-session 1
Latest two-way loss statistics:
--------------------------------------------------------------------------------
Index Loss count Loss ratio
--------------------------------------------------------------------------------
26 0 0.0000%
27 0 0.0000%
28 0 0.0000%
29 0 0.0000%
30 0 0.0000%
31 0 0.0000%
32 0 0.0000%
33 0 0.0000%
34 0 0.0000%
35 0 0.0000%
36 0 0.0000%
37 0 0.0000%
38 0 0.0000%
39 0 0.0000%
40 0 0.0000%
41 0 0.0000%
42 0 0.0000%
43 0 0.0000%
44 0 0.0000%
45 0 0.0000%
46 0 0.0000%
47 0 0.0000%
48 0 0.0000%
49 0 0.0000%
50 0 0.0000%
51 0 0.0000%
52 0 0.0000%
53 0 0.0000%
54 0 0.0000%
55 0 0.0000%
--------------------------------------------------------------------------------
Average Loss Count : 0 Average Loss Ratio : 0.0000%
Maximum Loss Count : 0 Maximum Loss Ratio : 0.0000%
Minimum Loss Count : 0 Minimum Loss Ratio : 0.0000%

----End

Configuration Files
● DeviceA configuration file
#
sysname DeviceA
#
evpn vpn-instance evrf3 bd-mode
route-distinguisher 20:1
apply-label per-instance
vpn-target 11:1 export-extcommunity
vpn-target 11:1 import-extcommunity
#
ip vpn-instance vpn1
ipv4-family
route-distinguisher 22:22
apply-label per-instance
vpn-target 2:2 export-extcommunity
vpn-target 11:1 export-extcommunity evpn
vpn-target 2:2 import-extcommunity

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

vpn-target 11:1 import-extcommunity evpn

vxlan vni 5010
#
bridge-domain 20
vxlan vni 20 split-horizon-mode
evpn binding vpn-instance evrf3
#
isis 1
network-entity 10.0000.0000.0002.00
#
interface Vbdif20
ip binding vpn-instance vpn1
ip address 10.2.1.1 255.255.255.0
arp distribute-gateway enable
arp collect host enable
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 192.168.2.2 255.255.255.0
isis enable 1
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
isis enable 1
#
interface Nve1
source 2.2.2.2
vni 20 head-end peer-list protocol bgp
#
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
#
l2vpn-family evpn
undo policy vpn-target
peer 1.1.1.1 enable
peer 1.1.1.1 advertise irb
peer 1.1.1.1 advertise encap-type vxlan
#
nqa twamp-light
responder
test-session 1 local-ip 192.168.2.2 remote-ip 192.168.2.1 local-port 2010 remote-port 2001
#
global-gre forward-mode loopback
#
return
● DeviceB configuration file
#
sysname DeviceB
#
evpn vpn-instance evrf3 bd-mode
route-distinguisher 10:1
apply-label per-instance
vpn-target 11:1 export-extcommunity
vpn-target 11:1 import-extcommunity
#
ip vpn-instance vpn1
ipv4-family
route-distinguisher 11:11
apply-label per-instance
vpn-target 1:1 export-extcommunity
vpn-target 11:1 export-extcommunity evpn
vpn-target 1:1 import-extcommunity
vpn-target 11:1 import-extcommunity evpn
vxlan vni 5010

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

#
bridge-domain 10
vxlan vni 10 split-horizon-mode
evpn binding vpn-instance evrf3
#
isis 1
network-entity 10.0000.0000.0001.00
#
interface Vbdif10
ip binding vpn-instance vpn1
ip address 10.1.1.1 255.255.255.0
arp distribute-gateway enable
arp collect host enable
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 192.168.2.1 255.255.255.0
isis enable 1
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
isis enable 1
#
interface Nve1
source 1.1.1.1
vni 10 head-end peer-list protocol bgp
#
bgp 100
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
#
l2vpn-family evpn
undo policy vpn-target
peer 2.2.2.2 enable
peer 2.2.2.2 advertise irb
peer 2.2.2.2 advertise encap-type vxlan
#
nqa twamp-light
client
test-session 1 sender-ip 192.168.2.1 reflector-ip 192.168.2.2 sender-port 2001 reflector-port 2010
sender
#
global-gre forward-mode loopback
#
return

8.5.3 Example for Configuring TWAMP Light on an EVPN

L3VPN
This section provides an example for configuring TWAMP Light functions on an
EVPN L3VPN.

Networking Requirements
On the EVPN L3VPN shown in Figure 8-4, DeviceB functions as the Responder and
DeviceA functions as the Controller.

● DeviceA: sends and receives packets over a test session, collects and calculates
performance statistics, and reports the statistics to the performance
management system.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

● DeviceB: responds to the packets received over a test session.

Figure 8-4 Configuring TWAMP Light on an EVPN L3VPN

Interface 1 in this example represents GigabitEthernet 1/0/0.

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure an EVPN L3VPN.
2. Configure the TWAMP Light Controller.
3. Configure the TWAMP Light Responder.

Data Preparation
To complete the configuration, you need the following data:

● IP addresses of interfaces connecting devices

● DeviceA:
– IP Addresses: 192.168.2.2
– UDP port number: 2000
● DeviceB:
– IP Addresses: 192.168.2.1
– UDP port number: 3000

Procedure
Step 1 Assign an IP address to each node interface, including the loopback interface.

For configuration details, see Configuration Files.

Step 2 Configure an IGP (IS-IS in this example) on the backbone network.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

For configuration details, see Configuration Files.

Step 3 Configure an IS-IS SR-MPLS BE tunnel between DeviceA and DeviceB.
For the configuration roadmap, see Configuring an IS-IS SR-MPLS BE Tunnel. For
configuration details, see Configuration Files.
Step 4 Configure an EVPN L3VPN between DeviceA and DeviceB.
For the configuration roadmap, see Configuring an EVPN to Carry Layer 3 Services.
For configuration details, see Configuration Files.
Step 5 Configure the TWAMP Light Controller.
<DeviceA> system-view
[~DeviceA] nqa twamp-light
[*DeviceA-twamp-light] client
[*DeviceA-twamp-light-client] test-session 100 sender-ip 192.168.2.2 reflector-ip 192.168.2.1 sender-
port 2000 reflector-port 3000 vpn-instance vpna padding 1454
[*DeviceA-twamp-light-client] commit
[~DeviceA-twamp-light-client] quit
[~DeviceA-twamp-light] sender
[~DeviceA-twamp-light-sender] test start test-session 100 packet-count 100
[*DeviceA-twamp-light-sender] commit
[*DeviceA-twamp-light] quit
[~DeviceA-twamp-light] quit

Step 6 Configure the TWAMP Light Responder.

<DeviceB> system-view
[~DeviceB] nqa twamp-light
[*DeviceB-twamp-light] responder
[*DeviceB-twamp-light-responder] test-session 100 local-ip 192.168.2.1 remote-ip 192.168.2.2 local-port
3000 remote-port 2000 vpn-instance vpna
[*DeviceB-twamp-light-responder] quit
[*DeviceB-twamp-light] quit
[*DeviceB] commit

Step 7 Verify the configuration.

# Check the brief information about all test sessions.
[~DeviceA] display twamp-light test-session
Total number : 1
Active number : 1
--------------------------------------------------------------------------------
ID Sender-IP Sender-Port Reflector-IP Reflector-Port State
--------------------------------------------------------------------------------
1 192.168.2.2 2000 192.168.2.1 3000 active

# Check the two-way delay in TWAMP Light session statistics on DeviceA.

[~DeviceA] display twamp-light statistic-type twoway-delay test-session 100
Latest two-way delay statistics(usec):
--------------------------------------------------------------------------------
Index Loss count Lost ratio
--------------------------------------------------------------------------------
538 0 0.000%
539 0 0.000%
540 0 0.000%
541 0 0.000%
542 0 0.000%
543 0 0.000%
544 0 0.000%
545 0 0.000%
546 0 0.000%
547 0 0.000%
548 0 0.000%
549 0 0.000%

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

550 0 0.000%
551 0 0.000%
552 0 0.000%
553 0 0.000%
554 0 0.000%
555 0 0.000%
556 0 0.000%
557 0 0.000%
558 0 0.000%
559 0 0.000%
560 0 0.000%
561 0 0.000%
562 0 0.000%
563 0 0.000%
564 0 0.000%
565 0 0.000%
566 0 0.000%
567 0 0.000%
--------------------------------------------------------------------------------
Average Loss Count : 0 Average Loss Ratio : 0.000%
Maximum Loss Count : 0 Maximum Loss Ratio : 0.000%
Minimum Loss Count : 0 Minimum Loss Ratio : 0.000%

----End

Configuration Files
● DeviceA configuration File
#
sysname DeviceA
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 200:1
tnl-policy SR-MPLS-BE evpn
vpn-target 111:1 export-extcommunity evpn
vpn-target 111:1 import-extcommunity evpn
#
mpls lsr-id 1.1.1.3
#
mpls
#
segment-routing
tunnel-prefer segment-routing
#
isis 1
is-level level-2
cost-style wide
network-entity 00.0005.0000.0000.0012.00
traffic-eng level-2
segment-routing mpls
segment-routing global-block 200000 201000
#
interface GigabitEthernet1/0/0
undo shutdown
ip binding vpn-instance vpna
ip address 192.168.2.2 255.255.255.0
#
interface LoopBack0
ip address 1.1.1.3 255.255.255.255
isis enable 1
isis prefix-sid index 20
#
bgp 100
peer 1.1.1.2 as-number 100
peer 1.1.1.2 connect-interface LoopBack0
#
ipv4-family unicast

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

undo synchronization
import-route direct
peer 1.1.1.2 enable
#
ipv4-family vpnv4
policy vpn-target
peer 1.1.1.2 enable
#
ipv4-family vpn-instance vpna
import-route direct
peer 1.1.1.2 as-number 100
advertise l2vpn evpn
#
l2vpn-family evpn
undo policy vpn-target
peer 1.1.1.2 enable
#
nqa twamp-light
client
test-session 100 sender-ip 192.168.2.2 reflector-ip 192.168.2.1 sender-port 2000 reflector-port 3000
vpn-instance vpna padding 1454
sender
#
tunnel-policy SR-MPLS BE
tunnel select-seq lsp load-balance-number 1
#
return
● DeviceB configuration File
#
sysname DeviceB
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 100:1
tnl-policy SR-MPLS-BE evpn
vpn-target 111:1 export-extcommunity evpn
vpn-target 111:1 import-extcommunity evpn
#
mpls lsr-id 1.1.1.2
#
mpls
#
segment-routing
tunnel-prefer segment-routing
#
isis 1
is-level level-2
cost-style wide
network-entity 00.0005.0000.0000.0010.00
traffic-eng level-2
segment-routing mpls
segment-routing global-block 200000 201000
#
interface GigabitEthernet1/0/0
undo shutdown
ip binding vpn-instance vpna
ip address 192.168.2.1 255.255.255.0
#
interface LoopBack0
ip address 1.1.1.2 255.255.255.255
isis enable 1
isis prefix-sid index 10
#
bgp 100
peer 1.1.1.3 as-number 100
peer 1.1.1.3 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

import-route direct
peer 1.1.1.3 enable
#
ipv4-family vpnv4
policy vpn-target
peer 1.1.1.3 enable
#
ipv4-family vpn-instance vpna
import-route direct
peer 1.1.1.3 as-number 100
advertise l2vpn evpn
#
l2vpn-family evpn
undo policy vpn-target
peer 1.1.1.3 enable
#
nqa twamp-light
responder
test-session 100 local-ip 192.168.2.1 remote-ip 192.168.2.2 local-port 3000 remote-port 2000 vpn-
instance vpna
#
tunnel-policy SR-MPLS BE
tunnel select-seq lsp load-balance-number 1
#
return

8.5.4 Example for Configuring TWAMP Light IPv6 Functions

This section provides an example for configuring TWAMP Light IPv6 functions.

Networking Requirements
On the IP network shown in Figure 8-5, DeviceA functions as the Controller, and
DeviceB functions as the Responder.
● DeviceA: sends and receives packets over a test session, collects and calculates
performance statistics, and reports the statistics to the NMS.
● DeviceB: responds to the packets received over a test session.

Figure 8-5 TWAMP Light

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure an IP address and a routing protocol for each interface so that all
the devices can communicate at the network layer.
2. Configure the TWAMP Light Responder on DeviceB.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

3. Configure the TWAMP Light Controller on DeviceA.

Data Preparation
To complete the configuration, you need the following data:
● DeviceB (Responder)
– IP address 2::2
– UDP port number 2010
● DeviceA (Controller)
– IP address 1::1
– UDP port number 2001

Procedure
Step 1 Configure an IP address and a routing protocol for each interface so that all the
devices can communicate at the network layer. The configuration procedure is not
provided here.
Step 2 Configure the TWAMP Light Responder.
<DeviceB> system-view
[~DeviceB] nqa twamp-light
[*DeviceB-twamp-light] responder
[*DeviceB-twamp-light-responder] test-session 1 local-ipv6 2::2 remote-ipv6 1::1 local-port 2010 remote-
port 2001

Step 3 Configure the TWAMP Light Controller through TWAMP Light Client configuration.
<DeviceA> system-view
[~DeviceA] nqa twamp-light
[*DeviceA-twamp-light] client
[*DeviceA-twamp-light-client] test-session 1 sender-ipv6 1::1 reflector-ipv6 2::2 sender-port 2001
reflector-port 2010

Step 4 Configure the TWAMP Light Controller through TWAMP Light Sender
configuration.
<DeviceA> system-view
[~DeviceA] nqa twamp-light
[*DeviceA-twamp-light] sender
[*DeviceA-twamp-light-sender] test start-continual test-session 1 period 10

Step 5 Verify the configuration.

# Check real-time TWAMP Light session statistics on DeviceA.
[~DeviceA] display twamp-light test-session 1
Session ID :1
State : active
Type : continual
Sender IP : 1::1
Sender Port : 2001
Reflector IP : 2::2
Reflector Port : 2010
Mode : unauthenticated
DSCP :0
Padding Length : 128
Padding Type : 00
VPN Instance :-
Last Start Time : 2018-11-13 15:33:52
Last Stop Time : never
Period Time(in millisecond) : 10
Time Out(in second) :5

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

Duration Time(in second) :-

Packet Count :-

# Check statistics about the two-way delay of a TWAMP Light session on DeviceA.
[~DeviceA] display twamp-light statistic-type twoway-delay test-session 1
Latest two-way delay statistics(usec):
--------------------------------------------------------------------------------
Index Delay(Avg) Jitter(Avg)
--------------------------------------------------------------------------------
15 170 3
16 170 3
17 171 3
18 170 3
19 170 3
20 170 3
21 170 3
22 170 3
23 170 3
24 170 3
25 170 3
26 170 3
27 170 3
28 170 3
29 170 3
30 170 3
31 170 3
32 170 3
33 170 3
34 170 3
35 170 3
36 170 3
37 170 3
38 170 3
39 170 3
40 170 3
41 170 3
42 170 3
43 170 3
44 170 3
--------------------------------------------------------------------------------
Average Delay : 170 Average Jitter : 3
Maximum Delay : 187 Maximum Jitter : 22
Minimum Delay : 162 Minimum Jitter : 0

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

43 0 0.0000%
44 0 0.0000%
45 0 0.0000%
46 0 0.0000%
47 0 0.0000%
48 0 0.0000%
49 0 0.0000%
50 0 0.0000%
51 0 0.0000%
52 0 0.0000%
53 0 0.0000%
54 0 0.0000%
55 0 0.0000%
--------------------------------------------------------------------------------
Average Loss Count : 0 Average Loss Ratio : 0.0000%
Maximum Loss Count : 0 Maximum Loss Ratio : 0.0000%
Minimum Loss Count : 0 Minimum Loss Ratio : 0.0000%

----End

Configuration Files
DeviceA configuration file
#
sysname DeviceA
#
nqa twamp-light
client
test-session 1 sender-ipv6 1::1 reflector-ipv6 2::2 sender-port 2001 reflector-port 2010
sender
#

DeviceB configuration file

#
sysname DeviceB
#
nqa twamp-light
responder
test-session 1 local-ipv6 2::2 remote-ipv6 1::1 local-port 2010 remote-port 2001
#

8.5.5 Example for Configuring TWAMP Light on VLL+L3VPN

Networks
This section provides an example for configuring TWAMP Light functions on VLL
+L3VPN networks.

Networking Requirements
On the VLL+L3VPN networks shown in Figure 8-6, DeviceA functions as the
Responder and is deployed on the last hop of the link connecting to a base
station. DeviceB functions as the Controller and is deployed on the aggregation
node.

● DeviceA: responds to the packets received over a test session.

● DeviceB: sends and receives packets over a test session and collects and
calculates performance statistics on the Layer 3 network, and reports the
statistics to the performance management system.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

Interface 1 and Interface 2 in this example represent GigabitEthernet 1/0/1 and

GigabitEthernet 1/0/0, respectively.

Figure 8-6 Configuring TWAMP Light on VLL+L3VPN networks

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure VLL and L3VPN networks.
2. Configure the TWAMP Light Responder.
3. Configure devices at the edge of Layer 2 and Layer 3 networks.
4. Configure the TWAMP Light Controller.

Data Preparation
To complete the configuration, you need the following data:

● IP addresses of interfaces connecting devices

● UDP port number

Procedure
Step 1 Assign an IP address to each node interface, including the loopback interface.

For configuration details, see Configuration Files.

Step 2 Configure an IGP on the backbone network. OSPF is used in this example.

For configuration details, see Configuration Files.

Step 3 Configure an MPLS tunnel between DeviceA and DeviceC, and between DeviceC
and DeviceB.

For configuration details, see Configuration Files.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

After an MPLS tunnel is established, you can run the display mpls ldp command
on DeviceA to display LDP information. Take the display on DeviceA as an
example:
[~DeviceA] display mpls ldp
LDP Global Information
------------------------------------------------------------------------------
Protocol Version : V1 Neighbor Liveness : 600 Sec
Graceful Restart : Off FT Reconnect Timer : 300 Sec
MTU Signaling : On Recovery Timer : 300 Sec
Capability-Announcement : On Longest-match : Off
mLDP P2MP Capability : Off mLDP MBB Capability : Off
mLDP MP2MP Capability : Off mLDP Recursive-fec : Off

LDP Instance Information

------------------------------------------------------------------------------
Instance ID :0 VPN-Instance :
Instance Status : Active LSR ID : 1.1.1.1
Hop Count Limit : 32 Path Vector Limit : 32
Loop Detection : Off
DU Re-advertise Timer : 10 Sec DU Re-advertise Flag : Off
DU Explicit Request : Off Request Retry Flag : Off
Label Distribution Mode : Ordered
Label Retention Mode : Liberal(DU)/Conservative(DOD)
Graceful-Delete : Off Graceful-Delete Timer : 5 Sec
Igp-sync-delay Timer : 10 Sec
------------------------------------------------------------------------------

Step 4 Configure the TWAMP Light Responder.

<DeviceA> system-view
[~DeviceA] nqa twamp-light
[*DeviceA-twamp-light] responder
[*DeviceA-twamp-light-responder] test-session 1 local-ip 192.168.1.1 remote-ip 192.168.1.2 local-port
6000 remote-port 6000 interface GigabitEthernet1/0/0.1
[*DeviceA-twamp-light-responder] commit
[~DeviceA-twamp-light-responder] quit
[~DeviceA-twamp-light] quit

When DeviceA functions as the reflector, the local IP address in the command for creating a
session is the IP address of the base station, and the remote IP address is the IP address of
DeviceB.

Step 5 Configure the TWAMP Light Controller.

<DeviceB> system-view
[~DeviceB] nqa twamp-light
[*DeviceB-twamp-light] client
[*DeviceB-twamp-light-client] test-session 1 sender-ip 192.168.1.2 reflector-ip 192.168.1.1 sender-port
6000 reflector-port 6000 vpn-instance CDMA-RAN
[*DeviceB-twamp-light-client] quit
[*DeviceB-twamp-light] sender
[*DeviceB-twamp-light-sender] test start-continual test-session 1 period 10
[*DeviceB-twamp-light-sender] commit
[~DeviceB-twamp-light-sender] quit
[~DeviceB-twamp-light] quit

Step 6 When the base station is offline, you need to configure static ARP on DeviceC to
specify the mapping between the IP address and the MAC address of the base
station.
<DeviceC> system-view
[~DeviceC] arp static 192.168.1.1 00e0-fc12-3456 vid 26 interface Virtual-Ethernet1/0/1.31
[*DeviceC] commit

Step 7 Verify the configuration.

# Check real-time TWAMP Light session statistics on DeviceB.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

[~DeviceB] display twamp-light test-session 1

Session ID :1
State : active
Type : continual
Sender IP : 192.168.1.2
Sender Port : 6000
Reflector IP : 192.168.1.1
Reflector Port : 6000
Mode : unauthenticated
DSCP :0
Padding Length : 128
Padding Type : 00
VPN Instance :-
Last Start Time : 2017-04-13 15:33:52
Last Stop Time : never
Period Time(in millisecond) : 10
Time Out(in second) :5
Duration Time(in second) :-
Packet Count :-

# Check the two-way delay in TWAMP Light session statistics on DeviceB.

# Check two-way packet loss information in TWAMP Light session statistics on

DeviceB.
[~DeviceB] display twamp-light statistic-type twoway-loss test-session 1
Latest two-way loss statistics:
--------------------------------------------------------------------------------
Index Loss count Loss ratio
--------------------------------------------------------------------------------

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

26 0 0.0000%
27 0 0.0000%
28 0 0.0000%
29 0 0.0000%
30 0 0.0000%
31 0 0.0000%
32 0 0.0000%
33 0 0.0000%
34 0 0.0000%
35 0 0.0000%
36 0 0.0000%
37 0 0.0000%
38 0 0.0000%
39 0 0.0000%
40 0 0.0000%
41 0 0.0000%
42 0 0.0000%
43 0 0.0000%
44 0 0.0000%
45 0 0.0000%
46 0 0.0000%
47 0 0.0000%
48 0 0.0000%
49 0 0.0000%
50 0 0.0000%
51 0 0.0000%
52 0 0.0000%
53 0 0.0000%
54 0 0.0000%
55 0 0.0000%
--------------------------------------------------------------------------------
Average Loss Count : 0 Average Loss Ratio : 0.0000%
Maximum Loss Count : 0 Maximum Loss Ratio : 0.0000%
Minimum Loss Count : 0 Minimum Loss Ratio : 0.0000%

----End

Configuration Files
● DeviceA configuration file
#
sysname DeviceA
#
mpls
#
mpls lsr-id 10.0.0.1
#
mpls
#
mpls ldp
outbound peer all split-horizon
accept target-hello all
#
ipv4-family
#
mpls ldp remote-peer 10.0.0.2
mpls ldp timer hello-hold 45
mpls ldp timer keepalive-hold 45
remote-ip 10.0.0.2
#
ospf 1 router-id 10.0.0.1
area 0.0.0.1
network 3.0.0.0 0.0.0.3
network 10.0.0.1 0.0.0.0
#
interface loopback0
ip address 10.0.0.1 255.255.255.255
#

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

interface GigabitEthernet1/0/1.31
vlan-type dot1q 31
mtu 9500
ip address 3.0.0.1 255.255.255.252
mpls
mpls ldp
#
interface GigabitEthernet1/0/0.1
vlan-type dot1q 1
mtu 9500
mpls l2vc 10.0.0.2 26 control-word raw
#
nqa twamp-light
responder
test-session 1 local-ip 192.168.1.1 remote-ip 192.168.2.2 local-port 6000 remote-port 6000 interface
GigabitEthernet1/0/0.1
#

● DeviceB configuration file

#
sysname DeviceB
#
mpls
#
mpls lsr-id 10.0.0.3
#
mpls
#
mpls ldp
#
ipv4-family
#
isis 1
cost-style wide
network-entity 10.0000.0000.0003.00
#
ip vpn-instance CDMA-RAN
ipv4-family
route-distinguisher 4134:3060
apply-label per-instance
arp vlink-direct-route advertise
vpn-target 4134:306000 export-extcommunity
vpn-target 4134:306000 import-extcommunity
#
interface loopback0
ip address 10.0.0.3 255.255.255.255
isis enable 1
#
interface GigabitEthernet1/0/0.31
vlan-type dot1q 31
mtu 9500
ip address 3.0.0.6 255.255.255.252
isis enable 1
mpls
mpls ldp
#
interface GigabitEthernet1/0/1.31
vlan-type dot1q 1
ip binding vpn-instance CDMA-RAN
ip address 192.168.2.2 255.255.255.0
#
nqa twamp-light
client
test-session 1 sender-ip 192.168.2.2 reflector-ip 192.168.1.1 sender-port 6000 reflector-port 6000
vpn-instance CDMA-RAN
sender
#

● DeviceC configuration file

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

#
sysname DeviceC
#
mpls
#
mpls lsr-id 10.0.0.2
#
mpls
#
mpls ldp remote-peer 10.0.0.1
mpls ldp timer hello-hold 45
mpls ldp timer keepalive-hold 45
remote-ip 10.0.0.1
#
ospf 1
stub-router on-startup
area 0.0.0.1
network 3.0.0.0 0.0.0.3
network 10.0.0.2 0.0.0.0
#
isis 1
cost-style wide
network-entity 10.0000.0000.0002.00
#
ip vpn-instance CDMA-RAN
ipv4-family
route-distinguisher 4134:3060
apply-label per-instance
arp vlink-direct-route advertise
vpn-target 4134:306000 export-extcommunity
vpn-target 4134:306000 import-extcommunity
#
interface loopback0
ip address 10.0.0.2 255.255.255.255
isis enable 1
#
interface GigabitEthernet1/0/1.31
vlan-type dot1q 31
mtu 9500
ip address 3.0.0.2 255.255.255.252
mpls
mpls ldp
#
interface GigabitEthernet1/0/0.31
vlan-type dot1q 31
mtu 9500
ip address 3.0.0.5 255.255.255.252
isis enable 1
mpls
mpls ldp
#
interface Virtual-Ethernet1/0/0
ve-group 1 l3-access
#
interface Virtual-Ethernet1/0/0.2
mtu 9500
ip binding vpn-instance CDMA-RAN
ip address 192.168.1.3 255.255.0.0
encapsulation dot1q-termination
dot1q termination vid 26 to 50
arp broadcast enable
arp-proxy enable
arp-proxy inter-sub-vlan-proxy enable
arp-proxy inner-sub-vlan-proxy enable
ipv6 nd ns multicast-enable
ipv6 nd na glean
ipv6 nd proxy inter-access-vlan enable
#
interface Virtual-Ethernet1/0/1

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 8 TWAMP Light Configuration

ve-group 1 l2-terminate
#
interface Virtual-Ethernet1/0/1.26
vlan-type dot1q 26
mtu 9500
mpls l2vc 10.0.0.1 26 control-word raw ignore-standby-state
#
arp static 192.168.1.1 00e0-fc12-3456 vid 26 interface Virtual-Ethernet1/0/1.26

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 9 sFlow Configuration

9 sFlow Configuration

About This Chapter

This chapter provides an overview of Sampled Flow (sFlow) and describes how to
configure this traffic monitoring technology.

9.1 Overview of sFlow

9.2 sFlow Licensing Requirements and Configuration Precautions
9.3 Configuring sFlow
9.4 Configuration Examples for sFlow
This section provides sFlow configuration examples.

9.1 Overview of sFlow

Definition
Sampled Flow (sFlow) is a traffic monitoring technology that collects and analyzes
traffic statistics based on packet sampling.

Purpose
Enterprise networks are generally smaller and more flexible than carrier networks.
However, they are often prone to attacks and service exceptions. To help ensure
network stability, enterprises require a traffic monitoring technique that can
promptly identify traffic anomalies and the source of attack traffic, allowing them
to quickly rectify faults.

sFlow is developed to meet the preceding requirement. sFlow is an interface-based

traffic analysis technique that collects packets on an interface based on the
sampling rate. In flow sampling, an sFlow agent analyzes the packets including
the packet content and forwarding rule, and encapsulates the original packets and
parsing result into sFlow packets. The sFlow agent then sends the sFlow packets

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 9 sFlow Configuration

to an sFlow collector. In counter sampling, an sFlow agent periodically collects

traffic statistics on an interface, CPU usage, and memory usage.

sFlow focuses on traffic on an interface, traffic forwarding, and device running.

Therefore, sFlow can be used to monitor and diagnose network exceptions. The
sFlow collector displays traffic statistics in a report, facilitating preventive
maintenance on enterprise networks, especially for enterprises that do not have
specialized network administrators.

Currently, devices support only flow sampling.

Benefits
sFlow is comparable to NetStream. In NetStream, network devices collect and
analyze traffic statistics. The devices save these statistics to a buffer and export
them when they expire or when the buffer overflows. sFlow does not require a
flow table. In sFlow, network devices only sample packets, and a remote collector
collects and analyzes traffic statistics.

sFlow has the following advantages over NetStream:

● Fewer resources and lower costs. sFlow requires no flow table and uses only a
small number of network devices, lowering costs.
● Flexible collector deployment. The collector can be deployed flexibly, enabling
traffic statistics to be collected and analyzed according to various traffic
characteristics.

9.2 sFlow Licensing Requirements and Configuration

Precautions
Licensing Requirements
For details, see "Licensing Requirements" in Feature Description.

Configuration Precautions

Restrictions Guidelines Impact

IPv4 private network None Route information is

routes and IPv6 private missing in the data
network routes support sampled in multi-PE load
multi-PE load balancing. balancing scenarios.
Route information is
missing in the data
sampled.

sFlow sampling and None No sampling result can

NetStream sampling are be collected.
mutually exclusive.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 9 sFlow Configuration

Restrictions Guidelines Impact

sFlow sampling supports None No sampling result can

only physical Ethernet be collected.
interfaces and their sub-
interfaces.

SR-MPLS TE supports None In the case of

only upstream sampling downstream sampling
for an ingress PE and for an ingress PE and
downstream sampling upstream sampling for
for an egress PE. P device an egress PE, outbound
sampling is not interface information
supported. fails to be collected, or a
sampling error occurs.

9.3 Configuring sFlow

9.3.1 Configuring sFlow Agent and Collector Information

Prerequisites
Before configuring sFlow, complete the following tasks:

● Ensure that there are reachable routes between the sFlow agent and sFlow
collector.
● Create a virtual private network (VPN) instance if the sFlow agent and
collector are located on a private network.

Context
The sFlow collector's address is the destination address of sFlow packets.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run sflow

The sFlow view is displayed.

Step 3 Run sflow agent { ip ip-address | ipv6 ipv6-address }

A source IP address is configured for sFlow packets sent by an sFlow agent.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 9 sFlow Configuration

The specified IP address of an sFlow agent must be a valid unicast address that has been
configured on the device interface. If an IPv6 address is specified, the IPv6 address must be
a global unicast address, but not a link-local address.

Step 4 (Optional) Run sflow export extended-route-data disable

An sFlow agent is disabled from collecting routing information.
Step 5 Run sflow collector collector-id
An sFlow collector is created.

A maximum of two sFlow collectors can be configured in the system.

Step 6 sflow server { ip ip-address | ipv6 ipv6-address } [ vpn-instance vpn-name ]

[ udp-port port ]
A destination address is specified for sFlow packets.
Step 7 (Optional) Run sflow max-packet-length length
The maximum length is configured for sFlow packets.
Step 8 Run commit
The configuration is committed.

----End

9.3.2 Configuring Flow Sampling

Flow sampling is based on data packets. An sFlow agent samples packets in a
given direction on a specified interface based on a sampling rate. It then
encapsulates the analysis result into sFlow packets and sends them to an sFlow
collector.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run slot slot-id
The slot view is displayed.
Step 3 Run sflow enable
sFlow is enabled on the board in the slot.
Step 4 Run commit
The configuration is committed.
Step 5 Run quit
Return to the system view.
Step 6 Run interface interface-type interface-number
The interface view is displayed.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 9 sFlow Configuration

Step 7 Run sflow flow-sampling collector collector-id [ secondary collector-id ]

{ inbound | outbound }
Flow sampling is enabled on the interface, and an sFlow agent is configured to
send flow sampling data to a specified collector.
Step 8 Run sflow flow-sampling rate rate { inbound | outbound }
A sampling rate is configured for the interface.
Step 9 Run commit
The configuration is committed.

----End

9.3.3 Verifying the sFlow Configuration

Prerequisites
sFlow has been configured.

Procedure
Step 1 Run the display sflow configuration command to check global sFlow
configurations.
Step 2 Run the display sflow interface interface-type interface-number command to
check the sFlow configuration on a specified interface.
Step 3 Run the display sflow packet statistics [ interface interface-type interface-
number ] slot slot-id command to check statistics about sFlow packets sent on a
specified interface or sFlow packets sent and received on a specified board.

----End

9.4 Configuration Examples for sFlow

This section provides sFlow configuration examples.

Networking Requirements
As shown in Figure 9-1, traffic between network 1 and network 2 is exchanged
through device A. Maintenance personnel need to monitor the traffic on interface
2 and devices to identify traffic anomalies and ensure normal operation on
network 1.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 9 sFlow Configuration

Figure 9-1 sFlow network diagram

In this example:
● Interface 1 is GE 1/0/1.
● Interface 2 is GE 1/0/2.
● Interface 3 is GE 1/0/3.

Configuration Roadmap
To configure sFlow, configure device A as an sFlow agent and enable Flow
sampling on interface 2 so that the agent collects traffic statistics. The agent
encapsulates traffic statistics into sFlow packets and sends the sFlow packets from
interface 1 to the sFlow collector. The collector displays the traffic statistics based
on information in the received sFlow packets.
The configuration roadmap is as follows:
1. Assign an IP address to each interface.
2. Configure sFlow agent and collector information on the device.
3. Configure flow sampling on interface 2.

Procedure
Step 1 Assign an IP address to each interface of device A.
<DeviceA> system-view
[~DeviceA]interface GigabitEthernet 1/0/1
[~DeviceA-GigabitEthernet1/0/1]ip address 10.1.10.1 24
[*DeviceA-GigabitEthernet1/0/1]commit
[~DeviceA]interface GigabitEthernet 1/0/2
[~DeviceA-GigabitEthernet1/0/2]ip address 10.1.20.1 24
[*DeviceA-GigabitEthernet1/0/2]commit
[~DeviceA]interface GigabitEthernet 1/0/3
[~DeviceA-GigabitEthernet1/0/3]ip address 10.1.30.1 24
[*DeviceA-GigabitEthernet1/0/3]commit
[~DeviceA-GigabitEthernet1/0/3]quit

Step 2 Configure sFlow agent and collector information.

# Configure an IP address for an sFlow agent.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 9 sFlow Configuration

[~DeviceA]sflow
[~DeviceA-sflow]sflow agent ip 10.1.10.1
[*DeviceA-sflow]commit

# Configure sFlow collector information.

[~DeviceA-sflow]sflow collector 2
[*DeviceA-sflow-collector-2]commit
[~DeviceA-sflow-collector-2]sflow server ip 10.1.10.2
[*DeviceA-sflow-collector-2]commit
[~DeviceA-sflow-collector-2]quit
[~DeviceA-sflow]quit

Step 3 Enable sFlow on a specified board.

[~DeviceA]slot 1
[~DeviceA-slot-1]sflow enable
[*DeviceA-slot-1]commit
[*DeviceA-slot-1]quit

Step 4 Configure flow sampling.

[~DeviceA]interface GigabitEthernet 1/0/2
[~DeviceA-GigabitEthernet1/0/2]sflow flow-sampling collector 2 inbound
[*DeviceA-GigabitEthernet1/0/2]commit
[~DeviceA-GigabitEthernet1/0/2]sflow flow-sampling rate 4000 inbound
[*DeviceA-GigabitEthernet1/0/2]commit
[~DeviceA-GigabitEthernet1/0/2]quit

Step 5 Verify the configuration.

[~DeviceA]display sflow configuration
sflow
sflow agent ip 10.1.10.1
sflow collector 2
sflow server ip 10.1.10.2
slot 1
sflow enable
interface GigabitEthernet1/0/2
sflow flow-sampling collector 2 inbound
sflow flow-sampling rate 4000 inbound

----End

Configuration Files
Device A configuration file
#
sysname DeviceA
#
interface GigabitEthernet1/0/1
ip address 10.1.10.1 255.255.255.0
#
interface GigabitEthernet1/0/2
ip address 10.1.20.1 255.255.255.0
#
interface GigabitEthernet1/0/3
ip address 10.1.30.1 255.255.255.0
#
sflow
sflow agent ip 10.1.10.1
sflow collector 2
sflow server ip 10.1.10.2
slot 1
sflow enable
#
interface GigabitEthernet1/0/2
sflow flow-sampling collector 2 inbound
sflow flow-sampling rate 4000 inbound

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 9 sFlow Configuration

#
return

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 10 IP Traffic Monitoring Configuration

10 IP Traffic Monitoring Configuration

About This Chapter

IP traffic monitoring implements automatic traffic statistics based on IP addresses.

After this function is enabled, you can create an IP service flow table, collect
statistics on the number of IP packets, and store the statistics to a CF card
periodically. You can use a tool to parse a stored file and display its content in
graphics, quickly locating faulty nodes.

10.1 IP Traffic Monitoring Licensing Requirements and Configuration Precautions

10.2 Enabling IP Traffic Monitoring

10.1 IP Traffic Monitoring Licensing Requirements and

Configuration Precautions
Licensing Requirements
For details, see "Licensing Requirements" in Feature Description.

Configuration Precautions
Restrictions Guidelines Impact

IP address-based Plan services properly. IP address-based

automatic traffic automatic traffic
statistics collection is statistics collection is
mutually exclusive with mutually exclusive with
ACL-based packet header ACL-based packet header
obtaining, interface- obtaining, interface-
based mirroring, or MF based mirroring, or MF
classification-based classification-based
mirroring. mirroring.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 10 IP Traffic Monitoring Configuration

10.2 Enabling IP Traffic Monitoring

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run service-stream table sip source-ip dip destination-ip [ vpn-instance vpn-
name ]
IP traffic monitoring is enabled.
Step 3 Run commit
The configuration is committed.

----End

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

11 iFIT Configuration

About This Chapter

In-situ Flow Information Telemetry (iFIT) is a performance measurement method

that measures packet loss and latency based on IP data flows. iFIT is similar to IP
FPM but is easier to use and implements both dynamic and automatic
deployment.

iFIT and IP FPM are mutually exclusive. In VS mode, iFIT is supported only by the admin VS.

11.1 Overview of iFIT

In-situ Flow Information Telemetry (iFIT) determines network performance by
measuring the packet loss and latency of service packets transmitted on an IP
network. This feature is easy to deploy and provides an accurate assessment of
network performance.
11.2 iFIT Licensing Requirements and Configuration Precautions
11.3 Configuring iFIT End-to-End Measurement
iFIT performance measurement consists of iFIT end-to-end performance
measurement and iFIT hop-by-hop performance measurement.
11.4 Configuration Examples for iFIT
This section provides iFIT configuration examples.

11.1 Overview of iFIT

Background
Currently, there are two types of OAM performance measurement methods based
on the measurement type: out-band measurement and in-band measurement.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

Out-band measurement methods include network quality analysis (NQA) and

Two-Way Active Measurement Protocol (TWAMP), and in-band measurement
methods include IP Flow Performance Measurement (IP FPM). These two types of
measurement methods have the following advantages and disadvantages:
● NQA can monitor the performance of multiple protocols running on
networks. However, it determines the performance of simulated packets (it
constructs packets based on the types of measurement instances) rather than
actual service packets transmitted on networks. The performance indicators
collected by NQA may not represent the actual service quality, and therefore
cannot serve as a solid reference for network performance analysis.
● TWAMP can insert probe packets into service flows, achieving fast and flexible
deployment. However, to perform measurement, it uses packets sent at
intervals. This produces low-precision measurement results and does not
support hop-by-hop measurement.
● IP FPM is an in-band measurement method, but it has high requirements on
network devices, applies to limited scenarios, and is complex to deploy.
The OAM detection technologies currently available cannot meet requirements on
5G transport networks. Huawei therefore launches the iFIT performance
measurement solution. In terms of performance monitoring, iFIT meets the
requirements of 5G transport networks and has the following characteristics:
● Expandability: iFIT has high detection precision, is easy to deploy, and can be
expanded to meet future requirements.
● Fast fault diagnosis: iFIT provides in-band detection to measure the latency
and packet loss of service flows in real time.
● Visualization: Performance data is displayed on a graphical user interface
(GUI).

Basic Concepts
The iFIT model describes how service flows are measured to obtain packet loss
and latency. Specifically, iFIT measures the packet loss and latency of service flows
on the ingress and egress of the transit network, and summarizes desired
performance indicators. The iFIT model is composed of three objects: target flow,
transit network, and measurement system. Figure 11-1 shows the iFIT model.

Figure 11-1 iFIT model

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

● Target flow
Target flows are key elements in iFIT statistics. A target flow must be specified
before each statistics collection operation. Target flows can be classified as
static or dynamic flows based on the generation mode.
– One or more fields in IP headers can be specified to identify a static flow.
The fields that can be specified are the source IP address and prefix,
destination IP address and prefix, protocol type, source port number,
destination port number, and type of service (ToS). Currently, iFIT
supports measurement based on source and destination IP addresses,
source and destination port numbers, and protocol number.
– Dynamic flows are triggered based on packets with iFIT headers. If a
dynamic flow instance does not collect traffic statistics for a specified
length of time, it automatically ages.

The default aging time of a dynamic flow instance is 10 times the measurement
period, but cannot be less than 10 minutes.
● Transit network
The transit network only bears target flows. The target flows are not
generated or terminated on the transit network. The transit network can be a
Layer 2 (L2), Layer 3 (L3), or L2+L3 hybrid network. Each node on the transit
network must be reachable at the network layer.
● Measurement system
The measurement system consists of the ingress (configured with iFIT and
iFIT parameters) and multiple iFIT-capable devices. Packet loss is the
difference between the number of packets entering the network and the
number of packets leaving the network within a specified measurement
interval.
The number of packets entering the network is the sum of all packets moving
in the ingress direction: PI = PI1 + PI2 + PI3
The number of packets leaving the network is the sum of all packets moving
in the egress direction: PE = PE1 + PE2 + PE3
Latency is the difference between the time a service flow enters the network
and the time the service flow leaves the network within a specified
measurement interval.

After iFIT is configured, packet forwarding performance may deteriorate.

Measurement Modes
iFIT supports end-to-end and hop-by-hop measurement.
● End-to-end measurement: To monitor network performance in real time,
configure end-to-end measurement.
● Hop-by-hop measurement: To diagnose faults, configure hop-by-hop
measurement.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

11.2 iFIT Licensing Requirements and Configuration

Precautions
Licensing Requirements
For details, see "Licensing Requirements" in Feature Description.

Configuration Precautions
Restrictions Guidelines Impact

In an HVPN E2E None If the configuration is

measurement scenario, improper, iFIT
when the UPE functions measurement results are
as the ingress and the not available.
encapsulation nexthop
ip-address command is
configured, you must
specify the next hop IP
address as the IP address
of the SPE. When the
encapsulation nexthop
ip-address command is
configured on the SPE,
you must specify the
next hop IP address as
the IP address of the
NPE.

iFIT does not support Properly plan services. iFIT measurement results
multi-VS, and can be are not available.
configured only in
Admin-VS. The VSn does
not support iFIT
detection.

iFIT does not support Properly plan services. iFIT measurement results
broadcast or multicast are not available.
flow measurement.

iFIT cannot be bound to Properly plan services. iFIT measurement results

VLANIF interfaces, BDIF are not available.
member interfaces or
sub-interfaces.

If a packet needs to be None iFIT measurement results

fragmented, iFIT are inaccurate.
measures only the first
fragment, which may
cause the number of
bytes to be inaccurate.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

Restrictions Guidelines Impact

iFIT measurement After iFIT measurement iFIT measurement fails

cannot be used together is configured, do not or services are
with the flow label deploy the flow label interrupted.
function. If both service.
functions are configured,
the flow label overwrites
the iFIT label. As a result,
the iFIT function fails on
the entire detection link,
and the ASG or egress
node fails to remove the
iFIT header, causing
service interruption.

If traffic is light or a None iFIT measurement results

large number of packets are inaccurate.
are lost, there may be no
delay data in some iFIT
periods. If congestion
occurs for a long time,
the iFIT measurement
results are inaccurate.

If the configuration in an None iFIT measurement results

iFIT instance changes or are not available.
the ingress node restarts,
the ingress node
reallocates flow IDs. As a
result, the data in several
periods may be
inaccurate or no
measurement data is
obtained.

Flow characteristics in Flow characteristics in iFIT measurement results

different measurement different measurement are inaccurate.
instances cannot conflict. instances cannot conflict
If flow characteristics (for example, the
conflict (for example, the characteristics of one
characteristics of one measurement instance
measurement instance cannot include or
include or overlap those overlap those of another
of another measurement measurement instance).
instance), the iFIT
measurement results
may be inaccurate.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

Restrictions Guidelines Impact

During the iFIT None iFIT measurement results

measurement, if the are inaccurate.
forwarding path changes
due to FRR or hard
convergence, the
measurement data in
one or two periods after
the switchover is
inaccurate.

iFIT does not support Properly plan services. iFIT measurement results
GRE or VXLAN or SRv6 are not available.
tunnels.

iFIT requires 1588v2 or Properly plan services. iFIT measurement results

G8275.1 clocks to be are inaccurate.
deployed.

When an SPE or ASBR is None iFIT measurement results

used as an ingress, VPNs are inaccurate.
cannot be distinguished.
If there are duplicate
flow characteristics in
different VPNs, the
measurement results are
inaccurate.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

Restrictions Guidelines Impact

Assume that PE1 and None If the configuration is

ASBR1 belong to AS 100 improper, iFIT
and that PE2 and ASBR2 measurement results are
belong to AS 200. Inter- not available.
AS VPN iFIT is required
between AS 100 and AS
200. The static next hop
IP addresses are
configured as follows: 1.
In an inter-AS VPN
Option A scenario, E2E
measurement cannot be
performed between PEs
on different VPNs. 2. In
an inter-AS VPN Option
B scenario, when PE1
functions as the ingress
and the encapsulation
nexthop ip-address
command is configured,
you must specify the
next hop IP address as
the IP address of ASBR1.
When the encapsulation
nexthop ip-address
command is configured
on ASBR
● you must specify the
next hop IP address as
the IP address of
ASBR2. When the
encapsulation
nexthop ip-address
command is
configured on ASBR
● you must specify the
next hop IP address as
the IP address of PE2.
3. In an inter-AS VPN
Option C scenario,
when PE1 functions
as the ingress and the
encapsulation
nexthop ip-address
command is
configured, you must
specify the next hop
IP address as the IP
address of PE2.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

Restrictions Guidelines Impact

Before configuring static Properly plan services. The egress node does
capability negotiation, not identify packets,
ensure that the egress PE which causes traffic
can remove the iFIT interruption.
extension header.
Otherwise, traffic
forwarding is affected.

On a board equipped None iFIT statistics displayed

with an eTM subcard, on NCE may vary in
HQoS is implemented on scenarios where a TM or
the eTM subcard, and eTM subcard is installed.
iFIT statistics are
collected by the NP. If
packet loss occurs on the
eTM subcard, for
example, in traffic
congestion scenarios,
iFIT statistics shown on
NCE may indicate that
packet loss occurs on
links.

11.3 Configuring iFIT End-to-End Measurement

iFIT performance measurement consists of iFIT end-to-end performance
measurement and iFIT hop-by-hop performance measurement.

11.3.1 Configuring iFIT End-to-End Measurement

iFIT end-to-end measurement measures packet loss and latency on the entire
network so that you can quickly respond to network issues if network
performance deteriorates.

Context
On the network shown in Figure 11-2, the target flow enters the transit network
through DeviceA, traverses DeviceB, and leaves the transit network through
DeviceC. To monitor transit network performance in real time or perceive faults,
configure iFIT end-to-end measurement on both DeviceA and DeviceC.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

Figure 11-2 iFIT end-to-end measurement

Pre-configuration Tasks
Before configuring end-to-end measurement, complete the following tasks:
● Configure a dynamic routing protocol or static routes so that devices are
reachable at the network layer.
● Configure 1588v2 so that all device clocks can be synchronized.

Procedure
Static flows are manually configured, whereas dynamic flows are triggered based
on packets with iFIT headers. To configure a static flow, perform the following
steps:
1. Run system-view
The system view is displayed.
2. Run ifit
iFIT is globally enabled, and the iFIT view is displayed.

Only steps 1 and 2 need to be configured on DeviceC that functions as the traffic
egress.
3. Run encapsulation nexthop ip-address
The device is enabled to encapsulate the iFIT header in packets destined for a
specified next hop IP address.
4. Run node-id node-id
A node ID is configured.
5. Run instance instance-name
An iFIT instance is created, and its view is displayed.
6. Run flow unidirectional source source-ip [ source-mask ] destination
destination-ip [ destination-mask ] [ protocol { { tcp | udp | sctp | protocol-
number4 | protocol-number5 | protocol-number6 } [ source-port source-
port ] [ destination-port destination-port ] | { protocol-number | protocol-

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

number7 | protocol-number8 | protocol-number3 } } ] [ vpn-instance vpn-

instance-name ]
An iFIT static flow is created.
7. Run measure-mode e2e
End-to-end measurement is set.
8. (Optional) Run interval interval
A measurement interval is set.
9. (Optional) Run disorder-measure enable
Disorder measurement is enabled.
10. Run binding interface interface-type interface-number
The static flow is bound to a specified interface.
11. Run commit
The configuration is committed.

To configure dynamic flows, perform the following steps:

1. Run system-view
The system view is displayed.
2. Run ifit
iFIT is globally enabled, and the iFIT view is displayed.

Only steps 1 and 2 need to be configured on DeviceC that functions as the traffic
egress.
3. (Optional) Run dynamic-flow age interval-multiplier multi-value
An aging time is set for dynamic flows.
4. (Optional) Run reset dynamic flow { flowId | all }
All configured dynamic flow instances or a specified one is deleted.
5. Run commit
The configuration is committed.

11.3.2 Configuring iFIT Hop-by-Hop Measurement

iFIT hop-by-hop measurement helps locate faulty nodes when packet loss or
latency occurs.

Context
On the network shown in Figure 11-3, the target flow enters the transit network
through DeviceA, traverses DeviceB, and leaves the transit network through
DeviceC. To measure hop-by-hop packet loss and latency when troubleshooting
deterioration of network performance, configure hop-by-hop measurement on
DeviceA, DeviceB, and DeviceC.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

Figure 11-3 iFIT hop-by-hop measurement

Procedure
Static flows are manually configured, whereas dynamic flows are triggered based
on packets with iFIT headers. To configure a static flow, perform the following
steps:

1. Run system-view
The system view is displayed.
2. Run ifit
iFIT is globally enabled, and the iFIT view is displayed.

Only steps 1 and 2 need to be configured on DeviceB and DeviceC.

3. Run encapsulation nexthop ip-address
The device is enabled to encapsulate the iFIT header in packets destined for a
specified next hop IP address.
4. Run node-id node-id
A node ID is configured.
5. Run instance instance-name
An iFIT instance is created, and its view is displayed.
6. Run flow unidirectional source source-ip [ source-mask ] destination
destination-ip [ destination-mask ] [ protocol { { tcp | udp | sctp | protocol-
number4 | protocol-number5 | protocol-number6 } [ source-port source-
port ] [ destination-port destination-port ] | { protocol-number | protocol-
number7 | protocol-number8 | protocol-number3 } } ] [ vpn-instance vpn-
instance-name ]
An iFIT static flow is created.
7. Run measure-mode trace
Hop-by-hop measurement is set.
8. Run binding interface interface-type interface-number
The static flow is bound to a specified interface.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

9. (Optional) Run interval interval

A measurement interval is set.
10. (Optional) Run disorder-measure enable
Disorder measurement is enabled.
11. Run commit
The configuration is committed.
To configure dynamic flows, perform the following steps:
1. Run system-view
The system view is displayed.
2. Run ifit
iFIT is globally enabled, and the iFIT view is displayed.

Only steps 1 and 2 need to be configured on DeviceC that functions as the traffic
egress.
3. (Optional) Run dynamic-flow age interval-multiplier multi-value
An aging time is set for iFIT dynamic flows.
4. (Optional) Run reset dynamic flow { flowId | all }
All configured dynamic flow instances or a specified one is deleted.
5. Run commit
The configuration is committed.

11.3.3 Verifying the iFIT Configuration

After configuring iFIT, verify the configuration.

Prerequisites
iFIT has been configured.

Procedure
Step 1 Run the display ifit command to check information about iFIT flows.
Step 2 Run the display ifit { source src-ip-address [ destination dest-ip-address ] |
destination dest-ip-address } command to check information about an iFIT flow
based on specified IP addresses.
Step 3 Run the display ifit static command to check information about iFIT static flows.
Step 4 Run the display ifit dynamic-hop command to check information about iFIT
dynamic flows on the transit node and egress.

----End

11.4 Configuration Examples for iFIT

This section provides iFIT configuration examples.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

11.4.1 Example for Configuring iFIT End-to-End Measurement

This section provides an example for configuring iFIT end-to-end measurement on
an IP RAN.

Networking Requirements
IPTV, video conferencing, voice over IP (VoIP), and other value-added services are
widely used on networks. Because these services rely heavily on high speed and
robust networks, link connectivity and network performance are essential to
service transmission.
● For voice services, users do not detect any change in voice quality if the
packet loss rate on links is lower than 5%. If the packet loss rate is higher
than 10%, voice quality deteriorates significantly.
● For real-time services, such as VoIP, online games, and video conferencing, a
latency lower than 100 ms, or even 50 ms, is required. As the latency
increases, user experience worsens.
To meet service quality requirements, you can measure packet loss and latency so
that you can quickly respond to network issues if service quality deteriorates.
The IP RAN shown in Figure 11-4 transmits voice services. Voice flows are
symmetrical and bidirectional, and therefore one voice flow can be divided into
two unidirectional service flows. The forward service flow enters the network
through the UPE, traverses SPE1, and leaves the network through the NPE. The
reverse service flow enters the network through the NPE, also traverses SPE1, and
leaves the network through the UPE.
To monitor the packet loss rate and latency of the links between the UPE and NPE
in real time, configure end-to-end measurement. This enables you to respond to
network issues if service quality deteriorates and therefore meet users' service
quality requirements.

Figure 11-4 iFIT end-to-end measurement

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

Table 11-1 Interfaces connecting devices and their IP addresses

Device Interface Name Interface Remote IP
(Role) Device Address
(Role)

UPE - Loopback 1 - 1.1.1.1/32

interface 1 GE 1/0/0 NodeB 192.168.2.

1/24

interface 2 GE 1/0/1 SPE1 172.16.1.1

/24

interface 3 GE 1/0/2 SPE2 172.16.2.1

/24

SPE1 - Loopback 1 - 2.2.2.2/32

interface 1 GE 1/0/1 UPE 172.16.1.2

/24

interface 2 GE 1/0/2 NPE 172.16.4.1

/24

interface 3 GE 1/0/3 SPE2 172.16.3.1

/24

interface 4 GE 1/0/4 BITS 172.16.6.1

/24

SPE2 - Loopback 1 - 3.3.3.3/32

interface 1 GE 1/0/1 NPE 172.16.5.1

/24

interface 2 GE 1/0/2 UPE 172.16.2.2

/24

interface 3 GE 1/0/3 SPE1 172.16.3.2

/24

NPE - Loopback 1 - 4.4.4.4/32

interface 1 GE 1/0/1 SPE2 172.16.5.2

/24

interface 2 GE 1/0/2 SEP1 172.16.4.2

/24

interface 3 GE 1/0/3 NPE 192.168.2.

2/24

Configuration Roadmap
The configuration roadmap is as follows:

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

1. Perform the following steps on the UPE, SPE1, SPE2, and NPE to carry IP RAN
services.
a. Configure an IP address and a routing protocol for each interface so that
all devices can communicate at the network layer. This example uses
Open Shortest Path First (OSPF) as the routing protocol.
b. Configure Multiprotocol Label Switching (MPLS) and public network
tunnels to carry L3VPN services. In this example, SR-MPLS TE tunnels are
established between the UPE and each SPE, between SPEs, and between
each SPE and the NPE.
c. Create a VPN instance on the UPE and NPE and import the local direct
routes on the UPE and NPE to their respective VPN instance routing
tables.
d. Establish Multiprotocol Interior Border Gateway Protocol (MP-IBGP) peer
relationships between the UPE and SPEs and between the NPE and SPEs.
e. Configure the SPEs as route reflectors (RRs) and specify the UPE and NPE
as RR clients.
f. Configure VPN FRR on the UPE and NPE.
2. Configure 1588v2 to synchronize the clocks of the UPE, SPEs, and NPE.
3. Configure packet loss and latency measurement on the UPE and NPE to
collect packet loss and latency statistics at intervals.

● For upstream traffic in the HoVPN scenario, an SPE functions as the ingress, and a
VPN instance needs to be configured for the iFIT flow.
● For downstream traffic in the HoVPN scenario or upstream/downstream traffic in
the H-VPN scenario, an SPE functions as the ingress, and no VPN instance needs to
be configured for the iFIT flow.

Data Preparation
To complete the configuration, you need the following data:
● IP address of each interface listed in Table 1
● IGP type: OSPF; process ID: 1; area ID: 0
● LSR IDs of the UPE, SPE1, and SPE2: 1.1.1.1, 2.2.2.2, and 3.3.3.3
● Tunnel interface names, tunnel IDs, and tunnel interface addresses for the
bidirectional tunnels between the UPE and SPE1: Tunnel11, 100, and loopback
interface address
● Tunnel interface names, tunnel IDs, and tunnel interface addresses for the
bidirectional tunnels between the UPE and SPE2: Tunnel12, 200, and loopback
interface address
● Tunnel policy names for the bidirectional tunnels between the UPE and SPEs:
policy1; tunnel selector names on the SPEs: BindTE
● Names, RDs, and VPN targets of the VPN instances on the UPE and NPE:
vpna, 100:1, and 1:1
● iFIT instance ID: 1; measurement interval: 10s
● Target flow's source IP address: 10.1.1.1; destination IP address: 10.2.1.1

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

Procedure
Step 1 Configure IP addresses, routing protocols, L3VPNs, and public network tunnels on
the UPE, SPE1, SPE2, and NPE. For configuration details, see Configuration Files.

Step 2 Configure 1588v2 to synchronize the clocks of the UPE, SPE1, and NPE.
1. # Import BITS0 signals to SPE1.
[~SPE1] clock bits-type bits0 2mhz
[*SPE1] clock source bits0 synchronization enable
[*SPE1] clock source bits0 priority 1
[*SPE1] commit

2. # Enable 1588v2 globally.

# Configure SPE1.
[~SPE1] ptp enable
[*SPE1] ptp domain 1
[*SPE1] ptp device-type bc
[*SPE1] ptp clock-source local clock-class 185
[*SPE1] clock source ptp synchronization enable
[*SPE1] clock source ptp priority 1
[*SPE1] commit

# Configure the UPE.

[~UPE] ptp enable
[*UPE] ptp domain 1
[*UPE] ptp device-type bc
[*UPE] ptp clock-source local clock-class 185
[*UPE] clock source ptp synchronization enable
[*UPE] clock source ptp priority 1
[*UPE] commit

# Configure the NPE.

[~NPE] ptp enable
[*NPE] ptp domain 1
[*NPE] ptp device-type bc
[*NPE] ptp clock-source local clock-class 185
[*NPE] clock source ptp synchronization enable
[*NPE] clock source ptp priority 1
[*NPE] commit

3. Enable 1588v2 on interfaces.

# Configure SPE1.
[~SPE1] interface gigabitethernet 1/0/1
[~SPE1-GigabitEthernet1/0/1] ptp enable
[*SPE1-GigabitEthernet1/0/1] commit
[~SPE1-GigabitEthernet1/0/1] quit
[~SPE1] interface gigabitethernet 1/0/2
[~SPE1-GigabitEthernet1/0/2] ptp enable
[*SPE1-GigabitEthernet1/0/2] commit
[~SPE1-GigabitEthernet1/0/2] quit
[~SPE1] interface gigabitethernet 1/0/4
[~SPE1-GigabitEthernet1/0/4] ptp enable
[*SPE1-GigabitEthernet1/0/4] commit
[~SPE1-GigabitEthernet1/0/4] quit

# Configure the UPE.

[~UPE] interface gigabitethernet 1/0/0
[~UPE-GigabitEthernet1/0/0] ptp enable
[*UPE-GigabitEthernet1/0/0] commit
[~UPE-GigabitEthernet1/0/0] quit
[~UPE] interface gigabitethernet 1/0/1
[~UPE-GigabitEthernet1/0/1] ptp enable
[*UPE-GigabitEthernet1/0/1] commit
[~UPE-GigabitEthernet1/0/1] quit

# Configure the NPE.

[~NPE] interface gigabitethernet 1/0/2

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

[~NPE-GigabitEthernet1/0/2] ptp enable

[*NPE-GigabitEthernet1/0/2] commit
[~NPE-GigabitEthernet1/0/2] quit
[~NPE] interface gigabitethernet 1/0/3
[~NPE-GigabitEthernet1/0/3] ptp enable
[*NPE-GigabitEthernet1/0/3] commit
[~NPE-GigabitEthernet1/0/3] quit

Step 3 Configure iFIT for a link between the UPE and NPE.

# Configure the UPE.

<UPE> system-view
[~UPE] ifit
[*UPE-ifit] encapsulation nexthop 2.2.2.2
[*UPE-ifit] node-id 10
[*UPE-ifit] instance 1
[*UPE-ifit-instance-1] flow unidirectional source 10.1.1.1 destination 10.2.1.1 vpn-instance vpna
[*UPE-ifit-instance-1] interval 10
[*UPE-ifit-instance-1] measure-mode e2e
[*UPE-ifit-instance-1] binding interface gigabitethernet 1/0/0
[*UPE] commit

# Run the display ifit static command to check the configuration and status of
the UPE.
[~UPE] display ifit static instance 1
2019-01-14 17:24:39.28 +08:00
-------------------------------------------------------------------------
Flow Type : static
Instance Id : 10
Instance-name :1
Flow Id : 2099183618
Direct Type : unidirectional
Source IP Address/Mask Length : 10.1.1.1/32
Destination IP Address/Mask Length : 10.2.1.1/32
Protocol : any
Source Port : any
Destination Port : any
Interface : GigabitEthernet1/0/0
vpn-instance : vpna
Loss Measure : enable
Delay Measure : enable
Test Type : e2e
Interval : 10(s)

# Configure the NPE.

<NPE> system-view
[~NPE] ifit
[*NPE] commit

# Run the display ifit dynamic-hop command to view the configuration and
status of the NPE.
[~NPE] display ifit dynamic-hop
2019-01-14 17:24:39.28 +08:00
-------------------------------------------------------------------------
Flow Classification : dynamic-hop
Instance Id : 514
Flow Id : 2099183618
Flow Type : unidirectional
Interface : GigabitEthernet1/0/3
Direction : egress
Loss Measure : enable
Delay Measure : enable
Interval : 10(s)

----End

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

Configuration Files
● UPE configuration file
#
sysname UPE
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 100:1
apply-label per-instance
tnl-policy policy1
vpn-target 1:1 export-extcommunity
vpn-target 1:1 import-extcommunity
#
segment-routing
mpls lsr-id 1.1.1.1
mpls
mpls te
#
ptp enable
ptp domain 1
ptp device-type bc
ptp clock-source local clock-class 185
ptp clock-source bits0 on
#
clock source ptp synchronization enable
clock source ptp priority 1
#
interface GigabitEthernet1/0/0
undo shutdown
ip binding vpn-instance vpna
ip address 192.168.2.1 255.255.255.0
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.16.1.1 255.255.255.0
mpls
mpls te
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.2.1 255.255.255.0
mpls
mpls te
#
interface LoopBack1
ip address 1.1.1.1 255.255.255.255
ospf enable area 0.0.0.0
ospf prefix-sid absolute 16100
#
explicit-path spe1
next sid label 16300 type adjacency
#
explicit-path spe2
next sid label 16400 type adjacency
#
interface Tunnel11
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 2.2.2.2
mpls te tunnel-id 100
mpls te reserved-for-binding
mpls te signal-protocol segment-routing
mpls te path explicit-path spe1
#
interface Tunnel12
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 3.3.3.3

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

mpls te tunnel-id 200

mpls te reserved-for-binding
mpls te signal-protocol segment-routing
mpls te path explicit-path spe2
#
bgp 100
router-id 1.1.1.1
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack1
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
peer 3.3.3.3 enable
#
ipv4-family vpnv4
policy vpn-target
peer 2.2.2.2 enable
peer 3.3.3.3 enable
#
ipv4-family vpn-instance vpna
import-route direct
auto-frr
#
ospf 1
opaque-capability enable
segment-routing mpls
segment-routing global-block 16000 20000
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 172.16.1.0 0.0.0.255
network 172.16.2.0 0.0.0.255
mpls-te enable
#
tunnel-policy policy1
tunnel binding destination 2.2.2.2 te Tunnel11
tunnel binding destination 3.3.3.3 te Tunnel12
#
ifit
encapsulation nexthop 2.2.2.2
node-id 10
instance 1
flow unidirectional source 10.1.1.1 destination 10.2.1.1 vpn-instance vpna
interval 10
measure-mode e2e
binding interface GigabitEthernet1/0/0
#
return
● SPE1 configuration file
#
sysname SPE1
#
tunnel-selector bindTE permit node 10
apply tunnel-policy policy1
#
segment-routing
mpls lsr-id 2.2.2.2
mpls
mpls te
label advertise non-null
#
ptp enable
ptp domain 1
ptp device-type bc
ptp clock-source local clock-class 185
ptp clock-source bits0 on
#

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

clock source bits0 synchronization enable

clock source bits0 priority 1
clock source ptp synchronization enable
clock source ptp priority 1
clock bits-type bits0 2mhz
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.16.1.2 255.255.255.0
mpls
mpls te
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.4.1 255.255.255.0
mpls
mpls te
#
interface GigabitEthernet1/0/3
undo shutdown
ip address 172.16.3.1 255.255.255.0
mpls
mpls te
#
interface LoopBack1
ip address 2.2.2.2 255.255.255.255
ospf enable area 0.0.0.0
ospf prefix-sid absolute 16200
#
explict-path upe
next sid label 16200 type adjacency
#
explict-path npe
next sid label 16400 type adjacency
#
interface Tunnel11
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 1.1.1.1
mpls te tunnel-id 100
mpls te reserved-for-binding
mpls te signal-protocol segment-routing
mpls te path explicit-path upe
#
interface Tunnel12
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 4.4.4.4
mpls te tunnel-id 200
mpls te reserved-for-binding
mpls te signal-protocol segment-routing
mpls te path explicit-path npe
#
bgp 100
router-id 2.2.2.2
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack1
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack1
peer 4.4.4.4 as-number 100
peer 4.4.4.4 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
peer 3.3.3.3 enable
peer 4.4.4.4 enable
#
ipv4-family vpnv4

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

undo policy vpn-target

tunnel-selector bindTE
peer 1.1.1.1 enable
peer 1.1.1.1 reflect-client
peer 1.1.1.1 next-hop-local
peer 3.3.3.3 enable
peer 4.4.4.4 enable
peer 4.4.4.4 reflect-client
peer 4.4.4.4 next-hop-local
#
ospf 1
opaque-capability enable
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 172.16.1.0 0.0.0.255
network 172.16.3.0 0.0.0.255
network 172.16.4.0 0.0.0.255
segment-routing mpls
segment-routing global-block 16000 20000
#
tunnel-policy policy1
tunnel binding destination 1.1.1.1 te Tunnel11
tunnel binding destination 4.4.4.4 te Tunnel12
#
return
● SPE2 configuration file
#
sysname SPE2
#
tunnel-selector bindTE permit node 10
apply tunnel-policy policy1
#
mpls lsr-id 3.3.3.3
mpls
mpls te
label advertise non-null
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.16.5.1 255.255.255.0
mpls
mpls te
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.2.2 255.255.255.0
mpls
mpls te
#
interface GigabitEthernet1/0/3
undo shutdown
ip address 172.16.3.2 255.255.255.0
mpls
mpls te
#
interface LoopBack1
ip address 3.3.3.3 255.255.255.255
ospf enable area 0.0.0.0
ospf prefix-sid absolute 16100
#
explict-path upe
next sid label 16300 type adjacency
#
explict-path npe
next sid label 16400 type adjacency
#
interface Tunnel11
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

destination 1.1.1.1
mpls te tunnel-id 100
mpls te reserved-for-binding
mpls te signal-protocol segment-routing
mpls te path explicit-path upe
#
interface Tunnel12
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 4.4.4.4
mpls te tunnel-id 200
mpls te reserved-for-binding
mpls te signal-protocol segment-routing
mpls te path explicit-path npe
#
bgp 100
router-id 3.3.3.3
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack1
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack1
peer 4.4.4.4 as-number 100
peer 4.4.4.4 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
peer 2.2.2.2 enable
peer 4.4.4.4 enable
#
ipv4-family vpnv4
undo policy vpn-target
tunnel-selector bindTE
peer 1.1.1.1 enable
peer 1.1.1.1 reflect-client
peer 1.1.1.1 next-hop-local
peer 2.2.2.2 enable
peer 4.4.4.4 enable
peer 4.4.4.4 reflect-client
peer 4.4.4.4 next-hop-local
#
ospf 1
opaque-capability enable
segment-routing mpls
segment-routing global-block 16000 20000
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 172.16.2.0 0.0.0.255
network 172.16.3.0 0.0.0.255
network 172.16.5.0 0.0.0.255
mpls-te enable
#
tunnel-policy policy1
tunnel binding destination 4.4.4.4 te Tunnel11
tunnel binding destination 1.1.1.1 te Tunnel12
#
return
● NPE configuration file
#
sysname NPE
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 100:1
apply-label per-instance
vpn-target 1:1 export-extcommunity
vpn-target 1:1 import-extcommunity
#
mpls lsr-id 4.4.4.4

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

mpls
mpls te
#
ptp enable
ptp domain 1
ptp device-type bc
ptp clock-source local clock-class 185
ptp clock-source bits0 on
#
clock source ptp synchronization enable
clock source ptp priority 1
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.16.5.2 255.255.255.0
mpls
mpls te
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.4.2 255.255.255.0
mpls
mpls te
#
interface GigabitEthernet1/0/3
undo shutdown
ip binding vpn-instance vpna
ip address 192.168.2.2 255.255.255.0
#
interface LoopBack1
ip address 4.4.4.4 255.255.255.255
ospf enable area 0.0.0.0
ospf prefix-sid absolute 16300
#
explicit-path spe1
next sid label 16100 type adjacency
#
explicit-path spe2
next sid label 16200 type adjacency
#
interface Tunnel11
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 2.2.2.2
mpls te signal-protocol segment-routing
mpls te tunnel-id 100
mpls te path explicit-path spe1
#
interface Tunnel12
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 3.3.3.3
mpls te signal-protocol segment-routing
mpls te tunnel-id 200
mpls te path explicit-path spe2
#
bgp 100
router-id 4.4.4.4
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack1
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
peer 3.3.3.3 enable
#
ipv4-family vpnv4

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

policy vpn-target
peer 2.2.2.2 enable
peer 3.3.3.3 enable
#
ipv4-family vpn-instance vpna
import-route direct
auto-frr
#
ospf 1
opaque-capability enable
segment-routing mpls
segment-routing global-block 16000 20000
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 172.16.4.0 0.0.0.255
network 172.16.5.0 0.0.0.255
mpls-te enable
#
tunnel-policy policy1
tunnel binding destination 2.2.2.2 te Tunnel11
tunnel binding destination 3.3.3.3 te Tunnel12
#
ifit
#
return

11.4.2 Example for Configuring iFIT Hop-by-Hop Measurement

This section provides an example for configuring iFIT hop-by-hop measurement on
an IP RAN.

Networking Requirements
IPTV, video conferencing, voice over IP (VoIP), and other value-added services are
widely used on networks. Because these services rely heavily on high speed and
robust networks, link connectivity and network performance are essential to
service transmission.
● For voice services, users do not detect any change in voice quality if the
packet loss rate on links is lower than 5%. If the packet loss rate is higher
than 10%, voice quality deteriorates significantly.
● For real-time services, such as VoIP, online games, and video conferencing, a
latency lower than 100 ms or even 50 ms, is required. As the latency
increases, user experience worsens.
To facilitate troubleshooting when network performance deteriorates, you can
configure hop-by-hop measurement.
The IP RAN shown in Figure 11-5 transmits video services. A unidirectional service
flow enters the network through the UPE, traverses SPE1, and leaves the network
through the NPE.
To monitor the packet loss and latency segment-by-segment, for example,
between the UPE and NPE, configure hop-by-hop measurement. This enables you
to rapidly and accurately locate faulty points.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

Figure 11-5 iFIT hop-by-hop measurement

Table 11-2 Interfaces connecting devices and their IP addresses

Device Interface Interface Remote Device IP Address
(Role) Name (Role)

UPE - Loopback 1 - 1.1.1.1/32

interface 1 GE 1/0/0 NodeB 192.168.2.1/2

interface 2 GE 1/0/1 SPE1 172.16.1.1/24

interface 3 GE 1/0/2 SPE2 172.16.2.1/24

SPE1 - Loopback 1 - 2.2.2.2/32

interface 1 GE 1/0/1 UPE 172.16.1.2/24

interface 2 GE 1/0/2 NPE 172.16.4.1/24

interface 3 GE 1/0/3 SPE2 172.16.3.1/24

interface 4 GE 1/0/4 BITS 172.16.6.1/24

SPE2 - Loopback 1 - 3.3.3.3/32

interface 1 GE 1/0/1 NPE 172.16.5.1/24

interface 2 GE 1/0/2 UPE 172.16.2.2/24

interface 3 GE 1/0/3 SPE1 172.16.3.2/24

NPE - Loopback 1 - 4.4.4.4/32

interface 1 GE 1/0/1 SPE2 172.16.5.2/24

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

Device Interface Interface Remote Device IP Address

(Role) Name (Role)

interface 2 GE 1/0/2 SEP1 172.16.4.2/24

interface 3 GE 1/0/3 NPE 192.168.2.2/2

Configuration Roadmap
The configuration roadmap is as follows:
1. Perform the following steps on the UPE, SPE1, SPE2, and NPE to carry IP RAN
services.
a. Configure an IP address and a routing protocol for each interface so that
all devices can communicate at the network layer. This example uses
OSPF as the routing protocol.
b. Configure MPLS and public network tunnels to carry L3VPN services. In
this example, SR-MPLS TE tunnels are established between the UPE and
each SPE, between SPEs, and between each SPE and the NPE.
c. Create a VPN instance on the UPE and NPE and import the local direct
routes on the UPE and NPE to their respective VPN instance routing
tables.
d. Establish MP-IBGP peer relationships between the UPE and SPEs and
between the NPE and SPEs.
e. Configure the SPEs as route reflectors (RRs) and specify the UPE and NPE
as RR clients.
f. Configure VPN FRR on the UPE and NPE.
2. Configure 1588v2 to synchronize the clocks of the UPE, SPEs, and NPE.
3. Configure packet loss and latency measurement on the UPE and NPE to
collect packet loss and latency statistics at intervals.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

● Tunnel interface names, tunnel IDs, and tunnel interface addresses for the
bidirectional tunnels between the UPE and SPE2: Tunnel12, 200, and loopback
interface address
● Tunnel policy names for the bidirectional tunnels between the UPE and SPEs:
policy1; tunnel selector names on the SPEs: BindTE
● Names, RDs, and VPN targets of the VPN instances on the UPE and NPE:
vpna, 100:1, and 1:1
● iFIT instance ID: 1; measurement interval: 10s
● Forward target flow's source IP address: 10.1.1.1; destination IP address:
10.2.1.1

Procedure
Step 1 Configure IP addresses, routing protocols, L3VPNs, and public network tunnels on
the UPE, SPE1, SPE2, and NPE. For configuration details, see Configuration Files.
Step 2 Configure 1588v2 to synchronize the clocks of the UPE, SPE1, and NPE.
1. # Import BITS0 signals to SPE1.
[~SPE1] clock bits-type bits0 2mhz
[*SPE1] clock source bits0 synchronization enable
[*SPE1] clock source bits0 priority 1
[*SPE1] commit
2. # Enable 1588v2 globally.
# Configure SPE1.
[~SPE1] ptp enable
[*SPE1] ptp domain 1
[*SPE1] ptp device-type bc
[*SPE1] ptp clock-source local clock-class 185
[*SPE1] clock source ptp synchronization enable
[*SPE1] clock source ptp priority 1
[*SPE1] commit
# Configure the UPE.
[~UPE] ptp enable
[*UPE] ptp domain 1
[*UPE] ptp device-type bc
[*UPE] ptp clock-source local clock-class 185
[*UPE] clock source ptp synchronization enable
[*UPE] clock source ptp priority 1
[*UPE] commit
# Configure the NPE.
[~NPE] ptp enable
[*NPE] ptp domain 1
[*NPE] ptp device-type bc
[*NPE] ptp clock-source local clock-class 185
[*NPE] clock source ptp synchronization enable
[*NPE] clock source ptp priority 1
[*NPE] commit
3. Enable 1588v2 on interfaces.
# Configure SPE1.
[~SPE1] interface gigabitethernet 1/0/1
[~SPE1-GigabitEthernet1/0/1] ptp enable
[*SPE1-GigabitEthernet1/0/1] commit
[~SPE1-GigabitEthernet1/0/1] quit
[~SPE1] interface gigabitethernet 1/0/2
[~SPE1-GigabitEthernet1/0/2] ptp enable
[*SPE1-GigabitEthernet1/0/2] commit
[~SPE1-GigabitEthernet1/0/2] quit
[~SPE1] interface gigabitethernet 1/0/4

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

[~SPE1-GigabitEthernet1/0/4] ptp enable

[*SPE1-GigabitEthernet1/0/4] commit
[~SPE1-GigabitEthernet1/0/4] quit

# Configure the UPE.

# Configure the NPE.

[~NPE] interface gigabitethernet 1/0/2
[~NPE-GigabitEthernet1/0/2] ptp enable
[*NPE-GigabitEthernet1/0/2] commit
[~NPE-GigabitEthernet1/0/2] quit
[~NPE] interface gigabitethernet 1/0/3
[~NPE-GigabitEthernet1/0/3] ptp enable
[*NPE-GigabitEthernet1/0/3] commit
[~NPE-GigabitEthernet1/0/3] quit

Step 3 Configure iFIT hop-by-hop measurement for a link between the UPE and NPE.

# Configure the UPE.

<UPE> system-view
[~UPE] ifit
[*UPE-ifit] encapsulation nexthop 2.2.2.2
[*UPE-ifit] node-id 10
[*UPE-ifit] instance 1
[*UPE-ifit-instance-1] flow unidirectional source 10.1.1.1 destination 10.2.1.1 vpn-instance vpna
[*UPE-ifit-instance-1] interval 10
[*UPE-ifit-instance-1] measure-mode trace
[*UPE-ifit-instance-1] binding interface gigabitethernet 1/0/0
[*UPE] commit

# Run the display ifit static and display ifit dynamic-hop commands on the UPE.
The two command outputs show the configurations of iFIT static and dynamic
flows on the UPE, respectively.
[~UPE] display ifit static instance 1
2019-01-14 17:24:39.28 +08:00
-------------------------------------------------------------------------
Flow Type : static
Instance Id : 10
Instance-name :1
Flow Id : 2099183617
Direct Type : unidirectional
Source IP Address/Mask Length : 10.1.1.1/32
Destination IP Address/Mask Length : 10.2.1.1/32
Protocol : any
Source Port : any
Destination Port : any
Interface : GigabitEthernet1/0/0
vpn-instance : vpna
Loss Measure : enable
Delay Measure : enable
Test Type : trace
Interval : 10(s)
[~UPE] display ifit dynamic-hop
2019-01-14 17:24:39.28 +08:00
-------------------------------------------------------------------------
Flow Classification : dynamic-hop
Instance Id : 514
Flow Id : 2099183617
Flow Type : unidirectional
Interface : GigabitEthernet1/0/0
Direction : transitOutput

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

Loss Measure : enable

Delay Measure : enable
Interval : 10(s)

# Configure SPE1.
<SPE1> system-view
[~SPE1] ifit
[*SPE1] encapsulation nexthop 4.4.4.4
[*SPE1] commit

# Run the display ifit dynamic-hop command to check the SPE1 configuration
and status.
[~SPE1] display ifit dynamic-hop
2019-01-14 17:24:39.28 +08:00
-------------------------------------------------------------------------
Flow Classification : dynamic-hop
Instance Id : 514
Flow Id : 2099183617
Flow Type : unidirectional
Interface : GigabitEthernet1/0/2
Direction : transitOutput
Loss Measure : enable
Delay Measure : enable
Interval : 10(s)
-------------------------------------------------------------------------
Flow Classification : dynamic-hop
Instance Id : 513
Flow Id : 2099183617
Flow Type : unidirectional
Interface : GigabitEthernet1/0/1
Direction : transitInput
Loss Measure : enable
Delay Measure : enable
Interval : 10(s)

# Configure the NPE.

<NPE> system-view
[~NPE] ifit
[*NPE] commit

# Run the display ifit dynamic-hop command to check the configuration and
status of the NPE.
[~NPE] display ifit dynamic-hop
2019-01-14 17:24:39.28 +08:00
-------------------------------------------------------------------------
Flow Classification : dynamic-hop
Instance Id : 514
Flow Id : 2099183617
Flow Type : unidirectional
Interface : GigabitEthernet1/0/3
Direction : egress
Loss Measure : enable
Delay Measure : enable
Interval : 10(s)
-------------------------------------------------------------------------
Flow Classification : dynamic-hop
Instance Id : 513
Flow Id : 2099183617
Flow Type : unidirectional
Interface : GigabitEthernet1/0/2
Direction : transitInput
Loss Measure : enable
Delay Measure : enable
Interval : 10(s)

----End

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

Configuration Files
● UPE configuration file
#
sysname UPE
#
ptp enable
ptp domain 1
ptp device-type bc
ptp clock-source local clock-class 185
ptp clock-source bits0 on
#
clock source ptp synchronization enable
clock source ptp priority 1
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 100:1
apply-label per-instance
tnl-policy policy1
vpn-target 1:1 export-extcommunity
vpn-target 1:1 import-extcommunity
#
segment-routing
mpls lsr-id 1.1.1.1
mpls
mpls te
label advertise non-null
#
interface GigabitEthernet1/0/0
undo shutdown
ip binding vpn-instance vpna
ip address 192.168.2.1 255.255.255.0
ptp enable
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.16.1.1 255.255.255.0
mpls
mpls te
ptp enable
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.2.1 255.255.255.0
mpls
mpls te
#
interface LoopBack1
ip address 1.1.1.1 255.255.255.255
ospf enable area 0.0.0.0
ospf prefix-sid absolute 16100
#
explicit-path spe1
next sid label 16300 type adjacency
#
explicit-path spe2
next sid label 16400 type adjacency
#
interface Tunnel11
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 2.2.2.2
mpls te tunnel-id 100
mpls te reserved-for-binding
mpls te signal-protocol segment-routing
mpls te path explicit-path spe1
#
interface Tunnel12

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

ip address unnumbered interface LoopBack1

tunnel-protocol mpls te
destination 3.3.3.3
mpls te tunnel-id 200
mpls te reserved-for-binding
mpls te signal-protocol segment-routing
mpls te path explicit-path spe2
#
bgp 100
router-id 1.1.1.1
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack1
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
peer 3.3.3.3 enable
#
ipv4-family vpnv4
policy vpn-target
peer 2.2.2.2 enable
peer 3.3.3.3 enable
#
ipv4-family vpn-instance vpna
import-route direct
auto-frr
#
ospf 1
opaque-capability enable
segment-routing mpls
segment-routing global-block 16000 20000
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 172.16.1.0 0.0.0.255
network 172.16.2.0 0.0.0.255
mpls-te enable
#
tunnel-policy policy1
tunnel binding destination 2.2.2.2 te Tunnel11
tunnel binding destination 3.3.3.3 te Tunnel12
#
ifit
encapsulation nexthop 2.2.2.2
node-id 10
instance 1
flow unidirectional source 10.1.1.1 destination 10.2.1.1 vpn-instance vpna
interval 10
measure-mode trace
binding interface GigabitEthernet1/0/0
#
return
● SPE1 configuration file
#
sysname SPE1
#
ptp enable
ptp domain 1
ptp device-type bc
ptp clock-source local clock-class 185
ptp clock-source bits0 on
#
clock source bits0 synchronization enable
clock source bits0 priority 1
clock source ptp synchronization enable
clock source ptp priority 1
clock bits-type bits0 2mhz
#

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

tunnel-selector bindTE permit node 10

apply tunnel-policy policy1
#
mpls lsr-id 2.2.2.2
mpls
mpls te
label advertise non-null
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.16.1.2 255.255.255.0
mpls
mpls te
ptp enable
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.4.1 255.255.255.0
mpls
ptp enable
#
interface GigabitEthernet1/0/3
undo shutdown
ip address 172.16.3.1 255.255.255.0
mpls
mpls te
#
interface GigabitEthernet1/0/4
undo shutdown
ip address 172.16.6.1 255.255.255.0
ptp enable
#
interface LoopBack1
ip address 2.2.2.2 255.255.255.255
mpls
mpls te
ospf enable area 0.0.0.0
ospf prefix-sid absolute 16200
#
explict-path upe
next sid label 16200 type adjacency
#
explict-path npe
next sid label 16400 type adjacency
#
interface Tunnel11
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 1.1.1.1
mpls te tunnel-id 100
mpls te reserved-for-binding
mpls te signal-protocol segment-routing
mpls te path explicit-path upe
#
interface Tunnel12
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 4.4.4.4
mpls te tunnel-id 200
mpls te reserved-for-binding
mpls te signal-protocol segment-routing
mpls te path explicit-path npe
#
bgp 100
router-id 2.2.2.2
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack1
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack1

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

peer 4.4.4.4 as-number 100

peer 4.4.4.4 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
peer 3.3.3.3 enable
peer 4.4.4.4 enable
#
ipv4-family vpnv4
undo policy vpn-target
tunnel-selector bindTE
peer 1.1.1.1 enable
peer 1.1.1.1 reflect-client
peer 1.1.1.1 next-hop-local
peer 3.3.3.3 enable
peer 4.4.4.4 enable
peer 4.4.4.4 reflect-client
peer 4.4.4.4 next-hop-local
#
ospf 1
opaque-capability enable
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 172.16.1.0 0.0.0.255
network 172.16.3.0 0.0.0.255
network 172.16.4.0 0.0.0.255
segment-routing mpls
segment-routing global-block 16000 20000
#
tunnel-policy policy1
tunnel binding destination 1.1.1.1 te Tunnel11
tunnel binding destination 4.4.4.4 te Tunnel12
#
ifit
#
return
● SPE2 configuration file
#
sysname SPE2
#
tunnel-selector bindTE permit node 10
apply tunnel-policy policy1
#
segment-routing
mpls lsr-id 3.3.3.3
mpls
mpls te
label advertise non-null
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.16.5.1 255.255.255.0
mpls
mpls te
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.2.2 255.255.255.0
mpls
mpls te
#
interface GigabitEthernet1/0/3
undo shutdown
ip address 172.16.3.2 255.255.255.0
mpls
mpls te
#
interface LoopBack1

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

ip address 3.3.3.3 255.255.255.255

ospf enable area 0.0.0.0
ospf prefix-sid absolute 16200
#
explict-path upe
next sid label 16300 type adjacency
#
explict-path npe
next sid label 16400 type adjacency
#
interface Tunnel11
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 1.1.1.1
mpls te tunnel-id 100
mpls te reserved-for-binding
mpls te signal-protocol segment-routing
mpls te path explicit-path upe
#
interface Tunnel12
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 4.4.4.4
mpls te tunnel-id 200
mpls te reserved-for-binding
mpls te signal-protocol segment-routing
mpls te path explicit-path npe
#
bgp 100
router-id 3.3.3.3
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack1
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack1
peer 4.4.4.4 as-number 100
peer 4.4.4.4 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
peer 2.2.2.2 enable
peer 4.4.4.4 enable
#
ipv4-family vpnv4
undo policy vpn-target
tunnel-selector bindTE
peer 1.1.1.1 enable
peer 1.1.1.1 reflect-client
peer 1.1.1.1 next-hop-local
peer 2.2.2.2 enable
peer 4.4.4.4 enable
peer 4.4.4.4 reflect-client
peer 4.4.4.4 next-hop-local
#
ospf 1
opaque-capability enable
segment-routing mpls
segment-routing global-block 16000 20000
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 172.16.2.0 0.0.0.255
network 172.16.3.0 0.0.0.255
network 172.16.5.0 0.0.0.255
mpls-te enable
#
tunnel-policy policy1
tunnel binding destination 1.1.1.1 te Tunnel11
tunnel binding destination 4.4.4.4 te Tunnel12

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

#
return
● NPE configuration file
#
sysname NPE
#
ptp enable
ptp domain 1
ptp device-type bc
ptp clock-source local clock-class 185
ptp clock-source bits0 on
#
clock source ptp synchronization enable
clock source ptp priority 1
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 100:1
apply-label per-instance
vpn-target 1:1 export-extcommunity
vpn-target 1:1 import-extcommunity
#
segment-routing
mpls lsr-id 4.4.4.4
mpls
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.16.5.2 255.255.255.0
mpls
mpls te
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.4.2 255.255.255.0
mpls
mpls te
ptp enable
#
interface GigabitEthernet1/0/3
undo shutdown
ip binding vpn-instance vpna
ip address 192.168.2.2 255.255.255.0
mpls
mpls te
ptp enable
#
interface LoopBack1
ip address 4.4.4.4 255.255.255.255
ospf enable area 0.0.0.0
ospf prefix-sid absolute 16300
#
explicit-path spe1
next sid label 16100 type adjacency
#
explicit-path spe2
next sid label 16200 type adjacency
#
interface Tunnel11
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 2.2.2.2
mpls te signal-protocol segment-routing
mpls te tunnel-id 100
mpls te path explicit-path spe1
#
interface Tunnel12
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 11 iFIT Configuration

destination 3.3.3.3
mpls te signal-protocol segment-routing
mpls te tunnel-id 200
mpls te path explicit-path spe2
#
bgp 100
router-id 4.4.4.4
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack1
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
peer 3.3.3.3 enable
#
ipv4-family vpnv4
policy vpn-target
peer 2.2.2.2 enable
peer 3.3.3.3 enable
#
ipv4-family vpn-instance vpna
import-route direct
auto-frr
#
ospf 1
area 0.0.0.0
segment-routing mpls
segment-routing global-block 16000 20000
network 4.4.4.4 0.0.0.0
network 172.16.4.0 0.0.0.255
network 172.16.5.0 0.0.0.255
mpls-te enable
#
tunnel-policy policy1
tunnel binding destination 2.2.2.2 te Tunnel11
tunnel binding destination 3.3.3.3 te Tunnel12
#
ifit
#
return

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

12 eMDI Configuration

About This Chapter

12.1 EMDI Overview

Enhanced media delivery index (EMDI) allows E2E measurement of the multicast
video service packets specified on each network node on an IP network so that
performance indicators including the packet loss rate, packet out-of-order rate,
and jitter can be obtained. eMDI has the advantages of easy deployment, full NE
coverage, and high statistical precision.
12.2 EMDI Licensing Requirements and Configuration Precautions
12.3 Configuring Basic eMDI Detection Functions
This section describes how to configure basic eMDI detection functions to allow
detection on the video traffic that passes through a node.
12.4 Configuring eMDI Attributes
This section describes how to configure eMDI attributes after the basic eMDI
detection functions are configured.
12.5 Maintaining eMDI
This section describes how to clear eMDI statistics and monitor eMDI detection
results.
12.6 Configuration Examples for eMDI
This section provides eMDI configuration examples.

12.1 EMDI Overview

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

Background
Multicast video services, including IPTV, are gradually deployed on carrier
networks and have become a major opportunity to improve profitability for
carriers. Quality monitoring of video services is of vital importance. Packet loss
rate, packet out-of-order rate, and jitter are three major factors that may affect
video quality. Even the packet loss rate and packet out-of-order rate of less than
0.01% may cause terminals to experience erratic display or mosaic. Jitter may also
lead to black screen. These problems severely affect the service quality of
experience (QoE) as well as the profitability and brand awareness of carriers. A
video quality monitoring and fault locating solution is in need so that carriers can
monitor and maintain service quality in real time and quickly demarcate faults
and clarify responsibilities.
The eMDI detection solution is a quality monitoring and fault locating solution
designed for multicast video services such as IPTV. This solution supports real-time
detection of quality indicators (such as packet loss rate, packet out-of-order rate,
and jitter) of real service packets, featuring high statistical precision and reliable
data support. In addition, this solution can be deployed on all network nodes from
edge devices to core devices. The detection results on multiple nodes help to
rapidly locate the faulty network segment.

Detection Principles
The eMDI detection solution is a distributed board detection solution. During
solution deployment, the channels to be detected are added to a channel group,
the eMDI-capable boards are added to a board group, and the channel group is
bound to the board group. With detection on the board NP, the video streams of
specified channels can be detected in distributed mode.
This solution supports detection only of UDP-based Real-Time Transport Report
(RTP) video streams. The NP of the board to be detected performs validity check
and RTP check on the IP header, UDP header, and RTP header of RTP packets and
calculates the packet loss rate and packet disorder rate based on the sequence
number in the RTP header. Then, the NP calculates jitter based on the timestamp
in the RTP header, achieving real-time monitoring of video quality.
The implementation process of eMDI detection is as follows:
1. The NMS delivers eMDI monitoring instructions to a device.
2. The device monitors eMDI indicators in real time.
3. The device periodically reports the monitored eMDI indicators and alarms to
the NMS.
4. The NMS displays eMDI indicators in GUI mode and supports analysis on fault
demarcation and locating.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

Figure 12-1 eMDI detection solution deployment

Indicator Collection
eMDI can obtain monitoring data from a device on a regular basis and periodically
send the data to the NMS in various modes such as telemetry. After analysis on
the NMS, the monitoring data can be displayed in various forms, such as a trend
chart.

eMDI also supports reporting of alarms to the NMS. The alarm thresholds and the
number of alarm suppressions can be configured as required.

Indicators
The detection indicators supported by eMDI include the packet loss rate (RTP-LR),
packet out-of-order rate (RTP-SER), and jitter. The packet loss rate and packet out-
of-order rate are calculated based on the sequence number in an RTP packet
header. The jitter is calculated based on the timestamp in an RTP packet header.
For details, see eMDI Detection Indicators.

12.2 EMDI Licensing Requirements and Configuration

Precautions
Licensing Requirements
For details, see "Licensing Requirements" in Feature Description.

Configuration Precautions

Restrictions Guidelines Impact

The eMDI detection does None The configurations on P

not support P node nodes are incorrect, and
detection in Layer 3 the detection on P nodes
multicast Rosen-MVPN fails.
scenarios and L2VPN
multicast scenarios.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

Restrictions Guidelines Impact

In NG-MVPN scenarios, Do not configure the An eMDI detection error

VPN cannot be identified same SG on different occurs.
on P nodes. If the SG is VPNs during networking
the same among deployment.
multiple VPNs, multiple
pieces of traffic are
detected simultaneously.
As a result, an eMDI
detection error occurs.

In NG-MVPN dual-node ● Prohibit overlapping An eMDI detection error

protection scenarios, if of the transit node occurs.
the transit node and bud and bud node during
node overlap, two pieces networking
of traffic are detected on deployment.
the same node. As a ● If the transit node
result, an eMDI detection overlaps with the bud
error occurs. node, run the emdi
monitor-rate-only
command to perform
only rate detection.

Downstream eMDI None eMDI detection does not

detection does not take effect in
support the following unsupported scenarios.
scenarios:
1. PIM FRR
2. ABR nodes in
segmented NG MVPN
scenarios
3. Public-network-side
forwarding on root and
bud nodes in NG MVPN
scenarios
4. Layer 2 multicast

After the eMDI detection None If the period is changed

period is changed, an to be larger, the eMDI
eMDI detection error detection data within the
occurs within the first first period after such
period after such change. change is small. If the
period is changed to be
smaller, the eMDI
detection data within the
first period after such
change is large.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

Restrictions Guidelines Impact

The result of eMDI None An eMDI detection error

detection within a occurs during multicast
specified period may be switching.
incorrect in the following
switching scenarios:
● Interface switching
over inter-board trunk
● Switching between
NGMVPN S tunnels
and I tunnels
● Dual-device hot
backup switchback

12.3 Configuring Basic eMDI Detection Functions

This section describes how to configure basic eMDI detection functions to allow
detection on the video traffic that passes through a node.

Usage Scenario
As a distributed board detection solution, eMDI depends on the establishment of a
channel group and a board group and the binding of the channel group and board
group. Besides, when the jitter indicator needs to be detected and the eMDI
detection must be supported on Ps, jitter detection and P detection must be
configured.

12.3.1 Configuring an eMDI Channel Group

The multicast channels to be detected need to be configured before the eMDI
detection solution is used.

Context
Before configuring the multicast channels to be detected, create a channel group
and add the multicast channels to the channel group.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run emdi
eMDI detection is enabled and the eMDI view is displayed.
Step 3 Run emdi channel-group channel-group-name
An eMDI channel group is created or the view of an existing channel group is
displayed.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

Step 4 Run emdi channel channel-name source source-address group group-address

The specified multicast channel is added to the eMDI channel group.
Step 5 Run commit
The configuration is committed.

----End

12.3.2 Configuring an eMDI Board Group

After an eMDI channel group is configured, configure a board group for eMDI
detection.

Context
As a distributed board detection solution, the eMDI detection solution requires the
configuration of boards for eMDI detection. Create a board group and then bind
the eMDI-capable boards to the board group so that eMDI detection can be
performed on the boards.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run emdi
The eMDI view is displayed.
Step 3 Run emdi lpu-group lpu-group-name
An eMDI board group is created or the view of an existing board group is
displayed.
Step 4 Run emdi bind slot { all | slot-id }
The specified boards are bound to the board group.
Step 5 Run commit
The configuration is committed.

----End

12.3.3 Binding a Channel Group to a Board Group

After an eMDI channel group and a board group are created, bind the channel
group to the board group to achieve eMDI distributed board detection.

Context
As a distributed board detection solution, eMDI requires the binding of a channel
group and a board group. After the channel group and board group are bound,
the board NP in the board group performs real-time monitoring of the video
streams of a specified channel in order to obtain detection indicators such as the
packet loss rate and packet out-of-order rate.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run emdi
The eMDI view is displayed.
Step 3 Run emdi bind channel-group channel-group-name lpu-group lpu-group-name
[outbound]
An eMDI channel group is bound to an eMDI board group.
Step 4 Run quit
Return to the system view.
Step 5 (Optional) Run interface { interface-name | interface-type interface-number }
The interface view is displayed.
Step 6 (Optional) Run emdi channel channel-name outbound
An eMDI channel is bound to the outbound interface.

Before binding an eMDI channel to the outbound interface, bind an eMDI channel group to
an eMDI board group in the downstream direction.

Step 7 Run commit

The configuration is committed.

----End

12.3.4 (Optional) Configuring eMDI Jitter Detection

This section describes how to configure eMDI jitter detection.

Context
By default, the eMDI detection solution detects only the packet loss rate and
packet out-of-order rate. If the jitter indicator also needs to be detected, eMDI
jitter detection needs to be configured.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run emdi
The eMDI view is displayed.
Step 3 Run emdi rtp-jitter enable
Jitter detection is enabled.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

Step 4 Run commit

The configuration is committed.

----End

12.3.5 (Optional) Configuring eMDI Detection on Ps

This section describes how to configure eMDI detection on Ps.

Context
Only NG MVPN networks support eMDI detection on video streams passing
through Ps. eMDI detection is disabled by default. To enable eMDI detection on Ps,
perform the following steps.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run emdi
The eMDI view is displayed.
Step 3 Run emdi match-mpls-lable enable
eMDI detection on Ps is enabled.
Step 4 Run emdi channel source source-address group group-address transit
A multicast channel is added to an eMDI channel group to enable eMDI detection
on Ps.

eMDI detection takes effect on Ps only after both the emdi match-mpls-lable enable and
emdi channelsource source-address group group-address transit commands are run.

Step 5 Run commit

The configuration is committed.

----End

12.4 Configuring eMDI Attributes

This section describes how to configure eMDI attributes after the basic eMDI
detection functions are configured.

Usage Scenario
After basic eMDI detection functions are configured, configure eMDI related
attributes. The monitoring period determines the frequency of eMDI detection.
The alarm thresholds and the number of alarm suppression times determine the
frequency of reporting eMDI alarms. The configuration of detection only on the

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

rate of video streams ensures the accuracy of detection indicators on the NG

MVPN network where the transit and bud nodes overlap.

12.4.1 Configuring an eMDI Detection Period

This section describes how to configure an eMDI detection period.

Context
With eMDI, monitoring data can be obtained from a device on a regular basis and
periodically send to uTraffic in various modes such as Telemetry. After analysis on
uTraffic, the monitoring data can be displayed in various forms, such as a trend
chart. To change a monitoring period, perform the following operations.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run emdi

The eMDI view is displayed.

Step 3 Run emdi monitor-period period-value

An eMDI detection period is configured.

Step 4 Run commit

The configuration is committed.

----End

12.4.2 Configuring eMDI Alarm Thresholds and the Number of

Alarm Suppression Times
This section describes how to configure alarm thresholds and the number of alarm
suppression times when the frequency of reporting eMDI alarms needs to be
changed.

Context
In addition to monitoring various indicators of video streams, the eMDI detection
solution allows reporting of alarms to NMS. eMDI alarm triggering is determined
by an alarm threshold and the number of alarm suppression times. If the alarm
threshold is M and the number of alarm suppression times is N, when an indicator
reaches M for N consecutive times, the device reports an eMDI alarm to the NMS.
Therefore, to control the frequency at which eMDI alarms are reported, configure
a proper alarm threshold and alarm suppression times.

If statistics are all below the threshold within 60 consecutive detection intervals, the alarm
is automatically cleared.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run emdi

The eMDI view is displayed.

Step 3 Run emdi alarm { rtp-lr | rtp-ser } { sd | hd | 4k } threshold threshold-value

An alarm threshold for eMDI detection is configured.

Step 4 Run emdi alarm suppress times value

The number of eMDI alarm suppression times is configured.

Step 5 Run commit

The configuration is committed.

----End

12.4.3 Configuring an eMDI Detection Rate

This section describes how to configure detection only on the rate of video
streams when two pieces of video traffic are detected on a node.

Context
On the NG MVPN network, if the transit and bud nodes overlap, two pieces of
traffic will be detected on the same node, causing offset in the detection results of
the packet loss rate, packet out-of-order rate, and jitter. To avoid detection offset
when the transit and bud nodes overlap and ensure the accuracy of detection
results, enable eMDI detection only on the rate of video streams that pass through
the node instead of the packet loss rate, packet out-of-order rate, and jitter.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run emdi

The eMDI view is displayed.

Step 3 Run emdi monitor-rate-only

eMDI detection only on the rate of video streams is enabled.

Step 4 Run commit

The configuration is committed.

----End

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

12.5 Maintaining eMDI

This section describes how to clear eMDI statistics and monitor eMDI detection
results.

Usage Scenario
After eMDI detection on video traffic is performed on a device, you can view the
detection results of a specified channel or all channels. To avoid interference of
useless records, you can clear historical statistics about a specified channel or all
channels.

Procedure
● In the user view, run the display emdi statistics history channel [ channel-
name ] [ start start-index end end-index | latest-record record-number ]
command to view historical statistics about a specified channel or all channels
in the upstream direction.
● In the user view, run the display emdi statistics history outbound channel
[ channel-name ] [ start start-index end end-index | latest-record record-
number ] slot slot-id command to view historical statistics about a specified
channel or all channels in the downstream direction.
● In the user view, run the reset emdi statistics history channel [ channel-
name ] command to clear historical statistics about a specified channel or all
channels in the upstream direction.
● In the user view, run the reset emdi statistics history outbound channel
[ channel-name ] slot slot-id command to clear historical statistics about a
specified channel or all channels in the downstream direction.
----End

12.6 Configuration Examples for eMDI

This section provides eMDI configuration examples.

12.6.1 Example for Configuring eMDI Detection for a Common

Layer 3 Multicast Service
This section provides an example for configuring eMDI detection on an intra-AS
NG MVPN to carry multicast traffic over an mLDP P2MP LSP.

Networking Requirements
On the network shown in Figure 12-2, IPTV programs are provided for host users
in multicast mode. eMDI detection is deployed on Device A, Device B, Device C,
and Device D to monitor the quality of IPTV service packets. Network O&M
personnel can check the detection results reported by the devices through
telemetry in real time on the monitor platform, quickly demarcating and locating
faults.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

In this example, PIM-DM is deployed on the network.

Figure 12-2 Configuring basic PIM-DM functions

Interfaces 1 through 3 in this example represent GE 1/0/0, GE 1/0/1, and GE 1/0/2,

respectively.

Configuration Roadmap
The configuration roadmap is as follows:

1. Assign IP addresses to interfaces and configure a unicast routing protocol.

2. Configure PIM-DM.
3. Configure eMDI detection.
a. Configure eMDI to monitor a channel group.
b. Configure eMDI to monitor a board group.
c. Bind the channel group to the board group.
4. Configure telemetry.

Data Preparation
To complete the configuration, you need the following data:

● Multicast group G address: 225.1.1.1/24

● Multicast source S address: 10.1.4.100/24
● Version number of IGMP running between the router and user hosts: 2
● Name of the channel group monitored by eMDI: IPtv-channel
● Name of the board group monitored by eMDI: IPtv-lpu

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

Procedure
Step 1 Assign IP addresses to router interfaces and configure a unicast routing protocol.
For configuration details, see Configuration Files in this section.

Step 2 Configure PIM-DM.

● Enable multicast on each device and PIM-DM on each interface.
# Configure Device A.
<HUAWEI> system-view
[~HUAWEI] sysname DeviceA
[*HUAWEI] commit
[~DeviceA] multicast routing-enable
[*DeviceA] interface gigabitethernet 1/0/0
[*DeviceA-GigabitEthernet1/0/0] pim dm
[*DeviceA-GigabitEthernet1/0/0] quit
[*DeviceA] interface gigabitethernet 1/0/1
[*DeviceA-GigabitEthernet1/0/1] pim dm
[*DeviceA-GigabitEthernet1/0/1] quit
[*DeviceA] commit

The configurations of Device B, Device C, and Device D are similar to the

configuration of Device A. For configuration details, see Configuration Files.
● Configure IGMP on the router interfaces connected to the user hosts.
# Configure Device C.
[~DeviceC] interface gigabitethernet 1/0/0
[~DeviceC-GigabitEthernet1/0/0] igmp enable
[*DeviceC-GigabitEthernet1/0/0] igmp static-group 225.1.1.1
[*DeviceC-GigabitEthernet1/0/0] quit
[*DeviceC] commit

# Configure Device D.
[~DeviceD] interface gigabitethernet 1/0/1
[~DeviceD-GigabitEthernet1/0/1] igmp enable
[*DeviceD-GigabitEthernet1/0/1] igmp static-group 225.1.1.1
[*DeviceD-GigabitEthernet1/0/1] quit
[*DeviceD] commit

After completing the configuration, run the following commands to check whether
the multicast service is configured successfully.

● Run the display pim interface command to check the PIM-DM configuration
and status of each router interface. The following example uses the command
output on Device B.
<DeviceB> display pim interface
VPN-Instance: public net
Interface State NbrCnt HelloInt DR-Pri DR-Address
GE1/0/0 up 1 30 1 10.1.1.2 (local)
GE1/0/1 up 1 30 1 10.1.2.2
GE1/0/2 up 1 30 1 10.1.3.2

● Run the display pim neighbor command to check the PIM-DM neighbor
relationship between routers. The following example uses the command
output on Device B.
<DeviceB> display pim neighbor
VPN-Instance: public net
Total: 3

Neighbor Interface Uptime Expires Dr-Priority BFD-Session

10.1.1.1 GE1/0/0 04:34:59 00:01:18 1 N
10.1.2.2 GE1/0/1 04:29:56 00:01:23 1 N
10.1.3.2 GE1/0/2 04:24:22 00:01:28 1 N

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

● Run the display pim routing-table command to check the PIM routing table
of each router. Assume that both user A and user B need to receive
information about multicast group G (225.1.1.1/24). When multicast source S
(10.1.4.100/24) sends multicast data to multicast group G, a multicast
distribution tree (MDT) is generated through flooding. Each router on the
MDT path has (S, G) entries. When user A and user B join multicast group G,
Device C and Device D generate (*, G) entries. The command output on each
router is as follows:
<DeviceA> display pim routing-table
VPN-Instance: public net
Total 0 (*, G) entry; 1 (S, G) entry

(10.1.4.100, 225.1.1.1)
Protocol: pim-dm, Flag: LOC ACT
UpTime: 00:08:18
Upstream interface: GigabitEthernet1/0/1
Upstream neighbor: NULL
RPF prime neighbor: NULL
Downstream interface(s) information:
Total number of downstreams: 1
1: GigabitEthernet1/0/0
Protocol: pim-dm, UpTime: 00:08:18, Expires: never
<DeviceB> display pim routing-table
VPN-Instance: public net
Total 0 (*, G) entry; 1 (S, G) entry

(10.1.4.100, 225.1.1.1)
Protocol: pim-dm, Flag: ACT
UpTime: 00:10:25
Upstream interface: GigabitEthernet1/0/0
Upstream neighbor: 10.1.1.1
RPF prime neighbor: 10.1.1.1
Downstream interface(s) information:
Total number of downstreams: 2
1: GigabitEthernet1/0/1
Protocol: pim-dm, UpTime: 00:06:48, Expires: never
2: GigabitEthernet1/0/2
Protocol: pim-dm, UpTime: 00:05:53, Expires: never
<DeviceC> display pim routing-table
VPN-Instance: public net
Total 1 (*, G) entry; 1 (S, G) entry

(*, 225.1.1.1)
Protocol: pim-dm, Flag: WC
UpTime: 00:11:47
Upstream interface: NULL
Upstream neighbor: NULL
RPF prime neighbor: NULL
Downstream interface(s) information:
Total number of downstreams: 1
1: GigabitEthernet1/0/0
Protocol: static, UpTime: 00:11:47, Expires: never

(10.1.4.100, 225.1.1.1)
Protocol: pim-dm, Flag: ACT
UpTime: 00:17:13
Upstream interface: GigabitEthernet1/0/1
Upstream neighbor: 10.1.2.1
RPF prime neighbor: 10.1.2.1
Downstream interface(s) information:
Total number of downstreams: 1
1: GigabitEthernet1/0/0
Protocol: pim-dm, UpTime: 00:11:47, Expires: -
<DeviceD> display pim routing-table
VPN-Instance: public net
Total 1 (*, G) entry; 1 (S, G) entry

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

(*, 225.1.1.1)
Protocol: pim-dm, Flag: WC
UpTime: 00:05:26
Upstream interface: NULL
Upstream neighbor: NULL
RPF prime neighbor: NULL
Downstream interface(s) information:
Total number of downstreams: 1
1: GigabitEthernet1/0/1
Protocol: static, UpTime: 00:05:26, Expires: never

(10.1.4.100, 225.1.1.1)
Protocol: pim-dm, Flag: ACT
UpTime: 00:09:58
Upstream interface: GigabitEthernet1/0/2
Upstream neighbor: 10.1.3.1
RPF prime neighbor: 10.1.3.1
Downstream interface(s) information:
Total number of downstreams: 1
1: GigabitEthernet1/0/1
Protocol: pim-dm, UpTime: 00:05:26, Expires: -

Step 3 Configure eMDI detection.

The following uses the configuration of Device A as an example. The
configurations of Device B, Device C, and Device D are similar to the configuration
of Device A. For configuration details, see Configuration Files.
# Configure eMDI to monitor a channel group.
[~DeviceA] emdi
[~DeviceA-emdi] emdi channel-group IPtv-channel
[*DeviceA-emdi-channel-group-IPtv-channel] emdi channel 1 source 10.1.4.100 group 225.1.1.1 pt 33
clock-rate 90kHz
[*DeviceA-emdi-channel-group-IPtv-channel] quit
[*DeviceA-emdi] quit
[*DeviceA] commit

# Configure eMDI to monitor a board group.

[~DeviceA] emdi
[~DeviceA-emdi] emdi lpu-group IPtv-lpu
[*DeviceA-emdi-lpu-group-IPtv-lpu] emdi bind slot all
[*DeviceA-emdi-lpu-group-IPtv-lpu] quit
[*DeviceA-emdi] quit
[*DeviceA] commit

# Bind the channel group to the board group.

[~DeviceA] emdi
[~DeviceA-emdi] emdi bind channel-group IPtv-channel lpu-group IPtv-lpu
[~DeviceA-emdi] emdi bind channel-group IPtv-channel lpu-group IPtv-lpu outbound
[*DeviceA-emdi] quit
[*DeviceA] commit

After completing the configuration, run the display emdi statistics history
command to check the detection result when multicast traffic passes through
DeviceA.
● Check the detection result in the inbound direction.
<DeviceA> display emdi statistics history channel 1 start 3 end 5
Channel Name : 1
Total Records : 3
-----------------------------------------------------------------------------------------------------------------------
----------------------------------
Record Record Monitor Monitor Received Ra
te Rate RTP-LC RTP-SE RTP-LR RTP-SER RTP
Index Time Period(s) Status Packets pps bps

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

(1/100000) (1/100000) Jitter(ms)

-----------------------------------------------------------------------------------------------------------------------
----------------------------------
3 2019-02-02:08-31-00 60 Normal 4388218 438821 4865656118 6700
6633 152 151 0
4 2019-02-02:08-32-00 60 Normal 4388533 438853 4866005390 6700
6633 152 151 0
5 2019-02-02:08-33-00 60 Normal 4393232 439323 4871215641 6700
6633 152 151 0
-----------------------------------------------------------------------------------------------------------------------
----------------------------------

● Check the detection result in the outbound direction.

<DeviceA> display emdi statistics history outbound channel 1 start 3 end 5 slot 1
Channel Name : 1
Total Records : 3
-----------------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------
Record Record Monitor Monitor Received Rate Rate RTP-LC RTP-
SE RTP-LR RTP-SER RTP Interface
Index Time Period(s) Status Packets pps bps
(1/100000) (1/100000) Jitter(ms)
-----------------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------
3 2019-02-02:08-31-00 60 Normal 4388218 438821 4865656118 6700
6633 152 151 0 GigabitEthernet1/0/0

4 2019-02-02:08-32-00 60 Normal 4388533 438853 4866005390 6700

6633 152 151 0 GigabitEthernet1/0/0
5 2019-02-02:08-33-00 60 Normal 4393232 439323 4871215641 6700
6633 152 151 0 GigabitEthernet1/0/0
-----------------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------

Step 4 Configure telemetry.

The following uses the configuration of Device A as an example. The

configurations of Device B, Device C, and Device D are similar to the configuration
of Device A. For configuration details, see Configuration Files.

# Configure a destination collector.

[~DeviceA] telemetry
[~DeviceA-telemetry] destination-group Monitor
[*DeviceA-telemetry-destination-group-Monitor] ipv4-address 10.1.7.2 port 10001 protocol grpc no-tls
[*DeviceA-telemetry-destination-group-Monitor] commit
[*DeviceA-telemetry-destination-group-Monitor] quit

# Configure a sampling path.

[~DeviceA-telemetry] sensor-group emdi-monitor
[*DeviceA-telemetry-sensor-group-emdi-monitor] sensor-path
huawei-emdi:emdi/emdiTelemReps/emdiTelemRep
huawei-emdi:emdi/emdi-telem-reps/emdi-telem-rep
[*DeviceA-telemetry-sensor-group-emdi-monitor] sensor-path huawei-emdi:emdi/emdi-telem-rtps/emdi-
telem-rtp
[*DeviceA-telemetry-sensor-group-emdi-monitor] sensor-path huawei-emdi:emdi/out-telem-reps/out-
telem-rep
[*DeviceA-telemetry-sensor-group-emdi-monitor] commit
[*DeviceA-telemetry-sensor-group-emdi-monitor] quit

# Create a static subscription.

[~DeviceA-telemetry] subscription EMDI
[*DeviceA-telemetry-subscription-EMDI] sensor-group emdi-monitor
[*DeviceA-telemetry-subscription-EMDI] destination-group Monitor
[*DeviceA-telemetry-subscription-EMDI] commit

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

After completing the configuration, check the real-time detection result reported
through telemetry on the monitor platform.
----End

Configuration Files
● Device A configuration file
#
sysname DeviceA
#
multicast routing-enable
#
interface GigabitEthernet1/0/0
undo portswitch
undo shutdown
ip address 10.1.1.1 255.255.255.0
pim dm
#
interface GigabitEthernet1/0/1
undo portswitch
undo shutdown
ip address 10.1.4.1 255.255.255.0
pim dm
#
ospf 1
area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.1.4.0 0.0.0.255
#
emdi
emdi channel-group IPtv-channel
emdi channel 1 source 10.1.4.100 group 225.1.1.1 pt 33 clock-rate 90kHz
emdi lpu-group IPtv-lpu
emdi bind slot all
emdi bind channel-group IPtv-channel lpu-group IPtv-lpu
emdi bind channel-group IPtv-channel lpu-group IPtv-lpu outbound
#
telemetry
#
sensor-group emdi-monitor
sensor-path huawei-emdi:emdi/emdi-telem-reps/emdi-telem-rep
sensor-path huawei-emdi:emdi/emdi-telem-rtps/emdi-telem-rtp
sensor-path huawei-emdi:emdi/out-telem-reps/out-telem-rep
#
destination-group Monitor
ipv4-address 10.1.7.2 port 10001 protocol grpc no-tls
#
subscription EMDI
sensor-group emdi-monitor
destination-group Monitor
#
return
● Device B configuration file
#
sysname DeviceB
#
multicast routing-enable
#
interface GigabitEthernet1/0/0
undo portswitch
undo shutdown
ip address 10.1.1.2 255.255.255.0
pim dm
#
interface GigabitEthernet1/0/1
undo portswitch

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

undo shutdown
ip address 10.1.2.1 255.255.255.0
pim dm
#
interface GigabitEthernet1/0/2
undo portswitch
undo shutdown
ip address 10.1.3.1 255.255.255.0
pim dm
#
ospf 1
area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.1.2.0 0.0.0.255
network 10.1.3.0 0.0.0.255
#
emdi
emdi channel-group IPtv-channel
emdi channel 1 source 10.1.4.100 group 225.1.1.1 pt 33 clock-rate 90kHz
emdi lpu-group IPtv-lpu
emdi bind slot all
emdi bind channel-group IPtv-channel lpu-group IPtv-lpu
emdi bind channel-group IPtv-channel lpu-group IPtv-lpu outbound
#
telemetry
#
sensor-group emdi-monitor
sensor-path huawei-emdi:emdi/emdi-telem-reps/emdi-telem-rep
sensor-path huawei-emdi:emdi/emdi-telem-rtps/emdi-telem-rtp
#
destination-group Monitor
ipv4-address 10.1.7.2 port 10001 protocol grpc no-tls
#
subscription EMDI
sensor-group emdi-monitor
destination-group Monitor
#
return
● Device C configuration file
#
sysname DeviceC
#
multicast routing-enable
#
interface GigabitEthernet1/0/0
undo portswitch
undo shutdown
ip address 10.1.5.1 255.255.255.0
pim dm
igmp enable
igmp static-group 225.1.1.1
#
interface GigabitEthernet1/0/1
undo portswitch
undo shutdown
ip address 10.1.2.2 255.255.255.0
pim dm
#
ospf 1
area 0.0.0.0
network 10.1.2.0 0.0.0.255
network 10.1.5.0 0.0.0.255
#
emdi
emdi channel-group IPtv-channel
emdi channel 1 source 10.1.4.100 group 225.1.1.1 pt 33 clock-rate 90kHz
emdi lpu-group IPtv-lpu
emdi bind slot all
emdi bind channel-group IPtv-channel lpu-group IPtv-lpu

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

emdi bind channel-group IPtv-channel lpu-group IPtv-lpu outbound

#
telemetry
#
sensor-group emdi-monitor
sensor-path huawei-emdi:emdi/emdi-telem-reps/emdi-telem-rep
sensor-path huawei-emdi:emdi/emdi-telem-rtps/emdi-telem-rtp
#
destination-group Monitor
ipv4-address 10.1.7.2 port 10001 protocol grpc no-tls
#
subscription EMDI
sensor-group emdi-monitor
destination-group Monitor
#
return

● Device D configuration file

#
sysname DeviceD
#
multicast routing-enable
#
interface GigabitEthernet1/0/1
undo portswitch
undo shutdown
ip address 10.1.6.1 255.255.255.0
pim dm
igmp enable
igmp static-group 225.1.1.1
#
interface GigabitEthernet1/0/2
undo portswitch
undo shutdown
ip address 10.1.3.2 255.255.255.0
pim dm
#
ospf 1
area 0.0.0.0
network 10.1.3.0 0.0.0.255
network 10.1.6.0 0.0.0.255
#
emdi
emdi channel-group IPtv-channel
emdi channel 1 source 10.1.4.100 group 225.1.1.1 pt 33 clock-rate 90kHz
emdi lpu-group IPtv-lpu
emdi bind slot all
emdi bind channel-group IPtv-channel lpu-group IPtv-lpu
emdi bind channel-group IPtv-channel lpu-group IPtv-lpu outbound
#
telemetry
#
sensor-group emdi-monitor
sensor-path huawei-emdi:emdi/emdi-telem-reps/emdi-telem-rep
sensor-path huawei-emdi:emdi/emdi-telem-rtps/emdi-telem-rtp
#
destination-group Monitor
ipv4-address 10.1.7.2 port 10001 protocol grpc no-tls
#
subscription EMDI
sensor-group emdi-monitor
destination-group Monitor
#
return

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

12.6.2 Example for Configuring eMDI Detection on an Intra-AS

NG MVPN with an mLDP P2MP LSP
This section provides an example for configuring eMDI detection on an intra-AS
NG MVPN to carry multicast traffic over an mLDP P2MP LSP.

Networking Requirements
On the network shown in Figure 12-3, a BGP/MPLS IP VPN over an MPLS LDP LSP
is deployed to carry unicast services, and an NG MVPN over an mLDP P2MP LSP is
deployed to carry multicast services. In addition, eMDI is deployed on the network
to monitor multicast service quality. Network maintenance personnel can check
real-time detection results reported through telemetry on the monitor platform,
quickly demarcating and locating faults.

Figure 12-3 eMDI detection on an intra-AS NG MVPN

Interfaces 1 through 3 in this example represent GE 1/0/0, GE 1/0/1, and GE 1/0/2,

respectively.

Configuration Roadmap
The configuration roadmap is as follows:

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

1. Configure a BGP/MPLS IP VPN.

2. Enable mLDP globally.
3. Configure an NG MVPN.
4. Configure eMDI detection.
a. Configure eMDI to monitor a channel group.
b. Configure eMDI to monitor a board group.
c. Bind a channel group to a board group.
5. Configure telemetry.

Data Preparation
To complete the configuration, you need the following data:
● Public network OSPF process ID: 1; area ID: 0 OSPF multi-instance process ID:
2; area ID: 0
● VPN instance name on PE1, PE2, and PE3: VPNA

Table 12-1 Data needed for each device

Device IP Address MPLS LSR MVPN ID R V AS
of ID D P Number
Loopback N
1 Ta
rg
et

CE1 - - -
configurati 1.1.1.1 - AS65001
on file

2.2.2.2 2.2.2.2 20 3:
0: 3
PE1 2.2.2.2 AS100
1 4:
4

3.3.3.3 3.3.3.3 30
3:
PE2 3.3.3.3 0: AS100
3
1

4.4.4.4 4.4.4.4 40
4:
PE3 4.4.4.4 0: AS100
4
1

CE2 5.5.5.5 - - - - AS65002

CE3 6.6.6.6 - - - - AS65003

● Channel group names and board group names

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

Procedure
Step 1 Configure a BGP/MPLS IP VPN.
1. Assign an IP address to each interface of devices on the backbone network
and VPN sites.
Assign an IP address to each interface according to Figure 12-3. For
configuration details, see Configuration Files in this section.
2. Configure an IGP to interconnect devices on the backbone network.
OSPF is used in this example. For configuration details, see Configuration
Files in this section.
3. Configure basic MPLS functions and MPLS LDP on the backbone network to
establish LDP LSPs.
– # Configure PE1.
[~PE1] mpls lsr-id 2.2.2.2
[*PE1] mpls
[*PE1-mpls] quit
[*PE1] mpls ldp
[*PE1-mpls-ldp] quit
[*PE1] interface gigabitethernet1/0/0
[*PE1-GigabitEthernet1/0/0] mpls
[*PE1-GigabitEthernet1/0/0] mpls ldp
[*PE1-GigabitEthernet1/0/0] quit
[*PE1] interface gigabitethernet1/0/2
[*PE1-GigabitEthernet1/0/2] mpls
[*PE1-GigabitEthernet1/0/2] mpls ldp
[*PE1-GigabitEthernet1/0/2] quit
[*PE1] commit

– # Configure PE2.
[~PE2] mpls lsr-id 3.3.3.3
[*PE2] mpls
[*PE2-mpls] quit
[*PE2] mpls ldp
[*PE2-mpls-ldp] quit
[*PE2] interface gigabitethernet1/0/2
[*PE2-GigabitEthernet1/0/2] mpls
[*PE2-GigabitEthernet1/0/2] mpls ldp
[*PE2-GigabitEthernet1/0/2] quit
[*PE2] commit

– # Configure PE3.
[~PE3] mpls lsr-id 4.4.4.4
[*PE3] mpls
[*PE3-mpls] quit
[*PE3] mpls ldp
[*PE3-mpls-ldp] quit
[*PE3] interface gigabitethernet1/0/0
[*PE3-GigabitEthernet1/0/0] mpls
[*PE3-GigabitEthernet1/0/0] mpls ldp
[*PE3-GigabitEthernet1/0/0] quit
[*PE3] commit

4. Establish an MP-IBGP peer relationship between PEs.

– # Configure PE1.
[~PE1] bgp 100
[*PE1-bgp] peer 3.3.3.3 as-number 100
[*PE1-bgp] peer 3.3.3.3 connect-interface LoopBack1
[*PE1-bgp] peer 4.4.4.4 as-number 100
[*PE1-bgp] peer 4.4.4.4 connect-interface LoopBack1
[*PE1-bgp] ipv4-family vpnv4
[*PE1-bgp-af-vpnv4] peer 3.3.3.3 enable

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

[*PE1-bgp-af-vpnv4] peer 4.4.4.4 enable

[*PE1-bgp-af-vpnv4] quit
[*PE1-bgp] quit
[*PE1] commit
– # Configure PE2.
[~PE2] bgp 100
[*PE2-bgp] peer 2.2.2.2 as-number 100
[*PE2-bgp] peer 2.2.2.2 connect-interface LoopBack1
[*PE2-bgp] ipv4-family vpnv4
[*PE2-bgp-af-vpnv4] peer 2.2.2.2 enable
[*PE2-bgp-af-vpnv4] quit
[*PE2-bgp] quit
[*PE2] commit
– # Configure PE3.
[~PE3] bgp 100
[*PE3-bgp] peer 2.2.2.2 as-number 100
[*PE3-bgp] peer 2.2.2.2 connect-interface LoopBack1
[*PE3-bgp] ipv4-family vpnv4
[*PE3-bgp-af-vpnv4] peer 2.2.2.2 enable
[*PE3-bgp-af-vpnv4] quit
[*PE3-bgp] quit
[*PE3] commit
5. Configure a VPN instance on each PE so that the CEs can access the PEs.
– # Configure PE1.
[~PE1] ip vpn-instance VPNA
[*PE1-vpn-instance-VPNA] ipv4-family
[*PE1-vpn-instance-VPNA-af-ipv4] route-distinguisher 200:1
[*PE1-vpn-instance-VPNA-af-ipv4] vpn-target 3:3 4:4
[*PE1-vpn-instance-VPNA-af-ipv4] quit
[*PE1-vpn-instance-VPNA] quit
[*PE1] interface gigabitethernet1/0/1
[*PE1-GigabitEthernet1/0/1] ip binding vpn-instance VPNA
[*PE1-GigabitEthernet1/0/1] ip address 192.168.1.2 24
[*PE1-GigabitEthernet1/0/1] quit
[*PE1] commit
– # Configure PE2.
[~PE2] ip vpn-instance VPNA
[*PE2-vpn-instance-VPNA] ipv4-family
[*PE2-vpn-instance-VPNA-af-ipv4] route-distinguisher 300:1
[*PE2-vpn-instance-VPNA-af-ipv4] vpn-target 3:3
[*PE2-vpn-instance-VPNA-af-ipv4] quit
[*PE2-vpn-instance-VPNA] quit
[*PE2] interface gigabitethernet1/0/1
[*PE2-GigabitEthernet1/0/1] ip binding vpn-instance VPNA
[*PE2-GigabitEthernet1/0/1] ip address 192.168.2.1 24
[*PE2-GigabitEthernet1/0/1] quit
[*PE2] commit
– # Configure PE3.
[~PE3] ip vpn-instance VPNA
[*PE3-vpn-instance-VPNA] ipv4-family
[*PE3-vpn-instance-VPNA-af-ipv4] route-distinguisher 400:1
[*PE3-vpn-instance-VPNA-af-ipv4] vpn-target 4:4
[*PE3-vpn-instance-VPNA-af-ipv4] quit
[*PE3-vpn-instance-VPNA] quit
[*PE3] interface gigabitethernet1/0/1
[*PE3-GigabitEthernet1/0/1] ip binding vpn-instance VPNA
[*PE3-GigabitEthernet1/0/1] ip address 192.168.3.1 24
[*PE3-GigabitEthernet1/0/1] quit
[*PE3] commit
6. Configure an OSPF multi-instance on each PE to import VPN routes.
– # Configure PE1.
[~PE1] ospf 2 vpn-instance VPNA

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

[*PE1-ospf-2] import-route bgp

[*PE1-ospf-2] area 0
[*PE1-ospf-2-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[*PE1-ospf-2-area-0.0.0.0] quit
[*PE1-ospf-2] quit
[*PE1] bgp 100
[*PE1-bgp] ipv4-family vpn-instance VPNA
[*PE1-bgp-VPNA] import-route ospf 2
[*PE1-bgp-VPNA] quit
[*PE1-bgp] quit
[*PE1] commit
– # Configure PE2.
[~PE2] ospf 2 vpn-instance VPNA
[*PE2-ospf-2] import-route bgp
[*PE2-ospf-2] area 0
[*PE2-ospf-2-area-0.0.0.0] network 192.168.2.0 0.0.0.255
[*PE2-ospf-2-area-0.0.0.0] quit
[*PE2-ospf-2] quit
[*PE2] bgp 100
[*PE2-bgp] ipv4-family vpn-instance VPNA
[*PE2-bgp-VPNA] import-route ospf 2
[*PE2-bgp-VPNA] quit
[*PE2-bgp] quit
[*PE2] commit
– # Configure PE3.
[~PE3] ospf 2 vpn-instance VPNA
[*PE3-ospf-2] import-route bgp
[*PE3-ospf-2] area 0
[*PE3-ospf-2-area-0.0.0.0] network 192.168.3.0 0.0.0.255
[*PE3-ospf-2-area-0.0.0.0] quit
[*PE3-ospf-2] quit
[*PE3] bgp 100
[*PE3-bgp] ipv4-family vpn-instance VPNA
[*PE3-bgp-VPNA] import-route ospf 2
[*PE3-bgp-VPNA] quit
[*PE3-bgp] quit
[*PE3] commit
7. Configure OSPF on each CE.
– # Configure CE1.
[~CE1] ospf 2
[*CE1-ospf-2] area 0
[*CE1-ospf-2-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[*CE1-ospf-2-area-0.0.0.0] network 10.1.3.0 0.0.0.255
[*CE1-ospf-2-area-0.0.0.0] network 1.1.1.1 0.0.0.0
[*CE1-ospf-2-area-0.0.0.0] quit
[*CE1-ospf-2] quit
[*CE1] commit
– # Configure CE2.
[~CE2] ospf 2
[*CE2-ospf-2] area 0
[*CE2-ospf-2-area-0.0.0.0] network 192.168.2.0 0.0.0.255
[*CE2-ospf-2-area-0.0.0.0] network 10.1.4.0 0.0.0.255
[*CE2-ospf-2-area-0.0.0.0] network 5.5.5.5 0.0.0.0
[*CE2-ospf-2-area-0.0.0.0] quit
[*CE2-ospf-2] quit
[*CE2] commit
– # Configure CE3.
[~CE3] ospf 2
[*CE3-ospf-2] area 0
[*CE3-ospf-2-area-0.0.0.0] network 192.168.3.0 0.0.0.255
[*CE3-ospf-2-area-0.0.0.0] network 10.1.5.0 0.0.0.255
[*CE3-ospf-2-area-0.0.0.0] network 6.6.6.6 0.0.0.0
[*CE3-ospf-2-area-0.0.0.0] quit
[*CE3-ospf-2] quit

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

[*CE3] commit

After completing the configuration, run the display ip routing-table

command on CE2 and CE3. The command outputs show that CE2 and CE3
have routes to CE1. Run the ping command on CE2 and CE3 to ping CE1. The
command outputs show that the ping operations are successful. The following
example uses the command output on CE3.
[~CE3] display ip routing-table
Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route
------------------------------------------------------------------------------
Routing Table : _public_
Destinations : 11 Routes : 11

Destination/Mask Proto Pre Cost Flags NextHop Interface

1.1.1.1/32 OSPF 10 3 D 192.168.3.1 GigabitEthernet1/0/0

6.6.6.6/32 Direct 0 0 D 127.0.0.1 LoopBack1
10.1.3.0/24 OSPF 10 4 D 192.168.3.1 GigabitEthernet1/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
192.168.1.0/24 OSPF 10 3 D 192.168.3.1 GigabitEthernet1/0/0
192.168.3.0/24 Direct 0 0 D 192.168.3.2 GigabitEthernet1/0/0
192.168.3.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0
192.168.3.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
[~CE3] ping 1.1.1.1
PING 1.1.1.1: 56 data bytes, press CTRL_C to break
Reply from 1.1.1.1: bytes=56 Sequence=1 ttl=253 time=118 ms
Reply from 1.1.1.1: bytes=56 Sequence=2 ttl=253 time=3 ms
Reply from 1.1.1.1: bytes=56 Sequence=3 ttl=253 time=4 ms
Reply from 1.1.1.1: bytes=56 Sequence=4 ttl=253 time=3 ms
Reply from 1.1.1.1: bytes=56 Sequence=5 ttl=253 time=3 ms

--- 1.1.1.1 ping statistics ---

5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 3/26/118 ms

Step 2 Enable mLDP globally.

● # Configure PE1.
[~PE1] mpls ldp
[*PE1-mpls-ldp] mldp p2mp
[*PE1-mpls-ldp] commit
[~PE1-mpls-ldp] quit

● # Configure PE2.
[~PE2] mpls ldp
[*PE2-mpls-ldp] mldp p2mp
[*PE2-mpls-ldp] commit
[~PE2-mpls-ldp] quit

● # Configure PE3.
[~PE3] mpls ldp
[*PE3-mpls-ldp] mldp p2mp
[*PE3-mpls-ldp] commit
[~PE3-mpls-ldp] quit

Step 3 Configure an NG MVPN.

● Establish a BGP MVPN peer relationship between the PEs.
– # Configure PE1.
[~PE1] bgp 100
[*PE1-bgp] ipv4-family mvpn

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

[*PE1-bgp-af-mvpn] peer 3.3.3.3 enable

[*PE1-bgp-af-mvpn] peer 4.4.4.4 enable
[*PE1-bgp-af-mvpn] commit
[~PE1-bgp-af-mvpn] quit
[~PE1-bgp] quit
– # Configure PE2.
[~PE2] bgp 100
[*PE2-bgp] ipv4-family mvpn
[*PE2-bgp-af-mvpn] peer 2.2.2.2 enable
[*PE2-bgp-af-mvpn] commit
[~PE2-bgp-af-mvpn] quit
[~PE2-bgp] quit
– # Configure PE3.
[~PE3] bgp 100
[*PE3-bgp] ipv4-family mvpn
[*PE3-bgp-af-mvpn] peer 2.2.2.2 enable
[*PE3-bgp-af-mvpn] commit
[~PE3-bgp-af-mvpn] quit
[~PE3-bgp] quit
After completing the configuration, run the display bgp mvpn all peer
command on the PEs. The following example uses the command output
on PE1. The command output shows that PE1 has established a BGP
MVPN peer relationship with PE2 and PE3.
[~PE1] display bgp mvpn all peer
BGP local router ID : 10.1.2.1
Local AS number : 100
Total number of peers : 2 Peers in established state : 2

Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv

3.3.3.3 4 100 43 42 0 00:29:28 Established 2
4.4.4.4 4 100 32 35 0 00:21:59 Established 1
● Configure each PE to use mLDP to establish an S-PMSI tunnel.
– # Configure PE1.
[~PE1] multicast mvpn 2.2.2.2
[*PE1] ip vpn-instance VPNA
[*PE1-vpn-instance-VPNA] ipv4-family
[*PE1-vpn-instance-VPNA-af-ipv4] multicast routing-enable
[*PE1-vpn-instance-VPNA-af-ipv4] mvpn
[*PE1-vpn-instance-VPNA-af-ipv4-mvpn] sender-enable
[*PE1-vpn-instance-VPNA-af-ipv4-mvpn] c-multicast signaling bgp
[*PE1-vpn-instance-VPNA-af-ipv4-mvpn] rpt-spt mode
[*PE1-vpn-instance-VPNA-af-ipv4-mvpn] ipmsi-tunnel
[*PE1-vpn-instance-VPNA-af-ipv4-mvpn-ipmsi] mldp
[*PE1-vpn-instance-VPNA-af-ipv4-mvpn-ipmsi] quit
[*PE1-vpn-instance-VPNA-af-ipv4-mvpn] spmsi-tunnel
[*PE1-vpn-instance-VPNA-af-ipv4-mvpn-spmsi] group 224.0.0.0 255.255.255.0 mldp limit 1
[*PE1-vpn-instance-VPNA-af-ipv4-mvpn-spmsi] quit
[*PE1-vpn-instance-VPNA-af-ipv4-mvpn] quit
[*PE1-vpn-instance-VPNA-af-ipv4] quit
[*PE1-vpn-instance-VPNA] quit
[*PE1] commit
– # Configure PE2.
[~PE2] multicast mvpn 3.3.3.3
[*PE2] ip vpn-instance VPNA
[*PE2-vpn-instance-VPNA] ipv4-family
[*PE2-vpn-instance-VPNA-af-ipv4] multicast routing-enable
[*PE2-vpn-instance-VPNA-af-ipv4] mvpn
[*PE2-vpn-instance-VPNA-af-ipv4-mvpn] c-multicast signaling bgp
[*PE2-vpn-instance-VPNA-af-ipv4-mvpn] rpt-spt mode
[*PE2-vpn-instance-VPNA-af-ipv4-mvpn] quit
[*PE2-vpn-instance-VPNA-af-ipv4] quit
[*PE2-vpn-instance-VPNA] quit
[*PE2] commit

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

– # Configure PE3.
[~PE3] multicast mvpn 4.4.4.4
[*PE3] ip vpn-instance VPNA
[*PE3-vpn-instance-VPNA] ipv4-family
[*PE3-vpn-instance-VPNA-af-ipv4] multicast routing-enable
[*PE3-vpn-instance-VPNA-af-ipv4] mvpn
[*PE3-vpn-instance-VPNA-af-ipv4-mvpn] c-multicast signaling bgp
[*PE3-vpn-instance-VPNA-af-ipv4-mvpn] rpt-spt mode
[*PE3-vpn-instance-VPNA-af-ipv4-mvpn] quit
[*PE3-vpn-instance-VPNA-af-ipv4] quit
[*PE3-vpn-instance-VPNA] quit
[*PE3] commit

After completing the configuration, run the display mvpn vpn-instance

ipmsi command on the PEs to check I-PMSI tunnel information. The
following example uses the command output on PE1.
[~PE1] display mvpn vpn-instance VPNA ipmsi
MVPN local i-PMSI information for VPN-Instance: VPNA
Tunnel type: mLDP P2MP LSP
Tunnel state: Up
Root-ip: 2.2.2.2
Opaque value: 0x01000400008021
Root: 2.2.2.2 (local)
Leaf:
1: 3.3.3.3
2: 4.4.4.4

The command output shows that an mLDP P2MP LSP has been
established, with PE1 as the root node and PE2 and PE3 as leaf nodes.
● Configure PIM.
– # Configure PE1.
[*PE1] interface gigabitethernet1/0/1
[*PE1-GigabitEthernet1/0/1] pim sm
[*PE1-GigabitEthernet1/0/1] quit
[*PE1] commit

– # Configure CE1.
[~CE1] multicast routing-enable
[*CE1] interface gigabitethernet1/0/0
[*CE1-GigabitEthernet1/0/0] pim sm
[*CE1-GigabitEthernet1/0/0] quit
[*CE1] interface gigabitethernet1/0/1
[*CE1-GigabitEthernet1/0/1] pim sm
[*CE1-GigabitEthernet1/0/1] quit
[*CE1] commit

– # Configure PE2.
[*PE2] interface gigabitethernet1/0/1
[*PE2-GigabitEthernet1/0/1] pim sm
[*PE2-GigabitEthernet1/0/1] quit
[*PE2] commit

– # Configure CE2.
[~CE2] multicast routing-enable
[*CE2] interface gigabitethernet1/0/0
[*CE2-GigabitEthernet1/0/0] pim sm
[*CE2-GigabitEthernet1/0/0] quit
[*CE2] interface gigabitethernet1/0/1
[*CE2-GigabitEthernet1/0/1] pim sm
[*CE2-GigabitEthernet1/0/1] quit
[*CE2] commit

– # Configure PE3.
[*PE3] interface gigabitethernet1/0/1
[*PE3-GigabitEthernet1/0/1] pim sm
[*PE3-GigabitEthernet1/0/1] quit

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

[*PE3] commit
– # Configure CE3.
[~CE3] multicast routing-enable
[*CE3] interface gigabitethernet1/0/0
[*CE3-GigabitEthernet1/0/0] pim sm
[*CE3-GigabitEthernet1/0/0] quit
[*CE3] interface gigabitethernet1/0/1
[*CE3-GigabitEthernet1/0/1] pim sm
[*CE3-GigabitEthernet1/0/1] quit
[*CE3] commit
● Configure IGMP.
– # Configure CE2.
[~CE2] interface gigabitethernet1/0/1
[*CE2-GigabitEthernet1/0/1] pim sm
[*CE2-GigabitEthernet1/0/1] igmp enable
[*CE2-GigabitEthernet1/0/1] igmp version 3
[*CE2-GigabitEthernet1/0/1] commit
[~CE2-GigabitEthernet1/0/1] quit
– # Configure CE3.
[~CE3] interface gigabitethernet1/0/1
[*CE3-GigabitEthernet1/0/1] pim sm
[*CE3-GigabitEthernet1/0/1] igmp enable
[*CE3-GigabitEthernet1/0/1] igmp version 3
[*CE3-GigabitEthernet1/0/1] commit
[~CE3-GigabitEthernet1/0/1] quit
● Configure a static RP.
– # Configure CE1.
[~CE1] pim
[*CE1-pim] static-rp 1.1.1.1
[*CE1-pim] commit
[~CE1-pim] quit
– # Configure CE2.
[~CE2] pim
[*CE2-pim] static-rp 1.1.1.1
[*CE2-pim] commit
[~CE2-pim] quit
– # Configure CE3.
[~CE3] pim
[*CE3-pim] static-rp 1.1.1.1
[*CE3-pim] commit
[~CE3-pim] quit
– # Configure PE1.
[~PE1] pim vpn-instance VPNA
[*PE1-pim-VPNA] static-rp 1.1.1.1
[*PE1-pim-VPNA] commit
[~PE1-pim-VPNA] quit
– # Configure PE2.
[~PE2] pim vpn-instance VPNA
[*PE2-pim-VPNA] static-rp 1.1.1.1
[*PE2-pim-VPNA] commit
[~PE2-pim-VPNA] quit
– # Configure PE3.
[~PE3] pim vpn-instance VPNA
[*PE3-pim-VPNA] static-rp 1.1.1.1
[*PE3-pim-VPNA] commit
[~PE3-pim-VPNA] quit

After the configurations are complete, NG MVPN functions have been configured.
If CE2 or CE3 has access users, CE1 can use the BGP/MPLS IP VPN to forward

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

multicast data to the users. Configure users on CE2 or CE3 to send IGMPv3 Report
messages and the multicast source 10.1.3.1 to send multicast data. Then, check
multicast routing entries to verify whether the NG MVPN is configured
successfully.
Run the display pim routing-table command on CE2, CE3, and CE1 to check the
PIM routing table. Run the display pim vpn-instance routing-table command on
PE2, PE3, and PE1 to check the PIM routing table of the VPN instance.
[~CE2] display pim routing-table
VPN-Instance: public net
Total 0 (*, G) entry; 1 (S, G) entry

(10.1.3.1, 225.1.1.1)
RP:1.1.1.1
Protocol: pim-sm, Flag: SPT SG_RCVR ACT
UpTime: 00:54:11
Upstream interface: GigabitEthernet1/0/0
Upstream neighbor: 192.168.2.1
RPF prime neighbor: 192.168.2.1
Downstream interface(s) information:
Total number of downstreams: 1
1: GigabitEthernet1/0/1
Protocol: igmp, UpTime: 00:54:11, Expires: -
[~CE3] display pim routing-table
VPN-Instance: public net
Total 0 (*, G) entry; 1 (S, G) entry

(10.1.3.1, 226.1.1.1)
RP:1.1.1.1
Protocol: pim-sm, Flag: SPT SG_RCVR ACT
UpTime: 00:01:57
Upstream interface: GigabitEthernet1/0/0
Upstream neighbor: 192.168.3.1
RPF prime neighbor: 192.168.3.1
Downstream interface(s) information:
Total number of downstreams: 1
1: GigabitEthernet1/0/1
Protocol: igmp, UpTime: 00:01:57, Expires: -
[~PE2] display pim vpn-instance VPNA routing-table
VPN-Instance: VPNA
Total 0 (*, G) entry; 1 (S, G) entry

(10.1.3.1, 225.1.1.1)
RP:1.1.1.1
Protocol: pim-sm, Flag: SPT ACT
UpTime: 00:48:18
Upstream interface: through-BGP
Upstream neighbor: 2.2.2.2
RPF prime neighbor: 2.2.2.2
Downstream interface(s) information:
Total number of downstreams: 1
1: GigabitEthernet1/0/1
Protocol: pim-sm, UpTime: 00:48:18, Expires: 00:03:12
[~PE3] display pim vpn-instance VPNA routing-table
VPN-Instance: VPNA
Total 0 (*, G) entry; 1 (S, G) entry

(10.1.3.1, 226.1.1.1)
RP:1.1.1.1
Protocol: pim-sm, Flag: SPT ACT
UpTime: 00:02:06
Upstream interface: through-BGP
Upstream neighbor: 2.2.2.2
RPF prime neighbor: 2.2.2.2
Downstream interface(s) information:
Total number of downstreams: 1

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

1: GigabitEthernet1/0/1
Protocol: pim-sm, UpTime: 00:02:06, Expires: 00:03:26
[~PE1] display pim vpn-instance VPNA routing-table
VPN-Instance: VPNA
Total 0 (*, G) entry; 2 (S, G) entries

(10.1.3.1, 225.1.1.1)
RP:1.1.1.1
Protocol: pim-sm, Flag: SPT SG_RCVR ACT
UpTime: 00:46:58
Upstream interface: GigabitEthernet1/0/1
Upstream neighbor: 192.168.1.1
RPF prime neighbor: 192.168.1.1
Downstream interface(s) information:
Total number of downstreams: 1
1: pseudo
Protocol: BGP, UpTime: 00:46:58, Expires: -

(10.1.3.1, 226.1.1.1)
RP:1.1.1.1
Protocol: pim-sm, Flag: SPT SG_RCVR ACT
UpTime: 00:00:23
Upstream interface: GigabitEthernet1/0/1
Upstream neighbor: 192.168.1.1
RPF prime neighbor: 192.168.1.1
Downstream interface(s) information:
Total number of downstreams: 1
1: pseudo
Protocol: BGP, UpTime: 00:00:26, Expires: -
[~CE1] display pim routing-table
VPN-Instance: public net
Total 0 (*, G) entry; 2 (S, G) entries

(10.1.3.1, 225.1.1.1)
RP:1.1.1.1
Protocol: pim-sm, Flag: SPT LOC ACT
UpTime: 00:47:29
Upstream interface: GigabitEthernet1/0/0
Upstream neighbor: NULL
RPF prime neighbor: NULL
Downstream interface(s) information:
Total number of downstreams: 1
1: GigabitEthernet1/0/1
Protocol: pim-sm, UpTime: 00:47:29, Expires: 00:03:03

(10.1.3.1, 226.1.1.1)
RP:1.1.1.1
Protocol: pim-sm, Flag: SPT LOC ACT
UpTime: 00:00:54
Upstream interface: GigabitEthernet1/0/0
Upstream neighbor: NULL
RPF prime neighbor: NULL
Downstream interface(s) information:
Total number of downstreams: 1
1: GigabitEthernet1/0/1
Protocol: pim-sm, UpTime: 00:00:54, Expires: 00:02:36

The command outputs show that CE1 connecting to the multicast source has
received PIM Join messages from CE2 and CE3 connecting to multicast receivers
and that CE1 has generated PIM routing entries.

Step 4 Configure eMDI detection.

Configure eMDI detection on PE1, PE2, and PE3.

● Configure eMDI to monitor a channel group.
– # Configure PE1.
[~PE1] emdi

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

[*PE1-emdi] emdi channel-group PE1

[*PE1-emdi-channel-group-PE1] emdi channel 1 source 10.1.3.1 group 225.1.1.1 vpn-instance
VPNA pt 33 clock-rate 90kHz
[*PE1-emdi-channel-group-PE1] emdi channel 2 source 10.1.3.1 group 226.1.1.1 vpn-instance
VPNA pt 33 clock-rate 90kHz
[*PE1-emdi-channel-group-PE1] quit
[*PE1-emdi] quit
[*PE1] commit

– # Configure PE2.
[~PE2] emdi
[*PE2-emdi] emdi channel-group PE2
[*PE2-emdi-channel-group-PE2] emdi channel 1 source 10.1.3.1 group 225.1.1.1 vpn-instance
VPNA pt 33 clock-rate 90kHz
[*PE2-emdi-channel-group-PE2] quit
[*PE2-emdi] quit
[*PE2] commit

– # Configure PE3.
[~PE3] emdi
[*PE3-emdi] emdi channel-group PE3
[*PE3-emdi-channel-group-PE3] emdi channel 2 source 10.1.3.1 group 226.1.1.1 vpn-instance
VPNA pt 33 clock-rate 90kHz
[*PE3-emdi-channel-group-PE3] quit
[*PE3-emdi] quit
[*PE3] commit

● Configure eMDI to monitor a board group.

The following uses PE1 as an example. The configurations of PE2 and PE3 are
similar to the configuration of PE1. For configuration details, see
Configuration Files in this section.
[~PE1] emdi
[*PE1-emdi] emdi lpu-group PE1
[*PE1-emdi-lpu-group-PE1] emdi bind slot all
[*PE1-emdi-lpu-group-PE1] quit
[*PE1-emdi] quit
[*PE1] commit

● Bind a channel group to a board group.

After completing the configuration, run the display emdi statistics history
channel command to check the detection result when multicast traffic passes
through PE1.
[~PE1] display emdi statistics history channel 1 start 3 end 5
Channel Name : 1
Total Records : 3
-----------------------------------------------------------------------------------------------------------------------
----------------------------------
Record Record Monitor Monitor Received Rate Rate RTP-LC RTP-
SE RTP-LR RTP-SER RTP
Index Time Period(s) Status Packets pps bps
(1/100000) (1/100000) Jitter(ms)
-----------------------------------------------------------------------------------------------------------------------
----------------------------------
3 2019-02-02:08-31-00 60 Normal 4388218 438821 4865656118 6700
6633 152 151 0
4 2019-02-02:08-32-00 60 Normal 4388533 438853 4866005390 6700
6633 152 151 0
5 2019-02-02:08-33-00 60 Normal 4393232 439323 4871215641 6700
6633 152 151 0

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

-----------------------------------------------------------------------------------------------------------------------
----------------------------------

Step 5 Configure telemetry.

The following uses PE1 as an example. The configurations of PE2 and PE3 are
similar to the configuration of PE1. For configuration details, see Configuration
Files in this section.
● Configure a destination collector.
[~PE1] telemetry
[*PE1-telemetry] destination-group Monitor
[*PE1-telemetry-destination-group-Monitor] ipv4-address 10.1.6.2 port 10001 protocol grpc no-tls
[*PE1-telemetry-destination-group-Monitor] commit
[~PE1-telemetry-destination-group-Monitor] quit

● Configure a sampling path.

[~PE1] sensor-group emdi-monitor
[*PE1-telemetry-sensor-group-emdi-monitor] sensor-path huawei-emdi:emdi/emdi-telem-reps/
emdi-telem-rep
[*PE1-telemetry-sensor-group-emdi-monitor] sensor-path huawei-emdi:emdi/emdi-telem-rtps/
emdi-telem-rtp
[*PE1-telemetry-sensor-group-emdi-monitor] commit
[~PE1-telemetry-sensor-group-emdi-monitor] quit

● Create a static subscription.

[~PE1] subscription PE1
[*PE1-telemetry-subscription-PE1] sensor-group emdi-monitor
[*PE1-telemetry-subscription-PE1] destination-group Monitor
[*PE1-telemetry-subscription-PE1] commit

After completing the configuration, check the eMDI detection result reported
through telemetry on the monitor platform.

----End

Configuration Files
● CE1 configuration file
#
sysname CE1
#
multicast routing-enable
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.1.3.2 255.255.255.0
pim sm
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 192.168.1.1 255.255.255.0
pim sm
#
interface LoopBack1
ip address 1.1.1.1 255.255.255.255
#
ospf 2
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.3.0 0.0.0.255
network 192.168.1.0 0.0.0.255
#
pim
static-rp 1.1.1.1
#
return

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

● PE1 configuration file

#
sysname PE1
#
multicast mvpn 2.2.2.2
#
ip vpn-instance VPNA
ipv4-family
route-distinguisher 200:1
vpn-target 3:3 4:4 export-extcommunity
vpn-target 3:3 4:4 import-extcommunity
multicast routing-enable
mvpn
sender-enable
c-multicast signaling bgp
rpt-spt mode
ipmsi-tunnel
mldp
spmsi-tunnel
group 224.0.0.0 255.255.255.0 mldp limit 1
#
mpls lsr-id 2.2.2.2
mpls
#
mpls ldp
mldp p2mp
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.1.2.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet1/0/1
undo shutdown
ip binding vpn-instance VPNA
ip address 192.168.1.2 255.255.255.0
pim sm
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 2.2.2.2 255.255.255.255
#
bgp 100
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack1
peer 4.4.4.4 as-number 100
peer 4.4.4.4 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 3.3.3.3 enable
peer 4.4.4.4 enable
#
ipv4-family vpnv4
policy vpn-target
peer 3.3.3.3 enable
peer 4.4.4.4 enable
#
ipv4-family mvpn
policy vpn-target
peer 3.3.3.3 enable
peer 4.4.4.4 enable
#

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

ipv4-family vpn-instance VPNA

import-route ospf 2
#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.1.2.0 0.0.0.255
#
ospf 2 vpn-instance VPNA
import-route bgp
area 0.0.0.0
network 192.168.1.0 0.0.0.255
#
pim vpn-intstance VPNA
static-rp 1.1.1.1
#
emdi
emdi channel-group PE1
emdi channel 1 source 10.1.3.1 group 225.1.1.1 vpn-instance VPNA pt 33 clock-rate 90kHz
emdi channel 2 source 10.1.3.1 group 226.1.1.1 vpn-instance VPNA pt 33 clock-rate 90kHz
emdi lpu-group PE1
emdi bind slot all
emdi bind channel-group PE1 lpu-group PE1
#
telemetry
#
sensor-group emdi-monitor
sensor-path huawei-emdi:emdi/emdi-telem-reps/emdi-telem-rep
sensor-path huawei-emdi:emdi/emdi-telem-rtps/emdi-telem-rtp
#
destination-group Monitor
ipv4-address 10.1.6.2 port 10001 protocol grpc no-tls
#
subscription PE1
sensor-group emdi-monitor
destination-group Monitor
#
return
● CE2 configuration file
#
sysname CE2
#
multicast routing-enable
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 192.168.2.2 255.255.255.0
pim sm
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 10.1.4.1 255.255.255.0
pim sm
igmp enable
igmp version 3
#
interface LoopBack1
ip address 5.5.5.5 255.255.255.255
#
ospf 2
area 0.0.0.0
network 5.5.5.5 0.0.0.0
network 10.1.4.0 0.0.0.255
network 192.168.2.0 0.0.0.255
#
pim
static-rp 1.1.1.1
#

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

return
● PE2 configuration file
#
sysname PE2
#
multicast mvpn 3.3.3.3
#
ip vpn-instance VPNA
ipv4-family
route-distinguisher 300:1
vpn-target 3:3 export-extcommunity
vpn-target 3:3 import-extcommunity
multicast routing-enable
mvpn
c-multicast signaling bgp
rpt-spt mode
#
mpls lsr-id 3.3.3.3
mpls
#
mpls ldp
mldp p2mp
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.1.6.1 255.255.255.0
#
interface GigabitEthernet1/0/1
undo shutdown
ip binding vpn-instance VPNA
ip address 192.168.2.1 255.255.255.0
pim sm
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 3.3.3.3 255.255.255.255
#
bgp 100
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
#
ipv4-family vpnv4
policy vpn-target
peer 2.2.2.2 enable
#
ipv4-family mvpn
policy vpn-target
peer 2.2.2.2 enable
#
ipv4-family vpn-instance VPNA
import-route ospf 2
#
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.1.6.0 0.0.0.255
#
ospf 2 vpn-instance VPNA

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

import-route bgp
area 0.0.0.0
network 192.168.2.0 0.0.0.255
#
pim vpn-intstance VPNA
static-rp 1.1.1.1
#
emdi
emdi channel-group PE2
emdi channel 1 source 10.1.3.1 group 225.1.1.1 vpn-instance VPNA pt 33 clock-rate 90kHz
emdi lpu-group PE2
emdi bind slot all
emdi bind channel-group PE2 lpu-group PE2
#
telemetry
#
sensor-group emdi-monitor
sensor-path huawei-emdi:emdi/emdi-telem-reps/emdi-telem-rep
sensor-path huawei-emdi:emdi/emdi-telem-rtps/emdi-telem-rtp
#
destination-group Monitor
ipv4-address 10.1.6.2 port 10001 protocol grpc no-tls
#
subscription PE2
sensor-group emdi-monitor
destination-group Monitor
#
return
● CE3 configuration file
#
sysname CE3
#
multicast routing-enable
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 192.168.3.2 255.255.255.0
pim sm
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 10.1.5.1 255.255.255.0
pim sm
igmp enable
igmp version 3
#
interface LoopBack1
ip address 6.6.6.6 255.255.255.255
#
ospf 2
area 0.0.0.0
network 6.6.6.6 0.0.0.0
network 10.1.5.0 0.0.0.255
network 192.168.3.0 0.0.0.255
#
pim
static-rp 1.1.1.1
#
return
● PE3 configuration file
#
sysname PE3
#
multicast mvpn 4.4.4.4
#
ip vpn-instance VPNA
ipv4-family
route-distinguisher 400:1

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

vpn-target 4:4 export-extcommunity

vpn-target 4:4 import-extcommunity
multicast routing-enable
mvpn
c-multicast signaling bgp
rpt-spt mode
#
mpls lsr-id 4.4.4.4
mpls
#
mpls ldp
mldp p2mp
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.1.2.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet1/0/1
undo shutdown
ip binding vpn-instance VPNA
ip address 192.168.3.1 255.255.255.0
pim sm
#
interface LoopBack1
ip address 4.4.4.4 255.255.255.255
#
bgp 100
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
#
ipv4-family vpnv4
policy vpn-target
peer 2.2.2.2 enable
#
ipv4-family mvpn
policy vpn-target
peer 2.2.2.2 enable
#
ipv4-family vpn-instance VPNA
import-route ospf 2
#
ospf 1
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 10.1.2.0 0.0.0.255
#
ospf 2 vpn-instance VPNA
import-route bgp
area 0.0.0.0
network 192.168.3.0 0.0.0.255
#
pim vpn-intstance VPNA
static-rp 1.1.1.1
#
emdi
emdi channel-group PE3
emdi channel 1 source 10.1.3.1 group 226.1.1.1 vpn-instance VPNA pt 33 clock-rate 90kHz
emdi lpu-group PE3
emdi bind slot all
emdi bind channel-group PE3 lpu-group PE3
#
telemetry
#

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 12 eMDI Configuration

sensor-group emdi-monitor
sensor-path huawei-emdi:emdi/emdi-telem-reps/emdi-telem-rep
sensor-path huawei-emdi:emdi/emdi-telem-rtps/emdi-telem-rtp
#
destination-group Monitor
ipv4-address 10.1.6.2 port 10001 protocol grpc no-tls
#
subscription PE3
sensor-group emdi-monitor
destination-group Monitor
#
return

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 13 ESQM Configuration

13 ESQM Configuration

About This Chapter

13.1 Overview of ESQM

13.2 ESQM Licensing Requirements and Configuration Precautions
13.3 Configuring ESQM End-to-End Performance Measurement
After the end-to-end performance measurement function is configured, you can
collect information, such as the packet type, timestamp, and packet statistics, for
packet forwarding path restoration, traffic restoration, and fault detection.
13.4 Example for Configuring ESQM End-to-End Performance Measurement
This section describes how to use ESQM to collect end-to-end packet loss and
delay statistics on an L3VPN HoVPN with an L3EVPN.

13.1 Overview of ESQM

Definition
Enhanced stream quality monitoring (ESQM) collects information about
Transmission Control Protocol (TCP), Stream Control Transmission Protocol (SCTP),
or GPRS Tunneling Protocol (GTP) packets on a board through which the packets
pass based on the quintuple information (source and destination IP addresses,
source and destination port numbers, and transport layer protocol). The collected
information includes the packet type, timestamp, inbound and outbound
interfaces, VPN, and packet statistics. The information is reported to the Huawei
NCE for forwarding path restoration, traffic restoration, or fault detection.

Purpose
Traditional communication networks are unable to "perceive" services, preventing
customers' ever-changing service requirements from being responded to in real
time. To solve this problem, ESQM has been developed to help devices monitor
the quality of services on networks. This technology integrates network

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 13 ESQM Configuration

deployment with service requirements and provides the data that is the
foundation for automatic and intelligent network lifecycle management.

Benefits
ESQM offers the following benefits:
● Helps communication networks perceive service quality, and enables devices
to proactively detect services with poor QoE for fault diagnosis, demarcation,
and service optimization, thereby effectively shortening the duration of
network interruptions and reducing customers' OPEX.
● Helps customers perceive networks according to multiple metrics, including
service quality, forwarding path, and load, providing data support for routine
maintenance and network optimization.

13.2 ESQM Licensing Requirements and Configuration

Precautions
Licensing Requirements
For details, see "Licensing Requirements" in Feature Description.

Configuration Precautions
Restrictions Guidelines Impact

ESQM does not support Prevent this scenario The statistics about the
flow identification based during service planning. flows in this scenario are
on VPN and inbound/ combined. As a result,
outbound interface the monitoring results
information. A device are inaccurate.
regards the flows with
the same quintuple
information (source and
destination IP addresses,
source and destination
port numbers, and
protocol number) and
monitoring direction
(inbound or outbound)
as one flow for statistics
collection, even if the
inbound/outbound
interfaces and VPNs of
the flows are different.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 13 ESQM Configuration

Restrictions Guidelines Impact

ESQM flow entries share Prevent this scenario If both ESQM and MAC
resources with MAC during service planning. address services are
address entries. If the deployed, the maximum
number of MAC address numbers of ESQM flow
entries created reaches entries and MAC address
the upper limit of the entries cannot be
resources, ESQM flow reached at the same
entries cannot be time.
created. If the number of
ESQM flow entries
created reaches the
upper limit of the
resources, the maximum
number of MAC address
entries cannot be
created.

ESQM is mutually Do not configure ESQM ESQM cannot be

exclusive with the in this scenario. configured together with
interface sampling, ACL the interface sampling,
sampling, or ACL log ACL sampling, or ACL log
function. function.

ESQM collects statistics None None

about the traffic
forwarded by a device
instead of the traffic
discarded by the device
or the local traffic.

ESQM uses a hash None In certain scenarios, the

algorithm to create a maximum number of
flow table. However, the ESQM flow entries
hash results are uneven. cannot be created.
As a result, the
maximum number of
ESQM flow entries
cannot be created. In
certain scenarios, if the
hash results for the
quintuple information of
packets are severely
uneven, the maximum
number of ESQM flow
entries may not be
created.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 13 ESQM Configuration

Restrictions Guidelines Impact

ESQM can monitor Do not configure ESQM ESQM is not supported

packets on Ethernet in this scenario. in this scenario.
interfaces and sub-
interfaces, Eth-Trunk
interfaces and sub-
interfaces, L3VE sub-
interfaces, QinQ and
dot1q VLAN tag
termination sub-
interfaces.

ESQM can monitor Do not configure ESQM ESQM is not supported

packets on FlexE in this scenario. in this scenario.
interfaces.

When GTP heartbeat Configure a threshold for The monitoring

packets are transmitted error packet detection on information is inaccurate.
between two devices, the NCE, so that iFIT
two devices report their detection is triggered
traffic monitoring only if the threshold is
information to NCE. exceeded.
There is a difference of
1% or less between the
statistics on the two
devices because of the
receive time difference.

ESQM is not supported Prevent this scenario The collected

in a P2MP TE, or NG during service planning. information is inaccurate
MVPN scenario. in this scenario.

The transit node does None The collected

not support ESQM. information is inaccurate
in this scenario.

ESQM cannot monitor Prevent this scenario Statistics about

fragmented packets. during service planning. fragmented packets are
not collected. As a result,
the collected traffic is
different from the actual
one.

If the forwarding rate of Configure a threshold for NCE incorrectly considers

a TCP flow is high, there error packet detection on the packets as
is a possibility that NCE, so that iFIT retransmitted packets,
packets cannot be detection is triggered causing the monitoring
reported to NCE in the only if the threshold is result to be inaccurate.
order in which they are exceeded.
received. The error rate is
less than 0.01%.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 13 ESQM Configuration

Restrictions Guidelines Impact

ESQM is not supported Prevent this scenario ESQM cannot be

in a multi-VS scenario. during service planning. configured in a multi-VS
scenario.

ESQM can monitor only Prevent this scenario ESQM cannot be

native IPv4 and IPv4 in during service planning. configured in non-native
MPLS packets. The traffic IPv4 and non-IPv4 in
restoration information MPLS scenarios.
is inaccurate for the
other packets except
native IPv4 and IPv4 in
MPLS packets.

When ESQM is None When NCE displays path

configured on a sub- information, sub-
interface, main interface interface information on
information, not sub- paths cannot be
interface can be restored displayed.
in flow restoration in the
same direction as the
ESQM direction.
Both routed main
interface sub-interface
information, however,
can be restored in flow
restoration in the
opposite direction of the
ESQM direction.

When the 1588 clock is Configure 1588v2 for NCE incorrectly

not configured or is out clock synchronization. calculates the delay and
of lock, the reported NCE triggers IFIT detection.
timestamp is incorrect.

In deep load balancing Disable deep load The statistics are

scenarios, GTP heartbeat balancing. incorrect, causing IFIT
packets and data packets detection to be triggered
are distributed to unexpectedly.
different paths based on
different tunnel IDs. As a
result, the statistics are
inaccurate.

When traffic of the same Configure the ESQM Incorrect detection

flow is sent and received function on the source information results in
by different interfaces on and destination nodes. incorrect detection.
the same node, ESQM
traffic statistics are
doubled.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 13 ESQM Configuration

13.3 Configuring ESQM End-to-End Performance

Measurement
After the end-to-end performance measurement function is configured, you can
collect information, such as the packet type, timestamp, and packet statistics, for
packet forwarding path restoration, traffic restoration, and fault detection.

Context
Traditional communication networks are unable to "perceive" services, preventing
customers' ever-changing service requirements from being responded to in real
time. To solve this problem, ESQM has been developed to help devices monitor
the quality of services on networks. This technology integrates network
deployment with service requirements and provides the data that is the
foundation for automatic and intelligent network lifecycle management.

Procedure
1. Run system-view
The system view is displayed.
2. Run esqm
The ESQM view is displayed.
3. (Optional) Run esqm session aging-time sctp tmval
An aging time is set for SCTP flow tables.

The configured aging time takes effect only for subsequently created SCTP flow tables.
4. (Optional) Run esqm protocol { tcp | sctp | gtp } disable
The device is disabled from creating flow tables for sampled TCP, SCTP, or GTP
protocol packets.
5. (Optional) Run esqm filter permit ip ip-addr mask masklen
The function of filtering sampled packets is enabled.
6. Run any of the following commands:
– To perform ESQM for inbound or outbound packets on all the interfaces
to which a VPN instance is bound, run the esqm service-stream
{ inbound | outbound } vpn-instance vpn-instance-name command in
the ESQM view.
– To perform ESQM for inbound or outbound packets on all the interfaces
to which no VPN instance is bound, run the esqm service-stream
{ inbound | outbound } command in the ESQM view.
– To perform ESQM for inbound or outbound packets on an interface, run
the following commands:
i. Run quit
Exit from the ESQM view.
ii. Run interface interface-type interface-num

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 13 ESQM Configuration

The interface view is displayed.

iii. Run esqm service-stream { inbound | outbound }
A packet sampling direction is configured for ESQM on the interface.
iv. Run quit
Return to the system view.
7. Run commit
The configuration is committed.

13.4 Example for Configuring ESQM End-to-End

Performance Measurement
This section describes how to use ESQM to collect end-to-end packet loss and
delay statistics on an L3VPN HoVPN with an L3EVPN.

Networking Requirements
As networks rapidly develop and applications become diversified, various value-
added services are widely used. Link connectivity and network performance
influence network quality. Therefore, performance monitoring is especially
important for service transmission.
● For example, users will not sense any change in voice quality if the packet
loss rate on voice links is lower than 5%. However, if the packet loss rate is
higher than 10%, user experience obviously degrades.
● The real-time services such as Voice over Internet Protocol (VoIP), online
gaming, and online video require the delay lower than 100 ms. Some delay-
sensitive services even require that the delay be lower than 50 ms. Otherwise,
user experience will degrade.
To meet high requirements for voice, online gaming, and online video on the
network, carriers should be able to monitor the packet loss and delay of the links.
They can adjust the links if service quality decreases.
As shown in Figure 13-1, an access network is deployed between a UPE and an
SPE, and an aggregation network is deployed between an SPE and an NPE. The
forward service flow enters the network through the UPE, travels across the SPE,
and leaves the network through the NPE. The backward service flow enters the
network through the NPE, also travels across the SPE, and leaves the network
through the UPE.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 13 ESQM Configuration

Figure 13-1 L3VPN HoVPN with an L3EVPN

Table 13-1 Interfaces connecting devices and their IP addresses

Device Interface Name Interface Peer IP

(Role) Device Address
(Role)

UPE - Loopback1 - 1.1.1.1/32

interface1 GE1/0/0 SPE 10.1.1.1/2

interface2 GE2/0/0 Site1 192.168.2

0.1/24

SPE - Loopback1 - 2.2.2.2/32

interface1 GE1/0/0 UPE 10.1.1.2/2

interface2 GE2/0/0 NPE 10.2.1.1/2

NPE - Loopback1 - 3.3.3.3/32

interface1 GE1/0/0 SPE 10.2.1.2/2

interface2 GE2/0/0 Site2 192.168.3

0.1/24

Configuration Roadmap
The configuration roadmap is as follows:
1. Deploy IGPs between the UPE and SPE and between the SPE and NPE. In this
example, OSPF runs between the UPE and SPE, and IS-IS runs between the
SPE and NPE.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 13 ESQM Configuration

2. Configure MPLS LDP on the UPE, SPE, and NPE.

3. Configure VPN instances on the UPE, SPE, and NPE.
4. Bind the access-side interfaces on the UPE and NPE to the VPN instances.
5. Configure VPN static default routes on the SPE.
6. Configure a route-policy on the NPE to disable the NPE from receiving the
default routes.
7. Configure BGP EVPN on the SPE and NPE.
8. Configure a BGP-VPNv4 peer relationship between the UPE and SPE, specify
the UPE as the lower-level PE of the SPE, and configure the SPE to import
default VPN routes.
9. Configure route regeneration on the SPE.
10. Configure packet loss and delay measurement on the link between the UPE
and NPE to monitor the link status in an end-to-end manner.

Data Preparation
To complete the configuration, you need the following data:

● IP address of each interface listed in Table 1

● OSPF and IS-IS as IGP protocols
● MPLS LSR IDs of UPE (1.1.1.1), SPE (2.2.2.2), and NPE (3.3.3.3)
● VPN instance name vpn1 and RD 100:1
● VPN targets 1:1 (import and export) of vpn1 and 2:2 for EVPN
● Measurement interval 10s for the ESQM instance
● Target flow's source IP address (192.168.20.2) and destination IP address
(192.168.30.2)

Procedure
1. Configure an L3VPN HoVPN with an L3EVPN on the UPE, SPE, and NPE. For
configuration details, see Configuration Files.
2. Configure ESQM measurement on the UPE and NPE, and inject unidirectional
traffic from the UPE to the NPE.
# Configure inbound ESQM on the user side of the UPE.
<UPE> system-view
[~UPE] esqm
[*UPE-esqm] commit
[~UPE-esqm] interface GigabitEthernet2/0/0
[~UPE—GigabitEthernet2/0/0] esqm service-stream inbound
[*UPE—GigabitEthernet2/0/0] commit

# Configure inbound ESQM on the user side of the NPE.

<NPE> system-view
[~NPE] esqm
[*NPE-esqm] commit
[~NPE-esqm] interface GigabitEthernet1/0/0
[~NPE—GigabitEthernet1/0/0] esqm service-stream inbound
[*NPE—GigabitEthernet1/0/0] commit

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 13 ESQM Configuration

Configuration Files
● UPE configuration file
#
sysname UPE
#
ip vpn-instance vpn1
ipv4-family
route-distinguisher 100:1
apply-label per-instance
vpn-target 2:2 export-extcommunity evpn
vpn-target 2:2 import-extcommunity evpn
evpn mpls routing-enable
#
mpls lsr-id 1.1.1.1
#
mpls
#
mpls ldp
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet2/0/0
undo shutdown
ip binding vpn-instance vpn1
ip address 192.168.20.1 255.255.255.0
esqm service-stream inbound
#
interface LoopBack1
ip address 1.1.1.1 255.255.255.255
#
bgp 100
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
#
ipv4-family vpn-instance vpn1
import-route direct
advertise l2vpn evpn
#
l2vpn-family evpn
undo policy vpn-target
peer 2.2.2.2 enable
#
ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.1.0 0.0.0.255
#
esqm
#
return
● SPE configuration file
#
sysname SPE
#
ip vpn-instance vpn1
ipv4-family
route-distinguisher 100:1
apply-label per-instance
vpn-target 2:2 export-extcommunity evpn
vpn-target 2:2 import-extcommunity evpn

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 13 ESQM Configuration

evpn mpls routing-enable

#
mpls lsr-id 2.2.2.2
#
mpls
#
mpls ldp
#
isis 1
network-entity 10.0000.0000.0002.00
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet2/0/0
undo shutdown
ip address 10.2.1.1 255.255.255.0
isis enable 1
mpls
mpls ldp
#
interface LoopBack1
ip address 2.2.2.2 255.255.255.255
isis enable 1
#
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack1
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
peer 3.3.3.3 enable
#
ipv4-family vpn-instance vpn1
network 0.0.0.0
advertise l2vpn evpn
#
l2vpn-family evpn
undo policy vpn-target
peer 1.1.1.1 enable
peer 1.1.1.1 upe
peer 1.1.1.1 import reoriginate
peer 3.3.3.3 enable
peer 3.3.3.3 advertise route-reoriginated evpn ip
#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.1.1.0 0.0.0.255
#
ip route-static vpn-instance vpn1 0.0.0.0 0.0.0.0 NULL0
#
return

● NPE configuration file

#
sysname NPE
#
ip vpn-instance vpn1
ipv4-family
route-distinguisher 100:1
apply-label per-instance
import route-policy SPE evpn
vpn-target 2:2 export-extcommunity evpn

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 13 ESQM Configuration

vpn-target 2:2 import-extcommunity evpn

evpn mpls routing-enable
#
mpls lsr-id 3.3.3.3
#
mpls
#
mpls ldp
#
isis 1
network-entity 10.0000.0000.0003.00
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 10.2.1.2 255.255.255.0
isis enable 1
mpls
mpls ldp
esqm service-stream inbound
#
interface GigabitEthernet2/0/0
undo shutdown
ip binding vpn-instance vpn1
ip address 192.168.30.1 255.255.255.0
#
interface LoopBack1
ip address 3.3.3.3 255.255.255.255
isis enable 1
#
bgp 100
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
#
ipv4-family vpn-instance vpn1
import-route direct
advertise l2vpn evpn
#
l2vpn-family evpn
undo policy vpn-target
peer 2.2.2.2 enable
#
route-policy SPE deny node 10
if-match ip-prefix default
#
route-policy SPE permit node 20
#
ip ip-prefix default index 10 permit 0.0.0.0 0
#
esqm
#
return

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 14 Flow Recognition Configuration

14 Flow Recognition Configuration

About This Chapter

14.1 Overview of Flow Recognition

Flow recognition enables a device to collect the septuple information (source and
destination MAC addresses, source and destination IP addresses, source and
destination port numbers, and protocol type) of the upstream traffic on an
interface, and identifies a flow based on the information. The device then sends
the flow's statistics (such as the numbers of packets and bytes, timestamps, and
interface information) to a controller for display and traffic identification.
14.2 Configuring Flow Recognition
To allow a device to send the septuple information (source and destination MAC
addresses, source and destination IP addresses, source and destination port
numbers, and protocol type) of traffic to a controller for flow identification, enable
flow recognition.
14.3 Verifying the Flow Recognition Configuration
After configuring flow recognition, verify the configuration.
14.4 Configuration Examples for Flow Recognition

14.1 Overview of Flow Recognition

Background
In the radio and television industry, especially in TV stations or media centers, IP-
based production and broadcasting networks are gaining in popularity. Related IP
standards are being formulated, which is an important step in the development of

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 14 Flow Recognition Configuration

the 4K industry. However, IP-based production and broadcasting networks require

switching among multiple video sources or cameras during video production and
live transmission to achieve the optimal video display effect. Currently, IP-based
devices use IGMP to switch between different multicast groups. When IGMP starts
or stops multicast forwarding, it does not determine the frame boundary of a
video. As a result, the forwarded content is incomplete and the video is damaged
(such as artifacts, jitters, black screens, and static frames).
The quintuple information (source and destination IP addresses, source and
destination port numbers, and protocol type) may not distinguish between flows.
To resolve this issue, configure flow recognition based on the septuple information
(source and destination MAC addresses, source and destination IP addresses,
source and destination port numbers, and protocol type) on a device. A controller
calculates the flow rate based on the information reported by the device, and
determines whether the flow is video or audio flow based on the flow rate. The
device then replicates and broadcasts the identified flow quickly and accurately.
Flow recognition is used to identify video and audio flows on IP-based production
and broadcasting networks.

Implementation
On the topology shown in Figure 14-1, traffic enters the device through the
inbound interface. The device extracts the septuple information from the traffic
and generates matching rules based on the septuple information. Each flow that
matches the septuple information has a statistical ID. The device collects statistics
about the numbers of packets and bytes for each statistical ID. The device sends
the statistics of each statistical ID to the controller over telemetry. The controller
calculates the flow rate based on the current and last data records to identify the
video or audio flow.

Figure 14-1 Flow recognition networking

To calculate the flow rate, the controller needs to receive the data information of
each flow. Table 14-1 describes the flow data fields collected and sent by the
device to the controller.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 14 Flow Recognition Configuration

Table 14-1 Flow data fields

Field Type Description

srcMac Character string Source MAC address

dstMac Character string Destination MAC address

srcIpAddr Character string Source IP address.

dstIpAddr Character string Destination IP address

srcPort Integer (4 bytes) Source port number

dstPort Integer (4 bytes) Destination port number

protocol Integer (4 bytes) Protocol type

direction Integer (4 bytes) Direction in which the

traffic enters the
interface:
● 0: inbound
● 1: outbound

ifName Integer (4 bytes) Interface name

timeStampSec Integer (4 bytes) Timestamp in seconds,

which is used to
calculate a time
difference

timeStampNsec Integer (4 bytes) Timestamp in

nanoseconds, which is
used to calculate a time
difference

packetNum Integer (8 bytes) Number of packets

bytesNum Integer (8 bytes) Number of bytes of a

packet

If the device consecutively collects statistics about a flow twice, the flow's rate is
calculated as follows:
● Number of packets forwarded per second = (packetNum2 - packetNum1)/
(timeStampSec2 - timeStampSec1)
● Number of bytes forwarded per second = (bytesNum2 - bytesNum1)/
(timeStampSec2 - timeStampSec1)

14.2 Configuring Flow Recognition

To allow a device to send the septuple information (source and destination MAC
addresses, source and destination IP addresses, source and destination port
numbers, and protocol type) of traffic to a controller for flow identification, enable
flow recognition.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 14 Flow Recognition Configuration

Context
Figure 14-2 shows the typical networking of flow recognition. Target flows enter
the transport network from the multimedia terminal and then reach the device
through interface 1. After flow recognition is enabled on the device, the device
collects data and then sends the data to the controller over telemetry.

Figure 14-2 Flow recognition networking

Pre-configuration Tasks
Before configuring flow recognition, complete the following tasks:

● Configure a dynamic routing protocol or static routes so that nodes are

reachable at the network layer.
● Configure static telemetry subscription to ensure that data is promptly
reported to the controller.

Procedure
Step 1 Run system-view

The system view is displayed.

Step 2 Run interface interface-type interface-number

The interface view is displayed.

Step 3 Run flow-recognition inbound

Flow recognition is enabled on the interface.

Step 4 Run commit

The configuration is committed.

----End

14.3 Verifying the Flow Recognition Configuration

After configuring flow recognition, verify the configuration.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 14 Flow Recognition Configuration

Prerequisites
Flow recognition has been configured.

Procedure
Step 1 Run the display flow-recognition cache command to check the flow table
information of a slot in the flow cache.

----End

14.4 Configuration Examples for Flow Recognition

14.4.1 Example for Configuring Flow Recognition on a Media

Network
This section provides an example for configuring flow recognition on a media
network.

Networking Requirements
Figure 14-3 shows a typical media network. The functions of each node are
described as follows:
● Controller: delivers control instructions to the device to control, manage, and
monitor the system.
● Device: provides functions such as forwarding, replication, scheduling, clean
switching, and flow recognition of media traffic.
● Multimedia terminal A: functions as the transmit end of media signals and
transmits traffic to the device.
● Multimedia terminal B: functions as the receive end of media signals and
receives traffic from the device.
On the network:

1. Multimedia terminal A transmits video and audio streams to the device.

2. The device collects the streams on the inbound interface, and reports each
stream's septuple information (source and destination MAC addresses, source
and destination IP addresses, source and destination port numbers, and
protocol type) and other information (such as the numbers of packets and
bytes) to the controller.
3. The controller calculates the stream rate based on the information to identify
audio and video streams.

Figure 14-3 Typical media network

● Interface 1 in this example represents GE 1/0/1.

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 14 Flow Recognition Configuration

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure an IP address and a routing protocol for each interface so that all
the nodes can communicate at the network layer.
2. Configure static telemetry subscription.
3. Configure flow recognition.

Data Preparation
To complete the configuration, you need the following data:
● Interface 1's IP address: 10.1.1.1
● Controller IP address: 10.1.1.2; port number: 10001
● Telemetry sampling path: huawei-flow-recognition:flowrecognition/
streaminfos/streaminfo
● Proto file used for flow recognition: huawei-flow-recognition.proto

Procedure
Step 1 Configure an IP address and a routing protocol for each interface so that all the
nodes can communicate at the network layer. For configuration details about the
device, see Configuration Files.
Step 2 Configure static telemetry subscription. For configuration details, see
Configuration Files.
Step 3 Configure flow recognition.
<HUAWEI> system-view
[~HUAWEI] interface GigabitEthernet 1/0/1
[~HUAWEI-GigabitEthernet1/0/1] flow-recognition inbound
[*HUAWEI-GigabitEthernet1/0/1] commit

Step 4 Verify the configuration.

# Check the flow table information of flow recognition in a specified slot.
<HUAWEI> display flow-recognition cache slot 1
Information of flow-recognition cache on slot 1
----------------------------------------------------------
Interface : GigabitEthernet1/0/1
Direction : inbound
Protocol : 6

HUAWEI NetEngine 8000 X Series Router
Configuration Guide - System Monitor 14 Flow Recognition Configuration

SrcMac : 0000-0201-0102
DstMac : 0030-4567-8058
SrcPort : 10
DstPort : 30
SrcAddr : 2.1.1.3
DstAddr : 3.1.1.2
FirstTimestamp : 2019-05-20 14:32:46
LastTimestamp : 2019-05-20 14:52:47
PacketsCount : 399564
BytesCount : 51144192
----------------------------------------------------------

----End

Configuration Files
#
telemetry
#
sensor-group sensor1
sensor-path huawei-flow-recognition:flowrecognition/streaminfos/streaminfo condition express op-field
systemCpuUsage op-type gt op-value 40
#
destination-group destination1
ipv4-address 10.1.1.2 port 10001 protocol grpc no-tls
#
subscription subscription1
sensor-group sensor1
destination-group destination1
#
#
interface GigabitEthernet 1/0/1
flow-recognition inbound
#

MA5801 Feature Guide 07
No ratings yet
MA5801 Feature Guide 07
1,442 pages
RTN 620 Product Description (V100R005C01 - 02)
No ratings yet
RTN 620 Product Description (V100R005C01 - 02)
129 pages
G LI 002 BTS3006C Hardware Structure 20070403 A 1.0
No ratings yet
G LI 002 BTS3006C Hardware Structure 20070403 A 1.0
72 pages
Motorola DGT9000 Service Manual
No ratings yet
Motorola DGT9000 Service Manual
96 pages
5060 MGC10 Replacing A Rouzic Card - Ed05
No ratings yet
5060 MGC10 Replacing A Rouzic Card - Ed05
19 pages
WR - HI1011 - E01 - 1 ZXWR RNC Hardware Installation-47
No ratings yet
WR - HI1011 - E01 - 1 ZXWR RNC Hardware Installation-47
47 pages
Maintaining and Troubleshooting MCBSC and MCTC Hardware
No ratings yet
Maintaining and Troubleshooting MCBSC and MCTC Hardware
57 pages
Site Creation - Commissioning Guide - 5060 MGC10: Implementation Methods
No ratings yet
Site Creation - Commissioning Guide - 5060 MGC10: Implementation Methods
114 pages
4ft Antenna SB4 With Wind Kit 250kmh Reflector Installation (NMT560-03)
100% (1)
4ft Antenna SB4 With Wind Kit 250kmh Reflector Installation (NMT560-03)
11 pages
ZTE MW Local Operation Guide
No ratings yet
ZTE MW Local Operation Guide
43 pages
L7.1a - Aa
No ratings yet
L7.1a - Aa
46 pages
Pioneer RS-P99 PDF
No ratings yet
Pioneer RS-P99 PDF
70 pages
SD1 18 Layers
No ratings yet
SD1 18 Layers
159 pages
7607 TRX Operation Degraded Guide
No ratings yet
7607 TRX Operation Degraded Guide
89 pages
4 - 5 1553 BMP 903051 DirectionsForUse Uen B
No ratings yet
4 - 5 1553 BMP 903051 DirectionsForUse Uen B
18 pages
ETP48200 V300R002C00 Training Slides
No ratings yet
ETP48200 V300R002C00 Training Slides
89 pages
ZXMP S325 (v2.0) (R1.0) Installation Manual
No ratings yet
ZXMP S325 (v2.0) (R1.0) Installation Manual
206 pages
05 MW - AC3101 - E01 - 0 NetNumen U31 Alarm Management 135P
No ratings yet
05 MW - AC3101 - E01 - 0 NetNumen U31 Alarm Management 135P
135 pages
CBSS Configuration and Adjustment Guide (CBSS9.0 - 01) (PDF) - en
No ratings yet
CBSS Configuration and Adjustment Guide (CBSS9.0 - 01) (PDF) - en
475 pages
ZXCTN System Routine Maintenance: Training Manual
No ratings yet
ZXCTN System Routine Maintenance: Training Manual
65 pages
01-19 ERPS (G 8032) Configuration
No ratings yet
01-19 ERPS (G 8032) Configuration
82 pages
RTL 4826c Programming Manual Analog Msf5000!68!80310b31
No ratings yet
RTL 4826c Programming Manual Analog Msf5000!68!80310b31
87 pages
ZXR10 5900E Series Easy-Maintenance MPLS PDF
No ratings yet
ZXR10 5900E Series Easy-Maintenance MPLS PDF
1,973 pages
8650 SDM Product Installation Sheet
100% (2)
8650 SDM Product Installation Sheet
32 pages
Man-1145 Sigma A-XT Operating and Installation Manual - 03.01
No ratings yet
Man-1145 Sigma A-XT Operating and Installation Manual - 03.01
163 pages
EXALT Manual
No ratings yet
EXALT Manual
148 pages
Security Chassis Cluster
No ratings yet
Security Chassis Cluster
638 pages
Fusion 430 /fusion Black 430: User's Manual
100% (1)
Fusion 430 /fusion Black 430: User's Manual
9 pages
05 iEPMS Quick User Guide - How To Upload and Submit Task Document
No ratings yet
05 iEPMS Quick User Guide - How To Upload and Submit Task Document
8 pages
Ipaso VR A5 GGS-000375-02E Cli command-SS1901
No ratings yet
Ipaso VR A5 GGS-000375-02E Cli command-SS1901
182 pages
Presentacion Pgibt
100% (1)
Presentacion Pgibt
140 pages
EATON APR48 - Rectifier Module
No ratings yet
EATON APR48 - Rectifier Module
10 pages
R18.2 XTC Hardware Description Guide
No ratings yet
R18.2 XTC Hardware Description Guide
680 pages
OptiX OSN 8800 Product Documentation SCC Factory Default PDF
No ratings yet
OptiX OSN 8800 Product Documentation SCC Factory Default PDF
8 pages
SJ-20100511105923-001-ZXSDR BS8900A C100 (HV2.0) Hardware Installation Guide - 448709
No ratings yet
SJ-20100511105923-001-ZXSDR BS8900A C100 (HV2.0) Hardware Installation Guide - 448709
121 pages
Infinera DTN-X Training Guide
No ratings yet
Infinera DTN-X Training Guide
74 pages
Site Installation Standard RAN - HTI XLSMART - V1.1 2025 (Sign) Scan
No ratings yet
Site Installation Standard RAN - HTI XLSMART - V1.1 2025 (Sign) Scan
56 pages
Accedian LT Datasheet 2016 4Q
No ratings yet
Accedian LT Datasheet 2016 4Q
2 pages
Zenic ONE-UME R22 V16.21.20C4 Unified Management and Orchestration Expert Unified Northbound MTOSI Interface Specifications (Inventory Volume)
No ratings yet
Zenic ONE-UME R22 V16.21.20C4 Unified Management and Orchestration Expert Unified Northbound MTOSI Interface Specifications (Inventory Volume)
252 pages
ZXCTN 6408
100% (1)
ZXCTN 6408
99 pages
WTM 6000 Instruction Manual August 2011
No ratings yet
WTM 6000 Instruction Manual August 2011
198 pages
Eltek UPC3
100% (1)
Eltek UPC3
54 pages
AVL TracStar Controller 3.5
No ratings yet
AVL TracStar Controller 3.5
96 pages
ATN 910&910I&910B&950B V200R003C10 Commissioning Guide 01 (U2000)
No ratings yet
ATN 910&910I&910B&950B V200R003C10 Commissioning Guide 01 (U2000)
31 pages
ZXSDR B8200&R8840 NodeB Installation Guide
No ratings yet
ZXSDR B8200&R8840 NodeB Installation Guide
82 pages
ATN 905&910&910I&910B&950B V200R006C20SPC600 Feature Description 01 (CLI) PDF
No ratings yet
ATN 905&910&910I&910B&950B V200R006C20SPC600 Feature Description 01 (CLI) PDF
1,621 pages
10 - OBU113924 MSAN UA5000 EMU Subject ISSUE1.0
No ratings yet
10 - OBU113924 MSAN UA5000 EMU Subject ISSUE1.0
46 pages
ZXWR RNC (V3.07.200) Radio Network Controller Maintenance Manual (Emergency Maintenance) PDF
100% (1)
ZXWR RNC (V3.07.200) Radio Network Controller Maintenance Manual (Emergency Maintenance) PDF
45 pages
SM35 - SM36 Monitor Manual v2 1
83% (6)
SM35 - SM36 Monitor Manual v2 1
56 pages
Manual - PowerView Software V3.5.1J
No ratings yet
Manual - PowerView Software V3.5.1J
31 pages
Siemens BS 240 Cabinet Configuration
No ratings yet
Siemens BS 240 Cabinet Configuration
2 pages
Clinimix and Clinimix E Macro Micronutrient Guide
No ratings yet
Clinimix and Clinimix E Macro Micronutrient Guide
16 pages
BTS3006C Modules
No ratings yet
BTS3006C Modules
39 pages
BTI 7000 Troubleshooting Guide
No ratings yet
BTI 7000 Troubleshooting Guide
500 pages
NM10 Installation and Configuration Guide M212997EN B.1
No ratings yet
NM10 Installation and Configuration Guide M212997EN B.1
206 pages
Alarm VISONIC Kit Upute
No ratings yet
Alarm VISONIC Kit Upute
36 pages
BTS 8000 Fault Finding PDF
No ratings yet
BTS 8000 Fault Finding PDF
476 pages
NE9000 V800R023C00SPC500 Configuration Guide 18 System Monitor
No ratings yet
NE9000 V800R023C00SPC500 Configuration Guide 18 System Monitor
687 pages
NetEngine 8000 M14K, M14, M8K, M8, M4, 8000E M14 M8, 8100 M14 M8 V800R022C00SPC600 Configuration Guide 17 System Monitor
No ratings yet
NetEngine 8000 M14K, M14, M8K, M8, M4, 8000E M14 M8, 8100 M14 M8 V800R022C00SPC600 Configuration Guide 17 System Monitor
1,105 pages
NE9000 V800R023C00SPC500 Configuration Guide 07 IP Services
No ratings yet
NE9000 V800R023C00SPC500 Configuration Guide 07 IP Services
483 pages
Acceptance Test Guide: Operation Appendixes
No ratings yet
Acceptance Test Guide: Operation Appendixes
14 pages
Colombia - WOM - IP - Training Proposal - 02092020
No ratings yet
Colombia - WOM - IP - Training Proposal - 02092020
33 pages
HCIA-AI V1.0 Lab Guide
No ratings yet
HCIA-AI V1.0 Lab Guide
269 pages
Connectivity Planning of IP Bearer Network ISSUE 1.00
No ratings yet
Connectivity Planning of IP Bearer Network ISSUE 1.00
67 pages
Fault Management: About This Chapter
No ratings yet
Fault Management: About This Chapter
4 pages
IP Traffic Monitoring Configuration: About This Chapter
No ratings yet
IP Traffic Monitoring Configuration: About This Chapter
2 pages
01-01 About This Document
No ratings yet
01-01 About This Document
4 pages
Junos OS: Hardware and Routing Guide
No ratings yet
Junos OS: Hardware and Routing Guide
9 pages
NetEngine 8000 X V800R012C00SPC300 Configuration Guide - VPN 04
No ratings yet
NetEngine 8000 X V800R012C00SPC300 Configuration Guide - VPN 04
2,935 pages
Huawei - Training Description For Enterprise Network
No ratings yet
Huawei - Training Description For Enterprise Network
344 pages
01-02 ARP Configuration
No ratings yet
01-02 ARP Configuration
47 pages
Huawei NTP Configuration Guide
No ratings yet
Huawei NTP Configuration Guide
4 pages
A Proposed Pediatric Medical Center Research Thesis
No ratings yet
A Proposed Pediatric Medical Center Research Thesis
3 pages
Real Property Mortgage Mergers
No ratings yet
Real Property Mortgage Mergers
2 pages
Clinic Needs Assessment Questionnaire
No ratings yet
Clinic Needs Assessment Questionnaire
6 pages
SchémaPlic AppIng Software 2025.en
No ratings yet
SchémaPlic AppIng Software 2025.en
1 page
WORLD BEST ASSIGNMENT WRITING SERVICES ONLY SPARKLES SOFT Acca BSC Project Writer, Singapore Best Writers, London Best Writers
No ratings yet
WORLD BEST ASSIGNMENT WRITING SERVICES ONLY SPARKLES SOFT Acca BSC Project Writer, Singapore Best Writers, London Best Writers
2 pages
Reliability Engineering Basics
No ratings yet
Reliability Engineering Basics
712 pages
Electromagnetic Theory Notes
100% (2)
Electromagnetic Theory Notes
178 pages
Breathing Air: The Breath of Performance
No ratings yet
Breathing Air: The Breath of Performance
24 pages
CRN8394232324 Ola
No ratings yet
CRN8394232324 Ola
3 pages
Role of Listening in Business Communication
No ratings yet
Role of Listening in Business Communication
5 pages
ConThermo Heating Cabinets Overview
No ratings yet
ConThermo Heating Cabinets Overview
4 pages
ISO 13485 Seminar Slide Deck
100% (3)
ISO 13485 Seminar Slide Deck
150 pages
Training Curses Lincoln
No ratings yet
Training Curses Lincoln
52 pages
HDFC ERGO General Insurance Company Limited
No ratings yet
HDFC ERGO General Insurance Company Limited
4 pages
Safely Buy Land in Nigeria Guide
No ratings yet
Safely Buy Land in Nigeria Guide
4 pages
Evolution of Securities Laws in India
No ratings yet
Evolution of Securities Laws in India
3 pages
POA w4
No ratings yet
POA w4
9 pages
MKTG6
No ratings yet
MKTG6
12 pages
Why Asian Fusion Cuisine Are So Popular
No ratings yet
Why Asian Fusion Cuisine Are So Popular
2 pages
VAMPSET Version Release Notes
No ratings yet
VAMPSET Version Release Notes
6 pages
en LP 698776 Cosimir PLC Advanced Manual
No ratings yet
en LP 698776 Cosimir PLC Advanced Manual
324 pages
Catchmaster: ™ Brand Adhesive Devices - MSDS
No ratings yet
Catchmaster: ™ Brand Adhesive Devices - MSDS
3 pages
Playing To Win
67% (3)
Playing To Win
3 pages
National PAT Session Minutes, Mumbai 2011
No ratings yet
National PAT Session Minutes, Mumbai 2011
25 pages
Athens/Institution Login Not Registered? User Name: Password
No ratings yet
Athens/Institution Login Not Registered? User Name: Password
1 page
IMS Ghaziabad 7th Convocation Highlights
No ratings yet
IMS Ghaziabad 7th Convocation Highlights
13 pages
Pavani Kuppili Resume 2
No ratings yet
Pavani Kuppili Resume 2
3 pages
2G Overview - GPRS Part 1
No ratings yet
2G Overview - GPRS Part 1
62 pages
Ysd490D Engine Technical Data Sheet
No ratings yet
Ysd490D Engine Technical Data Sheet
2 pages
Pe195908 PDF
100% (3)
Pe195908 PDF
150 pages