manualshive.com logo in svg

H3C SecPath F5020, Interface Configuration Manual

The H3C SecPath F5020 installation manual can be easily downloaded for free from 88.208.23.73:8080. This comprehensive manual provides step-by-step instructions on how to set up and configure the F5020 security appliance. Make sure to download your copy today to maximize the performance of your device.

Share
Download
background image

 

16 

To avoid congestion on GigabitEthernet 1/0/4, configure 100 Mbps as the only option available for 

speed negotiation on interfaces GigabitEthernet 1/0/1, GigabitEthernet 1/0/2, and GigabitEthernet 
1/0/3. As a result, the transmission rate on each interface connected to a server is limited to 100 Mbps. 
To set speed options for autonegotiation on an Ethernet interface: 

 

Step Command 

Remarks 

1.

 

Enter system view. 

system-view 

N/A 

2.

 

Enter Ethernet interface view. 

interface 

interface-type 

interface-number

 

N/A 

3.

 

Set speed options for 

autonegotiation. 

speed

 

auto

 { 

10

 | 

100

 | 

1000

 } *

 

The default setting varies by device 
model.  
The 

speed 

and 

speed auto

 

commands supersede each other, 

and whichever is configured last 
takes effect. 

 

Configuring storm suppression 

The storm suppression feature ensures that the size of a particular type of traffic (broadcast, multicast, or 

unknown unicast traffic) does not exceed the threshold on an interface. When the broadcast, multicast, 

or unknown unicast traffic on the interface exceeds this threshold, the system discards packets until the 

traffic drops below this threshold.  
Any of the 

storm-constrain

broadcast-suppression

multicast-suppression

, and 

unicast-suppression

 

commands can suppress storm on an interface. The 

broadcast-suppression

multicast-suppression

, and 

unicast-suppression

 commands suppress traffic in hardware. They have less impact on the device 

performance than the 

storm-constrain

 command, which suppresses traffic in software. 

Configuration restrictions and guidelines 

For the same type of traffic, do not configure storm control together with storm suppression. Otherwise, 

the traffic suppression result is not determined. For more information about storm control, see 

"

Configuring storm control on an Ethernet interface

."  

Configuration procedure 

To set storm suppression thresholds on an Ethernet interface or subinterface: 

 

Step Command 

Remarks 

1.

 

Enter system view. 

system-view 

N/A 

2.

 

Enter Ethernet interface view. 

interface 

interface-type 

interface-number

 

N/A 

3.

 

Enable broadcast suppression 
and set the broadcast 

suppression threshold. 

broadcast-suppression 

ratio 

|

 

pps

 max-pps

 | 

kbps 

max-kbps

 } 

By default, broadcast suppression 
is disabled. 

4.

 

Enable multicast suppression 
and set the multicast 

suppression threshold. 

multicast-suppression 

ratio 

|

 

pps

 

max-pps

 | 

kbps 

max-kbps

 } 

By default, multicast suppression is 
disabled. 

Summary of Contents for SecPath F5020

Page 1: ...figuration Guide Comware V7 Hangzhou H3C Technologies Co Ltd http www h3c com Software version F5020 F5040 firewalls ESS9304 M9006 M9010 M9014 security gateways ESS9114 VFW1000 virtual firewalls ESS92...

Page 2: ...ne SecPath SecCenter SecBlade Comware ITCMM and HUASAN are trademarks of Hangzhou H3C Technologies Co Ltd All other trademarks that may be mentioned in this manual are the property of their respective...

Page 3: ...rewall documentation set Obtaining documentation Technical support Documentation feedback Applicable devices This document applies to the following firewall devices Product series Model Device type H3...

Page 4: ...ional syntax choices separated by vertical bars from which you select one choice multiple choices or none 1 n The argument or keyword and argument combination before the ampersand sign can be entered...

Page 5: ...udes Category Documents Purposes Product description and specifications Marketing brochures Describe product specifications and benefits Hardware specifications and installation Compliance and safety...

Page 6: ...tallation software upgrading and software feature configuration and maintenance documentation Products Solutions Provides information about products and technologies as well as solutions Software Down...

Page 7: ...Ethernet interface 12 Forcibly bringing up a fiber port 13 Configuring a Layer 2 Ethernet interface 15 Setting speed options for autonegotiation on an Ethernet interface 15 Configuring storm suppressi...

Page 8: ...interface range The more interfaces in an interface range the longer the command execution time The maximum number of interface range names is limited only by the system resources To guarantee bulk in...

Page 9: ...s name rather than the interface range to enter the interface range view 3 Optional Display commands available for the first interface in the interface range Enter a question mark at the interface ran...

Page 10: ...faces see Configuring a Layer 2 Ethernet interface For more information about the settings specific to Layer 3 Ethernet interfaces or subinterfaces see Configuring a Layer 3 Ethernet interface or subi...

Page 11: ...Mbps Layer 2 Ethernet interface you can also set speed options for autonegotiation The two ends can select a speed only from the available options For more information see Setting speed options for a...

Page 12: ...e interface type interface number subnumber N A 3 Set the description for the Ethernet subinterface description text The default setting is interface name Interface For example GigabitEthernet1 0 1 1...

Page 13: ...e Configuring jumbo frame support The following matrix shows the feature and hardware compatibility Hardware Jumbo frame support compatibility F5020 F5040 No M9006 M9010 M9014 Yes VFW1000 No An Ethern...

Page 14: ...f the change for guiding packet forwarding Automatically generates traps and logs to inform users to take the correct actions To prevent frequent physical link flapping from affecting system performan...

Page 15: ...the interface flaps the penalty increases by 1000 for each down event It does not increase for up events Ceiling The penalty stops increasing when it reaches the ceiling Suppress limit The accumulated...

Page 16: ...per layer protocols Do not enable the dampening function on an interface with MSTP enabled Configuration procedure To configure dampening on an Ethernet interface Step Command Remarks 1 Enter system v...

Page 17: ...opback tests follow these restrictions and guidelines On an administratively shut down Ethernet interface displayed as in ADM or Administratively DOWN state you cannot perform an internal or external...

Page 18: ...its peer When the interface receives a flow control frame from its peer it suspends sending packets to its peer To handle unidirectional traffic congestion on a link configure the flow control receive...

Page 19: ...rate statistics collection on an Ethernet interface CAUTION Use this feature with caution because it might consume a large amount of system resources The following matrix shows the feature and hardwar...

Page 20: ...ports compatibility F5020 F5040 No M9006 M9010 M9014 Yes VFW1000 No As shown in Figure 2 a fiber port uses separate fibers for transmitting and receiving packets The physical state of the fiber port...

Page 21: ...installed with a fiber to copper converter 100 1000 Mbps transceiver module or 100 Mbps transceiver module To solve the problem use the undo port up mode command on the fiber port Configuration proced...

Page 22: ...9010 M9014 Yes VFW1000 No By default speed autonegotiation enables an Ethernet interface to negotiate with its peer for the highest speed that both ends support You can narrow down the speed option li...

Page 23: ...below this threshold Any of the storm constrain broadcast suppression multicast suppression and unicast suppression commands can suppress storm on an interface The broadcast suppression multicast sup...

Page 24: ...s not automatically come up To bring up the interface use the undo shutdown command or disable the storm control function You can configure an Ethernet interface to output threshold event traps and lo...

Page 25: ...thernet interface sends traps when monitored traffic exceeds the upper threshold or drops below the lower threshold from the upper threshold Setting the MDIX mode of an Ethernet interface IMPORTANT Fi...

Page 26: ...nection of an Ethernet interface and displays cable test result within 5 seconds The test result includes the cable s status and some physical parameters If any fault is detected the test result shows...

Page 27: ...s Additionally when a Layer 3 Ethernet subinterface is created it uses the MAC address of its main interface by default As a result all Layer 3 Ethernet subinterfaces of a Layer 3 Ethernet interface s...

Page 28: ...trol on the specified interfaces display storm constrain broadcast multicast unicast interface interface type interface number Display the Ethernet module statistics display ethernet statistics Displa...

Page 29: ...te from the loopback interface to the peer is reachable by performing routing configuration All data packets sent to the loopback interface are considered packets sent to the device itself so the devi...

Page 30: ...setting is NULL0 Interface 4 Restore the default settings for the null interface default N A Configuring an inloopback interface An inloopback interface is a virtual interface created by the system wh...

Page 31: ...nterfaces together to form a Blade aggregation group The corresponding logical interface of a Blade aggregation group is called a Blade aggregate interface For more information see Layer 2 LAN Switchi...

Page 32: ...e 22 Configuring a null interface 23 Configuring an inloopback interface 23 Configuring common Ethernet interface settings 3 D Displaying and maintaining a Blade interface 24 Displaying and maintainin...

Reviews:

No comments

Related manuals for SecPath F5020

SonicWALL TZ270 Quick Start Manual preview
TZ270
Brand: SonicWALL Pages: 2
Dell SonicWALL SOHO APL31-0B9 Quick Start Manual preview
SonicWALL SOHO APL31-0B9
Brand: Dell Pages: 12
Dell SonicWALL TZ300 Quick Start Manual preview
SonicWALL TZ300
Brand: Dell Pages: 2
Dell sonicwall x series Deployment Manual preview
sonicwall x series
Brand: Dell Pages: 45
Watchguard XTM 8 series Quick Start Manual preview
XTM 8 series
Brand: Watchguard Pages: 20
Watchguard Firebox M4600 Hardware Manual preview
Firebox M4600
Brand: Watchguard Pages: 34
vpneveryone HTTPS VPN Secure WiFi USB Dongle User Manual preview
HTTPS VPN Secure WiFi USB Dongle
Brand: vpneveryone Pages: 13
Global Technology GB-750 Product Manual preview
GB-750
Brand: Global Technology Pages: 28
Secure Computing Sidewinder 7.0 Quick Start preview
Sidewinder 7.0
Brand: Secure Computing Pages: 2
Check Point InterSpect 210 Datasheet preview
InterSpect 210
Brand: Check Point Pages: 4
Check Point Quantum LightSpeed Appliance QLS250 Rack Mounting Manual preview
Quantum LightSpeed Appliance QLS250
Brand: Check Point Pages: 24
Advantech FWA-3140 User Manual preview
FWA-3140
Brand: Advantech Pages: 23

Brands by name

Popular brands

Load more brands