Login
| Title | Size | Downloads |
|---|---|---|
| 04-File System Management Configuration.pdf | 245.6 KB |
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 04-File System Management Configuration | 245.6 KB |
Table of Contents
1 File System Management Configuration
Setting File System Prompt Modes
File System Operations Example
Saving the Current Configuration
Specifying a Startup Configuration File for the Next System Startup
Backing Up the Startup Configuration File
Deleting the Startup Configuration File
Restoring the Startup Configuration File
Displaying and Maintaining Device Configuration
Establishing an FTP Connection
FTP Client Configuration Example
Configuring FTP Server Operating Parameters
Configuring Authentication and Authorization on the FTP Server
FTP Server Configuration Example
Displaying and Maintaining FTP
Displaying and Maintaining the TFTP Client
TFTP Client Configuration Example
1 File System Management Configuration
When configuring file system management, go to these sections for information you are interested in:
l Configuration File Management
l Displaying and Maintaining Device Configuration
Throughout this document, a filename can be entered as either of the following:
l A fully qualified filename with a path included to indicate a file under a specific path. The filename can be 1 to 135 characters in length.
l A short filename with no path to indicate a file in the current path. The filename can be 1 to 91 characters in length.
File System Management
This section covers these topics:
l Setting File System Prompt Modes
l File System Operations Example
File System Overview
A major function of the file system is to manage storage devices. It allows you to perform operations such as directory create and delete, and file copy and display. If an operation, delete or overwrite for example, causes problems such as data loss or corruption, the file system will prompt you to confirm the operation by default.
Depending on the managed object, file system operations fall into Directory Operations, File Operations, Batch Operations, Storage Device Operations, and Setting File System Prompt Modes.
Directory Operations
Directory operations include creating/deleting a directory, displaying the current working directory, displaying the specified directory or file information, and so on.
Displaying directory information
|
To do… |
Use the command… |
Remarks |
|
Display directory or file information |
dir [ /all ] [ file-url ] |
Required Available in user view |
Displaying the current working directory
|
To do… |
Use the command… |
Remarks |
|
Display the current working directory |
pwd |
Required Available in user view |
Changing the current working directory
|
To do… |
Use the command… |
Remarks |
|
Change the current working directory |
cd { directory | .. | / } |
Required Available in user view |
Creating a directory
|
To do… |
Use the command… |
Remarks |
|
Create a directory |
mkdir directory |
Required Available in user view |
Removing a directory
|
To do… |
Use the command… |
Remarks |
|
Remove a directory |
rmdir directory |
Required Available in user view |
l The directory to be removed must be empty, meaning that before you remove a directory, you must delete all the files and the subdirectory under this directory. For file deletion, refer to the delete command; for subdirectory deletion, refer to the rmdir command.
l After you execute the rmdir command successfully, the files in the recycle bin under the directory will be automatically deleted.
File Operations
File operations include displaying the specified directory or file information; displaying file contents; renaming, copying, moving, removing, restoring, and deleting files.
You can create a file by copying, downloading or using the save command.
Displaying file information
|
To do… |
Use the command… |
Remarks |
|
Display file or directory information |
dir [ /all ] [ file-url ] |
Required Available in user view |
Displaying the contents of a file
|
To do… |
Use the command… |
Remarks |
|
Display the contents of a file |
more file-url |
Required Currently only a .txt file can be displayed. Available in user view |
Renaming a file
|
To do… |
Use the command… |
Remarks |
|
Rename a file |
rename fileurl-source fileurl-dest |
Required Available in user view |
Copying a file
|
To do… |
Use the command… |
Remarks |
|
Copy a file |
copy fileurl-source fileurl-dest |
Required Available in user view |
Moving a file
|
To do… |
Use the command… |
Remarks |
|
Move a file |
move fileurl-source fileurl-dest |
Required Available in user view |
Deleting a file
|
To do… |
Use the command… |
Remarks |
|
Move a file to the recycle bin or delete it permanently |
delete [ /unreserved ] file-url |
Required Available in user view |
l The files in the recycle bin still occupy storage space. To delete a file in the recycle bin, you need to execute the reset recycle-bin command in the directory that the file originally belongs. It is recommended to empty the recycle bin timely with the reset recycle-bin command to save storage space.
l The delete /unreserved file-url command deletes a file permanently and the action cannot be undone. Execution of this command equals that you execute the delete file-url command and then the reset recycle-bin command in the same directory.
Restoring a file from the recycle bin
|
To do… |
Use the command… |
Remarks |
|
Restore a file from the recycle bin |
undelete file-url |
Required Available in user view |
Emptying the recycle bin
|
To do… |
Use the command… |
Remarks |
|
Empty the recycle bin |
reset recycle-bin [ /force ] |
Required Available in user view |
Batch Operations
A batch file is a set of executable commands. Executing a batch file equals executing the commands in the batch file one by one.
The following steps are recommended to execute a batch file:
1) Edit the batch file on your PC.
2) Download the batch file to the device. If the suffix of the file is not .bat, use the rename command to change the suffix to .bat.
3) Execute the batch file.
Follow the steps below to execute a batch file:
|
To do… |
Use the command… |
Remarks |
|
Enter system view |
system-view |
— |
|
Execute a batch file |
execute filename |
Required |
Execution of a batch file does not guarantee the successful execution of every command in the batch file. If a command has error settings or the conditions for executing the command are not satisfied, the system will skip the command to the next one.
Storage Device Operations
When some space of a storage device becomes inaccessible due to abnormal operations for example, you can use the fixdisk command to restore the space of the storage device or use the format command to format the storage device.
Use the following commands to manage the storage device space:
|
To do… |
Use the command… |
Remarks |
|
Restore the space of a storage device |
fixdisk device |
Optional Available in user view |
|
Format a storage device |
format device |
Optional Available in user view |
When you format a storage device, all the files stored on it are erased and cannot be restored. In particular, if there is a startup configuration file on the storage device, formatting the storage device results in loss of the startup configuration file.
Setting File System Prompt Modes
The file system provides the following two prompt modes:
l alert: In this mode, the system warns you about operations that may bring undesirable consequences such as file corruption or data loss.
l quiet: In this mode, the system does not prompt confirmation for any operation.
To prevent undesirable consequence resulting from misoperations, the alert mode is preferred.
|
To do… |
Use the command… |
Remarks |
|
Enter system view |
system-view |
— |
|
Set the operation prompt mode of the file system |
file prompt { alert | quiet } |
Optional The default is alert. |
File System Operations Example
# Display the files and the subdirectories under the current directory.
<Sysname> dir
Directory of flash:/
0 drw- - Feb 16 2006 11:45:36 logfile
1 -rw- 1218 Feb 16 2006 11:46:19 config.cfg
2 drw- - Feb 16 2006 15:20:27 test
3 -rw- 184108 Feb 16 2006 15:30:20 aaa.bin
14605 KB total (2521 KB free)
# Create a new folder called mytest under the test directory.
<Sysname> cd test
<Sysname> mkdir mytest
%Created dir flash:/test/mytest.
# Display the current working directory.
<Sysname> pwd
flash:/test
# Display the files and the subdirectories under the test directory.
<Sysname> dir
Directory of flash:/test/
0 drw- - Feb 16 2006 15:28:14 mytest
14605 KB total (2519 KB free)
# Return to the upper directory.
<Sysname> cd ..
# Display the current working directory.
<Sysname> pwd
flash:/
Configuration File Management
The device provides the configuration file management function with a user-friendly command line interface (CLI) for you to manage the configuration files conveniently.
This section covers these topics:
l Saving the Current Configuration
l Specifying a Startup Configuration File for the Next System Startup
l Backing Up the Startup Configuration File
l Deleting the Startup Configuration File
l Restoring the Startup Configuration File
Configuration File Overview
A configuration file saves the device configurations in command lines in text format. You can view configuration information conveniently through configuration files.
Types of configuration
The configuration of a device falls into two types:
l Startup configuration, a configuration file used for initialization when the device boots. If this file does not exist, the system boots using null configuration, that is, using the default parameters.
l Current configuration, which refers to the currently running configuration of the system. The current configuration may include the startup configuration if the startup configuration is not modified during system operation, and it also includes the new configuration added during the system operation. The current configuration is stored in the temporary storage device of the device, and will be removed when the device reboots if not saved.
Format of a configuration file
A configuration file is saved as a text file. It:
l Saves configuration in the form of commands.
l Saves only non-default configuration settings.
l Lists commands in sections by views, usually in the order of system view, interface view, and routing protocol view. Sections are separated with one or multiple blank lines or comment lines that start with a pound sign #.
l Ends with a return.
Coexistence of multiple configuration files
Multiple configuration files can be stored on a storage medium of a device. You can save the configuration used in different environments as different configuration files. In this case, when the device moves between these networking environments, you just need to specify the corresponding configuration file as the startup configuration file for the next boot of the device and restart the device, so that the device can adapt to the network rapidly, saving the configuration workload.
You can specify the main and backup startup configuration files for the next boot of the device in the following two methods:
l Specify them when saving the current configuration. For detailed configuration, refer to Saving the Current Configuration.
l Specify them when specifying the startup configuration file for the next system startup. For detailed configuration, refer to Specifying a Startup Configuration File for the Next System Startup.
Startup with the configuration file
The device takes the following steps when it boots:
1) If you have specified a startup configuration file for system startup, and this file exists, the device will initialize its configuration based on this file.
2) If the specified startup configuration file does not exist, the device will boot with null configuration.
Saving the Current Configuration
You can modify the current configuration on your device using command line interface. However, the current configuration is temporary. To use the modified configuration at the next boot of the device, you must save the current configuration (using the save command) to the startup configuration file before the device reboots.
Modes in saving the configuration
l Fast saving mode. This is the mode when you use the save command without the safely keyword. The mode saves the file more quickly but is likely to lose the existing configuration file if the device reboots or the power fails during the process.
l Safe mode. This is the mode when you use the save command with the safely keyword. The mode saves the file more slowly but can retain the configuration file in the device even if the device reboots or the power fails during the process.
The fast saving mode is suitable for environments where power supply is stable. The safe mode, however, is preferred in environments where stable power supply is unavailable or remote maintenance is involved.
Follow the steps below to save the current configuration:
|
To do… |
Use the command… |
Remarks |
|
Save the current configuration to the specified file |
save [ filename ] |
Use either command Available in any view |
|
Save the current configuration to the specified file and specify the file as the main or backup startup configuration file that will be used at the next system startup |
save [ safely ] |
l The file that you will specify to save the current configuration must be with extension .cfg.
l During the execution of the save [ safely ] command, the startup configuration file to be used at the next system startup may be lost if the device reboots or the power supply fails. In this case, the device will boot with the null configuration, and after the device reboots, you need to re-specify a startup configuration file for the next system startup (refer to Specifying a Startup Configuration File for the Next System Startup).
Specifying a Startup Configuration File for the Next System Startup
A startup configuration file is the configuration file to be used at the next system startup. You can specify a configuration file as the startup configuration file to be used at the next system startup in the following two ways:
l Use the save command. If you save the current configuration to the specified configuration file in the interactive mode and use the non-default path (that is, entering a new filename), the system automatically sets the file as the configuration file to be used at the next system startup.
l Use the command dedicated to specify a startup configuration file, which is described in the following table:
Follow the step below to specify a configuration file as the startup configuration file for the next system startup:
|
To do… |
Use the command… |
Remarks |
|
Specify a startup configuration file for the next system startup |
startup saved-configuration cfgfile |
Required Available in user view |
A configuration file must use .cfg as its extension name and the startup configuration file must be saved under the root directory of the storage device.
Backing Up the Startup Configuration File
The backup function allows you to copy the startup configuration file to be used at the next system startup from the device to the TFTP server for backup.
The backup operation backs up the startup configuration file.
Follow the step below to back up the startup configuration file to be used at the next system startup:
|
To do… |
Use the command… |
Remarks |
|
Back up the configuration file to be used at the next system startup |
backup startup-configuration to dest-addr [dest- filename ] |
Required Available in user view |
Before backup, you should:
l Ensure that the server is reachable, the server is enabled with TFTP service, and the client has permission to read and write.
l Use the display startup command (in user view) to see whether you have set the startup configuration file, and use the dir command to see whether this file exists. If the file is set as NULL or does not exist, the backup operation will fail.
Deleting the Startup Configuration File
You can delete the startup configuration file to be used at the next system startup using commands.
You may need to delete the configuration file for one of these reasons:
l After you upgrade system software, the existing configuration file does not match the new system software.
l The configuration file is corrupted (often caused by loading a wrong configuration file).
After the startup configuration file is deleted, the system will use the null configuration when the device reboots.
Follow the step below to delete the startup configuration file:
|
To do… |
Use the command… |
Remarks |
|
Delete the startup configuration file from the storage device |
reset saved-configuration |
Required Available in user view |
This command will permanently delete the configuration file from the device. Use it with caution.
Restoring the Startup Configuration File
The restore function allows you to copy a configuration file from TFTP server to the device and specify the file as the startup configuration file to be used at the next system startup.
The restore operation restores the startup configuration file.
Follow the step below to restore the startup configuration file to be used at the next system startup:
|
To do… |
Use the command… |
Remarks |
|
Restore the startup configuration file to be used at the next system startup |
restore startup-configuration from src-addr src-filename |
Required Available in user view |
l Before restoring a configuration file, you should ensure that the server is reachable, the server is enabled with TFTP service, and the client has read and write permission.
l After the command is successfully executed, you can use the display startup command (in user view) to verify that the filename of the configuration file to be used at the next system startup is the same with that specified by the filename argument, and use the dir command to verify that the restored startup configuration file exists.
Displaying and Maintaining Device Configuration
|
To do… |
Use the command… |
Remarks |
|
Display the detailed configuration of the saved configuration files |
display archive configuration |
Available in any view |
|
Display the currently running configuration file saved on the storage medium of the device |
display saved-configuration [ by-linenum ] |
Available in any view |
|
Display the system startup configuration file |
display startup |
Available in any view |
|
Display the validated configuration in current view |
display this [ by-linenum ] |
Available in any view |
|
Display the current configuration |
display current-configuration [ [ configuration [ configuration ] | interface [ interface-type ] [ interface-number ] ] [ by-linenum ] [ | { begin | include | exclude } text ] ] |
Available in any view |
When configuring FTP, go to these sections for information you are interested in:
l Displaying and Maintaining FTP
FTP Overview
Introduction to FTP
The File Transfer Protocol (FTP) is an application layer protocol for sharing files between server and client over a TCP/IP network.
FTP uses TCP ports 20 and 21 for file transfer. Port 20 is used to transmit data, and port 21 to transmit control commands. Refer to RFC 959 for details of FTP basic operation.
FTP transfers files in two modes:
l Binary mode for program file transmission, like files with the suffixes .app, .bin, or .btm.
l ASCII mode for text file transmission, like files with the suffixes .txt, .bat, or .cfg.
Operation of FTP
FTP adopts the client/server model. Your device can function either as the client or as the server (as shown in Figure 2-1).
l When the device serves as the FTP client, the user first connects to the device from a PC through Telnet or an emulation program, and then executes the ftp command to establish a connection to the remote FTP server and gain access to the files on the server.
l When the device serves as the FTP server, FTP clients (users running the FTP client program) log in to the device to access files on the device (the administrator must configure the IP address of the device as the FTP server IP address before user login).
Figure 2-1 Network diagram for FTP
When the device serves as the FTP client, you need to perform the following configuration:
Table 2-1 Configuration when the device serves as the FTP client
|
Device |
Configuration |
Remarks |
|
Device (FTP client) |
Use the ftp command to establish the connection to the remote FTP server |
If the remote FTP server supports anonymous FTP, the device can log in to it directly; if not, the device must obtain the FTP username and password first to log in to the remote FTP server. |
|
PC (FTP server) |
Enable FTP server on the PC, and configure the username, password, user privilege level, and so on. |
— |
When the device serves as the FTP server, you need to perform the following configuration:
Table 2-2 Configuration when the device serves as the FTP server
|
Device |
Configuration |
Remarks |
|
Device (FTP server) |
Enable the FTP server function |
Disabled by default. You can use the display ftp-server command to view the FTP server configuration on the device. |
|
Configure authentication and authorization |
Configure the username, password, authorized working directory for an FTP user. The device does not support anonymous FTP for security reasons. Therefore, you must use a valid username and password. By default, authenticated users can access the root directory of the device. |
|
|
Configure the FTP server operating parameters |
Parameters such as the FTP connection timeout time |
|
|
PC (FTP client) |
Use the FTP client program to log in to the FTP server. |
You can log in to the FTP server only after you input the correct FTP username and password. |
l The FTP function is available when a reachable route exists between the FTP server and the FTP client.
l When you use IE to log in to the device serving as the FTP server, part of the FTP functions is not available. This is because multiple connections are established during the login process but the device supports only one connection at a time.
Configuring the FTP Client
Establishing an FTP Connection
To access an FTP server, an FTP client must establish a connection with the FTP server. Two ways are available to establish a connection: using the ftp command to establish the connection directly; using the open command in FTP client view.
Source address binding means to configure an IP address on a stable interface such as a loopback interface, and then use this IP address as the source IP address of an FTP connection. The source address binding function simplifies the configuration of ACL rules and security policies. You just need to specify the source or destination address argument in an ACL rule as this address to filter inbound and outbound packets on the device, ignoring the difference between interface IP addresses as well as the affect of interface statuses. You can configure the source address by configuring the source interface or source IP address. The primary IP address configured on the source interface is the source address of the transmitted packets. The source address of the transmitted packets is selected following these rules:
l If no source address is specified, the FTP client uses the IP address of the interface determined by the matched route as the source IP address to communicate with an FTP server.
l If the source address is specified with the ftp client source or ftp command, this source address is used to communicate with an FTP server.
l If you use the ftp client source command and the ftp command to specify a source address respectively, the source address specified with the ftp command is used to communicate with an FTP server.
The source address specified with the ftp client source command is valid for all FTP connections and the source address specified with the ftp command is valid only for the current FTP connection.
Follow these steps to establish an FTP connection (In IPv4 networking):
|
To do… |
Use the command… |
Remarks |
|
Enter system view |
system-view |
— |
|
Configure the source address of the FTP client |
ftp client source { interface interface-type interface-number | ip source-ip-address } |
Optional A device uses the IP address of the interface determined by the matched route as the source IP address to communicate with the FTP server by default. |
|
Exit to system view |
quit |
— |
|
Log in to the remote FTP server directly in user view |
ftp [ server-address [ service-port ] [ source { interface interface-type interface-number | ip source-ip-address } ] ] |
Use either approach. The ftp command is available in user view; and the open command is available in FTP client view. |
|
Log in to the remote FTP server indirectly in FTP client view |
ftp |
|
|
open server-address [ service-port ] |
l If no primary IP address is configured on the specified source interface, no FTP connection can be established.
l If you use the ftp client source command to first configure the source interface and then the source IP address of the transmitted packets, the newly configured source IP address will take effect instead of the current source interface, and vice versa.
Follow these steps to establish an FTP connection (In IPv6 networking):
|
To do… |
Use the command… |
Remarks |
|
Log in to the remote FTP server directly in user view |
ftp ipv6 [ server-address [ service-port ] [ source ipv6 source-ipv6-address ] [ -i interface-type interface-number ] ] |
Use either approach. The ftp ipv6 command is available in user view; and the open ipv6 command is available in FTP client view. |
|
Log in to the remote FTP server indirectly in FTP client view |
ftp ipv6 |
|
|
open ipv6 server-address [ service-port ] [ -i interface-type interface-number ] |
Configuring the FTP Client
After a device serving as the FTP client has established a connection with the FTP server (For how to establish an FTP connection, refer to Establishing an FTP Connection.), you can perform the following operations in the authorized directories of the FTP server:
|
To do… |
Use the command… |
Remarks |
|
Display help information of FTP-related commands supported by the remote FTP server |
remotehelp [ protocol-command ] |
Optional |
|
Enable information display in a detailed manner |
verbose |
Optional Enabled by default |
|
Enable FTP related debugging when the device acts as the FTP client |
debugging |
Optional Disabled by default |
|
Use another username to relog after logging in to the FTP server successfully |
user username [ password ] |
Optional |
|
Set the file transfer mode to ASCII |
ascii |
Optional ASCII by default |
|
Set the file transfer mode to binary |
binary |
Optional ASCII by default |
|
Change the working path on the remote FTP server |
cd { directory | .. | / } |
Optional |
|
Exit the current directory and enter the upper level directory |
cdup |
Optional |
|
View the detailed information of the files/directories on the FTP server |
dir [ remotefile [ localfile ] ] |
Optional |
|
View the names of the files/directories on the FTP server |
ls [ remotefile [ localfile ] ] |
Optional |
|
Download a file from the FTP server |
get remotefile [ localfile ] |
Optional |
|
Upload a file to the FTP server |
put localfile [ remotefile ] |
Optional |
|
View the currently accessed directory on the remote FTP server |
pwd |
Optional |
|
View the working directory of the FTP client |
lcd |
Optional |
|
Create a directory on the FTP server |
mkdir directory |
Optional |
|
Set the data transfer mode to passive |
passive |
Optional Passive by default |
|
Permanently delete the specified file on the FTP server |
delete remotefile |
Optional |
|
Delete specified directory on the FTP server |
rmdir directory |
Optional |
|
Disconnect from the FTP server without exiting the FTP client view |
disconnect |
Optional Equal to the close command |
|
Disconnect from the FTP server without exiting the FTP client view |
close |
Optional Equal to the disconnect command |
|
Disconnect from the FTP server and exit to user view |
bye |
Optional |
|
Terminate the connection with the remote FTP server, and exit to user view |
quit |
Optional Available in FTP client view, equal to the bye command |
l FTP uses two modes for file transfer: ASCII mode and binary mode.
l The Is command can only display the file/directory name, while the dir command can display more information, such as the sizes of and date of creation of files or directories.
l The commands listed in the above table are only available for level 3 (manage level) users logging in to the device which serves as the FTP client. However, whether the users can successfully execute the commands depends on the FTP server’s authorization.
FTP Client Configuration Example
Network requirements
l Use Device as an FTP client to download a startup file from the FTP server, and upload the configuration file of the FTP client to the FTP server for backup.
l The IP address of the FTP server is 10.1.1.1/16.
l On the FTP server, an FTP user account has been created for the FTP client, with the username being abc and the password being pwd.
l The PC performs operations on the device through the console port.
Figure 2-2 Network diagram for FTPing an image file from an FTP server
Configuration procedure
# Check files on Device. Remove those redundant to ensure adequate space for the startup file to be downloaded.
<Sysname> dir
Directory of flash:/
0 drw- - Dec 07 2005 10:00:57 filename
1 drw- - Jan 02 2006 14:27:51 logfile
2 -rw- 1216 Jan 02 2006 14:28:59 config.cfg
3 -rw- 1216 Jan 02 2006 16:27:26 backup.cfg
14605 KB total (2511 KB free)
<Sysname> delete /unreserved flash:/backup.cfg
# Download the startup file from the server.
<Sysname> ftp 10.1.1.1
Trying 10.1.1.1
Connected to 10.1.1.1
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(10.1.1.1:(none)):abc
331 Give me your password, please
Password:
230 Logged in successfully
[ftp] binary
200 Type set to I.
[ftp] get aaa.bin bbb.bin
227 Entering Passive Mode (10,1,1,1,4,1).
125 BINARY mode data connection already open, transfer starting for /aaa.app.
.....226 Transfer complete.
FTP: 5805100 byte(s) received in 19.898 second(s) 291.74K byte(s)/sec.
# Upload the configuration file config.cfg of the device to the server for backup.
[ftp] ascii
[ftp] put config.cfg back-config.cfg
227 Entering Passive Mode (10,1,1,1,4,2).
125 ASCII mode data connection already open, transfer starting for /config.cfg.
226 Transfer complete.
FTP: 3494 byte(s) sent in 5.646 second(s), 618.00 byte(s)/sec.
[ftp] bye
# Specify the startup file to be used at the next startup with the boot-loader command.
<Sysname> boot-loader file bbb.bin
<Sysname> reboot
The startup file is updated at the system reboot.
The startup file for the next startup specified in the boot-loader command must be saved under the root directory. For the details of the boot-loader command, refer to Device Management Commands in the System Volume.
Configuring the FTP Server
Configuring FTP Server Operating Parameters
The FTP server uses one of the two modes to update a file when you upload the file (use the put command) to the FTP server:
l In fast mode, the FTP server starts writing data to the storage medium after a file is transferred to the memory. This prevents the existing file on the FTP server from being corrupted in the event that anomaly, power failure for example, occurs during a file transfer.
l In normal mode, the FTP server writes data to the storage device while receiving data. This means that any anomaly, power failure for example, during file transfer might result in file corruption on the FTP server. This mode, however, consumes less memory space than the fast mode.
Follow these steps to configure the FTP server:
|
To do… |
Use the command… |
Remarks |
|
Enter system view |
system-view |
— |
|
Enable the FTP server |
ftp server enable |
Required Disabled by default. |
|
Use an ACL to control FTP clients’ access to the device |
ftp server acl acl-number |
Optional By default, no ACL is used to control FTP clients’ access to the device. |
|
Configure the idle-timeout timer |
ftp timeout minutes |
Optional 30 minutes by default. Within the idle-timeout time, if there is no information interaction between the FTP server and client, the connection between them is terminated. |
|
Set the file update mode for the FTP server |
ftp update { fast | normal } |
Optional Normal update is used by default. |
|
Manually release the FTP connection established with the specified username |
free ftp user username |
Optional Available in user view |
Configuring Authentication and Authorization on the FTP Server
To allow an FTP user to access certain directories on the FTP server, you need to create an account for the user, authorizing access to the directories and associating the username and password with the account.
The following configuration is used when the FTP server authenticates and authorizes a local FTP user. If the FTP server needs to authenticate a remote FTP user, you need to configure authentication, authorization and accounting (AAA) policy instead of the local user. For detailed configuration, refer to AAA Configuration in the Security Volume.
Follow these steps to configure authentication and authorization for FTP server:
|
To do… |
Use the command… |
Remarks |
|
Enter system view |
system-view |
— |
|
Create a local user and enter its view |
local-user user-name |
Required No local user exists by default, and the system does not support FTP anonymous user access. |
|
Assign a password to the user |
password { simple | cipher } password |
Required |
|
Assign the FTP service to the user |
service-type ftp |
Required By default, the system does not support anonymous FTP access, and does not assign any service. If the FTP service is assigned, the root directory of the device is used by default. |
|
Specify the directory the FTP user can access |
authorization-attribute work-directory directory-name |
Optional By default, the FTP/SFTP users can access the root directory of the device. |
|
Specify the user level |
authorization-attribute level level |
Optional By default, the user level is 0. |
l For more information about the local-user, password, service-type ftp, and authorization-attribute commands, refer to AAA Configuration in the Security Volume.
l When the device serves as the FTP server, if the client is to perform the write operations (upload, delete, create, and delete for example) on the device’s file system, the FTP login users must be level 3 users; if the client is to perform other operations, for example, read operation, the device has no restriction on the user level of the FTP login users, that is, any level from 0 to 3 is allowed.
FTP Server Configuration Example
Network requirements
l Use Device as an FTP server, and the PC as the FTP client, which keeps the updated startup file of the device. Use FTP to upgrade the device and back up the configuration file.
l The IP address of the Ethernet interface of the device is 1.1.1.1/16.
l Set the username to abc and the password to pwd for the FTP client to log in to the FTP server.
Figure 2-3 Smooth upgrading using the FTP server
Configuration procedure
1) Configure Device (FTP Server)
# Create an FTP user account abc, set its password to pwd and the user privilege level to level 3 (the manage level).
<Sysname> system-view
[Sysname] local-user abc
[Sysname-luser-abc] password simple pwd
[Sysname-luser-abc] authorization-attribute level 3
# Specify abc to use FTP, and authorize its access to a certain directory.
[Sysname-luser-abc] service-type ftp
[Sysname-luser-abc] authorization-attribute work-directory flash:/
[Sysname-luser-abc] quit
# Enable FTP server.
[Sysname] ftp server enable
[Sysname] quit
# Check files on your device. Remove those redundant to ensure adequate space for the startup file to be uploaded.
<Sysname> dir
Directory of flash:/
0 drw- - Dec 07 2005 10:00:57 filename
1 drw- - Jan 02 2006 14:27:51 logfile
2 -rw- 1216 Jan 02 2006 14:28:59 config.cfg
3 -rw- 1216 Jan 02 2006 16:27:26 back.cfg
4 drw- - Jan 02 2006 15:20:21 ftp
14605 KB total (2511 KB free)
<Sysname> delete /unreserved flash:/back.cfg
2) Configure the PC (FTP Client)
# Upload the startup file to the FTP server and save it under the root directory of the FTP server.
c:\> ftp 1.1.1.1
Connected to 1.1.1.1.
220 FTP service ready.
User(1.1.1.1:(none)):abc
331 Password required for abc.
Password:
230 User logged in.
ftp> put aaa.bin bbb.bin
# Download the configuration file config.cfg of the device to the PC for backup.
ftp> get config.cfg back-config.cfg
l You can take the same steps to upgrade configuration file with FTP. When upgrading the configuration file with FTP, put the new file under the root directory.
l After you finish upgrading the Bootrom program through FTP, you must execute the bootrom upgrade command to refresh the system configuration.
3) Upgrade Device
# Specify the startup file to be used at the next startup with the boot-loader command.
<Sysname> boot-loader file bbb.bin
<Sysname> reboot
The image file is updated at the system reboot.
The startup file used for the next startup specified in the boot-loader command must be saved under the root directory. For the details of the boot-loader command, refer to Device Management Commands in the System Volume.
Displaying and Maintaining FTP
|
To do… |
Use the command… |
Remarks |
|
Display the configuration of the FTP client |
display ftp client configuration |
Available in any view |
|
Display the configuration of the FTP server |
display ftp-server |
Available in any view |
|
Display detailed information about logged-in FTP users |
display ftp-user |
Available in any view |
When configuring TFTP, go to these sections for information you are interested in:
l Displaying and Maintaining the TFTP Client
l TFTP Client Configuration Example
TFTP Overview
Introduction to TFTP
The Trivial File Transfer Protocol (TFTP) provides functions similar to those provided by FTP, but it is less complex than FTP in interactive access interface and authentication. Therefore, it is more suitable in environments where complex interaction is not needed between client and server.
TFTP uses the UDP port 69 for data transmission. For TFTP basic operation, refer to RFC 1986.
In TFTP, file transfer is initiated by the client.
l In a normal file downloading process, the client sends a read request to the TFTP server, receives data from the server, and then sends the acknowledgement to the server.
l In a normal file uploading process, the client sends a write request to the TFTP server, sends data to the server, and receives the acknowledgement from the server.
TFTP transfers files in two modes:
l Binary mode for program file transmission, like files with the suffixes .app, .bin, or .btm.
l ASCII mode for text file transmission, like files with the suffixes .txt, .bat, or .cfg.
Operation of TFTP
Only the TFTP client service is available with your device at present.
Figure 3-1 TFTP configuration diagram
Before using TFTP, the administrator needs to configure IP addresses for the TFTP client and server, and make sure that there is a reachable route between the TFTP client and server.
When the device serves as the TFTP client, you need to perform the following configuration:
Table 3-1 Configuration when the device serves as the TFTP client
|
Device |
Configuration |
Remarks |
|
Device (TFTP client) |
l Configure the IP address and routing function, and ensure that the route between the device and the TFTP server is available. l Use the tftp command to establish a connection to the remote TFTP server to upload/download files to/from the TFTP server |
— |
|
PC (TFTP server) |
Enable TFTP server on the PC, and configure the TFTP working directory. |
— |
Configuring the TFTP Client
When a device acts as a TFTP client, you can upload a file on the device to a TFTP server and download a file from the TFTP server to the local device. You can use either of the following ways to download a file:
l Normal download: The device writes the obtained file to the storage device directly. In this way, if you use a filename that exists in the directory, the original system file will be overwritten and if file download fails (for example, due to network disconnection), the device cannot start up normally because the original system file has been deleted.
l Secure download: The device saves the obtained file to its memory and does not write it to the storage device until the whole file is obtained. In this way, if file download fails (for example, due to network disconnection), the device can still start up because the original system file is not overwritten. This mode is more secure but consumes more memory.
You are recommended to use the secure mode or, if you use the normal mode, specify a filename not existing in the current directory as the target filename when downloading the startup file or the startup configuration file.
Source address binding means to configure an IP address on a stable interface such as a loopback interface, and then use this IP address as the source IP address of a TFTP connection. The source address binding function simplifies the configuration of ACL rules and security policies. You just need to specify the source or destination address argument in an ACL rule as this address to filter inbound and outbound packets on the device, ignoring the difference between interface IP addresses as well as the affect of interface statuses. You can configure the source address by configuring the source interface or source IP address. The primary IP address configured on the source interface is the source address of the transmitted packets. The source address of the transmitted packets is selected following these rules:
l If no source address of the TFTP client is specified, a device uses the IP address of the interface determined by the matched route as the source IP address to communicate with a TFTP server.
l If the source address is specified with the tftp client source or tftp command, this source address is adopted.
l If you use the tftp client source command and the tftp command to specify a source address respectively, the source address configured with the tftp command is used to communicate with a TFTP server.
The source address specified with the tftp client source command is valid for all TFTP connections and the source address specified with the tftp command is valid only for the current tftp connection.
Follow these steps to configure the TFTP client:
|
To do… |
Use the command… |
Remarks |
|
Enter system view |
system-view |
— |
|
Use an ACL to control the device’s access to TFTP servers |
tftp-server [ ipv6 ] acl acl-number |
Optional By default, no ACL is used to control the device’s access to TFTP servers. |
|
Configure the source address of the TFTP client |
tftp client source { interface interface-type interface-number | ip source-ip-address } |
Optional A device uses the source address determined by the matched route to communicate with the TFTP server by default. |
|
Return to user view |
quit |
— |
|
Download or upload a file in an IPv4 network |
tftp server-address { get | put | sget } source-filename [ destination-filename ] [ source { interface interface-type interface-number | ip source-ip-address } ] |
Optional |
|
Download or upload a file in an IPv6 network |
tftp ipv6 tftp-ipv6-server [ -i interface-type interface-number ] { get | put } source-file [ destination-file ] |
Optional |
l If no primary IP address is configured on the source interface, no TFTP connection can be established.
l If you use the ftp client source command to first configure the source interface and then the source IP address of the packets of the TFTP client, the new source IP address will overwrite the current one, and vice versa.
Displaying and Maintaining the TFTP Client
|
To do… |
Use the command… |
Remarks |
|
Display the configuration of the TFTP client |
display tftp client configuration |
Available in any view |
TFTP Client Configuration Example
Network requirements
l Use a PC as the TFTP server and Device as the TFTP client.
l PC uses IP address 1.2.1.1/16 and a TFTP working directory has been configured for the client on PC.
l On Device, VLAN-interface 1 is assigned an IP address of 1.1.1.1/16. The port connected to PC belongs to VLAN 1.
l Download a startup file from PC for upgrading and a configuration file named config.cfg to PC for backup.
Figure 3-2 Smooth upgrading using the TFTP client function
Configuration procedure
1) Configure PC (TFTP Server), the configuration procedure omitted.
l On the PC, enable the TFTP server
l Configure a TFTP working directory
2) Configure the device (TFTP Client)
If the free memory space of the device is not big enough, you should delete the existing programs before downloading new ones.
# Enter system view.
<Sysname> system-view
# Assign VLAN-interface 1 an IP address of 1.1.1.1/16, making sure that the port connected to PC belongs to VLAN 1.
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ip address 1.1.1.1 255.255.0.0
[Sysname-Vlan-interface1] return
# Download application file aaa.bin from the TFTP server. (Before that, make sure that adequate memory is available.)
<Sysname> tftp 1.2.1.1 get aaa.bin bbb.bin
# Upload a configuration file config.cfg to the TFTP server.
<Sysname> tftp 1.2.1.1 put config.cfg configback.cfg
# Specify the main startup file to be used at the next startup with the boot-loader command (Suppose the device in this example supports startup file main/backup attribute.).
<Sysname> boot-loader file bbb.bin
<Sysname> reboot
The startup file used for the next startup specified in the boot-loader command must be saved under the root directory (For a device that has been partitioned, the startup file must be saved on the first partition). For the details of the boot-loader command, refer to Device Management Commands in the System Volume.
