New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Huawei aggregate link support #228
Comments
After more than a year of arguing back and forth, Huawei have fixed a few things in their latest firmware versions - but these have only been out for about 3 months. Other things they still refuse to fix. As these updates contain critical ssl and ssh security fixes, users should be strongly encouraged to update them. I am continuing to attempt to persuade Huawei to push out RFC-compliant updates to older devices. These fixes are in Cloudengine and Quidway ranges. I believe they will be rolled into other ranges. Note that virtually all of this is inherited from Comware ethos, despite Huawei having no Comware code since the split with 3com and scrapping of the H3C branding. (This happened about the time that huawei was accused of having serious security flaws, which were subsequently all exposed to be in huawei-branded 3com equipment running Comware) ===== Trunking: Trunks are now reported as ieee8023adLag or propMultiplexor AND trunk slaves are removed from the 8021d bridge list (which it wasn't doing). On the Quidway range (Sx7x0 series), the LACP MIB was missing the section containing trunk slaves. That's now fixed (it was possible to deduce the trunk slaves from one of the Huawei proprietary MIBS and from the LLDP MIB, but I'd recommend that you just tell people to update firmware due to the security issues in older firmware) ===== Vlanif: These are now correctly reported as propvirtual ===== Stacking ports: These are now reported as "other" ===== IFMTU: NOT fixed. It appears Huawei have completely misunderstood the purpose of this index Huawei are completely adament that the RFC states that IFmtu is only applicable to Layer3 and refuse to accurately report the MTU of layer2. They claim this is per RFC4821: Here's their official response:
Supporting statements from the SNMP developer community (even better - from RFC authors) that the sentence in RFC1213(page18) and RFC2233(page 30) "For interfaces that are used for transmitting network datagrams" is intended to be a direct referral to Layer2 interfaces (which is where a network datagram fits) would help a lot in convincing them that this position is wrong. It would be even better if someone would like to put something together to explain in fairly simple terms why using RFC4821 to justify their position is "rather silly" NB: SOME Huawei devices (EG wireless access controllers) give correct MTUs for ports in L2 mode at IFMIB:ifMTU ====== mismatching index tables between lldp, dot1d and others:
====== I know it's bloody frustrating that Huawei don't want to make their stuff "just work" and I've escalated things via European management to try and get this resolved properly. It would be of tremendous assistance to get a complaint letter documenting the number of hours wasted trying to make Netdisco work with Huawei kit and an estimate of the billable costs involved (if they were billable), along with any examples where the difficulties have causes people to buy something else (I've already been provided a couple of examples. This kind of thing is what convinces senior manglement to play nice, and make the lower end play nice too) In the meantime: If you need the proprietary Huawei MIBs I can provide 'em, along with snmpwalks from equipment here (cloudengines, quidways, wireless access controllers. Their WAPs aren't SNMPable, but are interrogatable via the WACs). As these would leak sensitive data I'll need the walks to remain private. My long term goal is to get Huawei to stop needing special rules and have their stuff "just work". The problem is that they've come to SNMP via the "special snowflake" 3COM method of doing things and believe that everything should be specially customised for them, which is why they have created hundreds of special MIBs instead of using standard public ones - and when they'd used public ones their adoptions of them are often half-baked. |
#228 Huawei aggregate link support POE and duplex admin support added to L3::Huawei
I'm going to close the this issue as the aggregate link support has been added using both the proprietary Huawei MIB and the standard IEEE8023-LAG-MIB. Many thanks for the detailed information and snmpwalks. |
The text was updated successfully, but these errors were encountered: