Common commands used to delete routes on AR routers

0

The ip address command configures an IP address for an interface.
The undo ip address command deletes an IP address from an interface.
The ip route-static command configures a static route.
The ip route-static command deletes the configured static route.
The ip ip-prefix command configures an IPv4 prefix list or one entry in the IPv4 prefix list.
The undo ip ip-prefix command deletes an IPv4 prefix list or one entry in the IPv4 prefix list.

Other related questions:
Common NQA query commands on the AR router
Common NQA query commands on the AR router: Run the display nqa-parameter command in the NQA view to check parameter settings of the NQA test instance. Run the display nqa history command in any view to check historical statistics about the NQA test instance. Run the display nqa results command in any view to check NQA test instance results.

What is the command used to delete the NAT server on the AR router
You can use the undo nat server command in the interface view to cancel the mapping table on the Huawei AR router. Run one of the following commands: undo nat server protocol { tcp | udp } global { global-address | current-interface | interface interface-type interface-number [ .subnumber ] } global-port [ global-port2 ] [ vrrp vrrpid ] inside host-address [ host-address2 ] [ host-port ] [ vpn-instance vpn-instance-name ] undo nat server [ protocol { protocol-number | icmp | tcp | udp } ] global { global-address | current-interface | interface interface-type interface-number [ .subnumber ] } [ vrrp vrrpid ] inside host-address [ vpn-instance vpn-instance-name ] Note: The command can be only used on a Layer 3 interface. Loopback and null interfaces are not included.

Configure a blacklist of an AR router
A blacklist can be manually configured. After the address scan and port scan functions of the attack defense module are enabled on an AR router, an IP address (or an interface) for which the packet rate exceeds a set value can be automatically added into a blacklist to shield packets sent from this IP address (or through this interface) as the router considers the rate excess as a scan attack. To configure a blacklist, do as follows: Run the system-view command to access the system view. [Huawei] firewall blacklist enable //Enable the blacklist function. By default, the blacklist function is not enabled. Blacklist entries can be added one by one or in batches. [Huawei] firewall blacklist ip-address [ vpn-instance vpn-instance-name ] [ expire-time minutes ] //Add blacklist entries one by one. Note: Blacklist entries without specified aging time will be written into a configuration file, while those with specified aging time will not. Run the display firewall blacklist command to check the blacklist entries without specified aging time. [Huawei] firewall black-white-list load configuration-file configuration-file-name //Load the configuration file of the blacklist/whitelist. Note: By loading the configuration file of the blacklist/whitelist, blacklist entries can be configured in batches. This configuration file must be configured in advance, and it supports only the text format. For details about how to configure the blacklist function of AR series routers using command lines and through the web NMS, see the URL: AR router configuration blacklist.

Configure a whitelist of an AR router
A device is added to a whitelist to avoid being added into a blacklist if the legal service packets sent by this device boast the features of IP scan attack and port scan attack. To configure whitelist entries one by one, do as follows: Run the system-view command to access the system view. [Huawei] firewall whitelist ip-address [ vpn-instance vpn-instance-name ] [ expire-time minutes ] //Add whitelist entries one by one. To configure whitelist entries in batches, do as follows: By loading the configuration file of the whitelist, whitelist entries can be configured in batches. This configuration file must be configured in advance, and it supports only the text format. The configured whitelist does not need to be enabled, and the whitelist entries automatically take effect. system-view //Access the system view. [Huawei] firewall black-white-list load configuration-file configuration-file-name //Load the configuration file of the whitelist. For details about how to configure the whitelist function of AR series routers using command lines and through the web NMS, see the URL: AR router configuration whitelist .

Method used to configure a static route on the AR router
The procedure for configuring static route on the AR router is as follows: - Use command lines. [RouterA] ip route-static 0.0.0.0 0.0.0.0 1.1.4.2 //Configure a default route that is often used at the egress of a small-sized company. The address 1.1.4.2 is the gateway address of the carrier. When the specific route cannot be matched, data flows are forwarded to 1.1.4.2. If the device has only one default route, all the data packets are forwarded to 1.1.4.2 by default. [RouterB] ip route-static 1.1.3.0 255.255.255.0 1.1.4.6 //Configure the route to network segment 1.1.3.0/24. The next hop of the route is 1.1.4.6, which is the specific route but not the default route. Use the web platform. For details, see Example for Configuring IPv4 Static Routes .

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top