默認(rèn)(缺?�。┞酚?/h6>[R1]ip route-static 0.0.0.0 0.0.0.0 10.0.13.3
使用帶源參數(shù)的ping命令
[R2]ping -a 10.0.2.2 10.0.3.3
配置從IP地址(解決RIPv1不連續(xù)子網(wǎng))
[R1-Serial1/0/0]ip add 10.0.23.2 sub
靜態(tài)路由與BFD聯(lián)動(dòng)
#激活BFD功能
[R1]bfd
[R1-bfd]quit
#創(chuàng)建BFD會(huì)話���,名稱為ab(自定義),對(duì)端的IP地址為10.1.12.2
[R1]bfd ab bind peer-ip 10.1.12.2
VLAN配置
端口類型配置
配置端口為access
[Huawei]vlan 10 //創(chuàng)建vlan 10
[Huawei]interface GigabitEthernet 0/0/2 //進(jìn)入g0/0/2端口
[Huawei-GigabitEthernet0/0/2]port link-type access //選擇端口類型
[Huawei-GigabitEthernet0/0/2]port default vlan 10 //劃分VLAN
技巧:[S2]vlan batch 3 to 5 //創(chuàng)建VLAN3��、4�����、5
配置端口的Hybrid類型
[SW1]vlan 10
[SW1-GigabitEthernet0/0/1]port hybrid pvid vlan 10
[SW1-GigabitEthernet0/0/1]port hybrid untagged vlan 10 30 //對(duì)VLAN10和30去標(biāo)簽
配置端口的Trunk類型
[SW1]interface g0/0/24
[SW1-GigabitEthernet0/0/24]port link-type trunk
[SW1-GigabitEthernet0/0/24]port trunk allow-pass vlan all //允許所有VLAN通過
更改Trunk端口的PVID
[SW1-GigabitEthernet0/0/24]port trunk pvid vlan 10
Eth-trunk配置
創(chuàng)建Eth-trunk 1,并將接口加入Eth-trunk 1
[S1]interface Eth-Trunk 1
[S1]int g0/0/9
[S1-GigabitEthernet0/0/9]eth-trunk 1
或
[S1]interface Eth-Trunk 1
[S1-Eth-Trunk1]trunkport g0/0/9
配置Eth-trunk 1鏈路配置為access
[S1]interface Eth-Trunk 1
[S1-Eth-Trunk1]port link-type access
[S1-Eth-Trunk1]port default vlan 5
STP配置
STP配置
#修改橋優(yōu)先級(jí)
[S1]stp priority 4096 //數(shù)值越小優(yōu)先級(jí)越高
#修改端口優(yōu)先級(jí)
[S1-GigabitEthernet0/0/9]stp port priority 32 //默認(rèn)為128�����,數(shù)值越小優(yōu)先級(jí)越高
#配置邊緣端口(使端口快速進(jìn)入轉(zhuǎn)發(fā)狀態(tài))
[S3]interface Ethernet0/0/3
[S3-Ethernet0/0/3]stp edged-port enable
[S3-Ethernet0/0/3]stp cost //設(shè)置路徑開銷值
[根交換機(jī)]stp timer forward-delay //設(shè)置延遲時(shí)間
[根交換機(jī)]stp edged-port enable //設(shè)置網(wǎng)絡(luò)直徑
配置MSTP
[SW1]stp region-configuration //進(jìn)入MST域
[SW1-mst-region]region-name huawei //配置域名
[SW1-mst-region]revision-level 1 //配置修訂級(jí)別為1
[SW1-mst-region]instance 1 vlan 10 //制定MSTI 1與VLAN10的映射
查看STP
#各接口簡要STP狀態(tài)
[S1]dis stp brief
#具體接口詳細(xì)STP信息
[S1]dis stp interface g0/0/10
#查看當(dāng)前根橋信息
[S1]dis stp
#查看實(shí)例1的信息
[SW1]dis stp instance 1 brief
DHCP配置
配置DHCP
基于接口配置DHCP功能
[R1]dhcp enable //開啟DHCP功能
[R1-GigabitEthernet0/0/0]dhcp select interface //開啟接口DHCP功能
[R1-GigabitEthernet0/0/0]dhcp server lease day 2【可選】 //設(shè)置租用有效期限為2天
[R1-GigabitEthernet0/0/0]dhcp server dns-list 8.8.8.8 //為PC自動(dòng)分配DNS服務(wù)器地址
[R1-GigabitEthernet0/0/1]dhcp server excluded-ip-address 192.168.2.250 192.168.2.253 //配置不參與自動(dòng)分配的IP地址范圍
基于全局配置DHCP
[R1]dhcp enable //開啟DHCP功能
[R1]ip pool huawei1 //配置全局地址池
[R1-ip-pool-huawei1]network 192.168.1.0 //指定地址池范圍
[R1-ip-pool-huawei1]lease day 2【可選】 //租期為2天���,默認(rèn)1天
[R1-ip-pool-huawei1]gateway-list 192.168.1.254 //出口網(wǎng)關(guān)地址
[R1-ip-pool-huawei1]excluded-ip-address 192.168.1.250 192.168.1.253 //不參與自動(dòng)分配
[R1-ip-pool-huawei1]dns-list 8.8.8.8 //配置DNS服務(wù)器地址
[R1-GigabitEthernet0/0/0]dhcp select global //開啟接口的DHCP功能
查看
dis ip pool //查看地址池地址分配情況
DHCP中繼
[R1]dhcp enable //開啟DHCP功能
#面向PC的接口:
[R1-Ethernet0/0/0]dhcp select relay
[R1-Ethernet0/0/0]dhcp relay server-ip 100.1.1.1 //指定DHCP服務(wù)器IP地址
#面向PC的接口下調(diào)用全局定義的DHCP服務(wù)器組:
[R1]dhcp server group dhcp-group
[R1-dhcp-server-group-dhcp-group]dhcp-server 100.1.1.1
[R1-Ethernet0/0/0]dhcp select relay
[R1-Ethernet0/0/0]dhcp relay server-select dhcp-group
幀中繼配置
DCE配置
[R1]interface s1/0/0
[R1-Serial1/0/0]link-protocol fr
[R1-Serial1/0/0]fr interface-type dce //接口類型
[R1-Serial1/0/0]fr dlci 100
[R1-Serial1/0/0]ip add 192.168.1.1 24
DTE配置
[R2]interface s1/0/0
[R2-Serial1/0/0]link-protocol fr
[R2-Serial1/0/0]fr interface-type dte
其它配置
查看PVC
[R1]dis fr pvc-info
#查看映射
[R1]dis fr map-info
#靜態(tài)映射
[R2-Serial1/0/0]undo fr inarp
[R1-Serial1/0/0]fr map ip 192.168.1.2 100 broadcast
//OSPF中使用組播的網(wǎng)絡(luò)類型時(shí)��,應(yīng)在映射后面加Broadcast
單臂路由配置
配置路由器
[R1]int g0/0/0.1 //創(chuàng)建并進(jìn)入g0/0/0的0.1子接口
[R1-GigabitEthernet0/0/0.1]dot1q termination vid 10 //封裝dot1q協(xié)議
[R1-GigabitEthernet0/0/0.1]ip address 192.168.10.254 24 //配置IP地址
[R1-GigabitEthernet0/0/0.1]arp broadcast enable //開啟arp廣播
[R1-GigabitEthernet0/0/0.1]dhcp select global //開啟DHCP全局模式
[R1-GigabitEthernet0/0/0.1]int g0/0/0.2
[R1-GigabitEthernet0/0/0.2]dot1q termination vid 20
[R1-GigabitEthernet0/0/0.2]ip address 192.168.20.254 24
[R1-GigabitEthernet0/0/0.2]arp broadcast enable
[R1-GigabitEthernet0/0/0.2]dhcp select global
配置交換機(jī)
[SW1]vlan batch 10 20 //創(chuàng)建vlan 10和vlan 20
[SW1-GigabitEthernet0/0/1]int g0/0/1 //進(jìn)入g0/0/1接口
[SW1-GigabitEthernet0/0/1]port link-type access //修改端口為access模式
[SW1-GigabitEthernet0/0/1]port default vlan 10 //將端口劃分到vlan 10中
[SW1-GigabitEthernet0/0/1]int g0/0/2
[SW1-GigabitEthernet0/0/2]port link-type access
[SW1-GigabitEthernet0/0/2]port default vlan 20
[SW1-GigabitEthernet0/0/2]int g0/0/24 //交換機(jī)與路由器相連的接口需要修改為trunk模式
[SW1-GigabitEthernet0/0/24]port link-type trunk //修改端口為trunk模式
[SW1-GigabitEthernet0/0/24]port trunk allow-pass vlan 10 20 //允許vlan 10和vlan 20的數(shù)據(jù)通過
RIP配置
基本配置
[Huawei]rip 1 //啟動(dòng)RIP進(jìn)程
[Huawei-rip-1]version 2 //選擇版本(可選)
[Huawei-rip-1]net 10.0.0.0(通告自然網(wǎng)段)
其它配置
[Huawei-rip-1]summary always //使能自動(dòng)匯總[V2默認(rèn)開啟�����,但不生效]
[接口]undo rip split-horizon //關(guān)閉接口水平分割
[Huawei-GigabitEthernet0/0/0]rip summary-address 聚合后網(wǎng)絡(luò) 子網(wǎng)掩碼 //手動(dòng)匯總
#接口附加度量值
[接口]rip metricin x //cost=原來的值+x
[接口]rip metricout x //cost=0+x
#認(rèn)證
[R2-Serial1/0/0]rip authentication-mode simple huawei //明文
[R2-Serial2/0/0]rip authentication-mode md5 usual huawei //MD5
#開啟RIP調(diào)試
<R1>debug rip 1
<R1>terminal debugging
Info: Current terminal debugging is on.
<R1>terminal monitor
#抑制接口(只收不發(fā))
[R1-GigabitEthernet0/0/0]undo rip output //不能使用單播通信
或
[R2-rip-1]silent-interface E0/0/0 //優(yōu)先級(jí)高于前者
[R2-rip-1]peer IP地址 //單播通信
[R2-rip-1]preference x //修改優(yōu)先級(jí)(只在本地有效)
[R2-rip-1]timers rip 20 120 60 //修改定時(shí)器
[R3]ip route-static 0.0.0.0 0 LoopBack 2 //發(fā)布默認(rèn)路由
[R3-rip-1]default-route originate //不需創(chuàng)建默認(rèn)路由�,也能發(fā)布
<Huawei>reset rip 1 statistics //刷新RIP統(tǒng)計(jì)信息
<R1>reset ip routing-table statistics protocol rip //清除RIP學(xué)到的路由信息
[R2]undo rip 1 //刪除RIP
[R1]rip version2 multicase //配置版本1的也能發(fā)送RIPv2報(bào)文
OSPF配置
配置
配置OSPF
[R1]ospf Router-id 1.1.1.1 //配置環(huán)回口IP地址
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 1.1.1.0 0.0.0.255
引入路由
[R3-ospf-1]import-route direct //引入直連路由
[R1-ospf-1]import-route rip 1 cost 100 //引入RIP路由
發(fā)布默認(rèn)路由
[R3]ip route-static 0.0.0.0 0 LoopBack 2
[R3]ospf 100
[R3-ospf-100]default-route-advertise
[R3-ospf-100]default-route-advertise always //自動(dòng)發(fā)布默認(rèn)路由
OSPF驗(yàn)證
#接口認(rèn)證明文:
[R1-Serial1/0/0]ospf authentication-mode simple plain huawei
#區(qū)域認(rèn)證密文:
[R1-ospf-1]area 1
[R1-ospf-1-area-0.0.0.1]authentication-mode md5 1 cipher huawei
抑制接口(不收不發(fā))
R2-ospf-1]silent-interface E0/0/0
[R2-ospf-1]peer IP地址 //單播通信
查看
[R1]dis ospf peer brief //查看鄰居
[R1]dis ospf interface //查看DR�、BDR
[R1]reset ospf process //重置OSPF進(jìn)程
[R1]dis ip routing-table protocol ospf //查看OSPF學(xué)到的路由
[R1]display ospf lsdb ase 172.16.0.0 //顯示鏈路狀態(tài)數(shù)據(jù)庫的外接路由信息
[R1]dis ospf int G0/0/0 //查看接口的OSPF信息
查看LSA信息
[R1]dis ospf lsdb router //查看一類LSA
[R1]dis ospf lsdb netword //查看二類LSA
[R1]dis ospf lsdb summary //查看三類LSA
[R1]dis ospf lsdb asbr //查看四類LSA
[R1]dis ospf lsdb ase //查看五類LSA
[R1]dis ospf lsdb nssa //查看七類LSA
其它
修改Hello和Dead時(shí)間
[R1-GigabitEthernet0/0/0]ospf timer hello 15
[R1-GigabitEthernet0/0/0]ospf timer dead 60
修改DR優(yōu)先級(jí)
[R1-GigabitEthernet0/0/0]ospf dr-priority 200(越大優(yōu)先級(jí)越高)
注:由于DR/BDR選舉默認(rèn)為不搶占模式,因此在修改了路由器優(yōu)先級(jí)后不會(huì)自動(dòng)重新選舉DR�����,需要重置OSPF進(jìn)程��。
修改網(wǎng)絡(luò)類型為廣播
[R2-Serial2/0/0]ospf network-type broadcast
修改開銷值、帶寬參考值
[接口]ospf cost x
[R3-ospf-1]bandwidth-reference x
VRRP配置
[SW1-Vlanif10]vrrp vrid 1 virtual-ip 10.1.1.254 //配置虛擬網(wǎng)關(guān)
[SW1-Vlanif10]vrrp vrid 1 priority 150 //更改優(yōu)先級(jí)
[SW1-Vlanif10]vrrp vrid 1 preempt-mode disable //關(guān)閉搶占模式
[SW1-Vlanif10]vrrp vrid 1 track interface g0/0/24 reduced 60 //跟蹤上層端口
[R1-Serial2/0/0]ospf network-type p2mp //配置接口的網(wǎng)絡(luò)類型為Point-to-multipoint
[S1] display vrrp //查看VRRP信息
HDLC配置
[R1-Serial1/0/0]ip address unnumbered interface LoopBack0 //IP地址借用
[R1]ip route-static 10.1.1.0 24 Serial1/0/0
[R1-Serial1/0/0]link-protocol hdlc //將接口改為HDLC類型
PPP配置
認(rèn)證方
[R1]aaa
[R1-aaa]local-user huawei password cipher 123456
[R1-aaa]local-user huawei service-type ppp
[R1-Serial0]ppp authentication-mode pap(CHAP)
被認(rèn)證方
#PAP:
[R2-Serial0]ppp pap local-user huawei password cipher 123456
#CHAP:
[R2-Serial0]ppp chap user huawei
[R2-Serial0]ppp chap password cipher 123456
使用 CHAP 建立 PPP連接的協(xié)商過程
<R2>debugging ppp chap all
<R2>terminal debugging
以太網(wǎng)接口配置
[S1-G0/0/9]undo negotiation auto //更改接口的速率和雙工模式前應(yīng)先關(guān)閉接口的自動(dòng)協(xié)商功能
[S1-G0/0/9]speed 100 //設(shè)置為100M速率
[S1-G0/0/9]duplex full //全雙工模式
[S1]dis eth-trunk 1 //查看Eth-trunk 1配置結(jié)果
防火墻配置
#登錄不需要用戶名和密碼
[FW]user-interface console 0
[FW-ui-console0]authentication-mode none
#定義時(shí)區(qū):
<FW1>clock timezone 1 add 08:00:00
鏈路技術(shù)
鏈路聚合
[S1]interface Eth-Trunk 1 //聚合交換機(jī)之間的Eth-Trunk端口編號(hào)相等
[S1-Eth-Trunk1]mode lacp-static //lacp模式
[S1-Eth-Trunk1]trunkport GigabitEthernet 0/0/1 to 0/0/2 //將成員端口加入到聚合端口中
[S1-Eth-Trunk1]max active-linknumber 2 //設(shè)置活動(dòng)上限閥值
[S1-Eth-Trunk1]port link-type trunk
[S1-Eth-Trunk1]port trunk allow-pass vlan all
[S1-Eth-Trunk1]dis eth-trunk 1 verbose //查看聚合端口的信息
[S1] lacp priority 100 //配置系統(tǒng)優(yōu)先級(jí)使其成為主控端
[S1-G0/0/1] lacp priority 100 //配置活動(dòng)鏈路優(yōu)先級(jí)
[S1-G0/0/2] lacp priority 100 //配置活動(dòng)鏈路優(yōu)先級(jí)
Smart Link
[S1-G0/0/1]stp disable //關(guān)掉相關(guān)接口的STP
[S1]smart-link group 1
[S1-smlk-group1]port GigabitEthernet 0/0/1 master //設(shè)置主端口
[S1-smlk-group1]port g0/0/2 slave //設(shè)置從端口
[S1-smlk-group1]flush send control-vlan 10 password simple 123 //使能smart link組1發(fā)送Flush幀的功能����,攜帶的控制VLAN編號(hào)為10,密碼是:123
[S1-smlk-group1]restore enable //開啟回切功能
[S1-smlk-group1]timer wtr 30 //回切時(shí)間為30秒
[S1-smlk-group1]smart-link enable //使能Smart Link組1的功能
[S1-smlk-group1]dis smart-link group 1 //查看Smart Link組1的信息
[S2-GigabitEthernet0/0/1]smart-link flush receive control-vlan 10 password simple 123 //設(shè)置其他交換機(jī)可以接收和處理攜帶控制VLAN編號(hào)是10的Flush幀
其他配置
自動(dòng)保存
#自動(dòng)保存
<R1>autosave interval on
<R1>autosave interval 120 //每隔120分鐘自動(dòng)保存
#定點(diǎn)保存
<R1>autosave time on
<R1>autosave time 23:00:00 //到23點(diǎn)自動(dòng)保存
端口鏡像
[R1]observe-port 1 interface Ethernet4/0/1 //設(shè)置觀察端口
[接口] mirror to observe-port 1 both //將鏡像端口映射到觀察端口
端口綁定
[Huawei]user-bind static mac-address 5489-988B-5157 int e0/0/1 //綁定MAC地址
[Huawei]user-bind static ip-address 192.168.1.3 //綁定IP地址
端口安全
[接口]port-security enable //啟用端口安全
[接口]port-security max-mac-num 2 //自動(dòng)學(xué)習(xí)MAC地址的最大數(shù)量
[接口]port-security protect-action shutdown //保護(hù)行為為關(guān)閉端口
前綴列表
[R1]ip ip-prefix 1 deny 11.1.1.0 25 greater-equal 25 less-equal 25 //在RIP里面過濾掉11.1.1.0/25
[R1]ip ip-prefix 1 permit 0.0.0.0 0 less-equal 32
[R1-rip-1]filter-policy ip-prefix 1 import
IPv6配置
[R1]ipv6 //開啟全局IPv6功能
[R1-E0/0/0]ipv6 enable //在接口(連接PC)下開啟IPv6功能
[R1-E0/0/0]ipv6 address auto link-local //自動(dòng)生成鏈路本地地址
[R1-G0/0/0]ipv6 enable //在接口(連接路由器)下開啟IPv6功能
[R1-G0/0/0]ipv6 add 2031:0:130F::1 64 //配置全球單播地址
[R1-E0/0/0]ipv6 add 2001:3:FD:: 64 eui-64 //用EUI-64配置地址
設(shè)備版本升級(jí)
檢查設(shè)備剩余空間是否大于新的軟件包大小
<H07_S5720_BMC-05>dir flash:
Directory of flash:/
Idx Attr Size(Byte) Date Time FileName
0 drw- - Oct 30 2019 03:37:16 dhcp
1 drw- - Oct 30 2019 03:19:15 user
2 -rw- 13,432 Oct 30 2019 03:37:25 default_ca.cer
3 -rw- 36 Oct 30 2019 03:38:18 $_patchstate_reboot
4 -rw- 3,684 Oct 30 2019 03:38:18 $_patch_history
5 -rw- 1,903 Oct 30 2019 03:37:31 default_local.cer
6 drw- - Oct 30 2019 03:37:42 logfile
7 -rw- 1,111 Apr 08 2020 17:03:35 vrpcfg.zip
8 -rw- 8,718,710 Dec 12 2013 07:53:05 s5720ei-v200r011sph008.pat
9 drw- - Oct 30 2019 03:19:14 pmdata
10 -rw- 85,051,908 Jun 28 2018 15:55:01 s5720ei-v200r011c10spc600.cc
11 drw- - Oct 30 2019 03:18:44 $_install_mod
12 -rw- 836 Mar 30 2020 10:48:44 rr.bak
13 -rw- 836 Mar 30 2020 10:48:44 rr.dat
14 -rw- 1,773 Apr 08 2020 17:03:36 private-data.txt
15 drw- - Apr 08 2020 17:03:33 localuser
16 drw- - Mar 30 2020 14:24:42 $_backup
17 -rw- 200 Oct 30 2019 03:37:32 ca_config.ini
352,772 KB total (265,060 KB free)
將PC作為FTP Server���,并FTP到PC
# 連接到PC FTP Server
<H07_S5720_BMC-05>ftp 192.168.1.2
# 進(jìn)行二進(jìn)制編碼
[ftp]bin
# 備份軟件包
[ftp]put S5720EI-V200R019C00SPC500.cc S5720EI-V200R019C00SPC500.bak.cc
# 備份補(bǔ)丁
[ftp]put S5720EI-V200R019SPH007.pat S5720EI-V200R019SPH007.bak.pat
# 上傳軟件包
[ftp]get S5720EI-V200R019C00SPC500.cc
# 上傳補(bǔ)丁
[ftp]get S5720EI-V200R019SPH007.pat
# 退出
[ftp]bye
# 設(shè)置新版軟件包應(yīng)用全部設(shè)備并下次啟動(dòng)該軟件包
<H07_S5720_BMC-05>startup system-software flash:/S5720EI-V200R019C00SPC500.cc all
# 重啟設(shè)備
<H07_S5720_BMC-05>reboot
# 查看堆疊狀態(tài)
<H07_S5720_BMC-05>display stack
# 將補(bǔ)丁應(yīng)用到全部并運(yùn)行
<H07_S5720_BMC-05>patch load flash:/S5720EI-V200R019SPH007.pat all run
# 查看補(bǔ)丁信息
<H07_S5720_BMC-05>display patch-information
# 選中補(bǔ)丁
<H07_S5720_BMC-05>patch load flash:/S5720EI-V200R019SPH007.pat all active
# 刪除軟件包
<H07_S5720_BMC-05>delete /unreserved flash:/s5720ei-v200r011c10spc600.cc
# 刪除補(bǔ)丁包
<H07_S5720_BMC-05>delete /unreserved flash:/S5720EI-V200R019SPH007.pat
