华为 S5700 基础配置命令
以下配置中,红色字体是需要自定义的.
#清除设备配置
Warning: The action will delete the saved configuration in the device.
The configuration will be erased to reconfigure. Continue? [Y/N]:
Y
Warning: All the configuration will be saved to the configuration file for the ne
xt startup:flash:/vrpcfg.zip, Continue?[Y/N]:
N
System will reboot! Continue?[Y/N]:
Y
设置设备的名称为 GSH-FZ-Front
[Quidway] sysname Quidway
设置查看设备的时区,时间
#telnet 远程登录
[Quidway] aaa
//////[Quidway-aaa] local-user ccssoft password cipher p@ssw0rd privilege level 15
[Quidway-aaa] local-user ccssoft password simple ccssoft
[Quidway-aaa] local-user ccssoft service-type telnet
[Quidway-aaa] local-user ccssoft privilege level 15 //特权等级设置
[Quidway-aaa] quit
[Quidway]user-interface vty 0 4 //设置5个虚拟终端,也就是说最多有5个终端同时连接
[Quidway - vty0-4]authentication-mode aaa //验证方式设置
[Quidway -ui-vty0-4]quit
#ssh 远程登录
步骤 1 在服务器端生成本地密钥对
[Quidway] sysname SSH Server
[SSH Server] rsa local-key-pair create
The key name will be: Quidway_Host
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Input the bits in the modulus[default = 512]: 768
Generating keys...
.......++++++++++++
..........++++++++++++
...................................++++++++
......++++++++
步骤 2 在服务器端配置 VTY 用户界面
[SSH Server] user-interface vty 0 4
[SSH Server-ui-vty0-4] authentication-mode aaa
[SSH Server-ui-vty0-4] protocol inbound ssh
[SSH Server-ui-vty0-4] quit
说明
若配置登录协议为 SSH,则 S5700 设备将自动禁止 Telnet 功能。
步骤 3 在服务器端配置 SSH 用户的用户名和密码
[SSH Server] aaa
[SSH Server-aaa] local-user client001 password cipher huawei
[SSH Server-aaa] local-user client001 privilege level 3
[SSH Server-aaa] local-user client001 service-type ssh
[SSH Server-aaa] quit
步骤 4 使能 STelent 功能,并配置用户的服务类型为 STelnet
[SSH Server] stelnet server enable
[SSH Server] ssh authentication-type default password
#添加 VLAN
[Quidway] vlan 10
[Quidway-vlan10] quit
#改Vlan1 IP:
[Quidway]interface vlanif 1
[Quidway]ip address 192.168.1.200 255.255.255.0
#设定端口模式
[Quidway] int gigabitethernet 0/0/1
[Quidway-GigabitEthernet0/0/1] port link-type access
[Quidway-GigabitEthernet0/0/1]quit
#将端口加入 Vlan
[Quidway] vlan 131
[Quidway-vlan131] port gigabitethernet 0/0/21 to 0/0/22
[Quidway-Vlan131] quit
#设置 Trunk
[Quidway] interface GigabitEthernet 0/0/23
[Quidway-GigabitEthernet0/0/23] port link-type trunk
[Quidway-GigabitEthernet0/0/23] port trunk allow-pass vlan 128 131
#设置 STP|RSTP|MSTP
[Quidway] stp mode {stp | rstp | mstp}
[Quidway] stp enable
#设置 VLAN IP(管理 IP)
[Quidway] interface vlanif 131
[Quidway-Vlanif131] ip address 192.168.0.253 255.255.255.0
[Quidway-Vlanif131] shutdown
[Quidway-Vlanif131] undo shutdown
#设置默认路由
[Quidway] ip route-static 0.0.0.0 0.0.0.0 192.168.0.254
#设定 NTP (Network Time Protocol)
[Quidway] ntp-service unicast-peer 192.168.0.254
#关闭 WEB Server,dhcp
[Quidway] undo http server enable
[Quidway] undo dhcp enable
#保存配置
#相关查看命令
//查看物理端口X/X/X上入方向的流量统计信息结果
查看物理端口X/X/X上出方向的流量统计信息结果
#清除端口统计信息的命令是
1、执行reset counters interface [ interface-type [ interface-number ] ]命令,清除指定接口的统计信息。
2、执行reset counters if-mib interface [ interface-type [ interface-number ] ]命令,清除网管的接口流量统计信息。
3、执行reset statistics-peak interface interface-type interface-number命令,清除接口的速率峰值记录。
4、执行reset virtual-cable-test { interface-type interface-number | all }命令,清除接口的电缆检测结果。
#删除 vlan,先删除 3 层口,再删除 2 层 vlan
[Quidway] undo interface Vlanif 20
[Quidway] undo vlan 20
#增加/删除静态路由
[Quidway]ip route-static 0.0.0.0 0.0.0.0 192.168.0.254 //命令用来配置静态路由,
[Quidway]undo ip route-static 0.0.0.0 0.0.0.0 192.168.0.254 //命令用来删除静态路由
#开启 http 服务
< Quidway >dir
Directory of flash:/
Idx Attr Size(Byte) Date Time FileName
0 -rw- 955 Feb 09 2012 16:16:09 privat-data.txt
1 -rw- 1089840 Jan 01 1970 00:02:05 S5700SI-V100R005C01SPC100.web
2 -rw- 10215068 Oct 01 2008 00:02:28 S5700SI-V100R005C01SPC100.cc
3 -rw- 626426 Jan 01 1970 00:03:17 s27_37_57-v100r005sph008.pat
4 -rw- 12240 Jan 01 1970 00:03:19 $_patchstate_reboot
5 -rw- 706 Feb 09 2012 17:33:05 vrpcfg.zip
31,620 KB total (19,928 KB free)
< Quidway >system-view
[Quidway]http server load S5700SI-V100R005C01SPC100.web.zip
[Quidway]http server enable 检测方法:浏览器打开http://133.160.70.1/view/login.html
User:admin Pwd:admin
#重启
[Quidway] reboot
#流控自适应:
< Quidway >system-view
[Quidway]interface g0/0/13
[Quidway-GigabitEthernet0/0/13]flow-control negotiation 打开千兆以太网接口的流量控制自协商功能
[Quidway-GigabitEthernet0/0/13]display interface g0/0/13 查看pause
#端口使能、去使能
< Quidway >system-view
[Quidway]interface g0/0/13
[Quidway-GigabitEthernet0/0/13]shutdown 关闭端口
[Quidway-GigabitEthernet0/0/13]undo shutdown 使能端口
#端口双工状态
< Quidway >system-view
[Quidway]interface g0/0/13
[Quidway-GigabitEthernet0/0/13]undo negotiation auto 关闭自协商
[Quidway-GigabitEthernet0/0/13]duplex { full | half } 更改双工状态
[Quidway-GigabitEthernet0/0/13]undo duplex 恢复默认双工状态
[Quidway-GigabitEthernet0/0/13]negotiation auto 使能自协商
#COMBO光电使能
-
配置单Combo接口的状态
< Quidway >system-view 进入系统视图
[Quidway]interface g0/0/24 进入以太网接口视图
[Quidway-GigabitEthernet0/0/24]combo enable { auto | copper | fiber } 激活指定的单combo接口
缺省情况下,光口处于激活状态 - 配置双Combo接口的状态
< Quidway >system-view 进入系统视图
[Quidway]interface g0/0/24 进入以太网接口视图
[Quidway-GigabitEthernet0/0/24]undo shutdown 激活指定的双combo接口
缺省情况下,一对combo口之中编号较小的接口处于激活状态。
编号较小的接口是光口还是电口与设备的型号有关,请以设备的实际情况为准
#配置端口隔离
< Quidway >system-view 进入系统视图
[Quidway] port-isolate mode { l2 | all } 配置端口隔离模式,缺省为二层隔离三层互通
[Quidway] interface GigabitEthernet 0/0/1
[Quidway-GigabitEthernet0/0/1] port-isolate enable [ group group-id ] 启用端口隔离
同一端口隔离组的端口之间互相隔离,不同端口隔离组的端口之间不隔离。如果不指定 group-id参数时,默认加入的端口隔离组为 1
#使能电缆检测功能
< Quidway >system-view 进入系统视图
[Quidway] interface GigabitEthernet 0/0/1
[Quidway-GigabitEthernet0/0/1] virtual-cable-test 配置接口电缆检测功能
#链路聚合
-
配置手工负载分担模式链路聚合
system-view
[Quidway] interface eth-trunk 1 创建Eth-Trunk
[Quidway-Eth-Trunk1] quit
[Quidway] interface Ethernet0/0/1
[Quidway -Ethernet0/0/1] eth-trunk 1 成员接口加入Eth-Trunk
[Quidway -Ethernet0/0/1] quit - 配置静态LACP 模式链路聚合
system-view
[Quidway] interface eth-trunk 1 创建Eth-Trunk
[Quidway-Eth-Trunk1]mode lacp-static 配置工作模式为静态LACP 模式
[Quidway-Eth-Trunk1] quit
[Quidway] interface Ethernet0/0/1 进入端口e0/0/1
[Quidway -Ethernet0/0/1] eth-trunk 1 成员接口加入Eth-Trunk (多个接口加入trunk组)
[Quidway -Ethernet0/0/1] quit
[Quidway] interface eth-trunk 1 进入Eth-Trunk1
[Quidway-Eth-Trunk1] bpdu enable 配置接口Eth-Trunk 处理BPDU 报文
[Quidway-Eth-Trunk1]max bandwidth-affected-linknumber 2 配置活动接口上限阈值M 为2
[Quidway-Eth-Trunk1] quit
[Quidway] lacp priority 100 配置系统优先级为100确定主动端
[Quidway] interface Ethernet0/0/1 进入端口e0/0/1
[Quidway -Ethernet0/0/1] lacp priority 100 配置接口优先级确定活动链路(多个接口中选定一定数量接口)
[Quidway-Eth-Trunk1] quit
#端口镜像
1.配置基于接口的本地镜像
< Quidway > system-view
[Quidway] vlan 10
[Quidway -vlan10] quit
[Quidway] interface GigabitEthernet 0/0/1
[Quidway -GigabitEthernet0/0/1] port link-type trunk
[Quidway -GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[Quidway -GigabitEthernet0/0/1] quit //创建 VLAN,g0/0/1以Trunk 方式加入 VLAN
[Quidway] interface GigabitEthernet 0/0/3
[Quidway -GigabitEthernet0/0/3] port link-type trunk
[Quidway -GigabitEthernet0/0/3] port trunk allow-pass vlan 10
[Quidway -GigabitEthernet0/0/3] quit // g0/0/3以Trunk 方式加入 VLAN
[Quidway] observe-port 1 interface GigabitEthernet 0/0/24 //将g0/0/24 接口配置为观察接口
[Quidway] interface GigabitEthernet 0/0/1
[Quidway -GigabitEthernet0/0/1] port-mirroring to observe-port 1 inbound //将g0/0/1 接口配置为镜像接口
[Quidway -GigabitEthernet0/0/1] quit
- 配置基于 VLAN 的本地镜像
< Quidway > system-view
[Quidway] interface gigabitethernet 0/0/1
[Quidway -GigabitEthernet0/0/1] port link-type access
[Quidway -GigabitEthernet0/0/1] port default vlan 10
[Quidway -GigabitEthernet0/0/1] quit //将g0/0/1 以 Access 方式加入 VLAN10
[Quidway] interface gigabitethernet 0/0/2
[Quidway -GigabitEthernet0/0/2] port link-type access
[Quidway -GigabitEthernet0/0/2] port default vlan 10
[Quidway -GigabitEthernet0/0/2] quit //将g0/0/2 以 Access 方式加入 VLAN10
[Quidway] observe-port 1 interface GigabitEthernet 0/0/3 //将g0/0/3 接口配置为观察接口
[Quidway] VLAN 10
[Quidway -VLAN10] mirroring to observe-port 1 inbound //将 VLAN10 配置为镜像 VLAN
[Quidway -VLAN10] quit
#查看光模块信息
display transceiver interface gigabitethernet 0/0/1 verbose 查看端口光模块的常规、制造、告警以及诊断信息
gigabitethernet0/0/1 transceiver information:
gigabitethernet0/0/1 transceiver information:
Common information:
Transceiver Type :1000_BASE_SX_SFP //光模块类型
Connector Type :LC //接口类型
Wavelength(nm) :850 //光波波长
Transfer Distance(m) :300(50um),150(62.5um) //光波传输距离。50um或62.5um表示光纤直径,
光纤为多模光纤。当光纤直径为9um时表示单模光纤
Digital Diagnostic Monitoring :YES //光模块诊断信息是否监控
Vendor Name :SumitomoElectric //光模块制造厂商名称
Vendor Part Number :HFBR-5710L //厂家部件编码
Ordering Name : //光模块对外型号
Manufacture information:
Manu. Serial Number :88K056C10353 //光模块生产序列号
Manufacturing Date :2008-08-08 //光模块生产日期
Vendor Name :SumitomoElectric //光模块制造厂商名称
Diagnostic information:
Temperature(°C) :26.00 //光模块当前温度
Temp High Threshold(°C) :85.00 //光模块温度上限
Temp Low Threshold(°C) :-40.00 //光模块温度下限
Voltage(V) :3.29 //光模块当前电压
Volt High Threshold(V) :3.64 //光模块电压上限
Volt Low Threshold(V) :2.95 //光模块电压下限
Bias Current(mA) :4.57 //光模块当前电流
Bias High Threshold(mA) :9.00 //光模块电流上限
Bias Low Threshold(mA) :2.00 //光模块电流下限
RX Power(dBM) :-40.00 //光模块接收功率。当接收功率为0瓦时,显示为-Inf
RX Power High Threshold(dBM) :0.00 //光模块接收功率上限
RX Power Low Threshold(dBM) :-16.99 //光模块接收功率下限
TX Power(dBM) :-5.03 //光模块发送功率。当发送功率为0瓦时,显示为-Inf
TX Power High Threshold(dBM) :-2.22 //光模块发送功率上限
TX Power Low Threshold(dBM) :-6.99 //光模块发送功率下限