In order to make everyone more clear, each line of code has an explanation.
I. Basic Configuration Commands of Huawei Switches
1. Create vlan:
//User view, that is, running commands in Quidway mode.
System view//Enter configuration view.
[Quidditch] vlan 10 // Create vlan 10 and enter the configuration view of vlan 10. If vlan 10 exists, directly enter the configuration view of vlan 10.
[Quidway-vlan 10] Exit//Return to the configuration view.
[Quidditch] vlan 100 // Create vlan 100 and enter the vlan 100 configuration view. If vlan 10 exists, directly enter the vlan 100 configuration view.
[Quidway-vlan 100] Exit//Return to the configuration view.
2. Add the port to the vlan:
[quidway] Interface Gigabit Ethernet 2/0/(10g optical port)
[quidway-gigabit Ethernet 2/0/1] portlink-typeaccess//defines the port transmission mode.
[Quidway-Gigabit Ethernet 2/0/1] Port Default vlan 100// Add the port to VLAN 100.
[Quitway-Gigabit Ethernet 2/0/1] Exit//Return to the configuration view.
[quidway] Interface Gigabit Ethernet 1/0/Enter the first Gigabit interface configuration view of1slot. 0 stands for port 1.
[quidway- Gigabit Ethernet1/0] portlink-typeaccess//defines the port transmission mode.
[Quidway-Gigabit Ethernet 2/0/1] Port Default vlan 10// Add this port to VLAN 10.
[Quit- Gigabit Ethernet 2/0/ 1] quit//
3. Add multiple ports to the VLAN.
System view
[Quidditch] Virtual LAN 10
[quidway-vlan 10] ports Gigabit Ethernet 1/0 to 1/29// Add ports 0 to 29 to vlan 10.
[Quidditch -VLAN 10] Exit
4, switch configuration IP address.
[Quidditch] The interface view of vlan 100// entering vlan 100 is different from the place where VLAN 100 command enters.
【 quidway-vlanif 100】IP address1167.200.90 255.252//Define vlan 100 to manage the routing of IP three-layer switching gateway.
[Quitway-vlanif 100] Exit//Return to the view
[Quidditch] The interface vlan 10// enters the interface view of vlan 10, which is different from where the VLAN 10 command enters.
[quidway-vlanif 10] IP address119.167.206.129 255.255.128//Define VLAN/kloc-.
[Quidditch-Fragni 10] Quit.
5. Configure the default gateway:
[quidway] IP routing-static 0.0.0.0119.167.200.89//Configure the default gateway.
6. The switch saves the settings and reset commands.
Save//Save the configuration information.
Reset the saved configuration//Reset the configuration of the switch.
Reboot//Reboot the switch
7. Display the commonly used commands in the switch.
In user view mode:
Display current-configuration // Displays the detailed configuration information of the running switch.
Display devices//Displays the status of each device.
Display interface? //Display the port status and use? You can check the options below.
Show Version//View the firmware version information of the switch.
Show vlan? //View vlan configuration information.
8. Restore the factory settings of the switch.
Reset the saved configuration//Reset the configuration of the switch.
Second, the basic configuration of H3C switch
Let's take a look at the commonly used h3c configuration commands and functions. Basically, these commands are indispensable for most network configurations.
1, basic configuration
//User direct mode prompt, user view
System view//* * Enter configuration view * *
[H3C] sysname xxx // Set the host name to xxx. Modify the privileged user password used here.
2. User configuration
System view
[H3C] Super Password H3C // Set the user grading password.
[H3C] Revoke the super password//Delete the user's hierarchical password.
[h3c] Lots of local users 1 23 4561/Web management user settings,1for administrative users.
[H3C] Cancel the localuser bigheap // Delete the Web network management user.
[H3C] The user interface aux 0 // only supports 0.
[H3C- Oaks] idle-timeout 250 // Set the timeout to 2 minutes and 50 seconds; If it is 0, it means there is no timeout; The default value is 5 minutes.
[H3C- auxiliary ]undoidle-timeout // Restore the default value.
[H3C] The user interface vty 0 // only supports 0 and 1.
[H3C-VTY] Idle-timeout 250//Set the timeout to 2 minutes and 50 seconds; If it is 0, it means there is no timeout; The default value is 5 minutes.
[H3C-vty]undoidle-timeout // Restore the default value.
[h3c-vty] Set authentication password 123456// Set telnet password, which must be set.
[h3c-vty] Unset the authentication password//Cancel the password.
[H3C] Display User//Display User
[H3C] display user interface//user interface status
3.vlan configuration
[H3C]vlan 2 // Create vlan 2
[H3C]undo vlanall // Delete all VLANs except the default VLAN, which cannot be deleted by default.
[h3c-VLAN2] Connect Ethernet port 0/4 to Ethernet port 0/7// Add ports 4 to 7 to VLAN2. This command can only be used to add access ports, not trunk or mixed ports.
[H3C-VLAN 2] Port-isolate enable//The port isolation function is turned on in VLAN, so it cannot be forwarded on the second floor, so it is not turned on by default.
[h3c-Ethernet 0/4] port-isolated uplink-port VLAN 2//Set 4 as the isolated uplink port of VLAN 2, which is used to forward layer 2 data. Only one uplink port can be configured. If it is a trunk, it is recommended to allow all VLANs to pass, and isolation cannot be configured at the same time as convergence.
[H3C] Show all VLANs//Show details of all VLANs.
[H3C] User Group 20 // Create User Group 20. By default, only the user group 1 exists.
[h3c- user group 20] Connect Ethernet 0/4 port to Ethernet 0/7// Add ports 4 to 7 to VLAN20, which originally belonged to user group 1.
[H3C] Display user group 20 // Display information about user group 20.
4. Switch ip configuration
[H3C]vlan 20 // Create vlan
[H3C] Management -vlan 20 // Management vlan
[h3c] Interface vlan20 Interface 20// Enter and manage vlan20.
[h3c] Cancel the interface VLAN- Interface 20// Delete the management VLAN port.
[H3C-VLAN- interface 20] IP address192.168.1.2 255.255.0//Configure the static IP address of the management VLAN interface.
[h3c-VLAN- Interface 20] Revoke IP address//Delete IP address.
[h3c-VLAN- interface 20] IP gateway192.168.1.1/specifies the default gateway (there is no gateway address by default).
[H3C-Vlan- interface 20] Cancel the ip gateway
[h3c-VLAN- Interface 20] Shutdown//Close the interface.
[h3c-VLAN- Interface 20] Cancel shutdown//On
[H3C]display ip // Displays information about managing VLAN interface ip.
[h3c] Display Interface VLAN- Interface 20// View the interface information of VLAN management.
Debug ip // Turn on ip debugging.
Undo debugging ip
5.DHCP client configuration
[h3c-VLAN- interface 20] IP address DHCP-alloc// The management VLAN interface obtains the IP address through DHCP.
[h3c-VLAN- Interface 20] Cancel DHCP- of IP address-Assign//Cancel
[H3C] Display dhcp // Display dhcp customer information.
Debugging dhcp-alloc // Turn on the dhcp debugging function.
Cancel debugging dhcp-alloc
6. Port configuration
[H3C] Interface Ethernet 0/3 // Entry Port
[H3C- Ethernet 0/3] Shut down//Close the port.
[h3c-Ethernet 0/3] Speed 100/rate can be10, 100, 1000 and automatic (default).
[H3C- Ethernet 0/3] Duplex full//duplex, which can be half-duplex, full-duplex and automatic. Unable to configure fiber ports and aggregation.
[h3c-ethernet0/3] Flow control//Turn on flow control, and turn it off by default.
[h3c-Ethernet 0/3] Broadcast-Suppression 20// Set the suppression percentage to 20%, which can be 5,10,20, 100, and the default is 100. Multicast and unknown unicast are also affected by this.
[h3c- Ethernet 0/3] Loopback Internal//Internal Loop Test
[h3c-ethernet0/3] portlink-typetrunk//Set the link type to trunk.
[h3c-Ethernet 0/3] Port trunk PVID VLAN 20// Set 20 as the default VLAN of trunk, and the default value is1(PVIDs at both ends of Trunk line must be consistent).
[h3c-Ethernet 0/3] port accesses VLAN 20// Add the current access port to the specified VLAN.
[h3c-Ethernet 0/3] port trunk allows VLAN all// allows * * all VLANs to pass through the current trunk port, and you can use this command many times.
[H3C- Ethernet 0/3]mdiauto // Set the Ethernet port to automatic monitoring, and it is normal for direct line and crossover.
[h3c] Link-aggregation ethernet0/1 to Ethernet 0/4// Add port 1-4 in the aggregation group, with port1as the main port, and both ends need to be configured at the same time. Ports with port mirroring and port isolation cannot be aggregated.
[h3c] Cancel link aggregation Ethernet 0/1/Delete aggregation group.
[h3c] Link Aggregation Mode Exit//Configuration Port Aggregation Mode shares the load according to the destination MAC address, which can be entrance, exit or both, and defaults to both.
[H3C]monitor-port Ethernet 0/2 // To set this port as a mirror port, you must first set the mirror port, and delete the mirror port when deleting it, and it cannot be in the same port. This port cannot be in an aggregation group. When setting a new mirror port, the new mirror port will replace the old mirror port, and the mirror port will remain unchanged.
[h3c] mirroring-port Ethernet 0/3 to Ethernet 0/4 both//Set ports 3 and 4 as mirror ports, where both is used to monitor received and sent messages, inbound means to monitor only received messages, and outbound means to monitor only sent messages.
[H3C] display mirror
[H3C] Display interface Ethernet 0/3
Resetcounters // Clears the statistics of all ports.
[h3c] displaylink-aggregation Ethernet 0/3//displays the port aggregation information.
[H3C-Ethernet 0/3] Virtual-cable-test//Diagnose the circuit condition of this port.
7.qos priority configuration
QoS configuration steps: set port priority, set priority mode of switch trust message, queue scheduling and port speed limit.
[H3C- Ethernet 0/3] Priority 7 // Set the port priority to 7, and the default is 0.
[h3c] priority-trustcos//Set the priority mode of the switch trust message as cos(802. 1p priority, the default value), or set it as dscp mode.
[h3c] Queue scheduler HQ-WRR 2468// Set the queue scheduling algorithm as HQ-WRR (WRR by default) with weights of 2, 4, 6 and 8.
[h3c-Ethernet 0/3] Line speed inbound 29// Restrict the port entrance rate to 2Mbps. When 1-28 is taken, the rate is *8* 1024/ 125, that is, 64,128,65438.
29- 127, and the rate is (rate -27)* 1024, that is, 2M, 3M, 4m ...100m.
[H3C]displayqueue-scheduler // displays the queue scheduling mode and parameters.
[H3C]displaypriority-trust // shows the priority trust mode.
III. Basic Command Configuration of Ruijie Switch
After connecting the switch, you definitely need a configuration command. Let's look at the basic command configuration.
1, prepare the command
& gt enable//enter privileged mode.
#Exit // Return to the previous operation mode.
#End // Return to privileged mode
# copyrunning-configstartup-config//Save the configuration file.
#del flash:config.text // Delete configuration files (switches and 1700 series routers)
# Erase startup configuration//Delete configuration file (2500 series router)
#del flash:vlan.dat // Delete vlan configuration information (switch)
# Configure the terminal//Enter the global configuration mode.
(config)# hostname switchA // Configure the device name to switchA.
# Bannermott &//Configure daily reminder information &; It's a terminator
(config) # enablesecretlevel10star//Configure the remote login password to star.
(config) # enablesecretlevel150star//Configure the privileged password to star.
Level 1 is a normal user level, and you can choose between 1 and 15, with 15 as the highest authority level; 0 indicates that the password is not encrypted.
(config) # enableservices WEB-server//Turn on the switch web management function.
You can choose from the following services: web server, telnet server, etc.
Step 2 check the information
#show running-config // View the currently valid configuration information.
# show interface FastEthernet 0/3//View F0/3 port information.
# Display the interface serial1/2/and view the port information of S 1/2.
#show interface // View all port information
#show ip interface brief // View all port information in a concise way.
#show ip interface // View all port information.
# Show Version//View Version Information
#show mac-address-table // View the current mac address table information of the switch.
#show running-config // View the currently valid configuration information.
#show vlan // View all vlan information.
#show vlan id 10 // View the information of a vlan (for example, VLAN 10).
# show interface FastEthernet 0/1/View the port mode (such as F 0/ 1).
# showaggregateport1summary//View the aggregation port information of AG 1
#show spanning-tree // View spanning tree configuration information
# show spanning-tree interface FastEthernet 0/1/View the spanning tree status of this port.
#show port-security // View the port security configuration information of the switch.
#show port-security address // View the address security binding configuration information.
#show ip access-lists listname // View the configuration information of a list named listname.
3, the basic configuration of the port
(config) # InterfaceFastEthernet 0/3//Enter the port configuration mode of F0/3.
(config) # Interface ranges Fa0/ 1-2, 0/5, 0/7-9// Enter the port configuration modes of F0/ 1, F0/2, F0/5, F0/7, F0/8 and F0/9.
(config-if)#speed 10 // Configure the port rate as 10M, and select 10, 100, auto.
(config-if)#duplex full // Configure the port to full-duplex mode, and the options are full (full-duplex), half (half-duplex) and auto (adaptive).
(config-if)#no shutdown // Open the port.
(config-if) # switchport access VLAN 10//VLAN10 that divides this port into VLANs.
(config-if) # switchport mode trunk//Set the port to trunk mode, and the optional modes are access and trunk.
(config-if) # port-group1/Divide this port into aggregation ports AG 1 as aggregation ports.
4. Create an aggregation port
(config) # interfaceaggregateport1/Create aggregation interface AG 1.
(config-if) # switchport mode trunk//Configure and ensure that AG 1 is in trunking mode.
(configuration) #int f0/23-24
(config-if-range) # port-group1/Put the port (port group) into the aggregation port AG 1.
5. Spanning Tree
Configure multiple spanning trees:
Switch(config)#spanning-tree // Open Spanning Tree Protocol.
Switch (config) # Spanning Tree MST Configuration//Create multiple spanning trees.
Switch(config-MST)# name Ruijie//is named Ruijie.
Switch (config-MST) # revision 1/Set the revision to1.
Switch (config-MST) # instance0vlan10,20//establishes instance 0.
Switch (configure MST) # instance 1 vlan30,40//Create instance1.
Switch (Configuration) # Spanning Tree MST 0 Priority 4096// Set the priority to 4096.
Switch (Configuration) # Spanning Tree MST 1 Priority 8 192// Set the priority to 8 192.
Switch (Configuration) # Interface vlan 10
Switch (config-if) # vrrp1pi192.168./kloc-0.//This is the IP address of vlan 10.
Switch (Configuration) # Interface vlan 20
Switch (config-if) # vrrp1pip192.168.20.1/This is the ip address of vlan 20.
Switch (Configuration) # Interface vlan 30
Switch (config-if) # vrr2p192.168.30.1/This is the ip address of vlan 30 (another layer 3 switch).
Switch (Configuration) # Interface vlan 40
Switch (config-if) # vrr2p192.168.40.1/This is the ip address of vlan 40 (another three-layer switch).
6. Basic configuration of 6.VLAN
(Configuration) #vlan 10 // Create vlan 10.
(configure vlan)#name vlanname // Name vlan as vlanname.
(config-if) # switchport access VLAN 10//Put this port in VLAN10.
Interface configuration mode of the port.
(config) # InterfaceVLAN 10//Enter the virtual port configuration mode of VLAN10.
(config-if) # ipaddress192.168.1.1255.255.0//Configure the IP and mask for the virtual port of VLAN 10. For example, a Layer 2 switch can only be configured with one IP as the management IP.
(config-if)# no shutdown // Enable this port.
7. Port security
(Configuration) # InterfaceFastEthernet 0/1/input port.
(config-if) # switchportport-security//Turn on the security function of this port.
A, configure the maximum connection limit
(config-if) # switchportport-secret maxmum 1/The maximum number of connections of the configuration port is1,and the maximum number of connections is 128.
(config-if)# Switch port is closed due to security violation.
//Configure the handling method of security violation as shutdown, and you can choose protect (discard unknown address when the number of security addresses is full), restrict (send Trap notification when violation occurs) and shutdown (close the port and send Trap notification when violation occurs, which can be recovered through global mode errdisable recovery).
B, IP and MAC address binding
(config-if)#switchport port security mac address xxxx.xxxx.xxxx ip address172.16.1.1
//Configure MAC addresses xxxx.xxxx.xxxx and IP172.16.1.1in interface configuration mode for binding (note that MAC addresses are lowercase).
8. Layer 3 routing function (for Layer 3 switches)
(config)# ip Routing//Turn on the routing function of the Layer 3 switch.
(Configuration) # Interface fastethernet 0/ 1
(config-if)# no switchport // Turn on the three-layer routing function of the port (so that an IP can be configured for a port).
(config-if)# ip address192.168.1.1255.255.0.
(Configuration-If) # Don't turn it off.
9. Layer 3 Switch Routing Protocol
(configuration) # iproute172.16.10 255.255.0172.1/configure the static road.
Note:172.16.1.0 255.255.0//is the network number and subnet mask of the target network.
172.16.2.1is the address of the next hop, which can also be expressed by an interface, such as IP routing172.16.1.0 255.255.0 serial/
(config)# Router rip // Start rip protocol process.
(config-router) # network172.16.1.0/declares the directly connected network segment information of this device.
(config-router)# version 2 // open RIP V2, which can be selected from version 1(RIPV 1) and version 2(RIPV2).
(config-router) # noauto-summary//Turn off automatic summary of routing information (only supported in RIPV2).
(config) # routeropf//Start the ospf routing protocol process (process ID is not required for 1762).
(config)# Router ospf1/Start the OSPF routing protocol process (250 1 OSPF process ID is required).
(Configure the router) # Network192.168.1.0.0.255 Area 0
//Declare the directly connected network segment information and assign the area number (area0 is the backbone area).
Obviously, these three orders are similar, but Huawei is more similar to H3C.