Shulou(Shulou.com)06/01 Report--

A complete Collection of H3C switch configuration commands

1. System-view enters system view mode

2. Sysname names the device

3. Current configuration of display current-configuration

4. Language-mode Chinese | English switch between Chinese and English

5. Interface Ethernet enters the Ethernet port view on 1-0-1.

6. Port link-type Access | Trunk | Hybrid sets the port access mode

7. Undo shutdown opens the Ethernet port

8. Shutdown shuts down the Ethernet port

9. Quit exits the current view mode

10. Vlan 10 creates VLAN 10 and enters the view mode of VLAN 10

11. Port access vlan 10 adds the current port to vlan 10 in port mode

12. Port E1 to 0 to 5 adds the specified port to the current vlan in VLAN mode

13. Port trunk permit vlan all allows all vlan to pass through

H3C router

1. System-view enters system view mode

2. Sysname R1 names the device R1

3. Display ip routing-table displays the current routing table

4. Language-mode Chinese | English switch between Chinese and English

5. Interface Ethernet 0ram 0 enters the Ethernet port view

6. Ip address 192.168.1.1 255.255.255.0 configure IP address and subnet mask

7. Undo shutdown opens the Ethernet port

8. Shutdown shuts down the Ethernet port

9. Quit exits the current view mode

10. Ip route-static 192.168.2.0 255.255.255.0 192.168.12.2 descriptionTo.R2 configure static routes

11. Ip route-static 0.0.0.0 0.0.0.0192.168.12.2 description To.R2 configure a default route

H3C S3100 Switch

H3C S3600 Switch

H3C MSR 20-20 Router

1. Adjust the display font size of the hyperterminal

2. Capture the hyperterminal operation command line for future check

3. Language-mode Chinese | English switch between Chinese and English

4. Copy the command to the HyperTerminal command line and paste it to the host

5. Switch clearing configuration: reset save; reboot

6. do not lose power when configuring routers and switches, and be sure to do so before connectivity testing

Check the connectivity of the network and don't make the lowest mistake.

7. 192.168.1.1 Compact 24 is equivalent to 192.168.1.1 255.255.255.0; when configuring switches and routers, 192.168.1.1 255.255.255.0 can be written as:

192.168.1.1 24

8. Device naming rules: place name-device name-series number example: PingGu-R-S3600

H3C Huawei switch port binding basic configuration 2008-01-22 13:40

1, port MAC

A) AM command

Use a special AMUser-bind command to bind the MAC address to the port. For example:

[SwitchA] am user-bind mac-address00e0-fc22-f8d3 interface Ethernet 0/1

Configuration description: due to the use of port parameters, the port will be used as a reference, that is, port E0apace 1 only allows PC1 to access the Internet, while PCs using other unbound MAC addresses cannot. But...

PC1 can use this MAC address to surf the Internet in other ports.

B) mac-address command

Use the mac-addressstatic command to bind the MAC address to the port. For example:

[SwitchA] mac-address static 00e0-fc22-f8d3interface Ethernet 0/1 vlan 1

[SwitchA] mac-address max-mac-count 0

Configuration description: due to the use of port learning function, after static binding of mac, it is necessary to set the port mac learning number to 0, so that the mac address of other PC can not be learned after accessing this port.

2,IP MAC

A) AM command

Use a special AMUser-bind command to bind the IP address to the MAC address. For example:

[SwitchA] am user-bind ip-address 10.1.1.2mac-address 00e0-fc22-f8d3

Configuration description: the above configuration completes the global binding of the IP address and MAC address of the PC, that is, the PC which is different from the bound IP address or MAC address cannot access the Internet at any port.

Supported models: S3026E/EF/C/G/T, S3026C-PWR, E026/E026T, S3050C, E050, S3526E/C/EF, S5012T/G, S5024G

B) arp command

Use a special arpstatic command to bind the IP address to the MAC address. For example:

[SwitchA] arp static 10.1.1.200e0-fc22-f8d3

Configuration description: the above configuration completes the global binding of IP address and MAC address of PC.

3, port IP MAC

Use special AMUser-bind commands to complete the binding between IP, MAC addresses and ports. For example:

[SwitchA] am user-bind ip-address 10.1.1.2mac-address 00e0-fc22-f8d3 interface Ethernet 0/1

Configuration description: you can complete the binding function between the IP address and MAC address of PC1 and the port E0swap 1. Because the port parameter is used, the port will be used as a reference, that is, port E0Uniq1 is only allowed.

PC1 is allowed to surf the Internet, while PCs that use other unbound IP addresses and MAC addresses cannot. However, PC1 can use this IP address and MAC address to surf the Internet at other ports.

[S2016-E1-Ethernet0/1] mac-addressmax-mac-count 0

Enter the port and use the command macmax-mac-count 0 (port mac learning is set to 0)

[S2016-E1] mac static 0000-9999-8888 inte0/1 vlan 10

Bind 0000-9999-8888 to port e0apace 1, and only pc bound with mac can access the Internet through this port, and E0Accord 1 belongs to vlan 10.

In this way, ok, but the order of the above two commands cannot be reversed, unless there is no pc under the port

Dis vlan display vlan

Name text specifies the name of the current vlan

Undo name cancel

[h4c] vlan 2

[h4c-vlan2] name test vlan

Dis users displays users

Dis startup displays information about the startup configuration file

Dis user-interface displays information about the user interface

Dis web users displays information about web users.

Header login configuration login verification is to display information

Header shell

Undo header

Lock locks the current user interface

Acl access Control list acl number inbound/outbound

[h4c] user-interface vty 0 4

[h4c-vty0-4] acl 2000 inbound

Shutdown: shuts down the vlan interface

Undo shutdown opens the vlan interface

Shut down the vlan1 interface

[h4c] interface vlan-interface 1

[h4c-vlan-interface] shutdown

Vlan vlan-id defines vlan

Undo valn vlan-id

Display ip routing-table

Display ip routing-table protocol static

Display ip routing-table statistics

Display ip routing-table verbose views all the details of the routing table

Interface vlan-interface vlan-id enters valn

Management-vlan vlan-id definition Management vlan number

Reset ip routing-table statistics protocolall clears routing information for all routing protocols.

Display garp statistics interfaceGigabitEthernet 1-0-1 displays garp statistics on Ethernet ports

Display voice vlan status to view voice vlan status

[h4c-GigabitEthernet1/0/1] the maximum broadcast traffic allowed by broadcast-suppression20 is 20% of the port's transmission capacity. The excess is discarded.

[h4c-GigabitEthernet1/0/1] the maximum broadcast packet allowed by broadcast-suppression pps 1000 per second is 20% of the transmission capacity of 1000. The excess is discarded.

Display interface GigabitEthernet1/0/1 View Port Information

Display brief interfaceGigabitEthernet1/0/1 to view port brief configuration information

Display loopback-detection is used to test whether the loop test is turned on.

Display transceiver-information interfaceGigabitEthernet1/0/50 displays information related to optical port

Duplex auto/full/half

[h4c] interface GigabitEthernet1/0/1

[h4c-GigabitEthernet1/0/1] duplux auto sets the port duplex attribute to self-negotiation

Port link-type access/hybrid/trunk defaults to access

Port trunk permit vlan all adds trunk buckle to all vlan

Reset counters interfaceGigabitEthernet1/0/1 knows the statistics of ports

Speed auto 10/100/1000

Display port-security views port security configuration information

Am user-bind mac-addr 00e0-fc00-5101ip-addr 10.153.1.2 interface GigabitEthernet1/0/1 port ip binding

Display arp display arp

Display am user-bind displays configuration information for port bindings

Display mac-address displays the mac address learned by the switch

Display stp displays spanning tree status and statistics

[h4c-GigabitEthernet1/0/1] stp instance 0cost 200sets the path cost on spanning tree instance 0 to 200

Stp cost sets the path cost of the current port on the specified spanning tree instance. Instance-id is 0-160. The range of cist is 1-200000.

Display system-guard ip-record displays anti-record information.

System-guard enable enables the system defense function

Display icmp statistics icmp traffic statistics

Display ip socket

Display ip statistics

Display acl all

Acl number acl-number match-orderauto/config

Acl-number (2000-2999 is the basic acl 3000-3999 is the number reserved for administrators by the advanced acl)

Rule deny/permit protocal

access control

[h4c] acl number 3000

[h4c-acl-adv-3000] rule permit tcp source129.9.0.0 0.0.255.255 destination 202.38.160.0 0.0.255.255 destination-port eq80 (

Define advanced acl 3000, which allows hosts on network segment 129.0.0 to access port 80 to hosts on network segment 202.38.160)

Rule permit source 211.100.255.00.255.255.255

Rule deny cos 3 souce 00de-bbef-adseffff-ffff-fff dest 0011-4301-9912 ffff-ffff-ffff

(messages from mac address 00de-bbef-adse to mac address 0011-4301-9912 and 802.1p priority 3 are prohibited from passing)

Display qos-interface GigabitEthernet1/0/1traffic-limit View Traffic on Port

Port rate limit

Line-rate inbound/outbound target-rate

Inbound: rate limit for receiving messages on the port

Outbound: rate limit for sending messages on the port

Target-rate limits the rate of messages, per kbps gigabit inbound range 1-1000000 outbound range 20-1000000

Undo line-rate cancels the speed limit.

[h4c] interface GigabitEthernet1/0/1

[h4c-GigabitEthernet1/0/1] line-rateoutbound 128limits the exit rate to 128kbps

Display arp | include 77

Display arp count calculates the number of records in the arp table

Display ndp displays detailed configuration information for the switch port.

Display ntdp device-list verbose collects device details

Display lock

Display users

Display cpu

Display memory

Display fan

Display device

Display power

Examples of common configurations of Huawei switches

Sys enters the system view

Enter system view, return to user view with Ctrl+Z.

[Quidway] user-interface aux 0

[Quidway-ui-aux0] authentication-mode scheme

Notice: Telnet or SSH user must be added, otherwise operator can't login!

[Quidway-ui-aux0] qu

[Quidway] local-user huawei adds user name

New local user added.

[Quidway-luser-huawei] password simple huawei configures a password and the password is not encrypted

[Quidway-luser-huawei] service-type telnet ssh level 3

The service types are SSH and telnet, and the user login permissions are administrator permissions.

[Quidway-luser-huawei] qu

[Quidway] user-interface vty 0 4

[Quidway-ui-vty0-4] authentication-mode scheme

Notice: Telnet or SSH user must be added, otherwise operator can't login!

[Quidway-ui-vty0-4]

Save

Huawei QuidWay switch configuration Command Manual:

1. Start

Establish the local configuration environment and connect the serial port of the host to the Console port of the Ethernet switch through the configuration cable.

Run the terminal emulation program (such as Windows hyperterminal) on the host, set the terminal communication parameters as follows: baud rate is 9600bit/s, 8-bit data bit, 1-bit stop bit, no check and no flow control, and select the terminal type as VT100.

When the Ethernet switch is powered on, the Ethernet switch self-test message is displayed on the terminal, and when the self-test is over, the user is prompted to type enter, and then a command line prompt appears (such as).

Type the command to configure the Ethernet switch or view the operational status of the Ethernet switch. You can type "?" at any time if you need help.

2. Command view

(1) user view (view the simple operation status and statistics of the switch): enter as soon as you establish a connection with the switch

(2) system view (configure system parameters) [Quidway]: type system-view in the user view

(3) Ethernet port view (configure Ethernet port parameters) [Quidway-Ethernet0/1]: type interface ethernet 0can1 in the system view.

(4) VLAN view (configure VLAN parameters) [Quidway-Vlan1]: type vlan 1 under the system view

(5) VLAN interface view (configure IP interface parameters corresponding to VLAN and VLAN aggregation) [Quidway-Vlan-interface1]: type interface vlan-interface 1 in the system view

(6) Local user view (configure local user parameters) [Quidway-luser-user1]: type local-user user1 in the system view

(7) user interface view (configure user interface parameters) [Quidway-ui0]: type user-interface in the system view

3. Other commands

Set system time and time zone clock timeBeijing add 8

Clock datetime 12:00:00 2005-01-23

Set the name of the switch [Quidway] sysname TRAIN-3026-1 [TRAIN-3026-1]

Configure users to log in to [Quidway] user-interface vty 0 4

[Quidway-ui-vty0] authentication-modescheme

Create a local user [Quidway] local-user huawei

[Quidway-luser-huawei] password simple huawei

[Quidway-luser-huawei] service-type telnet level 3

4. VLAN configuration method

Configure environment parameters

SwitchA port E0Universe 1 belongs to VLAN2,E0/2, belongs to VLAN3.

"networking requirements"

Add switch port E0amp1 to VLAN2, and E0Blue2 to VLAN3

Data configuration steps

"VLAN configuration process"

(1) by default, all ports belong to VLAN 1, and the ports are access ports. An access port can only belong to one vlan.

(2) if the port is an access port, when the port is added to another vlan, the system automatically deletes the port from the original vlan

(3) in addition to VLAN1, if VLAN XX does not exist, type VLAN XX in system view to create VLAN XX and enter VLAN view; if VLAN XX already exists, enter VLAN view.

[SwitchA related configuration]

Method 1:

(1) create (enter) vlan2

[SwitchA] vlan 2

(2) add port E0ram1 to vlan2

[SwitchA-vlan2] port ethernet 0/1

(3) create (enter) vlan3

[SwitchA-vlan2] vlan 3

(4) add port E0ram2 to vlan3

[SwitchA-vlan3] port ethernet 0/2

Method 2:

(1) create (enter) vlan2

[SwitchA] vlan 2

(2) enter port E0ram 1 view

[SwitchA] interface ethernet 0/1

(3) designated port E0ram 1 belongs to vlan2

[SwitchA-Ethernet1] port access vlan 2

(4) create (enter) vlan3

[SwitchA] vlan 3

(5) enter port E0ram 2 view

[SwitchA] interface ethernet 0/2

(6) designated port E0ram 2 belongs to vlan3

[SwitchA-Ethernet2] port access vlan 3

Test verification

(1) using the command disp cur, you can see that port E0ram 1 belongs to vlan2,E0/2 and belongs to vlan3.

(2) you can see that the port is an access port and the PVID is 2 when you use display interface Ethernet 0amp 1.

(3) you can see that the port is an access port and the PVID is 3 when you use display interface Ethernet 0ram 2.

5. Switch IP address configuration

Functional requirements and networking instructions

Configure environment parameters

The layer 3 switch SwitchA has two ports ethetnet 0swap 1 and ethernet 0apace 2, which belong to vlan 2 and vlan 3 respectively.

Take the layer 3 interface address of vlan 2 as the gateway of PC1, which is 1.0.0.1 Universe 24 respectively.

Take the interface address of layer 3 of vlan 3 as the gateway of PC2, which is 2.0.0.1 Universe 24 respectively.

"networking requirements"

PC1 and PC2 communicate with each other through layer 3 interface

[SwitchA related configuration]

(1) create (enter) vlan2

[Quidway] vlan 2

(2) add port E0ram1 to vlan2

[Quidway-vlan2] port ethernet 0/1

(3) enter the virtual interface of vlan2

[Quidway-vlan2] interface vlan2

(4) configure IP address on the virtual interface of vlan2

[Quidway-Vlan-interface2] ip address 1.0.0.1 255.255.255.0

(5) create (enter) vlan3

[Quidway] vlan 3

(6) add E0Compact 2 to vlan3

[Quidway-vlan3] port ethernet 0/2

(7) enter the virtual interface of vlan3

[Quidway-vlan3] interface vlan3

(8) configure IP address on the virtual interface of vlan3

[Quidway-Vlan-interface3] ip address 2.0.0.1 255.255.255.0

Test verification

(1) both PC1 and PC2 can PING their own gateways.

(2) PC1 and PC2 can communicate with each other through PING.

6. Trunk configuration of the port

Configure environment parameters

(1) SwitchA port E0ram 1 belongs to vlan10,E0/2 and belongs to vlan20,E0/3 and SwitchB port E0Unix 3 interconnection

(2) SwitchB port E0ram 1 belongs to vlan10,E0/2 and belongs to vlan20,E0/3 and SwitchA port E0Unix 3 interconnection

"networking requirements"

(1) PC interworking between vlan10 PC of SwitchA and vlan10 of SwitchB is required.

(2) PC interworking between vlan20 PC of SwitchA and vlan20 of SwitchB

Data configuration steps

[SwitchA related configuration]

(1) create (enter) vlan10

[SwitchA] vlan 10

(2) add E0Compare 1 to vlan10

[SwitchA-vlan10] port Ethernet 0/1

(3) create (enter) vlan20

[SwitchA] vlan 20

(4) add E0Compact 2 to vlan20

[SwitchA-vlan20] port Ethernet 0/2

(5) in practice, the uplink port is generally set to trunk attribute, which allows vlan to transmit transparently

[SwitchA-Ethernet0/3] port link-type trunk

(6) allow all vlan to pass through from port E0ram 3, or specify a specific VLAN value.

[SwitchA-Ethernet0/3] port trunk permit vlan all

[SwitchB related configuration]

(1) create (enter) vlan10

[SwitchB] vlan 10

(2) add E0Compare 1 to vlan10

[SwitchB-vlan10] port Ethernet 0/1

(3) create (enter) vlan20

[SwitchB] vlan 20

(4) add E0Compact 2 to vlan20

[SwitchB-vlan20] port Ethernet 0/2

(5) in practice, the uplink port is generally set to trunk attribute, which allows vlan to transmit transparently

[SwitchB-Ethernet0/3] port link-type trunk

(7) allow all vlan to pass through from port E0ram 3, or specify a specific VLAN value.

[SwitchB-Ethernet0/3] port trunk permit vlan all

[supplementary note]

(1) if a port is a trunk port, the port can belong to multiple vlan

(2) by default, the PVID of the trunk port is 1. You can modify the PVID of the port by using the command port trunk pvid vlan vlanid in port mode.

(3) if the vlan id of the data message forwarded from the trunk is the same as the PVID of the port, the VLAN information of the message will be stripped, which should be paid attention to when configuring the trunk port.

(4) if a port is already set as a hybrid port on a switch, another port cannot be set as a trunk port.

(5) in general, it is best to specify which specific VLAN is allowed through the port, and do not set to allow all VLAN to pass.

Test verification

(1) PC in SwitchA vlan10 can be interconnected with PC in SwitchBvlan10

(2) PC in SwitchA vlan20 can be interconnected with PC in SwitchBvlan20

(3) PC in SwitchA vlan10 cannot interwork with PC in SwitchBvlan20

(4) PC in SwitchA vlan20 cannot communicate with PC in SwitchBvlan10.

7. Port trunking configuration

Configure environment parameters

(1) the switch SwitchA and SwitchB are interconnected through the Ethernet port.

(2) the ports used by the SwitchA for interconnection are e0Charact1 and e0Univer2reSwitchB, and the ports used for interconnection are e0Charact1 and e0Universe 2.

"networking requirements"

Increase the bandwidth of the interconnection link of SwitchA's SwitchB, and be able to achieve link backup and use port trunking

Data configuration steps

[SwitchA switch configuration]

(1) enter port E0Unition1

[SwitchA] interface Ethernet 0/1

(2) the trunk port must work in full-duplex mode.

[SwitchA-Ethernet0/1] duplex full

(3) the port rate of trunking is the same, but it cannot be adaptive.

[SwitchA-Ethernet0/1] speed 100

(4) enter port E0Unition2

[SwitchA] interface Ethernet 0/2

(5) the trunk port must work in full-duplex mode.

[SwitchA-Ethernet0/2] duplex full

(6) the port rate of trunking is the same, but it cannot be adaptive.

[SwitchA-Ethernet0/2] speed 100

(7) Port selection and trunking based on source and destination MAC

[SwitchA] link-aggregation Ethernet 0/1 to Ethernet 0/2 both

[SwitchB switch configuration]

[SwitchB] interface Ethernet 0/1

[SwitchB-Ethernet0/1] duplex full

[SwitchB-Ethernet0/1] speed 100

[SwitchB] interface Ethernet 0/2

[SwitchB-Ethernet0/2] duplex full

[SwitchB-Ethernet0/2] speed 100

[SwitchB] link-aggregation Ethernet 0/1 to Ethernet 0/2 both

[supplementary note]

(1) the link type of the member port in the same aggregation group is the same as that of the main port, that is, if the primary port is a Trunk port, the member port is also a Trunk port; if the link type of the primary port is changed to an Access port, the link type of the member port also becomes an Access port.

(2) different products have different requirements for the starting port number of port trunking. Please refer to the Operation Manual for configuration.

8. Port image configuration

Environment configuration parameters

(1) the PC1 is connected to the switch E0ax 1, and the IP address is 1.1.1.1 Universe 24

(2) the PC2 is connected to the switch E0ax 2, and the IP address is 2.2.2.2 Universe 24.

(3) E0thumb 24 is the uplink port of the switch.

(4) Server is connected to switch E0ax 8, which is used as a mirror port.

"networking requirements"

(1) through the function of switch port mirroring, use server to monitor the business messages of the two pc.

Images are configured in different ways depending on the model of the Quidway switch:

Port-based mirroring-Port-based mirroring makes a complete copy of the incoming and outgoing data packets of the mirrored port to the mirror port for traffic observation or fault location.

Flow-based mirroring-A switch based on flow mirroring mirrors certain streams, and each connection has two directions of data flow. For the switch, the two streams are mirrored separately.

Switches such as S2008/S2016/S2026/S2403H/S3026 support port-based mirroring

8016 switch supports port-based mirroring

3500/3026E/3026F/3050 supports stream-based mirroring

5516Accord 6506Universe 6503Universe 6506R supports mirroring inbound port traffic

Data configuration steps

Take Quidway S3026C as an example, it is configured by mirroring based on two-layer flow:

(1) define an ACL

[SwitchA] acl num 200

(2) define a rule packet that is sent from E0Plac1 to all other ports

[SwitchA] rule 0 permit ingress interface Ethernet0/1 egressinterface Ethernet0/2

(3) define a packet with a rule from all other ports to E0ram port 1.

[SwitchA] rule 1 permit ingress interface Ethernet0/2 egressinterface Ethernet0/1

(4) Mirror the packets that conform to the above ACL to E0UB8

[SwitchA] mirrored-to link-group 200 interface e0/8

9. Spanning Tree STP configuration

Configure environment parameters

(1) switches SwitchA, SwitchB and SwitchC are all interconnected through GE interfaces.

(2) SwitchB and SwitchC switches are core switches, which require active and standby switches.

"networking requirements"

Require the entire network to run the STP protocol

Data configuration steps

(1) [SwitchA switch configuration]

Start spanning Tree Protocol: [SwitchA] stp enable

(1) [SwitchB switch configuration]

Start spanning Tree Protocol: [SwitchB] stp enable

(3) configure this bridge as the root bridge

[SwitchB] stp root primary

(4) [SwitchC switch configuration]

A start spanning Tree Protocol [SwitchC] stp enable

B configure this bridge as backup root bridge [SwitchC] stp root secondary

(5) [SwitchD switch configuration]

A start spanning Tree Protocol [SwitchD] stp enable

[supplementary note]

(1) by default, the priority of a switch is 32768. If you want to artificially designate a switch as the root switch, you can also modify the priority to achieve this.

(2) when spanning tree is opened by default, all ports will have spanning Tree Protocol enabled. Please change the port connected to PC to edge port mode.

(3) if you want to control the state of a link, you can set the cost value of the port.

Test verification

(1) use display stp to view the STP running status of the switch.

(2) check whether the port STP status display stpinterface Ethernet XX is correct

10. Quidway switch maintenance

Display system version information: display version

Display diagnostic information: display diagnostic-information

Displays the current system configuration: display current-configuration

Display system Save configuration: display saved-configuration

Display interface information: display interface

Display routing information: display ip routing-table

Display VLAN information: display vlan

Display spanning tree information: display stp

Show MAC address table: display mac-address

Display ARP information: display arp

Display system CPU usage: display cpu

Display system memory usage: display memory

Show Syslog: display log

Display system clock: display clock

After verifying that the configuration is correct, use the save configuration command: save

To delete a command, generally use the command: undo

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.