华为交换机配置命令

华为交换机配置命令

1.改名

Sysname bolan

2.设置本地全局配置密码

super password level 3 yunwei

3.设置telnet远程终端

user-interface vty 0 4

虚拟终端

authentication-mode password

set authentication-mode password cisco

user privilege level 15

4.设置vlanID和改名

vlan 2

vlan 3

vlan 4

vlan 5

vlan 6

vlan 7

vlan 8

vlan 9

vlan 10 ;进入 ;设置口令模;设置口令

vlan 12

5.将端口加入vlan

int vlan 2

port e0/1 to e0/3

int vlan 3

port e0/4 to e0/6

int vlan 4

port e0/7 to e0/9

int vlan 5

port e0/10 to e0/12

int vlan 6

port e0/13 to e0/15

int vlan 7

port e0/16 to e0/18

int vlan 8

port e0/19 to e0/21

int vlan 9

port e0/24

6.查看vlan状态

dis vlan

7.设置vlan接口虚拟ip

int vlan 2

ip add 192.168.2.254 255.255.255.0

undo shutdown

int vlan 3

ip add 192.168.3.254 255.255.255.0

undo shutdown

int vlan 4

ip add 192.168.4.254 255.255.255.0

undo shutdown

int vlan 5

ip add 192.168.5.254 255.255.255.0

undo shutdown

int vlan 6

ip add 192.168.6.254 255.255.255.0

undo shutdown

int vlan 7

ip add 192.168.7.254 255.255.255.0

undo shutdown

int vlan 8

ip add 192.168.8.254 255.255.255.0

undo shutdown

8.将24端口设置vlan配置ip和路由同一网段

int vlan 9

ip add 10.1.1.1 255.255.255.0

undo shutdown

9.海蜘蛛内网:10.1.1.1.2

9.给3层交换添加静态路由

ip route-static 0.0.0.0 0.0.0.0 10.1.1.2

ip route-static 0.0.0.0 0.0.0.0 192.168.10.1 preference 60

10.海蜘蛛添加静态路由:

192.168.2.0 255.255.255.0 10.1.1.1

192.168.3.0 255.255.255.0 10.1.1.1

192.168.4.0 255.255.255.0 10.1.1.1

192.168.5.0 255.255.255.0 10.1.1.1

192.168.6.0 255.255.255.0 10.1.1.1

192.168.7.0 255.255.255.0 10.1.1.1

192.168.8.0 255.255.255.0 10.1.1.1

192.168.9.0 255.255.255.0 10.1.1.1

192.168.10.0 255.255.255.0 10.1.1.1

11.Acl控制列表

基本acl取值范围:2000---2999

Rule 0 permit source 192.168.0.2 0(华为acl)

Acl number 2000

Rule permit tcp source 192.168.1.0 0.0.0.255 destination 192.168.2.0 0.0.0.255 destination-port eq 80

允许1.0的网段像2.0的80发送报文

Acl number 2001

Rule 0 deny ip source 192.168.3.0 0.0.0.255 destination 192.168.5.0 0.0.0.255(禁止3.0访问5.0)

Rule 1 deny ip source 192.168.3.0 0.0.0.255 destination 192.168.8.0 0.0.0.255(禁止3.0网段访问8.0)

3002

Rule deny source any

Rule permit source 192.168.5.0 0.0.0.255

以此类推

12.下发到访问控制列表

Int eth0/1

Packet-filter inbound ip-group 2001(应用acl到相应网段) 以此类推

13.保存配置

Save

14.删除配置命令

>reset saved-configuration

>reboot

路由策略规则:

1.定义前缀列表(功能类同与ACL,

功能:告诉路由器,哪些流量是要进行策略路由的

ip ip-prefix bangong index 10 permit 192.168.2.0 24 ip ip-prefix fuwuqi index 10 permit 192.168.11.0 24

一个前缀列表可定义多个网段,

2、启用路由策略

sys

route-policy bangong permit node 10

route-policy fuwuqi permit node 10 进入策略路由配置模式下

if-match ip-prefix bangong

if-match ip-prefix fuwuqi 调用需要配置策略路由的流量 apply ip-address next-hop 192.168.20.1

apply ip-address next-hop 192.168.10.1 指定相应流量的下一跳地址

时间修改:clock datetime 11:06:00 2012-04-16

将端口trunk修改才access

port-group vlan2

group-member GigabitEthernet0/0/1 to g0/0/24 port link-type access

设置ftp服务

ftp server enable

aaa

local-user huawei password simple huawei local-user huawei level 15

local-user huawei service-type ftp local-user huawei ftp-directory flash: 华为web界面配置

http server enable

aaa

local-user huawei password simple huawei local-user huawei service-type http

http timeout (时间)

1.改名

sysname bolan

2.创建vlan

vlan 3

vlan 4

vlan 5

vlan 6

vlan 7

vlan 8

vlan 9

vlan 11

vlan 12

vlan 13

vlan 100

vlan 200

3.添加vlan端口

vlan 2

port GigabitEthernet 0/0/1 to 0/0/2 vlan 3

port GigabitEthernet 0/0/3 to 0/0/4 vlan 4

port GigabitEthernet 0/0/5 to 0/0/6 vlan 5

port GigabitEthernet 0/0/7 to 0/0/8

port GigabitEthernet 0/0/9 to 0/0/10 vlan 7

port GigabitEthernet 0/0/11 to 0/0/12 vlan 8

port GigabitEthernet 0/0/13 to 0/0/14 vlan 9

port GigabitEthernet 0/0/15 to 0/0/16 vlan 11

port GigabitEthernet 0/0/17 to 0/0/18 vlan 12

port GigabitEthernet 0/0/19 to 0/0/20 vlan 13

port GigabitEthernet 0/0/21 to 0/0/22 vlan 100

port GigabitEthernet 0/0/23 vlan 200

port GigabitEthernet 0/0/24

4.添加vlan ip地址

ip address 192.168.2.254 255.255.255.0

interface Vlanif3

ip address 192.168.3.254 255.255.255.0

interface Vlanif4

ip address 192.168.4.254 255.255.255.0

interface Vlanif5

ip address 192.168.5.254 255.255.255.0

interface Vlanif6

ip address 192.168.6.254 255.255.255.0

interface Vlanif7

ip address 192.168.7.254 255.255.255.0

interface Vlanif8

ip address 192.168.8.254 255.255.255.0

interface Vlanif9

ip address 192.168.9.254 255.255.255.0

interface Vlanif11

ip address 192.168.11.254 255.255.255.0

ip address 192.168.12.254 255.255.255.0

interface Vlanif13

ip address 192.168.13.254 255.255.255.0

interface Vlanif100

ip address 192.168.20.254 255.255.255.0

interface Vlanif200

ip address 192.168.10.254 255.255.255.0

创建acl列表规则

acl number 3001

rule permit ip source 192.168.2.200 0.0.0.255 destination 192.168.4.0 0.0.0.255

acl number 3002

rule deny ip source 192.168.2.0 0.0.0.255 destination 192.168.3.0 0.0.0.255

rule deny ip source 192.168.4.0 0.0.0.255 destination 192.168.5.0 0.0.0.255

acl number 3003

配置流分类

traffic classifier c1

if-match acl 3001

quit

traffic classifier c2

if-match acl 3002

quit

traffic classifier c3

if-match acl 3003

quit

配置流行为

traffic behavior b1

deny

quit

traffic behavior b2

deny

quit

traffic behavior b3

deny

quit

配置流策略:

定义流策略,将流分类与流行为关联

traffic policy test

classiffier c1 behavior b1

classiffier c2 behavior b2

classiffier c3 behavior b3

应用流策略到g 0/0/1

Traffic policy does not exist!

int g 0/0/1

traffic-policy test inbound

quit

查看命令:

dis acl 3001(查看acl规则)

dis traffic classifier user-defined(查看流分类的配置信息) dis traffic policy user-defined test(查看流策略配置信息)

华为交换机配置命令

1.改名

Sysname bolan

2.设置本地全局配置密码

super password level 3 yunwei

3.设置telnet远程终端

user-interface vty 0 4

虚拟终端

authentication-mode password

set authentication-mode password cisco

user privilege level 15

4.设置vlanID和改名

vlan 2

vlan 3

vlan 4

vlan 5

vlan 6

vlan 7

vlan 8

vlan 9

vlan 10 ;进入 ;设置口令模;设置口令

vlan 12

5.将端口加入vlan

int vlan 2

port e0/1 to e0/3

int vlan 3

port e0/4 to e0/6

int vlan 4

port e0/7 to e0/9

int vlan 5

port e0/10 to e0/12

int vlan 6

port e0/13 to e0/15

int vlan 7

port e0/16 to e0/18

int vlan 8

port e0/19 to e0/21

int vlan 9

port e0/24

6.查看vlan状态

dis vlan

7.设置vlan接口虚拟ip

int vlan 2

ip add 192.168.2.254 255.255.255.0

undo shutdown

int vlan 3

ip add 192.168.3.254 255.255.255.0

undo shutdown

int vlan 4

ip add 192.168.4.254 255.255.255.0

undo shutdown

int vlan 5

ip add 192.168.5.254 255.255.255.0

undo shutdown

int vlan 6

ip add 192.168.6.254 255.255.255.0

undo shutdown

int vlan 7

ip add 192.168.7.254 255.255.255.0

undo shutdown

int vlan 8

ip add 192.168.8.254 255.255.255.0

undo shutdown

8.将24端口设置vlan配置ip和路由同一网段

int vlan 9

ip add 10.1.1.1 255.255.255.0

undo shutdown

9.海蜘蛛内网:10.1.1.1.2

9.给3层交换添加静态路由

ip route-static 0.0.0.0 0.0.0.0 10.1.1.2

ip route-static 0.0.0.0 0.0.0.0 192.168.10.1 preference 60

10.海蜘蛛添加静态路由:

192.168.2.0 255.255.255.0 10.1.1.1

192.168.3.0 255.255.255.0 10.1.1.1

192.168.4.0 255.255.255.0 10.1.1.1

192.168.5.0 255.255.255.0 10.1.1.1

192.168.6.0 255.255.255.0 10.1.1.1

192.168.7.0 255.255.255.0 10.1.1.1

192.168.8.0 255.255.255.0 10.1.1.1

192.168.9.0 255.255.255.0 10.1.1.1

192.168.10.0 255.255.255.0 10.1.1.1

11.Acl控制列表

基本acl取值范围:2000---2999

Rule 0 permit source 192.168.0.2 0(华为acl)

Acl number 2000

Rule permit tcp source 192.168.1.0 0.0.0.255 destination 192.168.2.0 0.0.0.255 destination-port eq 80

允许1.0的网段像2.0的80发送报文

Acl number 2001

Rule 0 deny ip source 192.168.3.0 0.0.0.255 destination 192.168.5.0 0.0.0.255(禁止3.0访问5.0)

Rule 1 deny ip source 192.168.3.0 0.0.0.255 destination 192.168.8.0 0.0.0.255(禁止3.0网段访问8.0)

3002

Rule deny source any

Rule permit source 192.168.5.0 0.0.0.255

以此类推

12.下发到访问控制列表

Int eth0/1

Packet-filter inbound ip-group 2001(应用acl到相应网段) 以此类推

13.保存配置

Save

14.删除配置命令

>reset saved-configuration

>reboot

路由策略规则:

1.定义前缀列表(功能类同与ACL,

功能:告诉路由器,哪些流量是要进行策略路由的

ip ip-prefix bangong index 10 permit 192.168.2.0 24 ip ip-prefix fuwuqi index 10 permit 192.168.11.0 24

一个前缀列表可定义多个网段,

2、启用路由策略

sys

route-policy bangong permit node 10

route-policy fuwuqi permit node 10 进入策略路由配置模式下

if-match ip-prefix bangong

if-match ip-prefix fuwuqi 调用需要配置策略路由的流量 apply ip-address next-hop 192.168.20.1

apply ip-address next-hop 192.168.10.1 指定相应流量的下一跳地址

时间修改:clock datetime 11:06:00 2012-04-16

将端口trunk修改才access

port-group vlan2

group-member GigabitEthernet0/0/1 to g0/0/24 port link-type access

设置ftp服务

ftp server enable

aaa

local-user huawei password simple huawei local-user huawei level 15

local-user huawei service-type ftp local-user huawei ftp-directory flash: 华为web界面配置

http server enable

aaa

local-user huawei password simple huawei local-user huawei service-type http

http timeout (时间)

1.改名

sysname bolan

2.创建vlan

vlan 3

vlan 4

vlan 5

vlan 6

vlan 7

vlan 8

vlan 9

vlan 11

vlan 12

vlan 13

vlan 100

vlan 200

3.添加vlan端口

vlan 2

port GigabitEthernet 0/0/1 to 0/0/2 vlan 3

port GigabitEthernet 0/0/3 to 0/0/4 vlan 4

port GigabitEthernet 0/0/5 to 0/0/6 vlan 5

port GigabitEthernet 0/0/7 to 0/0/8

port GigabitEthernet 0/0/9 to 0/0/10 vlan 7

port GigabitEthernet 0/0/11 to 0/0/12 vlan 8

port GigabitEthernet 0/0/13 to 0/0/14 vlan 9

port GigabitEthernet 0/0/15 to 0/0/16 vlan 11

port GigabitEthernet 0/0/17 to 0/0/18 vlan 12

port GigabitEthernet 0/0/19 to 0/0/20 vlan 13

port GigabitEthernet 0/0/21 to 0/0/22 vlan 100

port GigabitEthernet 0/0/23 vlan 200

port GigabitEthernet 0/0/24

4.添加vlan ip地址

ip address 192.168.2.254 255.255.255.0

interface Vlanif3

ip address 192.168.3.254 255.255.255.0

interface Vlanif4

ip address 192.168.4.254 255.255.255.0

interface Vlanif5

ip address 192.168.5.254 255.255.255.0

interface Vlanif6

ip address 192.168.6.254 255.255.255.0

interface Vlanif7

ip address 192.168.7.254 255.255.255.0

interface Vlanif8

ip address 192.168.8.254 255.255.255.0

interface Vlanif9

ip address 192.168.9.254 255.255.255.0

interface Vlanif11

ip address 192.168.11.254 255.255.255.0

ip address 192.168.12.254 255.255.255.0

interface Vlanif13

ip address 192.168.13.254 255.255.255.0

interface Vlanif100

ip address 192.168.20.254 255.255.255.0

interface Vlanif200

ip address 192.168.10.254 255.255.255.0

创建acl列表规则

acl number 3001

rule permit ip source 192.168.2.200 0.0.0.255 destination 192.168.4.0 0.0.0.255

acl number 3002

rule deny ip source 192.168.2.0 0.0.0.255 destination 192.168.3.0 0.0.0.255

rule deny ip source 192.168.4.0 0.0.0.255 destination 192.168.5.0 0.0.0.255

acl number 3003

配置流分类

traffic classifier c1

if-match acl 3001

quit

traffic classifier c2

if-match acl 3002

quit

traffic classifier c3

if-match acl 3003

quit

配置流行为

traffic behavior b1

deny

quit

traffic behavior b2

deny

quit

traffic behavior b3

deny

quit

配置流策略:

定义流策略,将流分类与流行为关联

traffic policy test

classiffier c1 behavior b1

classiffier c2 behavior b2

classiffier c3 behavior b3

应用流策略到g 0/0/1

Traffic policy does not exist!

int g 0/0/1

traffic-policy test inbound

quit

查看命令:

dis acl 3001(查看acl规则)

dis traffic classifier user-defined(查看流分类的配置信息) dis traffic policy user-defined test(查看流策略配置信息)


相关文章

  • 华为路由器命令

    • 华为华为路由器交换机配置命令大全 一.计算机命令 PCAlogin:root 使用root用户 password:linux 口令是linux #shutdown-hnow 关机 #init 0 关机 #logout 用户注销 #login ...查看


  • 华为三层交换机配置方法.命令及实例

    • 华为三层交换机配置方法(1) (2008-07-21 11:27:34) 转载 标签: 分类: 工作汇报 杂谈 本文以河南平临高速所使用的华为华三通信的H3C S3600-28P-SI为例,配置前首先要确定型号后缀是SI还是EI,EI的支持 ...查看


  • 华为S5700三交换机常用命令

    • 进入接口视图 操作步骤 1. 2. 3. 4. 5. 执行命令,进入系统视图. 执行命令 interface-type interface-number,进入指定接口的接口视图. 执行命令 description,配置接口描述. 执行命令, ...查看


  • 华为交换机配置命令大全2009

    • 华为交换机配置命令大全 2009-04-06 20:10 华为交换机配置命令大全之 4.1 VLAN简介 VLAN(Virtual Local Area Network)即虚拟局域网,是一种通过将局域网内的设备逻辑地而不是物理地划分成一个个 ...查看


  • 华为交换机配置步骤与命令注释

    • 华为交换机配置步骤与命令注释 1.sys 进入配置模式 2.sysname NAME 为交换机配置一个物理场所名字 3.Vlan ID 配置一个Vlan 4.q 退出当前配置 5.[NAME]Interface Ethernet 0/0/1 ...查看


  • 华为认证网络工程师考试复习资料大全

    • <华为认证网络工程师>自测题一 1.在一个以太网中,30台PC通过QUTDWAY R2501路由器S0口连接INTERNET,QUIDWAY R2501路由器配置如下: Qutidway(config-if-e0)#ip add ...查看


  • 华为交换机配置实例手册telnet密码配置方法

    • 华为交换机配置实例手册 telnet密码配置方法 sys 进入到系统视图 Enter system view, return to user view with Ctrl+Z. [Quidway]user-interface aux 0 [ ...查看


  • 华为交换机配置命令手册及实验

    • Huawei交换机配置命令手册: 1.开始 建立本地配置环境,将主机的串口通过配置电缆与以太网交换机的Console口连接.在主机上运行终端仿真程序(如Windows的超级终端等),设置终端通信参数为:波特率为9600bit/s.8位数据位 ...查看


  • 华为STP配置案例

    • STP配置案例 1简介 在二层交换网络中,一旦存在环路就会造成报文在环路内不断循环和增生,产生广播风暴,从而占用所有的有效带宽,使网络变得无法正常通信. 在这种环境下生成树协议应运而生,生成树协议是一种二层管理协议,它通过有选择性地阻塞网络 ...查看


热门内容