NAT
【 Router 】
华
组网描述 :
PC---------------------3050C-------------------------AR28-31-------------------------INTERNET
组网实现 :
3050C 上划分多个 VLAN, 在 AR28-31上终结 VLAN
网 , 所有的 PC 机都通过 AR28-31分配 IP 地址和 DNS
[AR28-31]dis cu
#
sysname Quidway
#
FTP server enable
#
nat address-group 0 222.222.222.2 222.222.222.10用于上公网的地址池 #
radius scheme system
#
domain system
#
local-user admin
password
cipher .]@USE=B,53Q=^Q`MAF4<1!! service-type="" telnet="">1!!>
level 3
service-type ftp
local-user
huawei telnet用户 , 用于远程管理
password simple huawei
service-type telnet
level 3
#
dhcp server ip-pool 10为 VLAN10
gateway-list 192.168.10.1
dns-list 100.100.100.100
#
dhcp server ip-pool 20为 VLAN20
gateway-list 192.168.20.1
dns-list 100.100.100.100
#
dhcp server ip-pool 30为 VLAN30
gateway-list 192.168.30.1
dns-list 100.100.100.100
#
dhcp server ip-pool 40为 VLAN40
gateway-list 192.168.40.1
dns-list 100.100.100.100
#
interface Aux0
async mode flow
#
interface
Ethernet1/0用于与交换 机的管理 IP 互通
ip address 192.168.100.1 255.255.255.0 firewall packet-filter 3000 inbound #
interface
Ethernet1/0.1终
tcp mss 1024
ip address 192.168.10.1 255.255.255.0 firewall packet-filter 3000 inbound vlan-type dot1q vid 10
#
interface
Ethernet1/0.2终
tcp mss 1024
ip address 192.168.20.1 255.255.255.0 firewall packet-filter 3000 inbound vlan-type dot1q vid 20
#
interface
Ethernet1/0.3终结交换机 上的 VLAN30
tcp mss 1024
ip address 192.168.30.1 255.255.255.0 firewall packet-filter 3000 inbound vlan-type dot1q vid 30
#
interface
Ethernet1/0.4终结交换机 上的 VLAN40
tcp mss 1024
ip address 192.168.40.1 255.255.255.0 firewall packet-filter 3000 inbound vlan-type dot1q vid 40
#
interface Ethernet2/0
ip address 222.222.222.1 255.255.255.0 nat outbound 2000 address-group 0进行私网到公网的地址转换 #
interface NULL0
#
acl number 2000允许 192.168.0.0 这个网段的地址进行地址转 换
rule 0 permit source 192.168.0.0 0.0.255.255
rule 1 deny
#
acl number 3000
rule 0 deny udp destination-port eq tftp rule 1 deny tcp destination-port eq 135 rule 2 deny udp destination-port eq 135 rule 3 deny udp destination-port eq netbios-ns
rule 4 deny udp destination-port eq netbios-dgm
rule 5 deny tcp destination-port eq 139 rule 6 deny udp destination-port eq netbios-ssn
rule 7 deny tcp destination-port eq 445 rule 8 deny udp destination-port eq 445 rule 9 deny tcp destination-port eq 539 rule 10 deny udp destination-port eq 539 rule 11 deny udp destination-port eq 593 rule 12 deny tcp destination-port eq 593 rule 13 deny udp destination-port eq 1434
rule 14 deny tcp destination-port eq 4444
rule 15 deny tcp destination-port eq 9996
rule 16 deny tcp destination-port eq 5554
rule 17 deny udp destination-port eq 9996
rule 18 deny udp destination-port eq 5554
rule 19 deny tcp destination-port eq 137 rule 20 deny tcp destination-port eq 138 rule 21 deny tcp destination-port eq 1025
rule 22 deny udp destination-port eq 1025
rule 23 deny tcp destination-port eq 9995
rule 24 deny udp destination-port eq 9995
rule 25 deny tcp destination-port eq 1068
rule 26 deny udp destination-port eq 1068
rule 27 deny tcp destination-port eq 1023
rule 28 deny udp destination-port eq 1023
#
ip route-static 0.0.0.0 0.0.0.0 222.222.222.254 preference 60到电信 网关的缺省路由
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
===================================== ==========================
# sysname Quidway # radius scheme system server-type huawei primary authentication 127.0.0.1 1645 primary accounting 127.0.0.1 1646 user-name-format without-domain domain system radius-scheme system access-limit disable state active vlan-assignment-mode integer idle-cut disable self-service-url disable messenger time disable domain default enable system # local-server nas-ip 127.0.0.1 key huawei local-user huawei password simple huawei service-type telnet level 3 # vlan 1 # vlan 10 # vlan 20 # vlan 30 # vlan 40 # interface Vlan-interface1管理 IP ip address 192.168.100.2 255.255.255.0 # interface Aux0/0 # interface Ethernet0/1 port access vlan 10 # interface Ethernet0/2 port access vlan 10 # interface Ethernet0/3 port access vlan 10 # interface Ethernet0/4 port access vlan 10 # interface Ethernet0/5 port access vlan 10 # interface Ethernet0/6 port access vlan 10 # interface Ethernet0/7 port access vlan 10 # interface Ethernet0/8 port access vlan 10 # interface Ethernet0/9 port access vlan 10 # interface Ethernet0/10 port access vlan 10 # interface Ethernet0/11 port access vlan 20 # interface Ethernet0/12 port access vlan 20 # interface Ethernet0/13 port access vlan 20 # interface Ethernet0/14 port access vlan 20 # interface Ethernet0/15 port access vlan 20 # interface Ethernet0/16 port access vlan 20 # interface Ethernet0/17 port access vlan 20 # interface Ethernet0/18 port access vlan 20 # interface Ethernet0/19 port access vlan 20 # interface Ethernet0/20 port access vlan 20 # interface Ethernet0/21 port access vlan 30 # interface Ethernet0/22 port access vlan 30 # interface Ethernet0/23 port access vlan 30 # interface Ethernet0/24 port access vlan 30 # interface Ethernet0/25 port access vlan 30 # interface Ethernet0/26 port access vlan 30 # interface Ethernet0/27 port access vlan 30 # interface Ethernet0/28 port access vlan 30 # interface Ethernet0/29 port access vlan 30 # interface Ethernet0/30 port access vlan 30 # interface Ethernet0/31 port access vlan 40 # interface Ethernet0/32 port access vlan 40 # interface Ethernet0/33 port access vlan 40 # interface Ethernet0/34 port access vlan 40 # interface Ethernet0/35 port access vlan 40 # interface Ethernet0/36 port access vlan 40 # interface Ethernet0/37 port access vlan 40 # interface Ethernet0/38 port access vlan 40 # interface Ethernet0/39 port access vlan 40 # interface Ethernet0/40 port access vlan 40 # interface Ethernet0/41 port access vlan 40 # interface Ethernet0/42 port access vlan 40 # interface Ethernet0/43 port access vlan 40 # interface Ethernet0/44 port access vlan 40 # interface Ethernet0/45 port access vlan 40 # interface Ethernet0/46 port access vlan 40 # interface Ethernet0/47 port access vlan 40 # interface Ethernet0/48 上行口 port link-type trunk port trunk permit vlan 1 10 20 30 40 只 interface NULL0 # user-interface aux 0 user-interface vty 0 4 # return 了 章 华为 2700 串口 9600波特率进入交机,进入后为 [Quidway]display current-configuration;显示当前配置 [Quidway]vlan 100;创 [Quidway-vlan100]quit; [Quidway]interface Ethernet0/0/1;进入端口 1 [Quidway-Ethernet0/0/1]port link-type access;设置为 access 模式 [Quidway-Ethernet0/0/1]port default vlan 100;设置默认 vlan 为 100 [Quidway]quit;退出端口 1 [Quidway]interface GigabitEthernet 0/0/1;进入光口 1 [Quidway-GigabitEthernet0/0/1]port link-type trunk;设置为 trunk 模式 [Quidway-GigabitEthernet0/0/1]port trunk allow-pass vlan all; [Quidway-GigabitEthernet0/0/1]port-mirroring to observe-port 1 both;设置为被镜像口, [Quidway-GigabitEthernet0/0/1]quit; [Quidway]interface Ethernet0/0/8;进入 8端口 [Quidway-Ethernet0/0/8]port link-type access;设置为 access 模式 [Quidway-Ethernet0/0/8]port default vlan 100;允许通过 vlan100 [Quidway-Ethernet0/0/8]quit [Quidway]observe-port 1 interface Ethernet 0/0/8;设置 8口为抓包口,可以抓取到光口 1的上下行数据 目前基站的本 vlan 功能还有欠缺,会用户面通;如果外场有 vlan 的,需要 通过交换机打上 vlan 标签;如上是外场的 vlan 为 100举的配置实例,假 [Quidway]vlan A; [Quidway-vlan100]quit; [Quidway]interface Ethernet0/0/1;进入端口 1 [Quidway-Ethernet0/0/1]port default vlan A;设置默认 vlan 为 100 [Quidway]quit;退出端口 1 [Quidway]interface Ethernet0/0/8;进入 8端口 [Quidway-Ethernet0/0/8]port default vlan A;允许通过 vlan100 [Quidway-Ethernet0/0/8]quit [Quidway]quit;退出系统模式 在测试中经常出现光口灯不亮的象,一 1、 端口没有打开 2、 两段端口速率和 3、 光模块 此时,查看光口状 然后做环试, 看看灯是否亮, 如果自环不能是光或者光模块故障, 更换后再 试; 自环亮的话说明光模块、 光线没有问题; 测试中出现自环亮但和其它设备对接灯 不亮的现象, 如果和其它设备对接在自商模式下灯亮,则设置 [Quidway]interface GigabitEthernet 0/0/1 [Quidway-GigabitEthernet0/0/1]undo negotiation auto [Quidway-GigabitEthernet0/0/1]speed 1000 [Quidway-GigabitEthernet0/0/1]duplex full 查看此时的光口状态, 设置后做自环测试,看灯是否亮(自环亮的,除非光线或者光块故障) ,然后 做下对接测试; 一般情况下, 配置到里灯应该都亮的了, 如果还不亮可能是 在光模块模式和速率时偶会出现 Error: This port or this mode doesn't support this command. 出现这种打印一 1) 光口被 shutdown 2) 光块不支持; (有一次给一模块配置 speed 1000,打印上面的提示,最后证 明光模为百兆,但是其型号的百兆光模块同样的操 完成后的效果 1: Vlan2的流量不可以通过 vlan3不能通过 2: Vlan2能通 vlan3不同 3:vlan2 能通 vlan3不通 4:vlan2能通 vlan3不通 配置如下 lsw1,lsw2----- vlan 2 quit vlan 3 quit inter g0/0/4 port link-type acc port default vlan 2 inter g0/0/5 port link-type acc port default vlan 3 inter g0/0/1 port link-type trunk port trun allow vlan 2 3 inter g0/0/2 port link-type trunk port trun allow vlan 2 3 inter g0/0/3 port link-type trunk port trun allow vlan 2 3 ----------------------------------- lsw3 lsw4 vlan 2 quit vlan 3 quit inter g0/0/3 port link-type acc port default vlan 2 inter g0/0/4 port link-type acc port default vlan 3 inter g0/0/1 port link-type trunk port trun allow vlan 2 3 inter g0/0/2 port link-type trunk port trun allow vlan 2 3 ------------------------------------- all switch的 mstp 配置 stp region-configuration region-name zeng instance 1 vlan 2 instance 2 vlan 3 active region-configuration -------------------------到此阻塞和放通的 instance1,2的 root 带有一定的随 lsw1: stp instance 1 pri 4096 lsw2: stp instance 2 pri 4096 //通过修改 cost 及根桥的开 lsw3: interface g0/0/2 stp instance 1 cost 20000 interface g0/0/1 stp instance 2 cost 20000 lsw 4: inter g0/0/1 stp instance 1 cost 20000 inter g0/0/2 stp instance 2 cost 20000 华为 BGP-MPLS-** 多实例 ** 配置实例 # sysname R1 # ip **-instance TMIS ipv4-family route-distinguisher 65107:300001 **-target 300:300 export-extcommunity **-target 300:300 import-extcommunity # mpls lsr-id 1.1.1.1 mpls # mpls ldp # # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher ^HqTM5!W[YjKUGU-KkpB=u/# local-user admin service-type http # isis 1 is-level level-2 cost-style wide network-entity 10.0000.0000.0000.0001.00 # firewall zone Local priority 16 # interface Ethernet0/0/0 # interface Ethernet0/0/1 # interface Serial0/0/0 link-protocol ppp # interface Serial0/0/1 link-protocol ppp # interface Serial0/0/2 link-protocol ppp # interface Serial0/0/3 link-protocol ppp # interface GigabitEthernet0/0/0 ip address 10.220.12.1 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/1 ip address 10.220.14.1 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/2 ip address 10.220.19.1 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/3 ip binding **-instance TMIS ip address 10.220.101.1 255.255.255.0 # wlan # interface NULL0 # interface LoopBack0 ip address 1.1.1.1 255.255.255.255 isis enable 1 # interface LoopBack1 ip binding **-instance TMIS ip address 192.168.1.1 255.255.255.0 # bgp 65107 group ** internal peer ** connect-interface LoopBack0 peer 2.2.2.2 as-number 65107 peer 2.2.2.2 group ** peer 3.3.3.3 as-number 65107 peer 3.3.3.3 group ** peer 4.4.4.4 as-number 65107 peer 4.4.4.4 group ** peer 6.6.6.6 as-number 65107 peer 6.6.6.6 group ** peer 7.7.7.7 as-number 65107 peer 7.7.7.7 group ** peer 9.9.9.9 as-number 65107 peer 9.9.9.9 group ** # ipv4-family unicast undo synchronization peer ** enable peer ** reflect-client peer 2.2.2.2 enable peer 2.2.2.2 group ** peer 3.3.3.3 enable peer 3.3.3.3 group ** peer 4.4.4.4 enable peer 4.4.4.4 group ** peer 6.6.6.6 enable peer 6.6.6.6 group ** peer 7.7.7.7 enable peer 7.7.7.7 group ** peer 9.9.9.9 enable peer 9.9.9.9 group ** # ipv4-family **v4 undo policy **-target peer ** enable peer ** reflect-client peer 2.2.2.2 enable peer 2.2.2.2 group ** peer 3.3.3.3 enable peer 3.3.3.3 group ** peer 4.4.4.4 enable peer 4.4.4.4 group ** peer 6.6.6.6 enable peer 6.6.6.6 group ** peer 7.7.7.7 enable peer 7.7.7.7 group ** # ipv4-family **-instance TMIS import-route direct import-route static peer 10.220.101.9 as-number 100 # user-interface con 0 user-interface vty 0 4 user-interface vty 16 20 # return # sysname R9 ip **-instance IVMS ipv4-family route-distinguisher 65107:102 **-target 102:102 export-extcommunity **-target 102:102 import-extcommunity # ip **-instance TMIS ipv4-family route-distinguisher 65107:300009 **-target 300:300 export-extcommunity **-target 300:300 import-extcommunity # mpls lsr-id 9.9.9.9 mpls # mpls ldp # # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher ^HqTM5!W[Y+/Y@:Y>Lw(Yu^# local-user admin service-type http # isis 1 is-level level-2 cost-style wide network-entity 10.0000.0000.0000.0009.00 # firewall zone Local priority 16 # interface Ethernet0/0/0 ip binding **-instance IVMS ip address 192.168.8.1 255.255.255.0 # interface Ethernet0/0/1 # interface Serial0/0/0 link-protocol ppp interface Serial0/0/1 link-protocol ppp # interface Serial0/0/2 link-protocol ppp # interface Serial0/0/3 link-protocol ppp # interface GigabitEthernet0/0/0 ip address 10.220.29.9 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/1 ip address 10.220.49.9 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/2 ip address 10.220.19.9 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/3 ip binding **-instance TMIS ip address 10.220.109.9 255.255.255.0 # wlan # interface NULL0 # interface LoopBack0 ip address 9.9.9.9 255.255.255.255 isis enable 1 # bgp 65107 peer 9.9.9.9 as-number 65107 group ** internal peer ** connect-interface LoopBack0 peer 1.1.1.1 as-number 65107 peer 1.1.1.1 group ** peer 2.2.2.2 as-number 65107 peer 2.2.2.2 group ** peer 3.3.3.3 as-number 65107 peer 3.3.3.3 group ** peer 4.4.4.4 as-number 65107 peer 4.4.4.4 group ** peer 6.6.6.6 as-number 65107 peer 6.6.6.6 group ** peer 7.7.7.7 as-number 65107 peer 7.7.7.7 group ** # ipv4-family unicast undo synchronization undo peer 9.9.9.9 enable peer ** enable peer ** reflect-client peer 1.1.1.1 enable peer 1.1.1.1 group ** peer 2.2.2.2 enable peer 2.2.2.2 group ** peer 3.3.3.3 enable peer 3.3.3.3 group ** peer 4.4.4.4 enable peer 4.4.4.4 group ** peer 6.6.6.6 enable peer 6.6.6.6 group ** peer 7.7.7.7 enable peer 7.7.7.7 group ** # ipv4-family **v4 undo policy **-target peer ** enable peer ** reflect-client peer 1.1.1.1 enable peer 1.1.1.1 group ** peer 2.2.2.2 enable peer 2.2.2.2 group ** peer 3.3.3.3 enable peer 3.3.3.3 group ** peer 4.4.4.4 enable peer 4.4.4.4 group ** peer 6.6.6.6 enable peer 6.6.6.6 group ** peer 7.7.7.7 enable peer 7.7.7.7 group ** # ipv4-family **-instance IVMS import-route direct # ipv4-family **-instance TMIS import-route direct import-route static peer 10.220.109.1 as-number 100 # user-interface con 0 user-interface vty 0 4 user-interface vty 16 20 # return # sysname R2 # router id 2.2.2.2 # ip **-instance TMIS ipv4-family route-distinguisher 65107:300002 **-target 300:300 export-extcommunity **-target 300:300 import-extcommunity # mpls lsr-id 2.2.2.2 mpls # mpls ldp # # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher mdeIV local-user admin service-type http # isis 1 is-level level-2 cost-style wide network-entity 10.0000.0102.2001.2002.00 # firewall zone Local priority 16 # interface Ethernet0/0/0 # interface Ethernet0/0/1 # interface Serial0/0/0 link-protocol ppp # interface Serial0/0/1 link-protocol ppp # interface Serial0/0/2 link-protocol ppp # interface Serial0/0/3 link-protocol ppp # interface GigabitEthernet0/0/0 ip address 10.220.12.2 255.255.255.0 isis enable 1 isis circuit-level level-2 mpls mpls ldp # interface GigabitEthernet0/0/1 ip address 10.220.23.2 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/2 ip address 10.220.26.2 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/3 ip address 10.220.39.3 255.255.255.0 isis enable 1 mpls mpls ldp # wlan # interface NULL0 # interface LoopBack0 ip address 2.2.2.2 255.255.255.255 isis enable 1 # interface LoopBack1 ip binding **-instance TMIS ip address 10.195.1.1 255.255.255.255 # bgp 65107 group ** internal peer ** connect-interface LoopBack0 peer 1.1.1.1 as-number 65107 peer 1.1.1.1 group ** peer 9.9.9.9 as-number 65107 peer 9.9.9.9 group ** # ipv4-family unicast undo synchronization peer ** enable peer 1.1.1.1 enable peer 1.1.1.1 group ** peer 9.9.9.9 enable peer 9.9.9.9 group ** # ipv4-family **v4 undo policy **-target peer ** enable peer 1.1.1.1 enable peer 1.1.1.1 group ** peer 9.9.9.9 enable peer 9.9.9.9 group ** # ipv4-family **-instance TMIS import-route direct import-route static # user-interface con 0 user-interface vty 0 4 user-interface vty 16 20 # return # sysname R10 # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher 'omy&03(mLECB7Ie7'/)G # firewall zone Local priority 16 # interface Ethernet0/0/0 # interface Ethernet0/0/1 # interface Serial0/0/0 link-protocol ppp # interface Serial0/0/1 link-protocol ppp # interface Serial0/0/2 link-protocol ppp # interface Serial0/0/3 link-protocol ppp # interface GigabitEthernet0/0/0 ip address 10.220.101.9 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 10.220.109.1 255.255.255.0 # interface GigabitEthernet0/0/2 ip address 10.10.10.1 255.255.255.0 # interface GigabitEthernet0/0/3 # wlan # interface NULL0 # bgp 100 peer 10.220.101.1 as-number 65107 peer 10.220.109.9 as-number 65107 # ipv4-family unicast undo synchronization import-route direct import-route static peer 10.220.101.1 enable peer 10.220.109.9 enable # ip route-static 88.88.88.0 255.255.255.0 10.10.10.2 # user-interface con 0 user-interface vty 0 4 user-interface vty 16 20 # Return # sysname R4 # ip **-instance IVMS ipv4-family route-distinguisher 666:888 **-target 100:100 102:102 export-extcommunity **-target 100:100 102:102 import-extcommunity ip **-instance TMIS ipv4-family route-distinguisher 65107:300004 **-target 300:300 export-extcommunity **-target 300:300 import-extcommunity # mpls lsr-id 4.4.4.4 mpls # mpls ldp # # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher gD/VGZfKq73@9_G-B0Y2b$5# local-user admin service-type http # isis 1 is-level level-2 cost-style wide network-entity 10.0000.0102.0000.0004.00 # firewall zone Local priority 16 # interface Ethernet0/0/0 ip binding **-instance IVMS ip address 192.168.7.1 255.255.255.0 # interface Ethernet0/0/1 # interface Serial0/0/0 link-protocol ppp # interface Serial0/0/1 link-protocol ppp # interface Serial0/0/2 link-protocol ppp interface Serial0/0/3 link-protocol ppp # interface GigabitEthernet0/0/0 ip address 10.220.46.4 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/1 ip address 10.220.14.4 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/2 ip address 10.220.49.4 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/3 # wlan # interface NULL0 # interface LoopBack0 ip address 4.4.4.4 255.255.255.255 isis enable 1 # interface LoopBack1 ip binding **-instance TMIS ip address 192.168.4.1 255.255.255.255 # bgp 65107 group ** internal peer ** connect-interface LoopBack0 peer 1.1.1.1 as-number 65107 peer 1.1.1.1 group ** peer 9.9.9.9 as-number 65107 peer 9.9.9.9 group ** # ipv4-family unicast undo synchronization peer ** enable peer 1.1.1.1 enable peer 1.1.1.1 group ** peer 9.9.9.9 enable peer 9.9.9.9 group ** # ipv4-family **v4 undo policy **-target peer ** enable peer 1.1.1.1 enable peer 1.1.1.1 group ** peer 9.9.9.9 enable peer 9.9.9.9 group ** # ipv4-family **-instance IVMS import-route direct # ipv4-family **-instance TMIS import-route direct import-route static # user-interface con 0 user-interface vty 0 4 user-interface vty 16 20 # return # sysname R3 # ip **-instance TMIS ipv4-family route-distinguisher 65107:300 **-target 300:300 export-extcommunity **-target 300:300 import-extcommunity # mpls lsr-id 3.3.3.3 mpls # mpls ldp # # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher zziV3+xJo#bL^B&WSBiQ^$T# local-user admin service-type http # isis 1 is-level level-2 cost-style wide network-entity 10.0000.0102.2002.3003.00 # firewall zone Local priority 16 # interface Ethernet0/0/0 # interface Ethernet0/0/1 # interface Serial0/0/0 link-protocol ppp # interface Serial0/0/1 link-protocol ppp # interface Serial0/0/2 link-protocol ppp # interface Serial0/0/3 link-protocol ppp # interface GigabitEthernet0/0/0 ip address 10.220.36.3 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/1 ip address 10.220.23.3 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/2 # interface GigabitEthernet0/0/3 # wlan # interface NULL0 # interface LoopBack0 ip address 3.3.3.3 255.255.255.255 isis enable 1 # interface LoopBack1 ip binding **-instance TMIS ip address 10.221.24.130 255.255.255.255 # bgp 65107 group ** internal peer ** connect-interface LoopBack0 peer 1.1.1.1 as-number 65107 peer 1.1.1.1 group ** peer 9.9.9.9 as-number 65107 peer 9.9.9.9 group ** # ipv4-family unicast undo synchronization peer ** enable peer 1.1.1.1 enable peer 1.1.1.1 group ** peer 9.9.9.9 enable peer 9.9.9.9 group ** # ipv4-family **v4 undo policy **-target peer ** enable peer 1.1.1.1 enable peer 1.1.1.1 group ** peer 9.9.9.9 enable peer 9.9.9.9 group ** # ipv4-family **-instance TMIS import-route direct import-route static # user-interface con 0 user-interface vty 0 4 user-interface vty 16 20 # return # sysname R6 # ip **-instance TMIS ipv4-family route-distinguisher 65107:300006 **-target 300:300 export-extcommunity **-target 300:300 import-extcommunity # mpls lsr-id 6.6.6.6 mpls # mpls ldp # # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher Xj*/Yt6,W%pe}@HMNPn@j(a# local-user admin service-type http # isis 1 is-level level-2 cost-style wide network-entity 10.0000.0000.0000.0006.00 # firewall zone Local priority 16 # interface Ethernet0/0/0 # interface Ethernet0/0/1 ip address 10.220.26.6 255.255.255.0 isis enable 1 mpls mpls ldp # interface Serial0/0/0 link-protocol ppp # interface Serial0/0/1 link-protocol ppp # interface Serial0/0/2 link-protocol ppp # interface Serial0/0/3 link-protocol ppp # interface GigabitEthernet0/0/0 ip address 10.220.46.6 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/1 ip address 10.220.36.6 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/2 ip address 10.220.67.6 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/3 # wlan # interface NULL0 # interface LoopBack0 ip address 6.6.6.6 255.255.255.255 isis enable 1 # interface LoopBack1 ip binding **-instance TMIS ip address 66.66.66.66 255.255.255.255 # bgp 65107 group ** internal peer ** connect-interface LoopBack0 peer 1.1.1.1 as-number 65107 peer 1.1.1.1 group ** peer 9.9.9.9 as-number 65107 peer 9.9.9.9 group ** # ipv4-family unicast undo synchronization peer ** enable peer 1.1.1.1 enable peer 1.1.1.1 group ** peer 9.9.9.9 enable peer 9.9.9.9 group ** # ipv4-family **v4 undo policy **-target peer ** enable peer 1.1.1.1 enable peer 1.1.1.1 group ** peer 9.9.9.9 enable peer 9.9.9.9 group ** # ipv4-family **-instance TMIS import-route direct import-route static # user-interface con 0 user-interface vty 0 4 user-interface vty 16 20 # return [R8]DIS CU # sysname R8 # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher '> # firewall zone Local priority 16 # interface Ethernet0/0/0 # interface Ethernet0/0/1 # interface Serial0/0/0 link-protocol ppp # interface Serial0/0/1 link-protocol ppp # interface Serial0/0/2 link-protocol ppp # interface Serial0/0/3 link-protocol ppp # interface GigabitEthernet0/0/0 ip address 172.16.10.2 255.255.255.252 # interface GigabitEthernet0/0/1 ip address 192.168.200.1 255.255.255.0 # interface GigabitEthernet0/0/2 # interface GigabitEthernet0/0/3 # wlan # interface NULL0 # ip route-static 0.0.0.0 0.0.0.0 172.16.10.1 # user-interface con 0 user-interface vty 0 4 user-interface vty 16 20 # return # sysname R7 # ip **-instance IVMS ipv4-family route-distinguisher 300:102111 **-target 102:102 100:100 export-extcommunity **-target 102:102 100:100 import-extcommunity # ip **-instance TMIS ipv4-family route-distinguisher 65107:300007 **-target 300:300 export-extcommunity **-target 300:300 import-extcommunity # mpls lsr-id 7.7.7.7 mpls # mpls ldp # # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher nEtHS # isis 1 is-level level-2 cost-style wide network-entity 10.0000.0000.0000.0007.00 # firewall zone Local priority 16 # interface Ethernet0/0/0 ip binding **-instance IVMS ip address 192.168.9.1 255.255.255.0 # interface Ethernet0/0/1 # interface Serial0/0/0 link-protocol ppp # interface Serial0/0/1 link-protocol ppp # interface Serial0/0/2 link-protocol ppp # interface Serial0/0/3 link-protocol ppp # interface GigabitEthernet0/0/0 ip address 10.220.67.7 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/1 ip binding **-instance TMIS ip address 172.16.10.1 255.255.255.252 # interface GigabitEthernet0/0/2 # interface GigabitEthernet0/0/3 # wlan # interface NULL0 # interface LoopBack0 ip address 7.7.7.7 255.255.255.255 isis enable 1 # bgp 65107 group ** internal peer ** connect-interface LoopBack0 peer 1.1.1.1 as-number 65107 peer 1.1.1.1 group ** peer 9.9.9.9 as-number 65107 peer 9.9.9.9 group ** # ipv4-family unicast undo synchronization peer ** enable peer 1.1.1.1 enable peer 1.1.1.1 group ** peer 9.9.9.9 enable peer 9.9.9.9 group ** # ipv4-family **v4 undo policy **-target peer ** enable peer 1.1.1.1 enable peer 1.1.1.1 group ** peer 9.9.9.9 enable peer 9.9.9.9 group ** # ipv4-family **-instance IVMS import-route direct # ipv4-family **-instance TMIS import-route direct import-route static # ip route-static **-instance TMIS 192.168.200.0 255.255.255.0 172.16.10.2 # user-interface con 0 user-interface vty 0 4 user-interface vty 16 20 # return 同网段内配置基于接口地址池 组网需求 如 图 1所示,某企业有处于同一网络的办公,为了节省资源,两个办公室的主机 SwitchA 办公室 1属的网段为 10.1.1.0/24,主加入 VLAN10,办公室 1使用 DNS 服和 NetBIOS 服务, 地址租期 30天; 办公室 2所属的网段为 10.1.2.0/24, 主机都加入 VLAN11, 办公室 2不使用 DNS 服务和 NetBIOS 配置思路 基于 VLANIF 接地址池的 DHCP 1. 在 SwitchA 上两个接口地址池并置地址池关属性,实现 DHCP 服务器可以据 不同求,从不同的接口地址 2. 在 SwitchA 配置 VLANIF 接口于接口地址池的地址分配方式, 现 DHCP 服务器从 基 操作步骤 1. 使能 DHCP 服务 2. 3. [HUAWEI] sysname SwitchA [SwitchA] dhcp enable 4. 配置接口加 # 配置 GE0/0/1 [SwitchA] vlan batch 10 to 11 [SwitchA] interface gigabitethernet 0/0/1 [SwitchA-GigabitEthernet0/0/1] port hybrid pvid vlan 10 [SwitchA-GigabitEthernet0/0/1] port hybrid untagged vlan 10 [SwitchA-GigabitEthernet0/0/1] quit # 配置 GE0/0/2 [SwitchA] interface gigabitethernet 0/0/2 [SwitchA-GigabitEthernet0/0/2] port hybrid pvid vlan 11 [SwitchA-GigabitEthernet0/0/2] port hybrid untagged vlan 11 [SwitchA-GigabitEthernet0/0/2] quit 5. 配置 VLANIF # 配置 VLANIF10接口地址。 [SwitchA] interface vlanif 10 [SwitchA-Vlanif10] ip address 10.1.1.1 24 [SwitchA-Vlanif10] quit # 配置 VLANIF11接口地址。 [SwitchA] interface vlanif 11 [SwitchA-Vlanif11] ip address 10.1.2.1 24 [SwitchA-Vlanif11] quit 6. 使能 VLANIF 接口地址池 # 配置 VLANIF10接口下的客端从接口地址 [SwitchA] interface vlanif 10 [SwitchA-Vlanif10] dhcp select interface [SwitchA-Vlanif10] quit # 配置 VLANIF11接口下的客端从接口地址 [SwitchA] interface vlanif 11 [SwitchA-Vlanif11] dhcp select interface [SwitchA-Vlanif11] quit 7. 配置接 # 配置 VLANIF10口地址池下的 DNS 服务 [SwitchA] interface vlanif 10 [SwitchA-Vlanif10] dhcp server domain-name huawei.com [SwitchA-Vlanif10] dhcp server dns-list 10.1.1.2 [SwitchA-Vlanif10] dhcp server nbns-list 10.1.1.3 [SwitchA-Vlanif10] dhcp server excluded-ip-address 10.1.1.2 [SwitchA-Vlanif10] dhcp server excluded-ip-address 10.1.1.3 [SwitchA-Vlanif10] dhcp server netbios-type b-node [SwitchA-Vlanif10] quit 8. 配置接地址池 # 配置 VLANIF10接地址租 [SwitchA] interface vlanif 10 [SwitchA-Vlanif10] dhcp server lease day 30 [SwitchA-Vlanif10] quit # 配置 VLANIF11接地址租 [SwitchA] interface vlanif 11 [SwitchA-Vlanif11] dhcp server lease day 20 [SwitchA-Vlanif11] quit 9. 验 在 SwitchA 上使用 display ip pool命令 [SwitchA] display ip pool interface vlanif10 Pool-name : Vlanif10 Pool-No : 0 Lease : 30 Days 0 Hours 0 Minutes Domain-name : huawei.com DNS-server0 : 10.1.1.2 NBNS-server0 : 10.1.1.3 Netbios-type : b-node Position : Interface Status : Unlocked Gateway-0 : 10.1.1.1 Mask : 255.255.255.0 ** instance : -- ----------------------------------------------------------------------------- Start End Total Used Idle( Expired) Conflict Disable ----------------------------------------------------------------------------- 10.1.1.1 10.1.1.254 253 1 250(0 ) 0 2 ----------------------------------------------------------------------------- [SwitchA] display ip pool interface vlanif11 Pool-name : Vlanif11 Pool-No : 1 Lease : 20 Days 0 Hours 0 Minutes Domain-name : - DNS-server0 : - NBNS-server0 : - Netbios-type : - Position : Interface Status : Unlocked Gateway-0 : 10.1.2.1 Mask : 255.255.255.0 ** instance : -- ----------------------------------------------------------------------------- Start End Total Used Idle( Expired) Conflict Disable ----------------------------------------------------------------------------- 10.1.2.1 10.1.2.254 253 3 250( 0) 0 0 ----------------------------------------------------------------------------- 配置文件 SwitchA # sysname HUAWEI # vlan batch 10 to 11 # dhcp enable # interface Vlanif10 ip address 10.1.1.1 255.255.255.0 dhcp select interface dhcp server excluded-ip-address 10.1.1.2 10.1.1.3 dhcp server lease day 30 hour 0 minute 0 dhcp server dns-list 10.1.1.2 dhcp server netbios-type b-node dhcp server nbns-list 10.1.1.3 dhcp server domain-name huawei.com # interface Vlanif11 ip address 10.1.2.1 255.255.255.0 dhcp select interface dhcp server lease day 20 hour 0 minute 0 # interface GigabitEthernet0/0/1 port hybrid pvid vlan 10 port hybrid untagged vlan 10 # interface GigabitEthernet0/0/2 port hybrid pvid vlan 11 port hybrid untagged vlan 11 # return header Define the login banner http HTTP hwtacacs Set the status of the HWTACACS(Huawei Terminal Access Controller Access Control System) service hwtacacs-server Set HWTACACS server icmp Specify ICMP configuration information icmp-reply Enable ICMP reply fast igmp-snooping Specify parameters for IGMP-Snooping info-center Specify information center configuration information interface Specify the interface configuration view ip IP information ipv6 Enable IPv6 functionality l2-topology Layer 2 topology l2protocol-tunnel Layer 2 protocol tunnel lacp Link aggregation control protocol lldp Link Layer Discovery Protocol load-balance Specify load balance mode loopback-detect Loopback detect function mac-address Mac-address mac-authen MAC authenticate configure information mac-forced-forwarding Mac-Forced Forwarding mac-learning MAC learning mac-limit MAC limit mac-spoofing-defend MAC spoofing defend mad Multi-active detection management-port Management port matched Is Command can be matched by upper template mld-snooping Specify parameters for MLD-Snooping monitor-link Monitor link configuration information multicast Multicast configuration information nap NAP protocol nd Neighbor discovery nqa Network Quality Analysis(NQA) nqa-jitter Switch NQA jitter version nqa-server Specify NQA echo server ntp-service Specify NTP (Network Time Protocol) configuration information oam-mgr Oam-mgr view observe-port Configure observe port feature ping Ping function poe Power over Ethernet port Port port-group Port-group port-isolate Port isolate pppoe PPPOE qos QoS configuration radius-server Add or delete RADIUS server template rmon Specify RMON configuration route-policy Route-policy route-policy-change Specify route policy change parameter router Configure router information rps Set RPS status rrpp Rapid ring protection protocol rsa Specify RSA module configuration information savi Source Address Validation Improvement scp Set SCP server screen-width Set screen width sep Smart ethernet protection set Set the mode of power management sflow SFlow module sftp Set SFTP service attribute slave Backup switch from master to slave sleep Set device to sleep mode smart-link Smart link configuration information snmp-agent Specify SNMP(Simple Network Management Protocol) configuration information ssh Set the SSH (secure shell) configuration attribute ssl Security socket layer stack Stack stack-port Stack port startup Startup configuration stelnet Set Stelnet service attribute stp Specify Spanning Tree Protocol (STP) configuration information suppression Suppression, include broadcast-suppression, multicast-suppression and unicast-suppression sys-netid System-netid sysname Specify the host name tcp Specify TCP(Transmission Control Protocol) configuration information telnet Set the status of the Telnet service temperature Device temperature tftp Establish a TFTP connection tftp-server TFTP server time-range Specify time-range configuration information trace Trace route (switch) to host on Data Link Layer traffic Specify traffic configuration information traffic-filter Filter packets based on acl traffic-limit Limit the rate of the packets based on acl traffic-mirror Mirror packets based on acl traffic-policy Apply specific traffic policy traffic-redirect Redirect packets based on acl traffic-remark Remark packets based on acl traffic-secure Filter packets based on acl traffic-statistic Count packets based on acl transceiver Transceiver user-bind User bind user-interface Configure the user terminal interface vlan Virtual LAN voice-vlan V oice VLAN [xinhao]undo vl [xinhao]undo vlan 10 [xinhao] [xinhao] [xinhao]qu [xinhao]quit Jan 14 2000 23:57:30 xinhao DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.19 1.3.1 configurations have been changed. The current change number is 23, the cha nge loop count is 0, and the maximum number of records is 4095.di The total number of vlans is : 2 -------------------------------------------------------------------------------- U: Up; D: Down; TG: Tagged; UT: Untagged; MP: Vlan-mapping; ST: Vlan-stacking; #: ProtocolTransparent-vlan; *: Management-vlan; -------------------------------------------------------------------------------- VID Type Ports -------------------------------------------------------------------------------- 1 common UT:GE0/0/1(D) GE0/0/2(D) GE0/0/3(D) GE0/0/4(D) GE0/0/5(D) GE0/0/6(D) GE0/0/7(D) GE0/0/8(D) GE0/0/9(D) GE0/0/10(D) GE0/0/11(D) GE0/0/12(D) GE0/0/13(D) GE0/0/14(D) GE0/0/15(D) GE0/0/16(D) GE0/0/17(D) GE0/0/18(D) GE0/0/19(D) GE0/0/20(D) GE0/0/21(D) GE0/0/22(D) GE0/0/23(D) GE0/0/24(D) GE0/0/25(D) GE0/0/26(D) GE0/0/27(D) GE0/0/28(D) 757 common UT:GE0/0/24(D) VID Status Property MAC-LRN Statistics Description -------------------------------------------------------------------------------- 1 enable default enable disable VLAN 0001 757 enable default enable disable VLAN 0757 The current configuration will be written to the device. Are you sure to continue?[Y/N]y Now saving the current configuration to the slot 0. Jan 14 2000 23:57:55 xinhao %%01CFM/4/SAVE(l)[1]:The user chose Y when deciding whether to save the configuration to the device. Save the configuration successfully. Enter system view, return user view with Ctrl+Z. [xinhao]int [xinhao]interface g [xinhao]interface GigabitEthernet 0/0/1 [xinhao-GigabitEthernet0/0/1]port [xinhao-GigabitEthernet0/0/1]port hy [xinhao-GigabitEthernet0/0/1]port hybrid pvid [xinhao-GigabitEthernet0/0/1]port hybrid pvid vl [xinhao-GigabitEthernet0/0/1]port hybrid pvid vlan 757 [xinhao-GigabitEthernet0/0/1] Jan 15 2000 00:03:20 xinhao DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.19 1.3.1 configurations have been changed. The current change number is 24, the cha nge loop count is 0, and the maximum number of records is 4095. [xinhao-GigabitEthernet0/0/1]port [xinhao-GigabitEthernet0/0/1]port hybrid pvid vlan 1 [xinhao-GigabitEthernet0/0/1] Jan 15 2000 00:03:40 xinhao DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.19 1.3.1 configurations have been changed. The current change number is 25, the cha nge loop count is 0, and the maximum number of records is 4095. [xinhao-GigabitEthernet0/0/1]qu [xinhao] [xinhao] [xinhao] [xinhao] [xinhao]qu Enter system view, return user view with Ctrl+Z. [xinhao]vlan 10 [xinhao-vlan10] Jan 15 2000 00:04:00 xinhao DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.19 1.3.1 configurations have been changed. The current change number is 26, the cha nge loop count is 0, and the maximum number of records is 4095. [xinhao-vlan10]undo [xinhao-vlan10]undo sh [xinhao-vlan10]name 10 [xinhao-vlan10]qu [xinhao-vlan10]quit [xinhao]int [xinhao]interface vl Jan 15 2000 00:04:20 xinhao DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.19 1.3.1 configurations have been changed. The current change number is 27, the cha nge loop count is 0, and the maximum number of records is 4095. [xinhao]interface vl [xinhao]interface Vlanif 10 Error: Can not create this interface because the interface number of this type h as reached its maximum. [xinhao]undo [xinhao]undo su [xinhao]undo sh [xinhao]undo ? aaa AAA aaa-authen-bypass Set remote authentication bypass aaa-author-bypass Set remote authorization bypass aaa-author-cmd-bypass Set remote command authorization bypass access-user User access acl Specify ACL configuration information anti-attack Specify anti-attack configurations application-apperceive Set application-apperceive information arp ARP module arp-suppress Specify arp suppress configuration information, default is disabled as-notation The AS notation assign Assgin assistant Assistant authentication Authentication easy-mode authorization-info Authorization information bpdu BPDU message btv Btv view cfm Connectivity fault management clock Specify the system clock command-privilege Specify the command level configuration Configuration interlock configuration-occupied Configuration exclusive occupied cpu-defend Configure CPU defend policy cpu-defend-policy Configure CPU defend policy cpu-usage Set cpu usage configuration debugging Enable system debugging functions device-sensor Device sensor dhcp Dynamic host configure protocol dldp Device link detection protocol dns Specify domain name system domain Default domain dot1x 802.1x configuration information drop Discard attribute dsa Specify DSA module configurations easy-operation Easy operation efm EFM module erps Ethernet ring protection switching error-down The interface was shut down because of an error event ethernet-loop-protection Ethernet loop protection fib FIB status and configuration information file Specify file system configuration information ftp Set the FTP server attributes garp Generic Attribute Registration Protocol gtsm The generalized TTL security mechanism gvrp Generic VLAN Registration Protocol header Define the login banner http HTTP hwtacacs Set the status of the HWTACACS(Huawei Terminal Access Controller Access Control System) service hwtacacs-server Set HWTACACS server icmp Specify ICMP configuration information icmp-reply Enable ICMP reply fast igmp-snooping Specify parameters for IGMP-Snooping info-center Specify information center configuration information interface Specify the interface configuration view ip IP information ipv6 Enable IPv6 functionality l2-topology Layer 2 topology l2protocol-tunnel Layer 2 protocol tunnel lacp Link aggregation control protocol lldp Link Layer Discovery Protocol load-balance Specify load balance mode loopback-detect Loopback detect function mac-address Mac-address mac-authen MAC authenticate configure information mac-forced-forwarding Mac-Forced Forwarding mac-learning MAC learning mac-limit MAC limit mac-spoofing-defend MAC spoofing defend mad Multi-active detection management-port Management port matched Is Command can be matched by upper template mld-snooping Specify parameters for MLD-Snooping monitor-link Monitor link configuration information multicast Multicast configuration information nap NAP protocol nd Neighbor discovery nqa Network Quality Analysis(NQA) nqa-jitter Switch NQA jitter version nqa-server Specify NQA echo server ntp-service Specify NTP (Network Time Protocol) configuration information oam-mgr Oam-mgr view observe-port Configure observe port feature ping Ping function poe Power over Ethernet port Port port-group Port-group port-isolate Port isolate pppoe PPPOE qos QoS configuration radius-server Add or delete RADIUS server template rmon Specify RMON configuration route-policy Route-policy route-policy-change Specify route policy change parameter router Configure router information rps Set RPS status rrpp Rapid ring protection protocol rsa Specify RSA module configuration information savi Source Address Validation Improvement scp Set SCP server screen-width Set screen width sep Smart ethernet protection set Set the mode of power management sflow SFlow module sftp Set SFTP service attribute slave Backup switch from master to slave sleep Set device to sleep mode smart-link Smart link configuration information snmp-agent Specify SNMP(Simple Network Management Protocol) configuration information ssh Set the SSH (secure shell) configuration attribute ssl Security socket layer stack Stack stack-port Stack port startup Startup configuration stelnet Set Stelnet service attribute stp Specify Spanning Tree Protocol (STP) configuration information suppression Suppression, include broadcast-suppression, multicast-suppression and unicast-suppression sys-netid System-netid sysname Specify the host name tcp Specify TCP(Transmission Control Protocol) configuration information telnet Set the status of the Telnet service temperature Device temperature tftp Establish a TFTP connection tftp-server TFTP server time-range Specify time-range configuration information trace Trace route (switch) to host on Data Link Layer traffic Specify traffic configuration information traffic-filter Filter packets based on acl traffic-limit Limit the rate of the packets based on acl traffic-mirror Mirror packets based on acl traffic-policy Apply specific traffic policy traffic-redirect Redirect packets based on acl traffic-remark Remark packets based on acl traffic-secure Filter packets based on acl traffic-statistic Count packets based on acl transceiver Transceiver user-bind User bind user-interface Configure the user terminal interface vlan Virtual LAN voice-vlan V oice VLAN [xinhao]undo s? savi scp screen-width sep set sflow sftp slave sleep smart-link snmp-agent ssh ssl stack stack-port startup stelnet stp suppression sys-netid sysname [xinhao]sys [xinhao]int [xinhao]interface g [xinhao]interface GigabitEthernet 0/0/1 [xinhao-GigabitEthernet0/0/1]port [xinhao-GigabitEthernet0/0/1]port hy [xinhao-GigabitEthernet0/0/1]port hybrid pv [xinhao-GigabitEthernet0/0/1]port hybrid pvid vlan [xinhao-GigabitEthernet0/0/1]port hybrid pvid vlan 10 [xinhao-GigabitEthernet0/0/1]qu [xinhao] Jan 15 2000 00:05:50 xinhao DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.19 1.3.1 configurations have been changed. The current change number is 28, the cha nge loop count is 0, and the maximum number of records is 4095. [xinhao]qu The total number of vlans is : 3 -------------------------------------------------------------------------------- U: Up; D: Down; TG: Tagged; UT: Untagged; MP: Vlan-mapping; ST: Vlan-stacking; #: ProtocolTransparent-vlan; *: Management-vlan; -------------------------------------------------------------------------------- VID Type Ports -------------------------------------------------------------------------------- 1 common UT:GE0/0/1(D) GE0/0/2(D) GE0/0/3(D) GE0/0/4(D) GE0/0/5(D) GE0/0/6(D) GE0/0/7(D) GE0/0/8(D) GE0/0/9(D) GE0/0/10(D) GE0/0/11(D) GE0/0/12(D) GE0/0/13(D) GE0/0/14(D) GE0/0/15(D) GE0/0/16(D) GE0/0/17(D) GE0/0/18(D) GE0/0/19(D) GE0/0/20(D) GE0/0/21(D) GE0/0/22(D) GE0/0/23(D) GE0/0/24(D) GE0/0/25(D) GE0/0/26(D) GE0/0/27(D) GE0/0/28(D) 10 common 757 common UT:GE0/0/24(D) VID Status Property MAC-LRN Statistics Description -------------------------------------------------------------------------------- 1 enable default enable disable VLAN 0001 10 enable default enable disable VLAN 0010 757 enable default enable disable VLAN 0757 Enter system view, return user view with Ctrl+Z. [xinhao]int [xinhao]interface g [xinhao]interface GigabitEthernet 0/0/1 [xinhao-GigabitEthernet0/0/1]port [xinhao-GigabitEthernet0/0/1]port hyb [xinhao-GigabitEthernet0/0/1]port hybrid pvid [xinhao-GigabitEthernet0/0/1]port hybrid pvid vlan [xinhao-GigabitEthernet0/0/1]port hybrid pvid vlan 575 Error: The VLAN does not exist. [xinhao-GigabitEthernet0/0/1]port hybrid pvid vlan 757 [xinhao-GigabitEthernet0/0/1]port Jan 15 2000 00:07:40 xinhao DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.19 1.3.1 configurations have been changed. The current change number is 29, the cha nge loop count is 0, and the maximum number of records is 4095. [xinhao-GigabitEthernet0/0/1]port hy [xinhao-GigabitEthernet0/0/1]port hybrid un [xinhao-GigabitEthernet0/0/1]port hybrid untagged vlan 757 Info: This operation may take a few seconds. Please wait for a moment...done. [xinhao-GigabitEthernet0/0/1] Jan 15 2000 00:07:50 xinhao DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.19 1.3.1 configurations have been changed. The current change number is 30, the cha nge loop count is 0, and the maximum number of records is 4095. [xinhao-GigabitEthernet0/0/1]qu [xinhao-GigabitEthernet0/0/1]int [xinhao-GigabitEthernet0/0/1]port [xinhao-GigabitEthernet0/0/1]port hybrid pvid vlan 10 [xinhao-GigabitEthernet0/0/1]port hybrid untagged vlan 10 Info: This operation may take a few seconds. Please wait for a moment...done. [xinhao-GigabitEthernet0/0/1] [xinhao-GigabitEthernet0/0/1] [xinhao-GigabitEthernet0/0/1] [xinhao-GigabitEthernet0/0/1]qu [xinhao-GigabitEthernet0/0/1]quit Jan 15 2000 00:08:20 xinhao DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.19 1.3.1 configurations have been changed. The current change number is 32, the cha nge loop count is 0, and the maximum number of records is 4095. [xinhao-GigabitEthernet0/0/1] [xinhao]qu The total number of vlans is : 3 -------------------------------------------------------------------------------- U: Up; D: Down; TG: Tagged; UT: Untagged; MP: Vlan-mapping; ST: Vlan-stacking; #: ProtocolTransparent-vlan; *: Management-vlan; -------------------------------------------------------------------------------- VID Type Ports -------------------------------------------------------------------------------- 1 common UT:GE0/0/1(D) GE0/0/2(D) GE0/0/3(D) GE0/0/4(D) GE0/0/5(D) GE0/0/6(D) GE0/0/7(D) GE0/0/8(D) GE0/0/9(D) GE0/0/10(D) GE0/0/11(D) GE0/0/12(D) GE0/0/13(D) GE0/0/14(D) GE0/0/15(D) GE0/0/16(D) GE0/0/17(D) GE0/0/18(D) GE0/0/19(D) GE0/0/20(D) GE0/0/21(D) GE0/0/22(D) GE0/0/23(D) GE0/0/24(D) GE0/0/25(D) GE0/0/26(D) GE0/0/27(D) GE0/0/28(D) 10 common UT:GE0/0/1(D) 757 common UT:GE0/0/1(D) GE0/0/24(D) VID Status Property MAC-LRN Statistics Description -------------------------------------------------------------------------------- 1 enable default enable disable VLAN 0001 10 enable default enable disable VLAN 0010 757 enable default enable disable VLAN 0757 Enter system view, return user view with Ctrl+Z. [xinhao]华为2700配置实例
华为mst配置实例
华为BGP-MPLS-**多**配置实例
华为5700配置实例