下载文档原格式
目录1、产品型号及功能特性 (3)1.2Quidway S3300系列以太网交换机(Quidway S3328TP-SI) (3)1。
3 Quidway S5300系列以太网交换机(Quidway S5352) (4)1.4 Quidway S9300 T比特路由交换机(Quidway S9303) (5)2、登录路由交换机、以太网交换机 (5)2.1通过Console 口进行本地登录 (5)2。
2通过Telnet 进行登录 (8)3、命令行操作 (13)3.1 命令视图 (13)3。
2 命令的级别 (15)3.3 使用命令行在线帮助 (16)3.4 编辑命令行 (17)3.5 改变命令行显示信息的语言 (18)3。
6 控制命令行的显示信息 (18)3.7 使用历史命令 (18)3。
8 快捷键 (18)4、用户界面配置 (19)4。
1支持的用户界面 (19)4。
2交换机用户界面编号 (19)4.3用户界面公共配置 (20)5、路由交换机、以太网交换机端口配置 (20)5.1以太网端口简介 (20)5.2 端口配置 (21)6、vlan配置 (28)6.1 VLAN 简介 (28)6.2 VLAN 配置 (29)7、IP地址配置 (31)7。
1 IP 地址简介 (31)7.2 IP 地址配置 (34)7.3 IP 地址的显示和调试 (35)8、IP路由协议配置 (35)8.1 IP 路由和路由表介绍 (35)8.2 静态路由配置 (37)8。
3 RIP 配置 (39)8.4 OSPF配置 (41)9、ACL配置 (44)9。
1 访问控制列表概述 (44)9.2 配置ACL (44)10、SNMP配置 (47)10.1 SNMP 协议介绍 (47)10。
2 配置SNMP (47)10.3 SNMP 显示和调试 (51)11、FTP与TFTP操作 (52)11。
1 FTP 配置 (52)11.2 TFTP 配置 (56)12、文件系统配置与配置文件管理 (58)12。
彩页产品概述CloudEngine S5735-S系列交换机基于新一代高性能硬件和华为公司统一的VRP(Versatile Routing Platform)软件平台,具有增强的三层特性,简易的运行维护,灵活的以太组网,成熟的IPv6特性等特点,广泛应用于企业园区接入和汇聚、数据中心接入等多种应用场景。
产品型号和外观CloudEngine S5735-S系列交换机包括如下款型:产品特性和优势强大的业务处理能力,多样的安全控制●该系列交换机支持完善的二、三层组播协议,支持PIM SM、PIM DM、PIM SSM、MLD、IGMP Snooping,满足多终端高清视频监控和视频会议接入需求。
●该系列交换机增强支持OSPF、ISIS、BGP、VRRP等三层特性,满足企业接入、汇聚业务承载要求,支持更加丰富的语音、视频和数据应用。
●该系列交换机支持MAC认证、802.1x认证、Portal认证,实现用户策略(VLAN、QoS、ACL)的动态下发。
●该系列交换机支持完善的DoS类防攻击、用户类防攻击。
其中,DoS类防攻击主要针对交换机本身的攻击,包括SYN Flood、Land、Smurf、ICMP Flood;用户类防攻击涉及DHCP服务器仿冒攻击、IP/MAC欺骗、DHCP request flood、改变DHCP CHADDR值等等。
●通过建立和维护DHCP Snooping绑定表,该系列交换机支持对不符合绑定表项的非法报文直接丢弃。
利用DHCP Snooping的信任端口特性,还可以保证DHCP服务器的合法性。
●该系列交换机支持ARP表项严格学习功能,可以防止因ARP欺骗攻击导致正常用户无法上网。
轻松的运行维护●该系列交换机支持SVF超级虚拟交换网,SVF方案创新实现将原来“核心/汇聚+接入交换机+AP”的网络架构,虚拟化为一台设备进行管理,简化设备管理,实现接入交换机和无线AP的即插即用;业务配置模板化,在核心设备上配置后自动下发到接入设备,实现集中管控,简化业务配置,灵活调整。
华为s5300dhcpoption43的配置方法一、配置DHCP 全局地址池1、system-view//使能DHCP 服务2、dhcp enable//创建DHCP 地址池并进入DHCP 地址池视图3、dhcp server ip-pool pool-name//配置地址池的IP 地址范围4、network ip-address [ mask { mask | mask-length } ]//配置动态分配的IP 地址租期。
缺省情况下,租期为1 天。
5、expired { day day [ hour hour [ minute minute ] ] | unlimited }6、quit//配置DHCP 地址池中不参与自动分配的IP 地址7、dhcp server forbidden-ip low ip address [ high ip address ]二、配置DHCP 自定义选项1、system-view//进入DHCP地址池视图2、dhcp server ip-pool pool-name//配置DHCP自定义选项3、option code { ascii ascii-string | hex hex-string | ip-address ip-address }三、配置指定接口下的客户从全局地址池获取IP 地址为当前VLANIF 接口下的客户分配IP 地址1、system-view//进入VLANIF 接口视图2、interface vlanif vlan interface-number//为该VLANIF 接口配置IP 地址3、ip address ip-address { mask | mask-length } [ sub ]//从全局地址池分配地址4、dhcp select global为VLAN 下的客户分配IP 地址1、system-view//从全局地址池分配地址2、dhcp select global vlan { vlan-id1 [ to vlan-id2 ] } &<1-10>。
彩页产品概述CloudEngine S5735-S系列交换机基于新一代高性能硬件和华为公司统一的VRP(Versatile Routing Platform)软件平台,具有增强的三层特性,简易的运行维护,灵活的以太组网,成熟的IPv6特性等特点,广泛应用于企业园区接入和汇聚、数据中心接入等多种应用场景。
产品型号和外观CloudEngine S5735-S系列交换机包括如下款型:产品特性和优势强大的业务处理能力,多样的安全控制●该系列交换机支持完善的二、三层组播协议,支持PIM SM、PIM DM、PIM SSM、MLD、IGMP Snooping,满足多终端高清视频监控和视频会议接入需求。
●该系列交换机增强支持OSPF、ISIS、BGP、VRRP等三层特性,满足企业接入、汇聚业务承载要求,支持更加丰富的语音、视频和数据应用。
●该系列交换机支持MAC认证、802.1x认证、Portal认证,实现用户策略(VLAN、QoS、ACL)的动态下发。
●该系列交换机支持完善的DoS类防攻击、用户类防攻击。
其中,DoS类防攻击主要针对交换机本身的攻击,包括SYN Flood、Land、Smurf、ICMP Flood;用户类防攻击涉及DHCP服务器仿冒攻击、IP/MAC欺骗、DHCP request flood、改变DHCP CHADDR值等等。
●通过建立和维护DHCP Snooping绑定表,该系列交换机支持对不符合绑定表项的非法报文直接丢弃。
利用DHCP Snooping的信任端口特性,还可以保证DHCP服务器的合法性。
●该系列交换机支持ARP表项严格学习功能,可以防止因ARP欺骗攻击导致正常用户无法上网。
轻松的运行维护●该系列交换机支持SVF超级虚拟交换网,SVF方案创新实现将原来“核心/汇聚+接入交换机+AP”的网络架构,虚拟化为一台设备进行管理,简化设备管理,实现接入交换机和无线AP的即插即用;业务配置模板化,在核心设备上配置后自动下发到接入设备,实现集中管控,简化业务配置,灵活调整。
为QuidWay交换机配置命令手册:1、开始建立本地配置环境,将主机的串口通过配置电缆与以太网交换机的Console 口连接。
在主机上运行终端仿真程序(如Windows的超级终端等),设置终端通信参数为:波特率为9600bit/s、8位数据位、1位停止位、无校验和无流控,并选择终端类型为VT100。
以太网交换机上电,终端上显示以太网交换机自检信息,自检结束后提示用户键入回车,之后将出现命令行提示符(如<Quidway>)。
键入命令,配置以太网交换机或查看以太网交换机运行状态。
需要帮助可以随时键入“?“2、命令视图(1)用户视图(查看交换机的简单运行状态和统计信息)<Quidway>:与交换机建立连接即进入(2)系统视图(配置系统参数)[Quidway]:在用户视图下键入system-view(3)以太网端口视图(配置以太网端口参数在系统视图下键入(4)VLAN视图(配置VLAN参数)[Quidway-Vlan1]:在系统视图下键入vlan 1(5)VLAN接口视图(配置VLAN和VLAN汇聚对应的IP接口参数)[Quidway-Vlan-interface1]:在系统视图下键入interface vlan-interface 1(6)本地用户视图(配置本地用户参数)[Quidway-luser-user1]:在系统视图下键入local-useruser1(7)用户界面视图(配置用户界面参数)[Quidway-ui0]:在系统视图下键入user-interface3、其他命令设置系统时间和时区<Quidway>clock time Beijing add 8设置交换机的名称[Quidway]sysname TRAIN-3026-1[TRAIN-3026-1]配置用户登录[Quidway]user-interface vty 0 4[Quidway-ui-vty0]authentication-mode scheme创建本地用户[Quidway]local-user huawei[Quidway-luser-huawei]password simple huawei[Quidway-luser-huawei] service-type telnet level 34、VLAN配置方法『配置环境参数』SwitchA端口属于VLAN2,属于VLAN3『组网需求』把交换机端口加入到VLAN2,加入到VLAN3数据配置步骤『VLAN配置流程』(1)缺省情况下所有端口都属于VLAN 1,并且端口是access端口,一个access端口只能属于一个vlan;(2)如果端口是access端口,则把端口加入到另外一个vlan的同时,系统自动把该端口从原来的vlan中删除掉;(3)除了VLAN1,如果VLAN XX不存在,在系统视图下键入VLAN XX,则创建VLANXX并进入VLAN视图;如果VLAN XX已经存在,则进入VLAN视图。
思科、华为交换机链路聚合(LACP)配置实例思科:3560G华为:S5300思科G0/25---华为G0/0/1思科G0/27---华为G0/0/2华为交换机配置链路聚合有两种模式,分别是manual和lacp-static,如果不做配置,交换机默认是manual,所以⼀定要⼿动将模式改为lacp-static,这点很重要,否则⽆法跟思科交换机成功协商LACP。
华为交换机#interface Eth-Trunk1port link-type trunkport trunk allow-pass vlan 2 to 4094mode lacp-static //修改链路聚合模式max active-linknumber 2 //设置最⼤活动链接数为2bpdu enable //开启BPDU#lacp priority 100#interface GigabitEthernet0/0/1eth-trunk 1undo ntdp enableundo ndp enable(在配置端⼝前,⼀定要将端⼝原有配置清空,全部undo掉,否则⽆法应⽤eth-trunk命令。
如果之前端⼝配置过trunk⼝,可以使⽤undo port link-type清除trunk状态)#interface GigabitEthernet0/0/2eth-trunk 1undo ntdp enableundo ndp enable思科交换机interface port-channel1switchport trunk encapsulation dot1qswitchport mode trunkinterface g0/25switchport trunk encapsulation dot1qswitchport mode trunkchannel-group 1 mode activeinterface g0/27switchport trunk encapsulation dot1qswitchport mode trunkchannel-group 1 mode active。
CONTENTOverview (2)Models & Appearance (2)Key Features and Benefits (3)Product Specifications (6)Basic Ordering Information (13)Where to Buy (15)Sources (15)Contact UsTel: +1-626-239-8066 (USA) +852-3050-1066 / +852-3174-6166Fax: +852-3050-1066 (Hong Kong)Email:***********************(SalesInquiries) 1Huawei's S5730-SI series switches (S5730-SI for short) are next-generation standard gigabit Layer 3 Ethernet switches that provide flexible full gigabit access and cost-effective fixed GE ports and 10 GE uplink ports, meanwhile can provide 40 GE uplink ports with an interface card. The S5730-SI was developed based on next-generation high-performing hardware and the Huawei Versatile Routing Platform (VRP). The S5730-SI supports simplified Operations and Maintenance (O&M), intelligent Stack (iStack), flexible Ethernet networking. It also provides enhanced Layer 3 features and mature IPv6 features. The S5730-SI can be used in various scenarios. For example, it can be used as an access or aggregation switch on a campus network or as an access switch in a data center.1. S5730-48C-SI-AC· 24 Ethernet 10/100/1,000 ports, 8 x 10 Gig SFP+· One interface slot· Dual pluggable AC or DC power supplies, one 150W AC power supply equipped by default· Forwarding performance: 240 Mpps; Switching capacity: 680 Gbit/s2. S5730-48C-PWR-SI-AC· 24 Ethernet 10/100/1,000 ports, 8 x 10 Gig SFP+· One interface slot· One 500W AC power supply equipped by default· PoE+· Forwarding performance: 240 Mpps; Switching capacity: 680 Gbit/s3. S5730-68C-SI-AC 2· 48 Ethernet 10/100/1,000 ports, 4 x 10 Gig SFP+· One interface slot· Dual pluggable AC or DC power supplies, one 150W AC power supply equipped by default· Forwarding performance: 240 Mpps; Switching capacity: 680 Gbit/s4. S5730-68C-PWR-SI-AC· 48 Ethernet 10/100/1,000 ports, 4 x 10 Gig SFP+,· One interface slot· One 500W AC power supply equipped by default· PoE+· Forwarding performance: 240 Mpps; Switching capacity: 680 Gbit/s5. S5730-68C-PWR-SI· 48 Ethernet 10/100/1,000 ports, 4 x 10 Gig SFP+, PoE+· One interface slot· PoE+· Forwarding performance: 240 Mpps; Switching capacity: 680 Gbit/sKEY FEATURES AND BENEFITSPowerful service processing capability and multiple security control mechanismsThe S5730-SI supports many Layer 2/Layer 3 multicast protocols such as PIM SM, PIM DM, PIM SSM, MLD, and IGMP snooping, to support multi-terminal high-definition video surveillance and video conferencing services.The S5730-SI supports multiple Layer 3 features including OSPF, IS-IS, BGP, and VRRP, meeting enterprises’ requirements for access and aggregation service transmission, and enabling a variety of voice, video, and data applications.The S5730-SI supports MAC address authentication, 802.1x authentication, and Portal authentication, and implements dynamic delivery of policies (VLAN, QoS, and ACL) to users. 3The S5730-SI provides a series of mechanisms to defend against DoS and user-targeted attacks. DoS attacks are targeted at switches and include SYN flood, Land, Smurf, and ICMP flood attacks. User-targeted attacks include bogus DHCP server attacks, IP/MAC address spoofing, DHCP request flood, and change of the DHCP CHADDR value.The S5730-SI sets up and maintains a DHCP snooping binding table, and discards the packets that do not match the table entries. You can specify DHCP snooping trusted and untrusted ports to ensure that users connect only to the authorized DHCP server.The S5730-SI supports strict ARP learning, which protects a network against ARP spoofing attacks to ensure normal network access.Easy O&MThe S5730-SI supports Super Virtual Fabric (SVF), which virtualizes the “Core/aggregation + Access switch + AP” structure into a logical device. The S5730-SI provides the simplest network management solution in the industry to simplify device management. It allows plug-and-play access switches and APs. In addition, the S5730-SI supports service configuration templates. The templates are configured on core devices and automatically delivered to access devices, enabling centralized control, simplified service configuration, and flexible configuration modification. The S5730-SI functions as a client in an SVF system.The S5730-SI supports zero-touch deployment, replacement of faulty devices without additional configuration, USB-based deployment, batch configuration, and batch remote upgrade. The capabilities facilitate device deployment, upgrade, service provisioning, and other management and maintenance operations, and also greatly reduce O&M costs. The S5730-SI can be managed using SNMP v1/v2c/v3, CLI, web-based network management system, or SSH v2.0. Additionally, it supports RMON, multiple log hosts, port traffic statistics collection, and network quality analysis, which facilitate network optimization and reconstruction.The S5730-SI supports the Sampled Flow (sFlow) function. It uses a method defined in the sFlow standard to sample traffic passing through it and sends sampled traffic to the collector in real time. The collected traffic statistics are used to generate statistical reports, helping enterprises maintain their networks.Multiple reliability mechanismsThe S5730-SI supports iStack. This technology can virtualize up to nine physical switches into one logical switch. Downlink electrical ports support iStack. Member switches in a stack implement redundancy backup to improve device reliability and use inter-device link aggregation to improve link reliability. iStack provides high network scalability. You can increase a stack’s ports, bandwidth, and processing capacity by simply adding member switches. iStack also simplifies device configuration and management. After a stack is set up, multiple physical switches are virtualized into one logical device. You can log in to any member switch in the stack to manage all the member switches in the stack. 4The S5730-SI is equipped with two removable power modules that can work in 1+1 redundancy backup mode. Mixed installation of AC and DC power modules is supported, allowing for flexible configuration of AC or DC power modules according to service requirements.In addition to traditional STP, RSTP, and MSTP, the S5730-SI supports Huawei-developed Smart Ethernet Protection (SEP) technology and the latest Ethernet Ring Protection Switching (ERPS) standard. SEP is a ring protection protocol specific to the Ethernet link layer, and applies to various ring network topologies, such as open ring topology, closed ring topology, and cascading ring topology. This protocol is reliable, easy to maintain, and implements fast protection switching within 50 ms. ERPS is defined in ITU-T G.8032. It implements millisecond-level protection switching based on traditional Ethernet MAC and bridging functions.The S5730-SI supports Smart Link. One S5730-SI switch can connect to multiple aggregation switches through multiple links, implementing backup of uplinks and significantly improving reliability of access devices.The S5730-SI supports Ethernet OAM (IEEE 802.3ah/802.1ag) to detect link faults quickly.Mature IPv6 technologiesThe S5730-SI uses the mature, stable VRP platform and supports IPv4/IPv6 dual stack, IPv6 RIPng, and IPv6 over IPv4 tunnels (including manual, 6-to-4, and ISATAP tunnels). With these IPv6 features, the S5730-SI can be deployed on a pure IPv4 network, a pure IPv6 network, or a shared IPv4/IPv6 network, helping achieve IPv4-to-IPv6 transition.OPSOpen Programmability System (OPS) is an open programmable system based on the Python language. IT administrators can program the O&M functions of a switch through Python scripts to quickly innovate functions and implement intelligent O&M.PoEPerpetual PoE: When a PoE switch is rebooted after the software version is upgraded, the power supply to PDs is not interrupted. This capability ensures that PDs are not powered off during the switch reboot.Fast PoE: S5730-48C/68C-PWR-SI switches can supply power to PDs within 10s after they are powered on. This is different from common switches that generally take 1 to 3 minutes to start to supply power to PDs. When a PoE switch reboots due to a power failure, the PoE switch continues to supply power to the PDs immediately after being powered on without waiting until it finishes reboot. This greatly shortens the power failure time of PDs.Intelligent O&M 5The S5730-SI provides telemetry technology to collect device data in real time and send the data to Huawei campus network analyzer CampusInsight. The CampusInsight analyzes network data based on the intelligent fault identification algorithm, accurately displays the real-time network status, effectively demarcates and locates faults in a timely manner, and identifies network problems that affect user experience, accurately guaranteeing user experience.The S5730-SI supports a variety of intelligent O&M features for audio and video services, including the enhanced Media Delivery Index (eMDI). With this eDMI function, the switch can function as a monitored node to periodically conduct statistics and report audio and video service indicators to the CampusInsight platform. In this way, the CampusInsight platform can quickly demarcate audio and video service quality faults based on the results of multiple monitored nodes. 6 7 8 9 10 11 12 13 14Want to buy this series of products? please contact:● Tel: +1-626-239-8066 (USA)/ +852-3050-1066 / +852-3174-6166● Fax: +852-3050-1066 (Hong Kong)●Email:***********************(SalesInquiries)Or visit: Huawei S5730-SI Series SwitchesAbout us, founded in 2002, is one of the biggest Global Network Hardware Supplier. We are a leading provider of network products with 14,500+ customers in over 200 countries. We provide original new and used network equipments (Cisco, Huawei, HPE, Dell, Juniper, EMC, etc.), including Routers, Switches, Servers, Storage, Telepresence and Videoconferencing, IP Phones, Firewalls, Wireless APs & Controllers, EHWIC/HWIC/VWIC Cards, SFPs, Memory & Flash, Hard Disk, Cables, and all kinds of network solutions related products.https:///us/related-page/products/enterprise-network/switches/campus-switches/s5700/brochure/switches-s5730-si 15。
华为交换机型号参数详解华为中低端交换机一般为1U至2U的盒式并无需插端口板卡的设备。
由于属于中低端交换机,所以交换机支持的硬件版本和端口类型有很大的差异。
在组网中交换机设备选型的时候需要充分考虑到这点。
华为中低端交换机的命名都很有规律,交换机设备名称中的参数将可以提供给我们需要的东西。
91华为网收集整理了部分类型参数说明,希望对大家有所帮助。
1、表示硬件版本参数LI(Lite software Image)表示设备为弱特性版本。
SI (Standard software Image)表示设备为标准版本,包含基础特性。
EI(Enhanced software Image)表示设备为增强版本,包含某些高级特性。
HI(Hyper software Image)表示设备为高级版本,包含某些更高级特性。
对于三层交换机且是SI版本的可能不支持动态路由协议,例如:华为Quidway S3300-SI 系列交换机包括S3328-SI、S3352-SI并不支持动态路由协议OSPF,只支持静态路由和RIP,如果组网中需要用到OSPF,那么必须选用S3328-EI或是S3352-EI版本的。
2、表示上行端口参数Z,表示没有上行接口;(新产品不允许此位)G,表示上行光口,且是GBIC接口;P,表示上行光口,且是SFP接口;T,表示上行电口,为RJ45接口;TP,表示上行为光电Combo,上行接口为多种接口类型复合V,表示上行VDSL接口;W,表示上行可配置WAN接口;C,表示上行接口可选配;M,表示上行接口为多模光口;S,表示上行接口为单模光口;3、表示端口数量和其它属性参数F,表示下行接口为模板板,可插光接口板或电接口板。
主要为兼容3526F,3526EF,3552F 等老产品的命名;PWR,表示端口支持POE属性SXXYY,其中XX表示型号,YY表示端口数量;例如:S3328、S3352分别是24个下行口+4个上行口以及48个下行口+4个上行口。
