OmniSwitch6850 命令配置实例

OmniSwitch配置链路聚合一、配置静态链路聚合阿尔卡特静态链路聚合，也称OmniChannel，允许将多条物理链路捆绑成一条虚拟链路（又称链路聚合组）。

采用链路聚合的目的主要是为了提高可靠性和增加互连带宽。

每台交换机可配置最多32 个链路聚合组，每组内可以有2，4，8，16 条物理链路。

1、创建静态聚合按照如下步骤来配置两台交换机间的静态链路聚合，如下所示：第一步：在本地交换机上使用static linkagg size 命令创建静态链路聚合，例如：-> static linkagg 1 size 4第二步：使用static agg agg num 命令将所有相关的端口加入到本地交换机的静态链路聚合中，如下：-> static agg 4/1 agg num 1-> static agg 4/7 agg num 1-> static agg 5/1 agg num 1-> static agg 6/2 agg num 1第三步：使用vlan 命令为这个链路聚合创建VLAN，如下：-> vlan 10 port default 1第四步：在远端交换机上创建相应的链路聚合，命令为static linkagg 1 size 4-> static linkagg 1 size 4第五步：在远端交换机上将相应的端口加入到链路聚合中，如下：-> static agg 7/1 agg num 1-> static agg 7/7 agg num 1-> static agg 8/1 agg num 1-> static agg 9/2 agg num 1第六步：在远端交换机上为这个链路聚合创建VLAN，如下：-> vlan 10 port default 1可以使用show linkagg 命令来查看的静态链路聚合设置。

也可以使用show linkagg port 命令来显示特定端口的信息。

1.计算机登陆omni的方法和设置：1.1 用console口登陆omni switch：将9针console线联到主用MPM-III板的console口上，设置“超级终端”的为9600n81，如下图所示：连接后输入用户名，密码；（默认admin；switch），然后键入“ui”进入ui界面。

界面如图所示：1.2 通过带外ETHERNET口登陆omni switchomni switch的主用MPM-III板上有一个ETHERNET口，作为带外管理的网口，该网口的IP地址为：192.168.11.1/24。

可以配置终端的IP地址通过这个网口来登陆omni switch。

然后可以通过telnet或者“超级终端”的TCP/IP连接来登陆交换机。

2．要在omni建立连接的话需要进行哪些设置？2.1 建立基于SVC的PTOP Bridging。

2.1.1 建立Group 88；在C1节点：Control-1/ %crgpGROUP Number ( 7) : 88Description (no quotes) :Enable WAN Routing? (n):Enable A TM CIP? (n):Enable 1483 Routed Format? (n):Enable IP (y) :IP Address : 192.168.88.1IP Subnet Mask (0xffffff00) :IP Broadcast Address (192.168.88.255 ) :Description (30 chars max) :Disable routing? (n) :IP RIP mode {Deaf(d),Silent(s),Active(a),Inactive(i)} (s) :Default framing type {Ethernet II(e),fddi(f),token ring(t),Ethernet 802.3 SNAP(8),source route token ring(s)} (e) :Enable IPX? (y): nEnter a priority level (0...7)(0):Enable Group Mobility on this Group ? [y/n](n):This Group will not participate in Group MobilityDo you wish to configure the interface group for this V irtual LANat this time? (y) n（可以根据需要决定是否添加端口，以后也可以用addvp命令添加端口）GROUP 88 has been added to the system.Y ou may add interfaces to this group using the addvp command at a later date.For now, the GROUP is inactive until you add interfaces.在C2节点：Control-2/ %crgpGROUP Number ( 7) : 88Description (no quotes) :Enable WAN Routing? (n):Enable A TM CIP? (n):Enable 1483 Routed Format? (n):Enable IP (y) :IP Address : 192.168.88.2IP Subnet Mask (0xffffff00) :IP Broadcast Address (192.168.88.255 ) :Description (30 chars max) :Disable routing? (n) :IP RIP mode {Deaf(d),Silent(s),Active(a),Inactive(i)} (s) :Default framing type {Ethernet II(e),fddi(f),token ring(t),Ethernet 802.3 SNAP(8),source route token ring(s)} (e) :Enable IPX? (y): nEnter a priority level (0...7)(0):Enable Group Mobility on this Group ? [y/n](n):This Group will not participate in Group MobilityDo you wish to configure the interface group for this V irtual LAN at this time? (y) nGROUP 88 has been added to the system.Y ou may add interfaces to this group using the addvp command at a later date. For now, the GROUP is inactive until you add interfaces.2.1.2 在两台交换机上建立service。

H3C S6850 Series Data Center Switches Release Date: Nov, 2022New H3C Technologies Co., LimitedH3C S6850 Series Data Center SwitchesProduct overviewH3C S6850 high-density intelligent switch series is developed for data centers and cloud computing networks. It provides powerful hardware forwarding capacity and abundant data center features. It provides up to 48*25G ports and 8*100G ports. The switch supports modular power modules and fan trays. By using different fan trays, the switch can provide field-changeable airflows.The switch is an ideal product for high-density 25GE switching and aggregation at data centers and cloud computing networks. It can also operate as a TOR access switch on an overlay or integrated network.Product AppearanceThe S6850 series come in the following models.∙S6850-56HF: The switch provides 48 × 25G SFP28 ports, 8 × 100G QSFP28 ports, and 2 × 1G SFP portsS6850-56HF front panel S6850-56HF rear panel∙S6850-2C: The switch provides 2 service slots, 2 × 100G QSFP28 portsS6850-2C front panel S6850-2C rear panelFeatures and BenefitsHigh-Density 25GE Access∙The switch offers high-density 100G/40G/25G/10G ports and a wire-speed forwarding capacity as high as 4 Tbps. With standard 25G ports, it can provide high-density server access in high-end data centers.IRF2 (Second Generation Intelligent Resilience Architecture)∙Facing the application requirements of the unified switching architecture of the data center, the series switches support the IRF2 technology, which virtualizes multiple devices into one logical.∙The equipment has strong advantages in scalability, reliability, distributed and availability.∙ IRF2 not only can achieve a long-distance intelligent elastic architecture within a rack, across racks, and even across regions.Abundant Data Center FeaturesThe switch supports abundant data center features, including:∙H3C S6850 switch series supports VXLAN (Virtual Extensible LAN), which provides two major benefits, higher scalability of Layer 2 segmentation and better utilization of available network paths.∙H3C S6850 switch series supports MP-BGP EVPN (Multiprotocol Border Gateway Protocol Ethernet Virtual Private Network) which can run as VXLAN control plane to simplify VXLAN configuration,eliminate traffic flooding and reduce full mesh requirements between VTEPs via the introduction of BGP RR.∙H3C S6850 switch series support Fiber Channel over Ethernet (FCoE), which permits storage, data, and computing services to be transmitted on one network, reducing the costs of networkconstruction and maintenance.∙H3C S6850 switch series support Priority-based Flow Control (PFC), Enhanced Transmission Selection (ETS) and Data Center Bridging eXchange (DCBX). These features ensure low latency and zero packet loss for FC storage, RDMA applications and high-speed computing services.H3C Distributed Resilient Network Interconnection (DRNI)∙H3C S6850 switch series support DRNI(M-LAG), which enables links of multiple switches to aggregate into one to implement device-level link backup. DRNI is applicable to servers dual-homed to a pair of access devices for node redundancy.∙ Streamlined topology: DRNI simplifies the network topology and spanning tree configuration by virtualizing two physical devices into one logical device.∙Independent upgrading: The DR member devices can be upgraded independently one by one to minimize the impact on traffic forwarding.∙High availability: The DR system uses a keepalive link to detect multi-active collision to ensure that only one member device forwards traffic after a DR system splits.Powerful VisibilityWith the rapid development of data center, the scale of the data center expands rapidly; reliability, operation and maintenance become the bottleneck of data center for further expansion. H3C S6850 switch series conform to the trend of automated data operation and maintenance, and support visualization of data center.∙INT (Inband-Telemetry) is a network monitoring technology used to collect data from the device.Compared with the traditional network monitoring technology featuring one query, one reporting, INT requires only one-time configuration for continuous data reporting, thereby reducing therequest processing load of the device. INT can collect timestamp information, device ID, portinformation, and buffer information in real time. INT can be implemented in IP, EVPN, and VXLANnetworks.∙Provides a variety of traffic monitoring and analytic tools, including sFlow, NetStream, SPAN/RSPAN/ERSPAN mirroring, and port mirroring to help customers perform precise trafficanalysis and gain visibility into network application traffic. With these tools, customers can collectnetwork traffic data to evaluate network health status, create traffic analysis reports, perform traffic engineering, and optimize resource allocation.∙Supports realtime monitoring of buffer and port queues, allowing for visible and dynamic network optimization.∙Supports PTP (Precision Time Protocol) to achieve highly precise clock synchronization.RoCE (RDMA over Converged Ethernet)∙Remote Direct Memory Access (RDMA) directly transmits the user application data to the storage space of the servers, and uses the network to fast transmit the data from the local system to thestorage of the remote system. RDMA eliminates multiple data copying and context switchingoperations during the transmission process, and reduces the CPU load.∙RoCE supports RDMA on standard Ethernet infrastructures. H3C S6850 switch support RoCE and can be used to build a lossless Ethernet network to ensure zero packet loss.∙RoCE include the following key features，include PFC(Priority based Flow Control), ECN(Explicit Congestion Notification), DCBX(Data Center Bridging Capability Exchange Protocol), ETS(Enhanced Transmission Selection).Flexible programmability∙The switch uses industry-leading programmable switching chips that allow users to define the forwarding logic as needed.∙Users can develop new features that meet the evolving trend of their networks through simple software updates.Powerful SDN capacity∙ H3C S6850 switch series adopt the next-generation chip with more flexible Openflow FlowTable, more resources and accurate ACL matching, which greatly improves the software-defined network (SDN) capabilities and meet the demand of data center SDN network.∙ H3C S6850 switch series can interconnect with H3C SeerEngine-DC Controller through standard protocols such as OVSDB, Netconf and SNMP to implement network automatic deployment andconfiguration.Comprehensive security control policies∙H3C S6850 series switch supports AAA, RADIUS and user account based authentication, IP, MAC, VLAN, port-based user identification, dynamic and static binding; when working with the H3C iMC platform, it can conduct real time management, instant diagnosis and crackdown on illicit network behavior.∙H3C S6850 series switch supports enhanced ACL control logic, which enables an enormous amount of in-port and out-port ACL, and delegate VLAN based ACL. This simplifies user deployment process and avoids ACL resource wastage. S6850 series switch can also take advantage of Unicast ReversePath Forwarding (Unicast RFP). When the device receives a packet, it will perform the reverse check to verify the source address from which the packets are supposedly originated, and will drop thepacket if such path doesn’t exist. This can effectively prevent the source address spoofing in thenetwork.Multiple reliability protection∙The S6850 series switch provides multiple reliability protection at both switch and link levels. With over current, overvoltage, and overheat protection, all models have a redundant pluggable powermodule, which enables flexible configuration of AC or DC power modules based on actual needs.The entire switch supports fault detection and alarm for power supply and fan, allowing fan speed to change to suit different ambient temperatures.∙The switch supports diverse link redundancy technologies such as H3C proprietary RRPP, VRRPE, and Smart Link. These technologies ensure quick network convergence even when large amount of traffic of multiple services runs on the network.∙Flexible choice of airflow∙To cope with data center cooling aisle design, the H3C S6850 series switch comes with flexible airflow design, which features bi-cooling aisles in the front and back. Users may also choose thedirection of airflow (from front to back or vice versa) by selecting a different fan tray.Excellent manageabilityThe switch improves system management through the following ways:∙Provides multiple management interfaces, including the serial console port, mini USB console port, USB port, two out-of-band management ports, and two SFP ports. The SFP ports can be used as in-band management port through which encapsulated sampling packets are sent to the controller or other management devices for deep analysis.∙Supports multiple access methods, including SNMPv1/v2c/v3, Telnet, SSH 2.0, SSL, and FTP.∙Supports standard NETCONF APIs that allow users to configure and manage the switch, enhancing the compatibility with third-party applications.Hardware SpecificationItem S6850-56HF S6850-2CDimensions (H × W × D) 43.6 × 440 × 460 mm (1.72 × 17.32 × 18.11 in) 44.2 × 440 × 660 mm (1.74 × 17.32 × 18.11 in) Weight ≤ 15 kg (33.07 lb) ≤ 16 kg (35.27 lb)Serial console port 1 1Out-of-band management port One GE copper port and one GE fiber port One GE copper port and one GE fiber port Mini USB console port 1 1USB port 1 1QSFP28 port 8 2SFP28 port 48 -SFP port 2 -Expansion slot - 2CPU 2.2GHz@4Core 2.2GHz@4CoreFlash/SDRAM 4GB/8GB 4GB/8GBLatency <1μs <1μsSwitching capacity 4 Tbps 3.6TbpsForwarding capacity 2024 Mpps 2024 MppsBuffer(byte) 32M 32MAC-input voltage 90v AC to 264v AC 90v AC to 264v ACDC-input voltage –40v DC to –72v DC –40v DC to –72v DCPower module slot 2 2Fan tray slot 5 Hot-swappable fan, fan speed adjustable and wind invertibleAir flow direction From front to rear or from rear to front From front to rear or from rear to frontStatic power consumption Single AC: 167 WDual AC: 179 WSingle DC: 154 WDual DC: 174 WSingle AC: 136 WDual AC: 148 WSingle DC: 132 WDual DC: 146 WTypical power consumption Single AC: 201 WDual AC: 224 WSingle DC: 198 WDual DC: 210 WSingle AC: 273 W ( with LSWM18CQ)Dual AC: 282 W( with LSWM18CQ)Single DC: 268 W( with LSWM18CQ)Dual DC: 275 W( with LSWM18CQ)Maximum heat consumption (BTU/hour) Single AC: 686Dual AC: 765Single DC: 676Dual DC: 717Single AC:932 ( with LSWM18CQ)Dual AC:963( with LSWM18CQ)Single DC:915( with LSWM18CQ)Dual DC: 939( with LSWM18CQ)Operating temperature 0°C to 45°C (32°F to 113°F) Operating humidity 5% to 95%, noncondensingSoftware SpecificationItem Feature descriptionDevice Virtualization IRF2.0M-LAG(DRNI) S-MLAGNetwork Virtualization BGP-EVPN VxLAN EVPN ESVxLAN L2 VxLAN gatewayL3 VxLAN gateway Distributed VxLAN gateway Centralized VxLAN gateway EVPN VxLANmanual configured VxLAN IPv4 VxLAN tunnelIPv6 VxLAN tunnelQinQ VxLAN accessSDN H3C SeerEngine-DCLossless network PFC and ECNDCBXRDMA and ROCEPFC deadlock watchdog ECN overlayROCE stream analysisProgrammability Openflow1.3NetconfAnsiblePython//TCL/Restful API to realize DevOps automated operation and maintenanceTraffic analysis SflowNetstream, only S6850-2CVLAN Port-based VLANsMac-based VLAN ,Subnet-based VLAN and Protocol VLAN VLAN mappingQinQMVRP(Multiple VLAN Registration Protocol)Super VLANPVLANMAC address Dynamic learning and aging of mac address entries Dynamic,static and blackhole entriesMac address limiting on portsIPv4 routing RIP(Routing Information Protocol) v1/2OSPF (Open Shortest Path First) v1/v2ISIS(Intermediate System to Intermediate system) BGP (Border Gateway Protocol)Routing policyVRRPPBRItem SpecificationIPv6 routing RIPng OSPFv3IPv6 ISIS BGP4+ Routing policy VRRPPBRMPLS/VPLS Support L3 MPLS VPNSupport L2 VPN: VLL (Martini, Kompella) Support VPLS, VLLSupport hierarchical VPLS and QinQ+VPLS access Support P/PE functionSupport LDP protocolSupport MCESupport MPLS OAMMulticast IGMP snoopingMLD snoopingIPv4 and IPv6 multicast VLAN IPv4 and IPv6 PIM snooping IGMP and MLDPIM and IPv6 PIMMSDPMulticast VPNReliability LACPSTP/RSTP/MSTP protocol, PVST compatibleSTP Root Guard and BPDU GuardRRPP and ERPSEthernet OAMSmartlinkDLDPBFD for OSPF/OSPFv3, BGP/BGP4, IS-IS/IS-ISv6, PIM/IPM for IPv6 and Static route VRRP and VRRPEQOS Weighted Random Early Detection (WRED) and tail dropFlexible queue scheduling algorithms based on port and queue, including strict priority (SP), Weighted Deficit Round Robin (WDRR), Weighted Fair Queuing (WFQ), SP + WDRR, and SP + WFQ. Traffic shapingPacket filtering at L2 (Layer 2) through L4 (Layer 4); flow classification based on source MAC address, destination MAC address, source IP (IPv4/IPv6) address, destination IP (IPv4/IPv6) address, port, protocol, and VLAN to apply qos policy,including mirroring,redirection,priority remark etc. Committed access rate (CAR)Account by packet and byteCOPPFC/FOCE FC, FC subcard is supported on S6850-2C FCOETelemetry gRPC ERSPAN Mirror on dropItem SpecificationTelemetry Telemetry StreamINTiNQAPacket trace, Packet captureConfiguration and maintenance Console telnet and SSH terminalsSNMPv1/v2/v3ZTPSystem logFile upload and download via FTP/TFTP, BootRom update and remote update NQAping,tracertVxLAN ping and VxLAN tracertNTPPTP(1588v2)GIR Graceful Insertion and RemovalSecurity and management Macsec, Macsec subcard is supported on S6850-2C and only 100G macsec subcard can support 256-bit AES encryptionMicro-SegmentationHierarchical management and password protection of usersAuthentication methods,including AAA,RADIUS and HWTACACSSupport DDos, ARP attack and ICMP attack functionIP-MAC-port binding and IP Source GuardSSH 2.0HTTPSSSLPKIBoot ROM access control (password recovery)RMONEMC FCC Part 15 Subpart B CLASS A ICES-003 CLASS AVCCI CLASS ACISPR 32 CLASS AEN 55032 CLASS AAS/NZS CISPR32 CLASS A CISPR 24EN 55024EN 61000-3-2EN 61000-3-3ETSI EN 300 386GB/T 9254YD/T 993IEEE Standard 802.3x/802.3ad/802.3AH/802.1P/802.1Q/802.1X/802.1D/802.1w/802.1s/802.1AG 802.1x/802.1Qbb/802.1az/802.1QazSafety UL 60950-1CAN/CSA C22.2 No 60950-1 IEC 60950-1EN 60950-1AS/NZS 60950-1FDA 21 CFR Subchapter JPerformance and scalabilityPerformance and scalabilityDescriptionPerformance RIB 1MMSTP instance 64PVST instance 510PVST logical port number 2000VRRP VRID 255VRRP group 256NQA group 32Static table static mac-address 4000static multicast mac-address 1Kstatic ARP 1Kstatic ND 4Kstatic IPv4 routing table 2Kstatic IPv6 routing table 4000Data Center ApplicationThe typical data center application is an EVPN-VxLAN design,S12500G-AF or S12500X-AF switches work as spine or spine/border, S68XX series work as leaf and border or ED. From this design, the usres can get a non-blocking large L2 system.Order informationNew H3C Technologies Co., LimitedBeijing HeadquartersTower 1, LSH Center, 8 Guangshun South Street, Chaoyang District, Beijing, ChinaZip: 100102Hangzhou HeadquartersNo.466 Changhe Road, Binjiang District, Hangzhou, Zhejiang, ChinaZip: 310052Tel: +86-571-86760000 Copyright ©2022 New H3C Technologies Co., Limited Reserves all rightsDisclaimer: Though H3C strives to provide accurate information in this document, we cannot guarantee that details do not contain any technical error or printing error. Therefore, H3C cannot accept responsibility for any inaccuracy in this document. H3C reserves the right for the modification of the contents herein without prior notification。

神州数码交换机路由器命令神州数码交换机路由器命令交换机配置命令switch>en （enable）进入特权用户模式switch # conf (config) 进入全局配置模式switch (config)# int e0/0/1 进入接口配置模式switch (config)# int vlan 1 进入VLAN配置模式switch (config)# host (hostname) 配置交换机名称switch (config)# enable password 1234 配置交换机密码switch (config)# enable password 8 1234 配置交换机密码（加密）switch (config)# vlan 10 创建vlanswitch (config)# int vlan 10switch (config-If-Vlan10)# ip address 172.16.10.1 255.255.255.0 配置VLAN地址生成树技术Switch (config)# spanning-tree 启用全局生成树（默认mstp生成树技术）switch (config)# spanning-tree mode stp/rstp/mstp 生成树技术switch (config)# spanning-tree mst 0 port-priority 4096 设置交换机的优先级默认32768Switch# sh sp (show spanning-tree) 查看生成树交换机Web管理switch (config)# ip http serverswitch (config)# web-user admin password 0 1234 用户名和密码（命令要全写）交换机T elnet管理switch (config) # ip http serverswitch (config)# telnet-user admin password 0 1234 用户名和密码（命令要全写）清空交换机配置switch# set def (default)恢复出厂配置switch# wr (write)保存配置switch# rel (reload)重启交换机链路聚合(不需启动生成树)switchA(config)# port-group 1switchA(config)# int e0/0/1-2switchA(config-port-range)# port-group 1 mode on/active 手动配置/自动配置switchA(config)# no port-group 1 删除组1switchB(config) # port-group 2switchB(config) # int e0/0/3-4switchB(config-port-range) # port-group 2 mode on/active switchA(config) # no port-group 2 删除组2交换机MAC与IP绑定switch (config)# am enable 启用全局am功能switch (config)# int e0/0/1switch (config_if_ethernet0/0/1)# am port 打开端口am功能switch (config_if_ethernet0/0/1)# am mac-ip-pool 00-A0-D1-D1-07-FF 192.168.1.101交换机DHCP服务器配置switch (config)# service dhcp 启用DHCPswitch (config)# ip dhcp pool poolA 定义地址池poolAswitch (dhcp-poolA- config)# network-address 192.168.1.0 24switch (dhcp-poolA- config)# lease 3 租期3天switch (dhcp-poolA- config)# default-router 192.168.1.1 网关switch (dhcp-poolA- config)# dns-server 60.191.244.5 DNS服务器ACL访问控制列表switchA(config)# ip access-list standard test 命名标准IP访问列表switchA(config-std-nacl-test)# deny 192.168.100.0 0.0.0.255 反子网掩码switchA(config-std-nacl-test)# deny 192.168.200.0 0.0.0.0switchA(config) # firewall enable 开启ACL功能switchA(config)# firewall default permit/deny 默认permit允许switchA(config)# int e0/0/1switchA(config-if-interface0/0/1) # ip access-group test in/outswitchA(config) # ip access-list standard 10 数字标准IP访问列表配置时间范围switchA(config)#time-range worktimeswitchA(config-time-range)#absolute-periodic weekdays 09:00:00 to 18:00:00路由器配置命令Router>ena 进入特权用户模式 Router# conf 进入全局配置模式Router_config# int f0/0Router_config_f0/0# ip address 10.1.1.1 255.255.255.0 配置路由器端口地址清空路由器配置Router# del （delete）删除启动配置文件Router# reb (reboot) 重启路由器静态路由Router_config# ip route 10.1.2.0 (目标网段) 255.255.255.0（子网掩码） 10.1.1.1 （转发地址）默认静态路由Router_config# ip route 0.0.0.0 (目标网段) 0.0.0.0（子网掩码）10.1.1.1 （转发地址）RIP动态路由Router_config# router rip 启用RIP路由Router_config_rip# version 2 RIP路由版本号 2Router_config_rip# network 10.1.1.0 255.255.255.0Router_config_rip# network 10.1.2.0 255.255.255.0 与路由器相连的网段OSPF动态路由Router_config# router ospf 1 启动ospf进程，进程号为1Router_config_ospf1# network 10.1.1.0 255.255.255.0 area 0 网段、子网掩码和区域号Router_config_ospf1# network 10.1.2.0 255.255.255.0 area 0 第一个区域（即主干区域）区域号为 0Router# show ip route 查看路由。

OMNI 简要简要设置设置设置指南指南一：OMNI 新老主机板的新老主机板的主要主要主要区别区别新主机板: 为了更好的改进主机性能和需要，OMNI 新主机板在电路、元器件和工艺都有相当大的改进，采用了目前世界先进的表面贴焊技术。

在接线端子的设置上也有改变，电话线接口端子从右上部改变到线路板的下部。

特别注意的是特别注意的是：：探测器的12V 供电端子改为5（+）和4（-），烟感复位12V 电源端子5（+）和6（-），请大家留意不要接错请大家留意不要接错。

新主机板新主机板其他改变其他改变其他改变：：电话号码由20位增加到32位。

增加了没准备好2次布防功能(Not Ready/2X)，同时强制布防失效。

如果选择Ready/2X 的话，当一个防区失效(系统没准备好)时，用户试图布防系统，系统将不能布防，显示问题防区。

为了布防系统，用户第二次必须在15秒之内输入他们的密码，而系统将先旁路失效防区后布防。

二：系统操作系统布防系统布防在所有防区准备好的情况下，系统可以布防：OMNI-LCD OMNI-KPCH XK-108CH LED 指示 Ready Ready Ready 键盘显示 SYSTEM READY N/A N/A 布防操作:输入4 位用户密码。

注意:#1 操作员密码出厂设置为 1234。

布防LED 指示灯亮，在外出延时时间内，用户可以从出入防区退出。

键盘显示如下：OMNI-LCD OMNI-KPCH XK-108CH LED 指示 Armed Armed Armed 键盘显示 ON: AWAY EXIT NOW AWAY N/A备用电池没有连接时，系统也可以布防，但是， 键盘上的 AC/LB 或 BAT 指示灯会闪亮。

强制布防: 如果编程允许(子菜单1 的问题11 位置2)，在内部延时防区失效时，用户仍然可以布防。

撤防撤防撤防步骤撤防步骤：： 输入有效的操作员密码， ARM LED 指示灯熄灭。

H3C S6850交换机虚拟化配置目录一、项目情况 (2)二、设备拓扑图 (2)三、配置IRF的限制条件 (2)3.1IRF物理端口限制 (2)3.2ISSU升级限制 (2)3.3MAC检测限制 (2)四、配置要点 (2)五、配置步骤 (3)六、配置过程 (3)一、项目情况本次项目采购4台S6850交换机作为汇聚使用，为了提高设备可靠性，两两进行虚拟化配置，采用H3C IRF技术实现。

二、设备拓扑图三、配置IRF的限制条件3.1IRF物理端口限制S6850系列交换机支持通过以下端口建立IRF物理连接，不支持1G/10G/25G/50G IRF物理连接。

·QSFP+口工作在40G速率·QSFP28口（除了LSWM18CQMSEC接口模块扩展卡上的端口）工作在40G或100G速率。

LSWM18CQMSEC接口模块扩展卡上的端口不支持做IRF物理端口。

3.2ISSU升级限制在S6850系列交换机上，使用40G QSFP+电缆进行IRF连接的IRF设备不支持进行ISSU升级。

需要进行ISSU升级时，可以将IRF连接更换为100G的光模块/光缆/电缆连接或40G光模块/光缆连接。

3.3MAC检测限制BFD MAD检测VLAN时，不允许在Vlan-interface1接口上开启BFD MAD检测功能，开启BFD MAD 检测功能的VLAN接口及VLAN内的物理端口只能专用于BFD MAD检测，不允许运行其它业务。

BFD MAD检测功能与生成树功能互斥，在开启了BFD MAD检测功能的VLAN接口对应VLAN内的端口上，请关闭生成树协议。

四、配置要点设备配置好IRF配置后，要先保存再激活配置。

每台设备分别配置完成后，最后连接线缆。

再配置第二台设备成员编号后要重启设备使得编号生效。

如果不重启，在第二台设备配置IRF-port端口时候使用irf-port 1/2。

IRF-port端口编号说明，irf-port 1/2中，第一个数字代表的是设备成员编号，第二个数字是接口编号。

阿尔卡特交换机开局指导书开局指导Alcatel交换机AOS操作系统包括两个系统⽂件和配置⽂件的⽬录，working和certified⽬录。

正常⼯作时，机器会从working下引导。

这两个⽬录下保存相同的⽂件（配置⽂件和系统⽂件），包括⽂件的个数，⽂件名和⽂件⼤⼩。

如果出现三者中任何⼀个不同，机器在下次引导时会从certified下引导，这时修改的配置⽂件是不能保存的。

⼀、6850开机6850开机后，操作的步骤如下：1、⽤户名admin，密码switch登陆2、执⾏write memory保存⼀个空的配置⽂件boot.cfg该⽂件会⽣成并保存在working⽬录下。

3、执⾏copy working certified同步working和certified的⽬录下的⽂件，同时boot.cfg⽂件拷贝到certified下。

4、执⾏ip interface address 1.1.1.1 mask255.255.255.0 vlan 1 给vlan 1配置⼀个ip，为了可以ftp交换机上传⾼级路由软件。

5、执⾏aaa authentication ftp local6、将笔记本连接到68507、进⼊dos窗⼝，进⼊到保存⾼级路由软件的⽬录8、执⾏ftp 1.1.1.19、输⼊账号和密码10、输⼊bin11、输⼊put <⾼级路由⽂件名：Kadvrout.img>12、上传完毕后在机器上执⾏relod working no rollback-time13、引导后登陆后执⾏write memory和copy working certified14、到此，6850的系统⽂件Kadvrout.img上传完毕。

⼆、6850堆叠的操作准备要堆叠的⼏台6850，⽐如4台。

机器默认前⾯板的LED序号是1，修改其中的3台即可。

1、通过console连接Kadvrout.img上传完毕的机器2、执⾏stack set slot 1 save-slot 23、执⾏reload，完毕后，LED显⽰24、同样执⾏stack set slot 1 save-slot 3，和stack set slot 1 save-slot 4完成另外2台机器。