Các lệnh cơ bản để cấu hình Switches H3C - Reset, Trunk, and Basic Commands

 



H3C Switches Commands: Reset, Trunk, and Basic Commands

Bạn có gặp khó khăn với việc cấu hình Switch H3C không?  Sau đây mình chia sẻ các bạn các lệnh cơ bản của bộ chuyển mạch H3C.


1. Làm thế nào để khôi phục cài đặt gốc Switch H3C mà không cần biết mật khẩu

- Kết nối Console bằng HyperTerminal hoặc PuTTy rồi khởi động Switch H3C
- Nhấn Ctrl + B để vào menu bootrom của Switch
- Chọn Menu khôi phục cài đặt gốc(nếu có).
- Xóa các file có đuôi .cfg
- Khởi động lại Switch

2. Thêm cổng Trunk vào VLAN

Cổng trục có thể cho phép nhiều VLAN đi qua, nghĩa là chúng có thể được thêm vào nhiều VLAN. Do đó, việc tham gia VLAN của các cổng Trunk không thể được thêm từng cái một mà theo lô. Nhưng nó chỉ có thể được cấu hình trong chế độ xem cổng Ethernet. Các bước cấu hình được hiển thị trong Bảng 1.

[Example 1] using the Port Trunk the permit VLAN command relay port Ethernet2 / 0/1 was added to 2, 6, 10, 50 ~ 100 the VLAN in.

(1). <H3C> system-view

(2). System View: return to User View with Ctrl+Z.

(3). [H3C] interface Ethernet2/0/1

(4). [H3C-Ethernet2/0/1] port trunk permit vlan 2 6 10 50 to 100

(5). Please wait…

(6). Done.

Table 1. Steps of Adding the Trunk port to the VLAN

stepcommandUsage description
1system-view

For example: < sysname > system-view

Enter system view
2interface interface-type interface-number

For example: [ sysname ] interface GigabitEthernet 1/0/1

Enter Ethernet port view or port group view or Layer 2 aggregate port (you must choose one of the three). After entering the Ethernet port view, the following configuration will only take effect on the current port; after entering the port group view, the following configuration will take effect on all ports in the port group; execute this command in the Layer 2 aggregate port view, The configuration will take effect on the Layer 2 aggregate port and all corresponding member ports. During the configuration process, if the configuration of a member port fails, the system will automatically skip the member port and continue to configure other member ports; if the configuration of the Layer 2 aggregate port fails, the member port will not be configured again

The port-group { manual port-group-name | aggregation agg -id } and interface bridge-aggregation interface-number commands are only applicable to a few H3C switch series that support port groups and Layer 2 aggregation ports , such as S5500 , S5100 , S7500E, etc.

port- group { manual port-group-name | aggregation agg -id }
For example: [ Sysname ] port-group manual group1
interface bridge -aggregation interface-number

For example: [ Sysname ] interface bridge-aggregation 1

3port link-type trunk

For example: [ sysname – GigabitEthernet1/0/1] port link- type trunk

Configure the link type of the port as Trunk. The Layer 2 port link of the switch is of the Access type by default. You must use this command to convert, but you cannot use this command on the Hybrid port to convert it into a Trunk link. Instead, use the port link-type access command to convert the link. Convert to Access link, and then use this command to convert to Trunk link
4port trunk permit vlan { vlan -id-list | all }

For example: [sysname-GigabitEthernet1/0/1] port trunk permit vlan 2 to 10

Add the above Trunk ports to one or more VLANs to allow data packets from the specified VLAN to pass through (that is , VLAN pruning in Cisco IOS )

Two selected from a parameter VLAN -id-List = [ VLAN-ID1 [ to VLAN-ID2 ] ] & <1-10> specifies Trunk port is allowed to join the VLAN range, VLAN -id in the range of 1 – 4094 . & <1-10> means that you can specify up to 10 times if it is isolated VLAN, the respective VLAN between separated by spaces

Two selected from a option all used to specify the above relay port is added to all VLAN in

By default, all trunk ports only allow VLAN 1 to pass. You can use the undo port trunk permit VLAN { vlan -id-list | all } command to delete the trunk port from the specified VLAN . If you use the port trunk permit VLAN command multiple times, the VLAN allowed on the trunk port is the set of these vlan- id-lists

5port trunk pvid vlan vlan -id

For example: [sysname-GigabitEthernet1/0/ 1] port trunk pvid vlan 10

(Optional) Set the default VLAN of the above Trunk port. The value range of the parameter VLAN -ID is 1 to 4094. This Trunk default port VLAN ID and the remote switch connected to the Trunk default port VLAN ID must be the same packets to be transmitted properly. And must be set to a non host belongs VLAN of the VLAN ID (usually set to VLAN. 1, since the VLAN. 1 is the default port belongs to any port, and the host would not normally only for management purposes). By default, the default VLAN of the Trunk port is VLAN 1. You can use the undo port trunk PVID command to restore the default VLAN ID of the port, which is 1

[Example 2] Use the undo port trunk permit VLAN command to delete the trunk port Ethernet2/0/1 from VLAN 1.

3. H3C switch basic configuration commands

(1). The link type of the Ethernet port

Access link: Only the untagged data flow of a certain vlan can pass through.

Link Trunk: allow multiple vlan the tagged data stream and one vlan the untagged data stream.

Link the Hybrid: allow multiple vlan the tagged data stream and a plurality vlan the untagged data stream.

The hybrid link port can allow multiple VLAN packets to be sent without labels, while the Trunk port only allows the default VLAN packets to be sent without labels.

Three types of ports can coexist on one device.

(2). VLAN configuration commands

Create vlan vlan 100 (1-4094)

Delete vlan undo vlan 100 (1-4094)

Add port portethernet 2/0/1 in vlan

Delete port undo port ethernet 2/0/1 in vlan

Add the port to vlan port access vlan 100 ( 1-4094 )

Remove the port from vlan undoport access vlan 100 ( 1-4094 )

Display vlan information display vlan VLANID ( 1-4094 )

Define the port as Trunk port link-type trunk

Delete the Trunk attribute of the port undo portlink -type

Define the vlan port trunk permit vlan VLANID that the port can transmit

The trunk link allows all VLANs to pass: port trunk permit vlan all

Delete the vlan that can be transmitted on the port: undo port trunk permit vlan VLANID

(3). Configuration commands and examples of static routing

[H3C] iproute -static ip -address{ mask|mask-length } { interface-typeinterface-name|nexthop-address } [ perference value] [ reject|blackhole ]

E.g:

ip route-static 129.1.0.0 16 10.0.0.2

ip route-static 129.1.0.0 255.255.0.0 10.0.0.2

ip route-static 129.1.0.0 16 Serial 2/0

4.H3C switch commonly used configuration commands

(1). Configure the host name

[H3C] systemname H3C

(2). Configure the console port password

#Enter the system view.

<H3C> system-view

#Enter the AUX user interface view.

[H3C] user-interface aux 0

#Set up password authentication for users who log in to the switch through the console port.

[H3C-ui-aux0] authentication-mode password

#Set the user’s authentication password to be encrypted, and the password is 123456.

[H3C-ui-aux0] set authentication passwordcipher 123456

#Set the command level that can be accessed after logging in from the AUX user interface to level 2.

[H3C-ui-aux0] user privilege level 2

(3). Configure Telnet

#Enter the system view.

<H3C> system-view

#Enter the VTY0 user interface view.

[H3C] user-interface vty 0

#Set up password authentication for users who log in to the switch through the VTY0 port.

[H3C-ui-vty0] authentication-mode password

#Set the user’s authentication password to password mode, and the password is 123456.

[H3C-ui-vty0] set authentication passwordcipher 123456

#Set the command level that can be accessed after logging in from the VTY0 user interface to level 2.

[H3C-ui-vty0] user privilege level 2

#Set the VTY0 user interface to support the Telnet protocol.

[H3C-ui-vty0] protocol inbound telnet

(4). Configure the switch VLAN 1 management address

<H3C> system-view

[H3C] interface vlan-interface 1

[H3C-VLAN-interface1] ip address192.168.0.129 255.255.255.0

(5). Configure the switch gateway address

[H3C] ip route-static 0.0.0.00.0.0.0 192.168.0.1

(6). Configure HTTP service

[H3C] local-user admin #Create http user

[H3C-luser-admin] service-type telnet

[H3C-luser-admin] authorization-attributelevel 3

[H3C-luser-admin] password cipheradmin #Set the http user password and encrypt the display

(7). Configure SNMP

[H3C] snmp-agent

[H3C] snmp-agent community read123456 #Set the snmp community name, the permission is read-only

[H3C] snmp-agent sys-info version v1 v2c #Set snmp version v1 and v2

(8). Qos port speed limit

[H3C] interface gigabitethernet 1/0/1

#Configure the speed limit parameters, the port in/out rate is limited to 5120kbps.

[H3C-GigabitEthernet1/0/1] qos lr inboundcir 5120

[H3C-GigabitEthernet1/0/1] qos lr outboundcir 5120

(9). Create VLAN

[H3C] vlan 100

(10). Delete VLAN

[H3C] undo vlan 100

(11). Add the port to VLAN 100

[H3C] interface GigabitEthernet 1/0/24

[H3C] port access vlan 100

(12). View VLAN

[H3C] display vlan all

(13). View port status

[H3C] display interface GigabitEthernet1/0/24

(14). Enable the port

[H3C] interface GigabitEthernet 1/0/24

[H3C] undo shutdown

(15). Close the port

[H3C] interface GigabitEthernet 1/0/24

[H3C] shutdown

(16). View the MAC address list

[H3C] display mac-address

(17). View ARP information

[H3C] display arp

(18). View current configuration

[H3C] display current-configuration

(19). View saved configuration

[H3C] display saved-configuration

Note: The current configuration is saved in the memory of the switch and will not take effect when the switch is restarted.

To take effect when the switch is restarted, it must be saved in the saved-configuration.

(20). save the switch configuration

[H3C] save



Ví dụ về VLAN Trunking:

sys
sysname Ten_SW
user-interface aux 0
authentication-mode password 
set authentication password cipher Pcna@2021
quit

user-interface vty 0 4
authentication-mode password 
set authentication password cipher Pcna@2021
user privilege level 3
quit 

vlan 1891
name Dat_Ten_VLAN
port g1/1/3 
port g1/1/4
quit 
 
interface Vlan-interface 1891
ip address 172.17.191.24 255.255.255.0
undo shutdown 
quit

vlan 998
name Dat_Ten_VLAN
quit 
 
interface Vlan-interface 998
ip address 172.16.16.2 255.255.255.0
undo shutdown 
quit

interface GigabitEthernet1/1/1
description "To_Noi _Dung"
port link-mode bridge
port link-type trunk
port trunk permit vlan all
quit
save

Post a Comment

Post a Comment (0)

Previous Post Next Post