华为交换机配置规范及IP网管的录入.docx
《华为交换机配置规范及IP网管的录入.docx》由会员分享,可在线阅读,更多相关《华为交换机配置规范及IP网管的录入.docx(17页珍藏版)》请在冰点文库上搜索。
华为交换机配置规范及IP网管的录入
一、华为交换机配置规范
配置交换机软件serial-com1
附件-超级终端-任意名-还原为默认值
例:
康达城二期商住楼东单元WCQ.DGLD02/S-HW2016EI-442
上行:
机房交换机
下行:
康达二期二单元
本设备IP地址:
220.177.49.130
本设备网关:
220.177.49.129
本设备掩码:
255.255.255.192
本设备管理vlan:
60业务vlan:
149-172
下行设备管理vlan:
60业务vlan:
173-196
Password:
fz-quidway
Su
Password:
fz-quidway
Resetsave-con清除已有的信息
Reboot重启交换机
System-view进入系统
Undoterminalmonitor设置系统消息不出现
通过vlan1事先在设置一下ip地址如218.95.27.252
将交换机与.218.95.27.253
Delete/unreservedxxxxxx.app删除已有的补丁文件
Tftpget//218.95.27.253/xxxxxx.app导入新的补丁文件
sys进入配置模式
[Quidway]sysnameKangDa-2Qi-DongDanYuan//配置交换机所属地区名(一般中文拼音,每个字的首字字母大写)
[KangDa-2Qi-DongDanYuan]user-interfacevty04//进入vty端口配置
[KangDa-2Qi-DongDanYuan-ui-vty0-4]setauthenticationpasswordcipherfz-quidway//配置telnet口令
[KangDa-2Qi-DongDanYuan-ui-vty0-4]quit//退出vty端口配置
[KangDa-2Qi-DongDanYuan]superpasswordcipherfz-quidway//配置super口令
[KangDa-2Qi-DongDanYuan]vlan60//添加vlan(此处添加的是管理vlan)
[KangDa-2Qi-DongDanYuan-vlan60]quit//退出此vlan配置模式(因为系统默认就直接进入了所添加的vlan业务配置模式)
[KangDa-2Qi-DongDanYuan]interfacevlan60//进入vlan管理配置模式intVlan-interface33
[KangDa-2Qi-DongDanYuan-Vlan-interface60]ipaddress220.177.49.130255.255.255.192//配置IP和掩码
[KangDa-2Qi-DongDanYuan-Vlan-interface60]quit//退出管理vlan配置模式
interfaceEthernet0/1
[KangDa-2Qi-DongDanYuan-Ethernet0/16]descriptionuptoDGL-JiFang//标注此端口上行方向
[KangDa-2Qi-DongDanYuan-Ethernet0/16]portlink-typetrunk//设置端口属性为trunk
InterfaceGigabitEthernet0/0/2
Portlink-typetrunk
Porttrunkallow-passvlan60149to196
管理业务口
InterfaceGigabitEthernet0/0/1
Portlink-typetrunk
Porttrunkallow-passvlan60149to196
备用业务口管理
Vlanbatch
Vlan149to196
InterfaceEthernet0/0/%d
Portlink-typeaccess
Portdefaultvlan%d
Loopback-detectionenable
[KangDa-2Qi-DongDanYuan]vlanXXX//添加vlan(此处添加的是业务vlan,从149-196,逐条连续的增加,其中要注意的就是,下行设备的所有vlan在上行设备中都必须配置,因为要通过上行透传)
[KangDa-2Qi-DongDanYuan-vlanXXX]quit//退出vlan配置模式
[KangDa-2Qi-DongDanYuan]interfaceEthernet0/1//进入端口0/1配置(同理进入1-14端口配置)[KangDa-2Qi-DongDanYuan-Ethernet0/1]portaccessvlan149//配置0/1端口的业务vlan(vlan随端口递增,例如0/2端口的vlan为150,0/3端口的vlan为151……)
[KangDa-2Qi-DongDanYuan-Ethernet0/1]broadcast-suppression5//配置广播抑制比为5%
[KangDa-2Qi-DongDanYuan-Ethernet0/1]loopback-detectionenable//打开端口的环路检测功能
[KangDa-2Qi-DongDanYuan]interfaceEthernet0/16//进入最后一个端口16口,这里开始配置上行口
[KangDa-2Qi-DongDanYuan-Ethernet0/16]descriptionuptoDGL-JiFang//标注此端口上行方向
[KangDa-2Qi-DongDanYuan-Ethernet0/16]portlink-typetrunk//设置端口属性为trunk
[KangDa-2Qi-DongDanYuan-Ethernet0/16]undoporttrunkpermitvlan1//剔除系统默认vlan1
[KangDa-2Qi-DongDanYuan-Ethernet0/16]porttrunkpermitvlan60149to196//设置允许通过此端口的vlan号
[KangDa-2Qi-DongDanYuan-Ethernet0/16]broadcast-suppression10//配置广播抑制比为10%
[KangDa-2Qi-DongDanYuan-Ethernet0/16]undoloopback-detectioncontrolenable//关闭端口的环路控制功能(因为此功能如果检测到交换机有环路就会自动关闭端口,因为此端口是上行口必将导致整台交换机不通而且还会影响下行交换机,所以,必须关闭此功能)
[KangDa-2Qi-DongDanYuan-Ethernet0/16]interfaceEthernet0/15//进入15端口,配置下行口
[KangDa-2Qi-DongDanYuan-Ethernet0/15]descriptionKangDa-2Qi-2#//标注下行方向
[KangDa-2Qi-DongDanYuan-Ethernet0/15]portlink-typetrunk//设置端口属性为trunk
[KangDa-2Qi-DongDanYuan-Ethernet0/15]undoporttrunkpermitvlan1//剔除系统默认vlan1
[KangDa-2Qi-DongDanYuan-Ethernet0/15]porttrunkpermitvlan60173to196//设置允许通过此端口的vlan号
[KangDa-2Qi-DongDanYuan-Ethernet0/15]broadcast-suppression10//同16口
[KangDa-2Qi-DongDanYuan-Ethernet0/15]undoloopback-detectioncontrolenable//同16口
[KangDa-2Qi-DongDanYuan-Ethernet0/15]quit
[KangDa-2Qi-DongDanYuan]iproute-static0.0.0.00.0.0.0220.177.49.129preference60//配置路由
然后配置SNMP信息,命令直接复制黏贴就可以
在[KangDa-2Qi-DongDanYuan]下复制黏贴以下内容
snmp-agent
snmp-agentlocal-engineid800007DB000FE2488A636877
snmp-agentcommunityreadfzpublic
snmp-agentcommunitywritefzprivate
snmp-agentsys-infolocationFuZhouJiangXi
snmp-agentsys-infoversionall
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.116paramssecuritynamefzpublic
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.117paramssecuritynamefzpublic
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.118paramssecuritynamefzpublic
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.119paramssecuritynamefzpublic
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.120paramssecuritynamefzpublic
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.121paramssecuritynamefzpublic
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.122paramssecuritynamefzpublic
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.123paramssecuritynamepublic
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.3paramssecuritynamefzpublic
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.4paramssecuritynamefzpublic
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.5paramssecuritynamefzpublic
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.6paramssecuritynamefzpublic
snmp-agenttrapenablestandard
snmp-agenttrapenableconfiguration
最后保存配置
[KangDa-2Qi-DongDanYuan]quit//退出配置模式
save//保存配置
-------------------------------------------分割线以下是交换机配置截图-----------------------------------
一般在保存配置前需要浏览下前面所配置的数据,检查数据是否配置正确
[KangDa-2Qi-DongDanYuan]discu//浏览交换机配置的命令,是displaycurrent-configuration的简写
#
sysnameKangDa-2Qi-DongDanYuan
#
superpasswordlevel3cipherM;*49H#8;DGVL!
#
radiusschemesystem
server-typehuawei
primaryauthentication127.0.0.11645
primaryaccounting127.0.0.11646
user-name-formatwithout-domain
domainsystem
radius-schemesystem
access-limitdisable
stateactive
vlan-assignment-modeinteger
idle-cutdisable
self-service-urldisable
messengertimedisable
domaindefaultenablesystem
#
local-servernas-ip127.0.0.1keyhuawei
#
queue-schedulerwrr1248
#
vlan1
#
vlan60
#
vlan149
#
vlan150
#
vlan151
#
vlan152
#
vlan153
#
vlan154
#
vlan155
#
vlan156
#
vlan157
#
vlan158
#
vlan159
#
vlan160
#
vlan161
#
vlan162
#
vlan163
#
vlan164
#
vlan165
#
vlan166
#
vlan167
#
vlan168
#
vlan169
#
vlan170
#
vlan171
#
vlan172
#
vlan173
#
vlan174
#
vlan175
#
vlan176
#
vlan177
#
vlan178
#
vlan179
#
vlan180
#
vlan181
#
vlan182
#
vlan183
#
vlan184
#
vlan185
#
vlan186
#
vlan187
#
vlan188
#
vlan189
#
vlan190
#
vlan191
#
vlan192
#
vlan193
#
vlan194
#
vlan195
#
vlan196
#
interfaceVlan-interface60
ipaddress220.177.49.130255.255.255.192
#
interfaceAux0/0
#
interfaceEthernet0/1
broadcast-suppression5
portaccessvlan149
#
interfaceEthernet0/2
broadcast-suppression5
portaccessvlan150
#
interfaceEthernet0/3
broadcast-suppression5
portaccessvlan151
#
interfaceEthernet0/4
broadcast-suppression5
portaccessvlan152
#
interfaceEthernet0/5
broadcast-suppression5
portaccessvlan153
#
interfaceEthernet0/6
broadcast-suppression5
portaccessvlan154
#
interfaceEthernet0/7
broadcast-suppression5
portaccessvlan155
#
interfaceEthernet0/8
broadcast-suppression5
portaccessvlan156
#
interfaceEthernet0/9
broadcast-suppression5
portaccessvlan157
#
interfaceEthernet0/10
broadcast-suppression5
portaccessvlan158
#
interfaceEthernet0/11
broadcast-suppression5
portaccessvlan159
#
interfaceEthernet0/12
broadcast-suppression5
portaccessvlan160
#
interfaceEthernet0/13
broadcast-suppression5
portaccessvlan161
#
interfaceEthernet0/14
broadcast-suppression5
portaccessvlan162
#
interfaceEthernet0/15
descriptionKangDa-2Qi-2#
portlink-typetrunk
undoporttrunkpermitvlan1
porttrunkpermitvlan60173to196
broadcast-suppression5
undoloopback-detectioncontrolenable
#
interfaceEthernet0/16
descriptionuptoDGL-JiFang
portlink-typetrunk
undoporttrunkpermitvlan1
porttrunkpermitvlan60149to196
broadcast-suppression5
undoloopback-detectioncontrolenable
#
interfaceNULL0
#
iproute-static0.0.0.00.0.0.0220.177.49.129preference60
#
snmp-agent
snmp-agentlocal-engineid800007DB000FE2488A636877
snmp-agentcommunityreadfzpublic
snmp-agentcommunitywritefzprivate
snmp-agentsys-infolocationFuZhouJiangXi
snmp-agentsys-infoversionall
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.116paramssecuritynamepublic
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.117paramssecuritynamepublic
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.118paramssecuritynamepublic
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.119paramssecuritynamepublic
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.3paramssecuritynamepublic
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.4paramssecuritynamepublic
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.5paramssecuritynamepublic
snmp-agenttarget-hosttrapaddressudp-domain117.21.127.6paramssecuritynamepublic
snmp-agenttrapenablestandard
snmp-agenttrapenableconfiguration
#
user-interfaceaux0
user-interfacevty04
setauthenticationpasswordcipherM;*49H#8;DE!
_KY-G6D741!
!
#
Return
注:
交换机配置中:
1、配置telnet口令和su口令。
2、配置管理vlan。
3、在管理vlan下配置IP地址掩码。
4、配置路由。
最主要的就是这4个步骤,一般这4个步骤配置正确了,交换机拿去现场就能通,其他数据如果配置错误的话,还可以通过远程登录来修改,所以检查一台交换机的配置时请着重检查这4个步骤(其中口令因为配置的时候是密文方式,无法检查,需要在配置的时候保证100%正确)
二、在IP网管中添加新设备资源
有设备扩容和新增的话,在做好实际设备的变更外还须在IP网管中作相应的修改和添加。
1、进入IP网管系统:
http:
//117.21.127.7:
2003/nms/login.jsp
2、点击菜单“系统资源管理”下的子菜单中“设备维护”,进入设备维护界面,如下图1:
图1
3,如果是新增设备,请点击图1中,1号区域里的“增加”,后按下列图示填写:
图2
注意:
1、所属节点按设备情况而定,这里所举例的设备所属大公路分局。
2、设备名称为:
E-FZ-SQ-康达城二期商住楼东单元-S-华为2016EI-01(设备名称的标准格式)
图3
注意:
只读Community和可写Community即前面我们所配置的交换机SNMP的只读可写信息:
snmp-agentcommunityreadfzp
升级会员 