1、华为常用命令之欧阳体创编华为交换机经常使用命令:时间:2021.02.03创作:欧阳体1、display currentconfiguration /显示以后配置2、display interface GigabitEthernet 1/1/4 /显示接口信息3、display packetfilter interface GigabitEthernet 1/1/4 /显示接口acl应用信息4、display acl all /显示所有acl设置 3900系列交换机5、display acl config all /显示所有acl设置 6500系列交换机6、display arp 10.78.
2、4.1 /显示该ip地址的mac地址,所接交换机的端口位置7、display cpu /显示cpu信息8、systemview /进入系统图(配置交换机),即是config t 命令9、acl number 5000 /在systemview命令后使用,进入acl配置状态10、rule 0 deny 0806 ffff 24 0a4e0401 ffffffff 40 /在上面的命令后使用,acl 配置例子11、rule 1 permit 0806 ffff 24 000fe218ded7 fffffffff 34 /在上面的命令后使用,acl配置例子12、interface GigabitEt
3、hernet 1/0/9 /在systemview命令后使用,进入接口配置状态13、86ZXS6503GigabitEthernet1/0/9qos /在上面的命令后使用,进入接口qos配置14、86ZXS6503qosbGigabitEthernet1/0/9packetfilter inbound usergroup 5000 /在上面的命令后使用,在接口上应用进站的acl15、Build42_S3928TPGigabitEthernet1/1/4packetfilter outbound usergroup 5001 /在接口上应用出站的acl16、undo acl number 500
4、0 /取消acl number 5000 的设置17、ip routestatic 0.0.0.0 0.0.0.0 10.78.1.1 preference 60 /设置路由18、reset counters interface Ethernet 1/0/14 /重置接口信息华为路由器经常使用命令 Quidwaydis cur ;显示以后配置Quidwaydisplay currentconfiguration ;显示以后配置Quidwaydisplay interfaces ;显示接口信息Quidwaydisplay vlan all ;显示路由信息Quidwaydisplay versio
5、n ;显示版本信息Quidwaysuper password ;修改特权用户密码Quidwaysysname ;交换机命名Quidwayinterface ethernet 0/1 ;进入接口视图Quidwayinterface vlan x ;进入接口视图QuidwayVlaninterfacexip address 10.65.1.1 255.255.0.0 ;配置VLAN的IP地址Quidwayip routestatic 0.0.0.0 0.0.0.0 10.65.1.2 ;静态路由网关Quidwayrip ;三层交换支持Quidwaylocaluser ftpQuidwayuseri
6、nterface vty 0 4 ;进入虚拟终端S3026uivty04authenticationmode password ;设置口令模式S3026uivty04set authenticationmode password simple 222 ;设置口令S3026uivty04user privilege level 3 ;用户级别Quidwayinterface ethernet 0/1 ;进入端口模式Quidwayint e0/1 ;进入端口模式QuidwayEthernet0/1duplex half|full|auto ;配置端口工作状态QuidwayEthernet0/1sp
7、eed 10|100|auto ;配置端口工作速率QuidwayEthernet0/1flowcontrol ;配置端口流控QuidwayEthernet0/1mdi across|auto|normal ;配置端口平接扭接QuidwayEthernet0/1port linktype trunk|access|hybrid ;设置端口工作模式QuidwayEthernet0/1port access vlan 3 ;以后端口加入到VLANQuidwayEthernet0/2port trunk permit vlan ID|All ;设trunk允许的VLANQuidwayEthernet0
8、/3port trunk pvid vlan 3 ;设置trunk端口的PVIDQuidwayEthernet0/1undo shutdown ;激活端口QuidwayEthernet0/1shutdown ;关闭端口QuidwayEthernet0/1quit ;前往Quidwayvlan 3 ;创建VLANQuidwayvlan3port ethernet 0/1 ;在VLAN中增加端口Quidwayvlan3port e0/1 ;简写方法Quidwayvlan3port ethernet 0/1 to ethernet 0/4 ;在VLAN中增加端口Quidwayvlan3port e0
9、/1 to e0/4 ;简写方法Quidwaymonitorport ;指定镜像端口Quidwayport mirror ;指定被镜像端口Quidwayport mirror int_list observingport int_type int_num ;指定镜像和被镜像Quidwaydescription string ;指定VLAN描述字符Quidwaydescription ;删除VLAN描述字符Quidwaydisplay vlan vlan_id ;检查VLAN设置Quidwaystp enable|disable ;设置生成树,默认关闭Quidwaystp priority 40
10、96 ;设置交换机的优先级Quidwaystp root primary|secondary ;设置为根或根的备份QuidwayEthernet0/1stp cost 200 ;设置交换机端口的花费Quidwaylinkaggregation e0/1 to e0/4 ingress|both ;端口的聚合Quidwayundo linkaggregation e0/1|all ; 始端口为通道号SwitchAvlanxisolateuservlan enable ;设置主vlanSwitchAisolateuservlan secondary ;设置主vlan包含的子vlanQuidwayE
11、thernet0/2port hybrid pvid vlan ;设置vlan的pvidQuidwayEthernet0/2port hybrid pvid ;删除vlan的pvidQuidwayEthernet0/2port hybrid vlan vlan_id_list untagged ;设置无标识的vlan如果包的vlan id与PVId一致,则去失落vlan信息. 默认PVID=1。所以设置PVID为所属vlan id, 设置可以互通的vlan为untagged.路由器命令Quidwaydisplay version ;显示版本信息Quidwaydisplay currentcon
12、figuration ;显示以后配置Quidwaydisplay interfaces ;显示接口信息Quidwaydisplay ip route ;显示路由信息Quidwaysysname aabbcc ;更改主机名Quidwaysuper passwrod 123456 ;设置口令Quidwayinterface serial0 ;进入接口Quidwayserial0ip address ;配置端口IP地址Quidwayserial0undo shutdown ;激活端口Quidwaylinkprotocol hdlc ;绑定hdlc协议Quidwayuserinterface vty
13、0 4Quidwayuivty04authenticationmode passwordQuidwayuivty04set authenticationmode password simple 222Quidwayuivty04user privilege level 3Quidwayuivty04quitQuidwaydebugging hdlc all serial0 ;显示所有信息Quidwaydebugging hdlc event serial0 ;调试事件信息Quidwaydebugging hdlc packet serial0 ;显示包的信息静态路由:Quidwayip rou
14、testatic interface number|nexthopvaluereject|blackhole例如:Quidwayip routestatic 129.1.0.0 16 10.0.0.2Quidwayip routestatic 129.1.0.0 255.255.0.0 10.0.0.2Quidwayip routestatic 129.1.0.0 16 Serial 2Quidwayip routestatic 0.0.0.0 0.0.0.0 10.0.0.2静态路由:Quidwayrip ;设置静态路由Quidwayrip work ;设置工作允许Quidwayrip in
15、put ;设置入口允许Quidwayrip output ;设置出口允许Quidwayripnetwork 1.0.0.0 ;设置交换路由网络Quidwayripnetwork all ;设置与所有网络交换Quidwayrippeer ipaddress ;Quidwayripsummary ;路由聚合Quidwayrip version 1 ;设置工作在版本1Quidwayrip version 2 multicast ;设版本2,多播方法QuidwayEthernet0rip splithorizon ;水平分隔Quidwayrouter id A.B.C.D ;配置路由器的IDQuidw
16、ayospf enable ;启动OSPF协议Quidwayospfimportroute direct ;引入直联路由QuidwaySerial0ospf enable area ;配置OSPF区域标准拜访列表命令格式如下:acl matchorder config|auto ;默认前者顺序匹配。rule normal|specialpermit|deny source sourceaddr sourcewildcard|any例:Quidwayacl 10Quidwayacl10rule normal permit source 10.0.0.0 0.0.0.255Quidwayacl10
17、rule normal deny source any扩展拜访控制列表配置命令配置TCP/UDP协议的扩展拜访列表:rule normal|specialpermit|denytcp|udpsource |anydestination |anyoperate配置ICMP协议的扩展拜访列表:rule normal|specialpermit|denyicmp source |anydestination |anyicmpcode logging扩展拜访控制列表操纵符的含义equal portnumber ;即是greaterthan portnumber ;年夜于lessthan portnum
18、ber ;小于notequal portnumber ;不等range portnumber1 portnumber2 ;区间扩展拜访控制列表举例Quidwayacl 101Quidwayacl101rule deny souce any destination anyQuidwayacl101rule permit icmp source any destination any icmptype echoQuidwayacl101rule permit icmp source any destination any icmptype echoreplyQuidwayacl 102Quidwa
19、yacl102rule permit ip source 10.0.0.1 0.0.0.0 destination 202.0.0.1 0.0.0.0Quidwayacl102rule deny ip source any destination anyQuidwayacl 103Quidwayacl103rule permit tcp source any destination 10.0.0.1 0.0.0.0 destinationport equal ftpQuidwayacl103rule permit tcp source any destination 10.0.0.2 0.0.
20、0.0 destinationport equal wwwQuidwayfirewall enableQuidwayfirewall default permit|denyQuidwayint e0QuidwayEthernet0firewall packetfilter 101 inbound|outbound地址转换配置举例Quidwayfirewall enableQuidwayfirewall default permitQuidwayacl 101 ;内部指定主机可以进入e0Quidwayacl101rule deny ip source any destination anyQui
21、dwayacl101rule permit ip source 129.38.1.1 0 destination anyQuidwayacl101rule permit ip source 129.38.1.2 0 destination anyQuidwayacl101rule permit ip source 129.38.1.3 0 destination anyQuidwayacl101rule permit ip source 129.38.1.4 0 destination anyQuidwayacl101quitQuidwayint e0QuidwayEthernet0firew
22、all packetfilter 101 inboundQuidwayacl 102 ;外部特定主机和年夜于1024端口的数据包允许进入S0Quidwayacl102rule deny ip source any destination anyQuidwayacl102rule permit tcp source 202.39.2.3 0 destination 202.38.160.1 0Quidwayacl102rule permit tcp source any destination 202.38.160.1 0 destinationport greatthan1024Quidway
23、acl102quitQuidwayint s0QuidwaySerial0firewall packetfilter 102 inbound ;设202.38.160.1是路由器出口IP。QuidwaySerial0nat outbound 101 interface ;是Easy ip,将acl 101允许的IP从本接口出时变换源地址。内部办事器地址转换配置命令(静态nat):nat server global port inside port protocol ;global_port不写时使用inside_portQuidwaySerial0nat server global 202.3
24、8.160.1 inside 129.38.1.1 ftp tcpQuidwaySerial0nat server global 202.38.160.1 inside 129.38.1.2 telnet tcpQuidwaySerial0nat server global 202.38.160.1 inside 129.38.1.3 www tcp设有公网IP:202.38.160.101202.38.160.103 可以使用。 ;对外拜访(原例题)Quidwaynat addressgroup 202.38.160.101 202.38.160.103 pool1 ;建立地址池Quidwa
25、yacl 1Quidwayacl1rule permit source 10.110.10.0 0.0.0.255 ;指定允许的内部网络Quidwayacl1rule deny source anyQuidwayacl1int serial 0QuidwaySerial0nat outbound 1 addressgroup pool1 在s0口从地址池取出IP对外拜访QuidwaySerial0nat server global 202.38.160.101 inside 10.110.10.1 ftp tcpQuidwaySerial0nat server global 202.38.16
26、0.102 inside 10.110.10.2 www tcpQuidwaySerial0nat server global 202.38.160.102 8080 inside 10.110.10.3 www tcpQuidwaySerial0nat server global 202.38.160.103 inside 10.110.10.4 smtp udpPPP设置:Quidways0linkprotocol ppp ;默认的协议PPP验证:主验方:pap|chapQuidwaylocaluser q2 password simple|cipher hello ;路由器1Quidwa
27、yinterface serial 0Quidwayserial0ppp authenticationmode pap|chapQuidwayserial0ppp chap user q1 ;pap时,没有此句pap被验方:Quidwayinterface serial 0 ;路由器2Quidwayserial0ppp pap localuser q2 password simple|cipher hellochap被验方:Quidwayinterface serial 0 ;路由器2Quidwayserial0ppp chap user q2 ;自己路由器名Quidwayserial0loc
28、aluser q1 password simple|cipher hello ;对方路由器名帧中继framerelay (二分册661)q1fr switchingq1int s1q1Serial1ip address 192.168.34.51 255.255.255.0q1Serial1linkprotocol fr ;封装帧中继协议q1Serial1fr interfacetype dceq1Serial1fr dlci 100q1Serial1fr inarpq1Serial1fr map ip 192.168.34.52 dlci 100q2int s1q2Serial1ip add
29、ress 192.168.34.52 255.255.255.0q2Serial1linkprotocol frq2Serial1fr interfacetype dteq2Serial1fr dlci 100q2Serial1fr inarpq2Serial1fr map ip 192.168.34.51 dlci 100帧中继监测q1display fr lmiinfointerface type numberq1display fr mapq1display fr pvcinfoserial interfacenumberdlci dlcinumberq1display fr dlciswitchq1displ
copyright@ 2008-2022 冰豆网网站版权所有
经营许可证编号:鄂ICP备2022015515号-1
升级会员 