Isu tanga tichishandisa Huawei michina kwenguva yakareba mukati . Munguva pfupi yapfuura isu uye pakuwedzera zvishandiso zvitsva, zano rakauya kuzogovera imwe yekutarisa kana muunganidzwa wezvimiro zvekutanga nemienzaniso.
Kune akawanda mirairo yakafanana pawebhu kune vashandisi veCisco michina. Nekudaro, pane zvishoma zvinyorwa zvakadaro zveHuawei uye dzimwe nguva unofanirwa kutsvaga ruzivo mune zvinyorwa kana kuunganidza kubva kune akati wandei zvinyorwa. Tinovimba zvichabatsira, ngatiendei!
Chinyorwa chichatsanangura pfungwa dzinotevera:
Kutanga kubatana
Kubatanidza kune switch kuburikidza neiyo console interface
Nekutadza, Huawei switch inotumirwa pasina preconfiguration. Pasina faira yekumisikidza mundangariro yekuchinja, iyo ZTP (Zero Touch Provisioning) protocol inotanga kana yabatidzwa. Isu hatisi kuzotsanangura iyi michina zvakadzama, isu tinongoona chete kuti iri nyore kana uchishanda nenhamba huru yemidziyo kana yekumisikidza kure. Kuongorora kweZTP .
Kwekutanga kuseta pasina kushandisa ZTP, koni yekubatanidza inodiwa.
Sarudzo dzekubatanidza (chaizvo chiyero)
Chiyero chekufambisa: 9600
Nhamba yedata (B): 8
Parity bit: Hapana
Kumira zvishoma (S): 1
Flow control mode: Hapana
Mushure mekubatanidza, iwe uchaona chikumbiro chekuisa password yekubatanidza console.
Seta password yekubatanidza console
Pasiwedhi yekutanga inodiwa kune yekutanga kupinda kuburikidza neiyo console.
Kuenderera mberi nekuzviseta? [Y/N]: y
Seta password uye chengetedza!
Zvikasadaro hauzokwanisi kupinda kuburikidza neiyo console.
Ndokumbira ugadzirise password yekupinda (8-16)
Pinda pasiwedhi:
Tsigira pasiwedhi:
Ingoisa password, isimbise uye wapedza! Iwe unogona ipapo kushandura password uye mamwe maparamita echokwadi pane iyo console port uchishandisa inotevera mirairo:
Muenzaniso wekuchinja password
system-kuona
[~HUAWEI] mushandisi interface console 0
[~HUAWEI-ui-console0] authentication-modhi password
[~HUAWEI-ui-console0] seta authentication password cipher <password>
[*HUAWEI-ui-console0] Commit
Kugadzika setup (iStack)
Mushure mekuwana mukana kune ma switch, unogona kusarudza kugadzirisa stack. Huawei CE inoshandisa iStack tekinoroji kusanganisa akawanda switch kuita chinhu chimwe chine musoro. Iyo stack topology ndeyemhete, i.e. Zvinokurudzirwa kushandisa kanenge 2 ports pane imwe neimwe switch. Huwandu hwezviteshi zvinoenderana neinodiwa yekumhanyisa yekumhanyisa ma switch ari mustack.
Zvinokurudzirwa kushandisa uplinks paunenge uchiturika, iyo inomhanyisa iyo inowanzokwira kupfuura iyo yezviteshi zvekubatanidza magumo emidziyo. Nekudaro, iwe unogona kuwana yakawanda bandwidth ine mashoma madoko. Zvakare, kune akawanda mamodheru pane zvirambidzo pakushandiswa kwegigabit ports for stacking. Inokurudzirwa kushandisa kanenge 10G ports.
Pane maviri ekugadzirisa sarudzo anosiyana zvishoma mukutevedzana kwematanho:
-
Kugadziriswa kwekutanga kwekuchinja nekubatana kwavo kwemuviri kunotevera.
-
Kutanga, kuisa uye kubatanidza switch kune mumwe nemumwe, wozodzigadzirisa kuti dzishande mu stack.
Kutevedzana kwezviito zvezvisarudzo izvi ndezvizvi:
Matanho maviri Switch Stacking Options
Funga yechipiri (yakareba) sarudzo yekumisikidza stack. Kuti uite izvi, tevera matanho aya:
-
Isu tinoronga basa tichifunga nezve inogoneka yekudonha. Isu tinonyora kutevedzana kwezviito.
-
Isu tinoita yekuisa uye tambo yekubatanidza switch.
-
Isu tinogadzirisa iyo yakakosha stack paramita ye master switch:
[~HUAWEI] stack
3.1. Isu tinoisa maparameter atinoda
#
stack nhengo 1 renumber X - uko X ndiyo itsva switch ID mune stack. By default, ID = 1
uye iwe unogona kusiya iyo default ID yeiyo master switch.
#
stack nhengo 1 pamberi pe150 - Taura zvakakosha. Shanduko neyakakura
zvakakosha zvichapihwa nestack master switch. Kukosha kwekutanga
default: 100.
#
stack nhengo {nhengo-id | all } domain - Govera Domain ID kune stack.
By default, domain ID haina kuiswa.
#
Muenzaniso:
system-kuona
[~HUAWEI] sysname SwitchA
[Huawei] Commit
[~SwitchA] stack
[~SwitchA-stack] stack nhengo 1 pamberi pe150
[SwitchA-stack] stack nhengo 1 domain 10
[SwitchA-stack] siya
[SwitchA] Commit
3.2 Kugadzirisa iyo stacking port interface (muenzaniso)
[~SwitchA] interface stack port 1/1[SwitchA-Stack-Port1/1] port nhengo-boka interface 10ge 1/0/1 kusvika 1/0/4
Yambiro: Mushure mekugadzirisa kwapera,
1.The interface(s) (10GE1/0/1-1/0/4) ichashandurwa kuita stack mode uye kugadziridzwa ne
port crc-statistics inokonzeresa kukanganisa-pasi kuraira kana iyo gadziriso isipo.
2.The interface(s) inogona kuenda Error-Down (crc-statistics) nekuti hapana shutdown configuration pane interfaces.Endererai mberi? [Y/N]: y
[SwitchA-Stack-Port1/1] Commit
[~SwitchA-Stack-Port1/1] dzokera
Tevere, iwe unofanirwa kuchengetedza iyo gadziriso uye wotangazve switch:
save
Yambiro: Ikozvino gadziriso ichanyorwa kune mudziyo. enderera? [Y/N]: y
reboot
Yambiro: Iyo system ichatangazve. enderera? [Y/N]: y
4. Dzima Stacking Ports paMaster Switch (Muenzaniso)
[~SwitchA] interface stack port 1/1
[*SwitchA-Stack-Port1/1] shutdown
[*SwitchA-Stack-Port1/1] Commit
5. Isu tinogadzirisa chechipiri chinja mune stack nekuenzanisa neyekutanga:
system-kuona
[~HUAWEI] sysname SwitchB
[*HUAWEI] Commit
[~SwitchB] stack
[~SwitchB-stack] stack nhengo 1 pamberi pe120
[*SwitchB-stack] stack nhengo 1 domain 10
[*SwitchB-stack] stack nhengo 1 renumber 2 nhaka-config
Yambiro: Iyo stack gadziriso yenhengo ID 1 ichagarwa kunhengo ID 2
mushure mekunge mudziyo wagadziridzwa. enderera? [Y/N]: y
[*SwitchB-stack] siya
[*ChinjaB] Commit
Misa zviteshi zvekurongedza. Ziva kuti kunyangwe murairo "stack nhengo 1 renumber 2 nhaka-config”, nhengo-id mukumisikidzwa inoshandiswa nehukoshi "1" hweSwitchB.
Izvi zvinoitika nekuti iyo nhengo-id ye switch inoshandurwa chete mushure mekutangwazve, uye pamberi payo switch ichine nhengo-id yakaenzana ne1.nhaka-config” inongodiwa kuitira kuti kana switch yatangazve, ese mastack marongero anochengeterwa nhengo 2, inova iyo switch, nekuti. ID yayo yenhengo yakashandurwa kubva pamutengo 1 kuenda kune kukosha 2.
[~SwitchB] interface stack port 1/1
[*SwitchB-Stack-Port1/1] port nhengo-boka interface 10ge 1/0/1 kusvika 1/0/4
Yambiro: Mushure mekugadzirisa kwapera,
1.The interface(s) (10GE1/0/1-1/0/4) ichashandurwa kuita stack
modhi uye gadziriswe nechiteshi crc-chiverengero chinokonzeresa kukanganisa-pasi kuraira kana iyo gadziriso ichiita.
haipo.
2.The interface (s) inogona kuenda Kanganiso-Pasi (crc-statistics) nekuti hapana kuvharika kwekumisikidza pa
interfaces.
enderera? [Y/N]: y
[*SwitchB-Stack-Port1/1] Commit
[~SwitchB-Stack-Port1/1] dzokera
Reboot SwitchB
save
Yambiro: Ikozvino gadziriso ichanyorwa kune mudziyo. enderera? [Y/N]: y
reboot
Yambiro: Iyo system ichatangazve. enderera? [Y/N]: y
6. Gonesa stacking ports pane master switch. Izvo zvakakosha kuve nenguva yekugonesa madoko kusati kwatangazve Shandura B kwapera, nekuti. kana ukavabatidza mushure, chinja B ichaenda mu reboot zvakare.
[~SwitchA] interface stack port 1/1
[~SwitchA-Stack-Port1/1] gadzirisa kudzima
[*SwitchA-Stack-Port1/1] Commit
[~SwitchA-Stack-Port1/1] dzokera
7. Tarisa kushanda kwe stack nemurairo "kuratidza stack"
Muenzaniso wekubuda kwemirairo mushure mekugadzirisa kwakaringana
kuratidza stack
——————————————————————————
MemberID Basa MAC Inonyanya Kukoshesa ChishandisoType Tsananguro
——————————————————————————
+1 Tenzi 0004-9f31-d520 150 CE6850-48T4Q-EI
2 Standby 0004-9f62-1f40 120 CE6850-48T4Q-EI
——————————————————————————
+ inoratidza chishandiso panogara iyo yakabatidzwa manejimendi interface.
8. Sevha iyo stack gadziriso nemurairo "save". Setup yapera.
и inogonawo kuonekwa paHuawei webhusaiti.
Svika zvigadziriso
Pamusoro takashanda kuburikidza nekubatanidza console. Zvino isu tinoda neimwe nzira kubatana kune yedu switch (stack) pamusoro petiweki. Kuti uite izvi, inoda interface (imwe kana kupfuura) ine IP kero. Kazhinji, yekuchinja, kero inopihwa kune interface mune manejimendi VLAN kana kune yakazvitsaurira manejimendi chiteshi. Asi pano, hongu, zvese zvinoenderana nekubatanidza topology uye chinangwa chekushanda chekuchinja.
Muenzaniso wekugadzirisa kero yeVLAN interface 1:
[~HUAWEI] interface 1
[~HUAWEI-Vlanif1] ip kero 10.10.10.1 255.255.255.0
[~HUAWEI-Vlanif1] Commit
Unogona kutanga wagadzira Vlan uye wopa zita kwairi, semuenzaniso:
[~Chinja] chikamu 1
[*Chinja-vlan1] zita TEST_VLAN (VLAN zita rinosarudzika)
Pane hupenyu hushoma hutsotsi maererano nekutumidza mazita - nyora mazita ezvimiro zvine musoro mumavara makuru (ACL, Route-mepu, dzimwe nguva VLAN mazita) kuti zvive nyore kuzviwana mufaira rekugadzirisa. Unogona kutora "zvombo" 😉
Saka, isu tine VLAN, ikozvino tino "idzika" pane imwe chiteshi. Nokuda kwechisarudzo chinotsanangurwa mumuenzaniso, izvi hazvidiwi, nokuti. ese maSwitch ports anowanikwa muVLAN 1. Kana tichida kugadzirisa chiteshi mune imwe VLAN, tinoshandisa mirairo yakakodzera:
Kuiswa kwePort mumodhi yekuwana:
[~Chinja] chimiro 25GE 1/0/20
[~Switch-25GE1/0/20] port link-type access
[~Switch-25GE1/0/20] port access vlan 10
[~Switch-25GE1/0/20] Commit
Port kumisikidza mu trunk mode:
[~Chinja] chimiro 25GE 1/0/20[~Switch-25GE1/0/20] port link-type trunk
[~Switch-25GE1/0/20] port trunk pvid vlan 10 - tsanangura yekuzvarwa VLAN (mafuremu ari muVLAN iyi haazove neki mumusoro)
[~Switch-25GE1/0/20] port trunk inobvumira-pass vlan 1 kusvika 20 - bvumira chete VLAN yakamaka kubva pa1 kusvika ku20 (semuenzaniso)
[~Switch-25GE1/0/20] Commit
Isu takafunga marongero eiyo interface. Ngatienderere mberi kune iyo SSH kumisikidzwa.
Isu tinopa chete seti inodiwa yemirairo:
Kupa zita kune switch
system-kuona
[~HUAWEI] sysname SSH Server
[*HUAWEI] Commit
Kugadzira makiyi
[~SSH Server] rsa local-key-pair kugadzira // Gadzira iyo yemuno RSA host uye server kiyi pairi.
Iro zita rakakosha richave: SSH Server_Host
Iyo yakawanda yeruzhinji kiyi saizi ndeye (512 ~ 2048).
CHERECHEDZA: Kiyi pair chizvarwa inotora nguva pfupi.
Isa mabhiti mumodulus [default = 2048] : 2048
[*SSH Server] Commit
Kumisikidza iyo VTY interface
[~SSH Server] mushandisi-interface vty 0 4
[~SSH Server-ui-vty0-4] authentication-modhi aaa
[SSH Server-ui-vty0-4] mushandisi ropafadzo level 3
[SSH Server-ui-vty0-4] protocol inbound ssh
[*SSH Server-ui-vty0-4] siya
Gadzira mushandisi wemuno "client001" uye gadzira password yekusimbisa iyo
[SSH Server] AAA[SSH Server-aaa] local-user client001 password irreversible-cipher
[SSH Server-aaa] local-user client001 level 3
[SSH Server-aaa] local-user client001 service-type ssh
[SSH Server-aaa] siya
[SSH Server] ssh user client001 authentication-type password
Shandisa iyo SSH sevhisi pane switch
[~SSH Server] stelnet server inogonesa[*SSH Server] Commit
Kubata kwekupedzisira: kumisikidza sevhisi-tupe yemushandisi mutengi001
[~SSH Server] ssh mushandisi mutengi001 sevhisi-mhando stelnet[*SSH Server] Commit
Setup yapera. Kana iwe wakaita zvese nemazvo, saka unogona kubatanidza kune switch kuburikidza netiweki yemunharaunda uye ramba uchishanda.
Mamwe ruzivo nezve kumisikidza SSH inogona kuwanikwa muHuawei zvinyorwa - и .
Kugadzirisa Basic System Settings
Muchivharo ichi, isu tichatarisa nhamba diki yeakasiyana ekuraira mabhuroki ekugadzirisa anonyanya kufarirwa maficha.
1. Kuisa nguva yehurongwa uye kuwirirana kwayo kuburikidza neNTP.
Iwe unogona kushandisa iyo inotevera mirairo kuseta nguva munharaunda paChinja:
clock time zone {wedzera | kubvisa }
clock datetime [ utc ] HH:MM:SS YYYY-MM-DD
Muenzaniso wekuisa nguva munharaunda
clock time zone MSK wedzera 03:00:00
clock datetime 10:10:00 2020-10-08
Kuti uenzanise nguva kuburikidza neNTP neseva, isa murairo unotevera:
ntp unicast server [ mhando nhamba | authentication-keyid key-id | source-interface interface-mhando
Muenzaniso murairo wekuwiriranisa nguva kuburikidza neNTP
ntp unicast-server 88.212.196.95
Commit
2. Kuti ushande neshanduko, dzimwe nguva unoda kugadzirisa kanenge nzira imwe chete - nzira yekusagadzikana kana nzira yakashata. Murairo unotevera unoshandiswa kugadzira nzira:
ip nzira-static ip-kero {mask | mask-urefu } { nexthop-kero | interface-mhando interface-nhamba [nexthop-kero] }
Muenzaniso murairo wekugadzira nzira:
system-kuona
ip nzira-static 0.0.0.0 0.0.0.0 192.168.0.1
Commit
3. Kugadzirisa maitiro ekushanda kweSpanning-Tree protocol.
Nekushandisa kwakarurama kweshanduko itsva mune network iripo, zvakakosha kubhadhara kusarudzwa kweSTP yekushanda mode. Uyezve, zvingava zvakanaka kuti uigadzirise pakarepo. Hatisi kuzomira pano kwenguva yakareba, nekuti. musoro wacho wakapamhama. Ngatitsanangure chete maitiro ekushanda kweprotocol:
stp mode { stp | rstp | mstp | vbst } - mumurairo uyu, sarudza maitiro atinoda. Default mode: MSTP. Iyo zvakare ndiyo yakakurudzirwa modhi yekushanda paHuawei switch. Kumashure kunoenderana neRSTP kunowanikwa.
Muenzaniso:
system-kuona
stp modhi mstp
Commit
4. Muenzaniso wekugadzira chinja chekuvhara chekubatanidza chigadzirwa chekupedzisira.
Funga muenzaniso wekugadzirisa nzvimbo yekupinda kuti igadzirise traffic muVLAN10
[SW] interface 10ge 1/0/3
[SW-10GE1/0/3] port link-type access
[SW-10GE1/0/3] port default vlan 10
[SW-10GE1/0/3] stp edged-port gonesa
[*SW-10GE1/0/3] siya
Teerera murayirostp edged-port gonesa” - inokutendera kuti ukurumidze kushandura chiteshi kuenda kunzvimbo yekutumira. Nekudaro, uyu murairo haufanirwe kushandiswa pazviteshi kune dzimwe switch dzakabatana.
Uyezve, mutemo "stp bpdu-sefa inogonesa".
5. Muenzaniso wekugadzirisa Port-Channel muLACP mode yekubatanidza kune dzimwe shanduko kana sevhavha.
Muenzaniso:
[SW] interface eth-trunk 1[SW-Eth-Trunk1] port link-type trunk
[SW-Eth-Trunk1] port trunk inobvumira-pass vlan 10
[SW-Eth-Trunk1] mode lacp-static (kana kuti unogona kushandisa lacp-dynamic)
[SW-Eth-Trunk1] siya
[SW] interface 10ge 1/0/1
[SW-10GE1/0/1] eth-Trunk 1
[SW-10GE1/0/1] siya
[SW] interface 10ge 1/0/2
[SW-10GE1/0/2] eth-Trunk 1
[*SW-10GE1/0/2] siya
Usakanganwe nezve "Commit” uyezve isu tiri kutoshanda neiyo interface eth trunk 1.
Unogona kutarisa mamiriro eiyo aggregated link nemurairo "kuratidza eth-trunk".
Isu takatsanangura mapoinzi makuru ekugadzirisa Huawei switch. Ehe, iwe unogona kunyura zvakadzika mumusoro wenyaya uye akati wandei mapoinzi haana kutsanangurwa, asi isu takaedza kuratidza iwo makuru, anonyanya kufarirwa mirairo yekutanga kuseta.
Tinovimba kuti iyi "manual" ichakubatsira iwe kumisa switch nekukurumidza zvishoma.
Zvichave zvakare zvakanaka kana iwe ukanyora mune zvakataurwa mirairo yaunofunga kuti haisipo muchinyorwa, asi ivo vanogona zvakare kurerutsa kumisikidzwa kweiyo switch. Zvakanaka, semazuva ese, isu tichafara kupindura mibvunzo yako.
Source: www.habr.com