Waxaan isticmaalnay qalabka Huawei muddo dheer . Dhawaan waxaan iyo marka lagu daro aaladaha cusub, fikradda ayaa soo baxday in la wadaago nooc ka mid ah liiska hubinta ama ururinta goobaha aasaasiga ah oo leh tusaalooyin.
Waxaa jira tilmaamo badan oo la mid ah online oo loogu talagalay isticmaalayaasha qalabka Cisco. Si kastaba ha noqotee, Huawei waxaa jira maqaallo yar oo noocaas ah mararka qaarkoodna waa inaad raadisaa macluumaadka dukumeentiyada ama waxaad ka soo ururisaa maqaallo dhowr ah. Waxaan rajeyneynaa inay faa'iido yeelan doonto, aan tagno!
Maqaalka waxaan ku tilmaami doonaa qodobada soo socda:
Xiriirinta koowaad
Ku xidhidhiyaha furaha iyada oo loo marayo interface console
Sida caadiga ah, furayaasha Huawei waxay ku yimaadaan iyada oo aan horay loo habeynin. Iyadoo aan lahayn faylka qaabeynta ee xusuusta beddelka, nidaamka ZTP (Zero Touch Provisioning) ayaa la bilaabayaa marka la shido. Ma si faahfaahsan u qeexi doono habkan, waxaanu kaliya ogaan doonaa inay ku habboon tahay marka la shaqeynayo tiro badan oo qalab ah ama si loo sameeyo qaabeynta meel fog. Dib u eegida ZTP .
Habaynta bilowga ah iyada oo aan la isticmaalin ZTP, isku xirka console ayaa loo baahan yahay.
Halbeegyada isku xirka (heer sare)
Heerka gudbinta: 9600
Xogta yara (B): 8
Qaybtii sinnaanta: Maya
Joogista (S): 1
Habka xakamaynta socodka: Midna
Xidhiidhinta ka dib, waxaad arki doontaa codsi lagu dejinayo furaha sirta ah ee xidhiidhka konsole
U deji furaha sirta ah ee isku xirka console-ka
Furaha furaha ah ayaa loo baahan yahay gelitaanka ugu horreeya ee konsole-ka.
Sii wad inaad dejiso? [Y/N]: y
Deji furaha sirta ah oo ilaali!
Haddii kale ma awoodid inaad ka soo gasho console-ka
Fadlan hagaaji erayga sirta ah ee gelitaanka (8-16)
Geli Password:
Xaqiiji erayga sirta ah:
Kaliya deji furaha sirta ah, xaqiiji oo waad dhammaysay! Waxaad markaa bedeli kartaa erayga sirta ah iyo xuduudaha kale ee aqoonsiga ee dekedda konsole adiga oo isticmaalaya amarrada soo socda:
Tusaalaha beddelka erayga sirta ah
nidaamka-aragtida
[~HUAWEI] user-interface console 0
[~HUAWEI-ui-console0] lambarka sirta ah ee qaabka sugida
[~HUAWEI-ui-console0] deji furaha sirta ah ee xaqiijinta <password>
[*HUAWEI-ui-console0] gasho
Dejinta isugaynta (iStack)
Kadib markaad gasho furayaasha, waxaad habayn kartaa xirmada haddii loo baahdo. Huawei CE waxay isticmaashaa tignoolajiyada iStack si ay isugu darto furayaasha kala duwan ee hal qalab oo macquul ah. Topology-ga dulsaarku waa giraan, i.e. Waxaa lagu talinayaa in la isticmaalo ugu yaraan 2 dekedood ee shishe kasta. Tirada dekedu waxay ku xiran tahay xawaaraha la rabo ee isdhexgalka ka dhexeeya furayaasha ku jira xirmada.
Marka la isku dhufto, waxaa lagu talinayaa in la isticmaalo uplinks, taas oo xawaarhoodu inta badan ka sarreeyaa kuwa dekedaha ee isku xirka qalabka dhamaadka. Sidaa darteed, waxaad ku heli kartaa wax soo saar badan oo dekedo yar. Sidoo kale, moodooyinka intooda badan waxaa jira xannibaado isticmaalka dekedaha gigabit ee isku dhejinta. Waxaa lagu talinayaa in la isticmaalo ugu yaraan 10G dekedaha.
Waxaa jira laba ikhtiyaar oo dejineed oo waxyar ku kala duwan taxanaha tillaabooyinka:
-
Qaabeynta hordhaca ah ee furayaasha oo ay ku xigto xiriirkooda jireed.
-
Marka hore, rakib oo ku xidh furayaasha midba midka kale, ka dibna u habeeyaan si ay ugu shaqeeyaan xirmo.
Taxanaha ficilada ee xulashooyinkan waa sida soo socota:
Tallaabooyinka isku xigxiga ee labada ikhtiyaar ee isku dhejinta beddelka
Aynu tixgelinno ikhtiyaarka labaad (ka dheer) ee dejinta xirmooyinka. Si aad tan u sameyso waxaad u baahan tahay inaad sameyso waxyaabaha soo socda:
-
Waxaan qorsheyneynaa shaqada anagoo tixgelinayna waqtiga dhimista ee suurtagalka ah. Waxaan abuurnaa taxane ficillo ah.
-
Waxaan fulinaa rakibaadda iyo isku xirka fiilada ee furayaasha.
-
U hagaaji cabbirada gunnada aasaasiga ah ee beddelka sare:
[~HUAWEI] stack
3.1. Waxaan dejineynaa xuduudaha aan u baahanahay
#
xubin raso 1 renumber X - halka X uu yahay aqoonsiga beddelka cusub ee xirmada. Default, ID = 1
iyo bedelka Master-ka waxaad uga tagi kartaa aqoonsiga caadiga ah.
#
xubin raso 1 mudnaanta 150 - tilmaan mudnaanta. Ku beddel kan ugu weyn
mudnaanta waxaa lagu meelayn doonaa beddelka sare ee xirmada. Qiimaha mudnaanta leh
default: 100.
#
xubinta taranka { member-id | dhammaan} domain - u qoondee Domain ID ee xirmada.
Sida caadiga ah, aqoonsiga domain lama cayimin.
#
Tusaale:
nidaamka-aragtida
[~HUAWEI] magaca loo yaqaan 'SwitchA'
[HUAWEI] gasho
[~SwitchA] yaryar
[~SwitchA-xirmo] xubin raso 1 mudnaanta 150
[SwitchA-stack] xubinta taranka 1 domain 10
[SwitchA-stack] tago
[SwitchA] gasho
3.2 Habaynta isku xirka dekedaha (tusaale)
[~SwitchA] interface xirmo-dekedda 1/1[SwitchA-Stack-Port1/1] interface xubin-koox dekedda 10ge 1/0/1 ilaa 1/0/4
Digniin: Ka dib qaabaynta ayaa la dhammeeyaa,
1.Interface(-yada) (10GE1/0/1-1/0/4) waxa loo rogi doonaa hab xidhmo waxaana lagu habayn doonaa
port crc-statistics waxay kicisaa amarka qaladka haddii qaabayntu aanu jirin.
2.Interface(-yada) waxa laga yaabaa inay tagaan Error-Down (crc-statistics) sababtoo ah ma jiro habayn xidhidh ee interfaces-ka. Sii wad? [Y/N]: y
[SwitchA-Stack-Port1/1] gasho
[~SwitchA-Stack-Port1/1] soo laabtay
Marka xigta, waxaad u baahan tahay inaad kaydiso qaabaynta oo aad dib u bilowdo furaha:
badbaadi
Digniin: Qaabeynta hadda ayaa loo qori doonaa aaladda. Sii wad? [Y/N]: y
dib u bilow
Digniin: Nidaamku dib ayuu u bilaabi doonaa. Sii wad? [Y/N]: y
4. Demi dekedaha si aad ugu dhejiso furaha sare (tusaale)
[~SwitchA] interface xirmo-dekedda 1/1
[*SwitchA-Stack-Port1/1] xiritaanka
[*SwitchA-Stack-Port1/1] gasho
5. Ku xidh beddelka labaad ee xidhmada adigoo isbarbar dhigaya kan hore:
nidaamka-aragtida
[~ Huawei] synname Beddelka B
[*HUAWEI] gasho
[~SwitchB] yaryar
[~SwitchB-xirmo] xubin raso 1 mudnaanta 120
[*SwitchB-xirmo] xubinta taranka 1 domain 10
[*SwitchB-xirmo] xubin raso 1 renumber 2 inherit-config
Digniin: Isku xidhka isku xidhka aqoonsiga xubinta 1 waxa la dhaxli doonaa aqoonsiga xubinta 2
ka dib markii qalabku dib u dejiyo. Sii wad? [Y/N]: y
[*SwitchB-xirmo] tago
[*SwitchB] gasho
Habaynta dekedaha isku xidhka Fadlan ogow in kastoo amarka "xubin raso 1 renumber 2 inherit-config", xubin-id qaabeynta waxaa lagu isticmaalaa qiimaha "1" ee SwitchB.
Tani waxay dhacdaa sababtoo ah xubin-ID-ga beddelka waxa la beddeli doonaa oo keliya ka dib dib-u-bootinta ka hor inta ka horreysana beddelka weli waxa uu leeyahay xubin-id la mid ah 1. Halbeegga "dhaxalin-config"waxaa loo baahan yahay oo kaliya ka dib markii dib-u-kicinta furaha, dhammaan goobaha xirmooyinka waxaa loo keydiyaa xubinta 2, taas oo noqon doonta beddelka, sababtoo ah Aqoonsigiisa xubinta waxa laga beddelay qiimihii 1 ilaa 2.
[~SwitchB] interface xirmo-dekedda 1/1
[*SwitchB-Stack-Port1/1] interface xubin-koox dekedda 10ge 1/0/1 ilaa 1/0/4
Digniin: Ka dib qaabaynta ayaa la dhammeeyaa,
1.Interface(-yada) (10GE1/0/1-1/0/4) waxa loo rogi doonaa raso
qaabka iyo in lagu habeeyo dekedda crc-statistics waxay kicisaa amarka khaladka hoos u dhaca haddii qaabayntu sameeyo
ma jiro.
2.Interface(-yada) waxa laga yaabaa inay tagaan Error-Down (crc-statistics) sababtoo ah ma jiro habayn xidhidh
isdhexgalka.
Sii wad? [Y/N]: y
[*SwitchB-Stack-Port1/1] gasho
[~SwitchB-Stack-Port1/1] soo laabtay
Dib-u-kicin SwitchB
badbaadi
Digniin: Qaabeynta hadda ayaa loo qori doonaa aaladda. Sii wad? [Y/N]: y
dib u bilow
Digniin: Nidaamku dib ayuu u bilaabi doonaa. Sii wad? [Y/N]: y
6. U sahli isku-dubbaridka dekedaha ee daaradaha sare. Waxaa muhiim ah in la helo wakhti si aad awood ugu yeelatid dekedaha ka hor inta aan la dhamaystirin reboot of switch B, sababtoo ah Haddii aad daarto ka dib, Beddelka B ayaa dib u bilaabi doona mar kale.
[~SwitchA] interface xirmo-dekedda 1/1
[~SwitchA-Stack-Port1/1] ka noqo xidhidhiyaha
[*SwitchA-Stack-Port1/1] gasho
[~SwitchA-Stack-Port1/1] soo laabtay
7. Ku hubi shaqada xidhmada amarka "xirmo bandhig"
Tusaale soo saarida amarka kadib qaabeynta saxda ah
xirmo bandhig
---------------------------
Doorka MemberID MAC Mudnaanta Aaladda Nooca Sharaxaada
---------------------------
+1 Master 0004-9f31-d520 150 CE6850-48T4Q-EI
2 Joogsi ah 0004-9f62-1f40 120 CE6850-48T4Q-EI
---------------------------
+ waxay tuseysaa aaladda halka uu ku yaalo interface-ka maamulka firfircoon.
8. Ku keydi habaynta xidhmada amarka"badbaadi" Habayntu waa dhammaatay.
ΠΈ Waxaad sidoo kale ka eegi kartaa bogga Huawei.
Dejinta gelitaanka
Xagga sare waxa aanu ka shaqaynay xidhiidhka konsole Hadda waxaan u baahanahay inaan si uun ugu xidhno beddelkayaga (stack) annaga oo adeegsanayna shabakadda. Si tan loo sameeyo, waxay u baahan tahay interface (hal ama ka badan) oo leh ciwaanka IP-ga. Caadi ahaan, beddelka, ciwaanka waxaa lagu meeleeyaa interface ka tirsan maamulka VLAN ama deked maamul oo go'an. Laakiin halkan, dabcan, wax walbaa waxay kuxirantahay isku xirka topology iyo ujeedada shaqeynta ee wareejinta.
Tusaalaha qaabeynta cinwaanka VLAN 1 interface:
[~HUAWEI] interface vlan 1
[~HUAWEI-Vlanif1] ciwaanka IP 10.10.10.1 255.255.255.0
[~HUAWEI-Vlanif1] gasho
Waxaad marka hore si cad u abuuri kartaa Vlan oo aad magac u saari kartaa, tusaale ahaan:
[~Beddel] vlan 1
[*Switch-vlan1] magaca TEST_VLAN (magaca VLAN waa ikhtiyaari)
Waxaa jira jabsi yar oo nolosha ah marka loo eego magacaabista - ku qor magacyada qaabdhismeedka macquulka ah xarfaha waaweyn (ACL, Route-map, mararka qaarkood magacyada VLAN) si ay ugu fududaato in laga helo faylka qaabeynta. Waxaad u qaadan kartaa adeeg π
Markaa, waxaanu haysanaa VLAN, hadda waxaanu βku degnaaβ deked qaarkeed. Xulashada lagu sharraxay tusaalaha, tani maahan lagama maarmaan, sababtoo ah Dhammaan dekedaha beddelka waxay ku yaalliin VLAN 1 si caadi ah. Haddii aan rabno inaan ku habeynno dekedda VLAN kale, isticmaal amarrada ku habboon:
Qaabeynta dekeda qaabka gelitaanka:
[~Beddel] interface 25GE 1/0/20
[~Bedel-25GE1/0/20] marin u helidda nooca isku xirka dekedda
[~Bedel-25GE1/0/20] marinka dekeda vlan 10
[~Bedel-25GE1/0/20] gasho
Qaabeynta dekedda qaabka jirridda:
[~Beddel] interface 25GE 1/0/20[~Bedel-25GE1/0/20] jirridda nooca xiriiriyaha dekedda
[~Bedel-25GE1/0/20] port trunk pvid vlan 10 - sheeg VLAN-ga hooyo (Freemes VLAN-kan kuma yeelan doono sumad madaxa)
[~Bedel-25GE1/0/20] jirridda dekedda ogolaan-pass vlan 1 si ay u 20 - U oggolow kaliya VLAN-yada leh summada min 1 ilaa 20 (tusaale ahaan)
[~Bedel-25GE1/0/20] gasho
Waxaan kala soocnay dejinta is-dhexgalka. Aan u gudubno qaabka SSH
Waxaan soo bandhignaa kaliya amarrada loo baahan yahay:
Magacaabista beddelka
nidaamka-aragtida
[~HUAWEI] magaca SSH Server
[*HUAWEI] gasho
Soo saarista furayaasha
[~SSH Server] rsa maxalli-furaha-labo abuur //Samee martigeliyaha RSA-ga maxalliga ah iyo lamaanaha muhiimka ah ee server-ka.
Magaca furaha ayaa noqon doona: SSH Server_Host
Baaxadda cabbirka furaha dadweynaha waa (512 ~ 2048).
FIIRO GAAR AH: Jiilka lamaanaha muhiimka ah wuxuu qaadan doonaa waqti gaaban.
Geli bits ee moduleska [default = 2048]: 2048
[*SSH Server] gasho
Dejinta interface-ka VTY
[~SSH Server] user-interface vty 0 4
[~SSH Server-ui-vty0-4] sugida-habka aaa
[SSH Server-ui-vty0-4] heerka mudnaanta isticmaale 3
[SSH Server-ui-vty0-4] borotokoolka inbound ssh
[*SSH Server-ui-vty0-4] tago
U samee isticmaale maxalli ah βclient001β oo u hagaaji aqoonsiga sirta ah isaga
[Serverka SSH] aaa[SSH Server-aaa] user local-user001 password irreversible-cipher
[SSH Server-aaa] macmiilka-isticmaalka maxaliga ah001 heerka 3
[SSH Server-aaa] macmiilka isticmaala maxaliga ah001 nooca adeegga ssh
[SSH Server-aaa] tago
[Serverka SSH] ssh macmiilka isticmaalaha001 nooca xaqiijinta erayga sirta ah
Ku hawlgelinta adeegga SSH ee furaha
[~SSH Server] stelnet server awood[*SSH Server] gasho
Taabashada kama dambaysta ah: dejinta adeegga-tupe ee macmiilka isticmaalaha001
[~SSH Server] Isticmaalaha ssh macmiilka001 nooca adeegga stelnet[*SSH Server] gasho
Habayntu waa dhammaatay. Haddii aad wax walba si sax ah u samaysay, waxaad ku xidhi kartaa furaha adoo isticmaalaya shabakada degaanka oo sii wad shaqada.
Faahfaahin dheeraad ah oo ku saabsan dejinta SSH waxaa laga heli karaa dukumentiyada Huawei - ΠΈ .
Dejinta goobaha nidaamka aasaasiga ah
Qeybtaan waxaan ku eegi doonaa tiro yar oo ah blocks amar oo kala duwan si loo dejiyo sifooyinka ugu caansan.
1. Dejinta wakhtiga nidaamka iyo isku-dubarid iyada oo loo marayo NTP.
Si aad u dejiso wakhtiga gudaha shilka, waxaad isticmaali kartaa amarradan soo socda:
saacada saacada {ku dar | laga jaray}
saacada taariikhda [ UTC ] HH:MM:SS YYY-MM-DD
Tusaale ahaan dejinta wakhtiga gudaha
saacada saacada MSK ku dar 03:00:00
saacada taariikhda 10:10:00 2020-10-08
Si aad wakhtiga ula socodsiiso NTP server-ka, geli amarka soo socda:
ntp unicast-server [ version lambarka | xaqiijin-keyd fur-id | isha-interface nooca interface
Tusaalaha amarka isku-dubaridka wakhtiga ee NTP
ntp unicast-server 88.212.196.95
gasho
2. Si aad ugu shaqeyso furaha, mararka qaarkood waxaad u baahan tahay inaad habayso ugu yaraan hal waddo - dariiqa caadiga ah ama dariiqa caadiga ah. Si aad u abuurto waddooyin, adeegso amarka soo socda:
ip-dariiqa-static ip-cinwaanka { maaskaro | dhererka maaskarada } { ciwaanka-xiga | interface-nooca interface-lambar [cinwaanka xiga] }
Tusaalaha amarka abuuritaanka waddooyinka:
nidaamka-aragtida
ip-dariiqa-static 0.0.0.0 0.0.0.0 192.168.0.1
gasho
3. Habaynta habka hawlgalka ee borotokoolka Spanning-Tree.
Si sax ah loogu isticmaalo beddelka cusub ee shabakad hadda jirta, waxaa muhiim ah in fiiro gaar ah loo yeesho xulashada habka hawlgalka STP. Sidoo kale, way fiicnaan lahayd in isla markiiba la dejiyo. Halkan ma sii joogi doono wakhti dheer, sababtoo ah... Mawduuca waa mid aad u ballaaran. Waxaan kaliya ku tilmaami doonaa hababka hawlgalka ee borotokoolka:
habka stp { stp | rstp | mstp | vbst } - amarkan waxaan ku dooranaynaa qaabka aan u baahanahay. Qaabka asalka ah: MSTP. Sidoo kale waa habka lagu taliyay in lagu shaqeeyo qalabka Huawei. Waxaa jira ku- wanagsanaan gadaal u ah RSTP.
Tusaale:
nidaamka-aragtida
qaabka stp mstp
gasho
4. Tusaale ah dejinta deked beddelka si loogu xidho aaladda dhamaadka.
Aynu eegno tusaale ah habaynta deked gelitaanka si ay uga baaraandegto taraafikada VLAN10
[SW] interface 10ge 1/0/3
[SW-10GE1/0/3] marin u helidda nooca isku xirka dekedda
[SW-10GE1/0/3] Dekadda caadiga ah vlan 10
[SW-10GE1/0/3] stp gees-dekedda karti
[*SW-10GE1/0/3] tago
U fiirso amarka"stp gees-dekedda karti"- waxay kuu ogolaaneysaa inaad dedejiso habka ay dekeddu ugu wareegayso xaaladda gudbinta. Si kastaba ha ahaatee, waa inaadan u isticmaalin amarkan dekedaha ku xiran furayaasha kale.
Sidoo kale, amarka "stp bpdu-filter awood".
5. Tusaalaha dejinta Port-Channel ee qaabka LACP ee loogu xidho furayaasha ama server-yada kale.
Tusaale:
[SW] interface eth-trunk 1[SW-Eth-Trunk1] jirridda nooca xiriiriyaha dekedda
[SW-Eth-Trunk1] jirridda dekedda ogolaan-pass vlan 10
[SW-Eth-Trunk1] qaabka lacp-static (ama waxaad isticmaali kartaa lacp-dynamic)
[SW-Eth-Trunk1] tago
[SW] interface 10ge 1/0/1
[SW-10GE1/0/1] eth-Trunk 1
[SW-10GE1/0/1] tago
[SW] interface 10ge 1/0/2
[SW-10GE1/0/2] eth-Trunk 1
[*SW-10GE1/0/2] tago
Yaynaan iloobinβgasho"ka dibna waxaan la shaqeynaa interface-ka eth-trunk 1.
Waxaad ku hubin kartaa heerka isku xirka la isku daray ee amarka "bandhig eth-jir".
Waxaanu sharaxnay qodobbada ugu muhiimsan ee dejinta Huawei. Dabcan, waxaad xitaa si qoto dheer u dhex gelin kartaa mawduuca iyo dhowr dhibcood oo aan lagu sifeyn, laakiin waxaan isku daynay inaan muujinno amarrada ugu muhiimsan, ee ugu caansan ee dejinta bilowga ah.
Waxaan rajeyneynaa in "buugga" uu kaa caawin doono inaad u dejiso furayaashaada si degdeg ah.
Waxa kale oo aad u fiicnaan doonta haddii aad ku qorto faallooyinka amarrada aad u maleyneyso inay ka maqan yihiin maqaalka, laakiin waxay sidoo kale fududeyn karaan qaabeynta furayaasha. Hagaag, sida had iyo jeer, waan ku farxi doonaa inaan ka jawaabno su'aalahaaga.
Source: www.habr.com