Sekuyisikhathi eside sisebenzisa imishini yeHuawei . Muva nje thina futhi lapho wengeza amadivayisi amasha, kwavela umbono wokwabelana ngohlu oluthile lokuhlola noma iqoqo lezilungiselelo eziyisisekelo nezibonelo.
Kunemiyalo eminingi efanayo ku-inthanethi yabasebenzisi bemishini yeCisco. Kodwa-ke, kuHuawei zimbalwa izindatshana ezinjalo futhi kwesinye isikhathi kufanele ubheke imininingwane emibhalweni noma uyiqoqe ezihlokweni ezimbalwa. Sithemba ukuthi kuzoba usizo, asihambe!
Esihlokweni sizochaza amaphuzu alandelayo:
Ukuxhumana kokuqala
Ixhuma ekushintsheni ngesixhumi esibonakalayo sekhonsoli
Ngokuzenzakalelayo, amaswishi e-Huawei athunyelwa ngaphandle kokucushwa kusengaphambili. Ngaphandle kwefayela lokumisa kumemori yeswishi, iphrothokholi ye-ZTP (Zero Touch Provisioning) iqala uma ivuliwe. Ngeke sichaze lo mshini ngokuningiliziwe, siqaphela kuphela ukuthi kulula uma usebenza nenombolo enkulu yamadivayisi noma ukumiswa okukude. Uhlolojikelele lwe-ZTP .
Ukusetha kokuqala ngaphandle kokusebenzisa i-ZTP, ukuxhumana kwekhonsoli kuyadingeka.
Izinketho zokuxhuma (okujwayelekile impela)
Izinga lokudlulisela: 9600
Ibhithi yedatha (B): 8
I-Parity bit: Akukho
Ibhithi yokuma (S): 1
Imodi yokulawula ukugeleza: Ayikho
Ngemva kokuxhuma, uzobona isicelo sokusetha iphasiwedi yoxhumano lwe-console.
Setha iphasiwedi yokuxhumana kwekhonsoli
Iphasiwedi yokuqala iyadingeka ekungeneni kokuqala nge-console.
Qhubeka nokuyisetha? [Y/N]: y
Setha iphasiwedi futhi uyigcine iphephile!
Uma kungenjalo ngeke ukwazi ukungena ngemvume nge-console.
Sicela ulungiselele iphasiwedi yokungena (8-16)
Faka iphasiwedi:
Qinisekisa Iphasiwedi:
Vele ufake iphasiwedi, iqinisekise futhi usuqedile! Ungabe usushintsha igama-mfihlo namanye amapharamitha wokuqinisekisa embobeni yekhonsoli usebenzisa imiyalo elandelayo:
Isibonelo sokushintsha iphasiwedi
Ukubuka kwesistimu
[~HUAWEI] interface yomsebenzisi console 0
[~HUAWEI-ui-console0] iphasiwedi yemodi yokuqinisekisa
[~HUAWEI-ui-console0] setha iphasiwedi ye-cipher yokuqinisekisa <iphasiwedi>
[*HUAWEI-ui-console0] yenza
Ukusethwa kwesitaki (iStack)
Ngemva kokuthola ukufinyelela kumaswishi, ungakwazi ukukhetha ukukhetha isitaki. IHuawei CE isebenzisa ubuchwepheshe be-iStack ukuhlanganisa amaswishi amaningi abe yidivayisi eyodwa enengqondo. I-topology yesitaki iyindandatho, i.e. Kunconywa ukusebenzisa okungenani izimbobo ezi-2 kuswishi ngayinye. Inombolo yezimbobo incike kusivinini sokuxhumana esifiselekayo samaswishi kusitaki.
Kutuswa ukuthi usebenzise ama-uplink uma unqwabelanisa, isivinini esivame ukuba phezulu kunaleso sezimbobo zokuxhuma amadivayisi wokugcina. Ngakho-ke, ungathola ukudlula okuningi ngamachweba ambalwa. Futhi, kumamodeli amaningi kunemikhawulo ekusetshenzisweni kwamachweba we-gigabit wokupakisha. Kunconywa ukusebenzisa okungenani izimbobo ze-10G.
Kunezinketho ezimbili zokusetha ezihluka kancane ngokulandelana kwezinyathelo:
-
Ukucushwa kokuqala kwamaswishi kulandelwa ukuxhumana kwawo ngokomzimba.
-
Okokuqala, ukufaka nokuxhuma amaswishi kwamanye, bese uwalungiselela ukuthi asebenze kusitaki.
Ukulandelana kwezenzo zalezi zinketho limi kanje:
Izinyathelo Zezinketho Ezimbili Zokushintsha Ukunqwabelanisa
Cabangela inketho yesibili (inde) yokusetha isitaki. Ukuze wenze lokhu, landela lezi zinyathelo:
-
Sihlela umsebenzi sicabangela isikhathi sokuphumula okungenzeka. Sibhala ukulandelana kwezenzo.
-
Senza ukufaka nokuxhuma ikhebula lamaswishi.
-
Silungiselela amapharamitha estaki ayisisekelo weswishi eyinhloko:
[~HUAWEI] stack
3.1. Setha amapharamitha esiwadingayo
#
ilungu lesitaki inombolo engu-1 engu-X β lapho u-X eyi-ID entsha yeswishi kusitaki. Ngokuzenzakalelayo, i-ID = 1
futhi ungakwazi ukushiya i-ID ezenzakalelayo yeswishi eyinhloko.
#
ilungu lesitaki 1 elibalulekile 150 - Cacisa okubalulekile. Iswishi enobukhulu kakhulu
okubalulekile kuzonikezwa iswishi eyinhloko yesitaki. Inani elibalulekile
okuzenzakalelayo: 100.
#
ilungu lesitaki { ilungu-id | konke } isizinda - nikeza i-Domain ID yesitaki.
Ngokuzenzakalelayo, i-ID yesizinda ayisethiwe.
#
Isibonelo:
Ukubuka kwesistimu
[~HUAWEI] I-sysname SwitchA
[Huawei] yenza
[~ShintshaA] i-stack
[~SwitchA-stack] ilungu lesitaki 1 elibalulekile 150
[SwitchA-stack] isitaki ilungu 1 isizinda 10
[SwitchA-stack] niyeke
[ShintshaA] yenza
3.2 Ukulungisa isixhumi esibonakalayo sembobo yokunqwabelanisa (isibonelo)
[~ShintshaA] imbobo yesitaki esibonakalayo 1/1[ShintshaA-Stack-Port1/1] isikhombimsebenzisi se-port ilungu-leqembu 10ge 1/0/1 kuya ku-1/0/4
Isexwayiso: Ngemva kokuqeda ukumisa,
1.I-interface(s) (10GE1/0/1-1/0/4) izoguqulelwa kumodi yesitaki futhi ilungiswe ne-
I-port crc-statistics ibangela umyalo wephutha-phansi uma ukulungiselelwa kungekho.
2.Isixhumi esibonakalayo singase sehle Iphutha (crc-statistics) ngenxa yokuthi akukho ukumiswa kokuvala shaqa kuzixhumi ezibonakalayo.Qhubeka? [Y/N]: y
[ShintshaA-Stack-Port1/1] yenza
[~SwitchA-Stack-Port1/1] ukubuya
Okulandelayo, udinga ukulondoloza ukucushwa bese uqalisa kabusha iswishi:
londoloza
Isexwayiso: Ukucushwa kwamanje kuzobhalwa kudivayisi. qhubeka? [Y/N]: y
qala kabusha
Isexwayiso: Uhlelo luzoqala kabusha. qhubeka? [Y/N]: y
4. Khubaza Izimbobo zokupakisha ku-Master Switch (Isibonelo)
[~ShintshaA] imbobo yesitaki esibonakalayo 1/1
[*SwitchA-Stack-Port1/1] vala shaqa
[*SwitchA-Stack-Port1/1] yenza
5. Silungiselela iswishi yesibili kusitaki ngokufanisa neyokuqala:
Ukubuka kwesistimu
[~HUAWEI] i-sysname ShintshaB
[*HUAWEI] yenza
[~ShintshaB] i-stack
[~ShintshaB-isitaki] ilungu lesitaki 1 elibalulekile 120
[*SwitchB-stack] isitaki ilungu 1 isizinda 10
[*SwitchB-stack] ilungu lesitaki inombolo engu-1 2 ifa-config
Isexwayiso: Ukumiswa kwesitaki se-ID yelungu 1 kuzozuzwa njengefa ku-ID yelungu 2
ngemva kokusetha kabusha idivayisi. qhubeka? [Y/N]: y
[*SwitchB-stack] niyeke
[*ShintshaB] yenza
Misa izimbobo zokupakisha. Qaphela ukuthi nakuba umyalo othi βilungu lesitaki inombolo engu-1 2 ifa-configβ, i-id yelungu ekucushweni isetshenziswa nenani elithi β1β le-SwitchB.
Lokhu kwenzeka ngoba i-id yelungu yeswishi izoshintshwa kuphela ngemva kokuqaliswa kabusha, futhi ngaphambi kwayo iswishi isenayo i-id yelungu elingana no-1. Ipharamitha βifa-configβ iyadingeka nje ukuze ngemuva kokuthi iswishi isiqaliswe kabusha, zonke izilungiselelo zesitaki zigcinelwa ilungu 2, okuzoba iswishi, ngoba I-ID yelungu layo ishintshiwe ukusuka kunani 1 ukuya kunani elingu-2.
[~ShintshaB] imbobo yesitaki esibonakalayo 1/1
[*SwitchB-Stack-Port1/1] isikhombimsebenzisi se-port ilungu-leqembu 10ge 1/0/1 kuya ku-1/0/4
Isexwayiso: Ngemva kokuqeda ukumisa,
1.I-interface (s) (10GE1/0/1-1/0/4) izoguqulelwa kusitaki
imodi futhi ilungiselelwe nge-port crc-statistics icupha umyalo wephutha wokuya phansi uma ukucushwa kwenza
akekho.
2.Isixhumi esibonakalayo singahle sehle Iphutha (crc-statistics) ngoba akukho ukucushwa kokuvala shaqa
ukuxhumana.
qhubeka? [Y/N]: y
[*SwitchB-Stack-Port1/1] yenza
[~SwitchB-Stack-Port1/1] ukubuya
Qalisa kabusha i-SwitchB
londoloza
Isexwayiso: Ukucushwa kwamanje kuzobhalwa kudivayisi. qhubeka? [Y/N]: y
qala kabusha
Isexwayiso: Uhlelo luzoqala kabusha. qhubeka? [Y/N]: y
6. Nika amandla izimbobo zokunqwabelanisa kuswishi eyinhloko. Kubalulekile ukuba nesikhathi sokuvumela amachweba ngaphambi kokuthi kuqedwe ukuqalisa kabusha Ukushintsha B, ngoba. uma uzivula ngemva kwalokho, ukushintsha okuthi B kuzongena ekuqaliseni kabusha futhi.
[~ShintshaA] imbobo yesitaki esibonakalayo 1/1
[~SwitchA-Stack-Port1/1] hlehlisa ukuvala shaqa
[*SwitchA-Stack-Port1/1] yenza
[~SwitchA-Stack-Port1/1] ukubuya
7. Hlola ukusebenza kwesitaki ngomyalo othi βisitaki sokubonisa"
Isibonelo sokuphuma komyalo ngemva kokumisa okulungile
isitaki sokubonisa
---------------------------
I-MemberID Role ye-MAC Incazelo Yohlobo Lwedivayisi Ebalulekile
---------------------------
+1 Master 0004-9f31-d520 150 CE6850-48T4Q-EI
2 Okulindile 0004-9f62-1f40 120 CE6850-48T4Q-EI
---------------------------
+ ikhombisa idivayisi lapho kuhlala khona isixhumi esibonakalayo sokuphatha esicushiwe.
8. Gcina ukucushwa kwesitaki ngomyalo othi βlondoloza". Ukusetha kuqediwe.
ΠΈ ingabuye ibukwe kuwebhusayithi yeHuawei.
Izilungiselelo zokufinyelela
Ngenhla sisebenze ngoxhumano lwekhonsoli. Manje sidinga ukuxhuma ngandlela thile kusishintshi sethu (isitaki) ngenethiwekhi. Ukwenza lokhu, idinga isixhumi esibonakalayo (eyodwa noma ngaphezulu) enekheli le-IP. Ngokuvamile, ekushintsheni, ikheli linikezwa isixhumi esibonakalayo ku-VLAN yokuphatha noma imbobo yokuphatha ezinikele. Kodwa lapha, vele, konke kuncike ku-topology yokuxhuma kanye nenjongo yokusebenza yokushintsha.
Isibonelo sokusetha ikheli le-VLAN interface 1:
[~HUAWEI] isikhombimsebenzisi esibonakalayo vlan1
[~HUAWEI-Vlanif1] ikheli le-IP 10.10.10.1 255.255.255.0
[~HUAWEI-Vlanif1] yenza
Ungaqala ngokusobala udale i-Vlan futhi unikeze igama kuyo, isibonelo:
[~Shintsha] isiqephu 1
[*Shintsha-vlan1] igama TEST_VLAN (Igama le-VLAN liyakhethwa)
Kukhona ukugebenga kwempilo okuncane mayelana nokuqamba amagama - bhala amagama ezakhiwo ezinengqondo ngosonhlamvukazi (ACL, Route-map, ngezinye izikhathi amagama e-VLAN) ukuze kube lula ukuzithola efayeleni lokumisa. Ungathatha "izikhali" π
Ngakho-ke, sine-VLAN, manje "siyibeka" echwebeni elithile. Ngokhetho oluchazwe esibonelweni, lokhu akudingekile, ngoba. wonke ama-switch port azenzakalelayo ku-VLAN 1. Uma sifuna ukulungisa imbobo kwenye i-VLAN, sisebenzisa imiyalo efanele:
Ukulungiselelwa kwembobo kumodi yokufinyelela:
[~Shintsha] isixhumi esibonakalayo 25GE 1/0/20
[~Switch-25GE1/0/20] ukufinyelela kohlobo lwesixhumanisi sembobo
[~Switch-25GE1/0/20] ukungena kwe-port vlan 10
[~Switch-25GE1/0/20] yenza
Ukucushwa kwembobo kumodi ye-trunk:
[~Shintsha] isixhumi esibonakalayo 25GE 1/0/20[~Switch-25GE1/0/20] i-port link-type trunk
[~Switch-25GE1/0/20] i-port trunk pvid vlan 10 - cacisa i-VLAN yomdabu (ozimele kule VLAN ngeke babe nomaka enhlokweni)
[~Switch-25GE1/0/20] i-port trunk allow-pass vlan 1 kuya ku-20 - vumela kuphela i-VLAN enomaka ukusuka ku-1 kuye ku-20 (isibonelo)
[~Switch-25GE1/0/20] yenza
Sithole izilungiselelo ze-interface. Masiqhubekele ekucushweni kwe-SSH.
Sinikeza kuphela isethi edingekayo yemiyalo:
Inikeza igama enguqulweni
Ukubuka kwesistimu
[~HUAWEI] Igama le-sysname Iseva ye-SSH
[*HUAWEI] yenza
Ikhiqiza okhiye
[~Iseva ye-SSH] rsa local-key-pair dala //Khiqiza umsingathi wendawo we-RSA kanye namapheya wokhiye weseva.
Igama elingukhiye kuzoba: I-SSH Server_Host
Ububanzi bosayizi wokhiye womphakathi ngu (512 ~ 2048).
QAPHELA: Ukupheqa okubalulekile kuzothatha isikhashana.
Faka amabhithi kumoduli [okuzenzakalelayo = 2048] : 2048
[*Iseva ye-SSH] yenza
Isetha isikhombimsebenzisi se-VTY
[~Iseva ye-SSH] interface yomsebenzisi vty 0 4
[~SSH Server-ui-vty0-4] imodi yokuqinisekisa aaa
[SSH Server-ui-vty0-4] izinga lamalungelo omsebenzisi 3
[SSH Server-ui-vty0-4] iphrothokholi engenayo i-ssh
[*SSH Server-ui-vty0-4] niyeke
Dala umsebenzisi wendawo "iklayenti001" futhi umlungiselele ukuqinisekiswa kwephasiwedi
[Iseva ye-SSH] AAA[Iseva ye-SSH-aaa] local-user client001 password irreversible-cipher
[Iseva ye-SSH-aaa] iklayenti yendawo yomsebenzisi001 ileveli 3
[Iseva ye-SSH-aaa] local-user client001 service-type ssh
[Iseva ye-SSH-aaa] niyeke
[Iseva ye-SSH] ssh yomsebenzisi weklayenti001 igama lokufakazela ubuqiniso iphasiwedi
Yenza kusebenze isevisi ye-SSH ekushintsheni
[~Iseva ye-SSH] vumela iseva ye-stelnet[*Iseva ye-SSH] yenza
Ukuthinta kokugcina: ukusetha i-service-tupe yeklayenti lomsebenzisi001
[~Iseva ye-SSH] ssh umsebenzisi client001 service-type stelnet[*Iseva ye-SSH] yenza
Ukusetha kuqediwe. Uma wenze konke kahle, ungaxhuma ekushintsheni usebenzisa inethiwekhi yendawo futhi uqhubeke nokusebenza.
Imininingwane eyengeziwe ngokusetha i-SSH ingatholakala emibhalweni yeHuawei - ΠΈ .
Ilungiselela Izilungiselelo Zesistimu Eyisisekelo
Kuleli bhulokhi, sizocubungula inombolo encane yamabhulokhi womyalo ahlukene wokumisa izici ezidume kakhulu.
1. Ukusetha isikhathi sohlelo nokuvumelanisa kwalo nge-NTP.
Ungasebenzisa imiyalo elandelayo ukuze usethe isikhathi endaweni ekushintsheni:
indawo yesikhathi yewashi {engeza | susa }
isikhathi sedethi sewashi [ utc ] HH:MM:SS YYYY-MM-DD
Isibonelo sokusetha isikhathi endaweni
indawo yesikhathi yewashi MSK engeza 03:00:00
isikhathi sedethi sewashi 10:10:00 2020-10-08
Ukuze uvumelanise isikhathi nge-NTP neseva, faka umyalo olandelayo:
ntp iseva ye-unicast [ Version inombolo | ubuqiniso-keyid ukhiye-id | umthombo-interface isikhombimsebenzisi-uhlobo
Isibonelo somyalo wokuvumelanisa isikhathi nge-NTP
ntp unicast-server 88.212.196.95
yenza
2. Ukuze usebenze ngokushintsha, ngezinye izikhathi udinga ukulungisa okungenani umzila owodwa - umzila ozenzakalelayo noma umzila ozenzakalelayo. Umyalo olandelayo usetshenziswa ukudala imizila:
ip umzila-static ip-ikheli { imaski | ubude bemaski } { nexthop-address | i-interface-type interface-number [nexthop-address] }
Isibonelo somyalo wokudala imizila:
Ukubuka kwesistimu
ip umzila-static 0.0.0.0 0.0.0.0 192.168.0.1
yenza
3. Ukusetha imodi yokusebenza yephrothokholi ye-Spanning-Tree.
Ukuze kusetshenziswe kahle inkinobho entsha kunethiwekhi ekhona, kubalulekile ukunaka ekukhethweni kwemodi yokusebenza ye-STP. Futhi, kungaba kuhle ukusetha ngokushesha. Ngeke sime lapha isikhathi eside, ngoba. isihloko sibanzi impela. Ake sichaze kuphela izindlela zokusebenza zephrothokholi:
imodi ye-stp { stp | rstp | mstp | vbst } - kulo myalo, khetha imodi esiyidingayo. Imodi ezenzakalelayo: MSTP. Futhi kuyimodi enconyiwe yokusebenza kumaswishi eHuawei. I-backward ehambisana ne-RSTP iyatholakala.
Isibonelo:
Ukubuka kwesistimu
Imodi ye-stp mstp
yenza
4. Isibonelo sokusetha imbobo yokushintsha yokuxhuma idivayisi yokugcina.
Ake sibheke isibonelo sokumisa imbobo yokufinyelela ukuze icubungule ithrafikhi ku-VLAN10
[SW] isikhombimsebenzisi 10ge 1/0/3
[SW-10GE1/0/3] ukufinyelela kohlobo lwesixhumanisi sembobo
[SW-10GE1/0/3] i-port default vlan 10
[SW-10GE1/0/3] I-stp edged-port inika amandla
[*SW-10GE1/0/3] niyeke
Naka umyaloI-stp edged-port inika amandlaβ - ikuvumela ukuthi usheshise inqubo yokudlulisela imbobo esimweni sokudlulisela phambili. Nokho, lo myalo akufanele usetshenziswe ezimbobeni lapho amanye amaswishi axhumeke khona.
Futhi, umyalo "stp bpdu-isihlungi vumela".
5. Isibonelo sokumisa i-Port-Channel kumodi ye-LACP ukuze ixhume kwamanye amaswishi noma amaseva.
Isibonelo:
[SW] interface eth-trunk 1[SW-Eth-Trunk1] i-port link-type trunk
[SW-Eth-Trunk1] port trunk vumela-pass vlan 10
[SW-Eth-Trunk1] Imodi ye-lacp-static (noma ungasebenzisa i-lacp-dynamic)
[SW-Eth-Trunk1] niyeke
[SW] isikhombimsebenzisi 10ge 1/0/1
[SW-10GE1/0/1] eth-Trunk 1
[SW-10GE1/0/1] niyeke
[SW] isikhombimsebenzisi 10ge 1/0/2
[SW-10GE1/0/2] eth-Trunk 1
[*SW-10GE1/0/2] niyeke
Singakhohlwa mayelana βyenzaβ futhi ngaphezu kwalokho sesivele sisebenza nesixhumi esibonakalayo ethi trunk 1.
Ungahlola isimo sesixhumanisi esihlanganisiwe ngomyalo othi βbonisa i-eth-trunk".
Sichaze amaphuzu abalulekile wokumisa ukushintshwa kweHuawei. Yebo, ungangena ujule esihlokweni futhi amaphuzu amaningi awachazwa, kodwa sizamile ukukhombisa imiyalo eyinhloko, ethandwa kakhulu yokusetha kokuqala.
Sithemba ukuthi le "manual" izokusiza ukuthi usethe amaswishi ngokushesha.
Kuyoba kuhle futhi uma ubhala kumazwana imiyalo ocabanga ukuthi ayikho esihlokweni, kodwa futhi ingenza kube lula ukucushwa kwamaswishi. Hhayi-ke, njengenjwayelo, sizokujabulela ukuphendula imibuzo yakho.
Source: www.habr.com