Monday, May 25, 2015

Huawei Switch Configuration Commands

Here are some Huawei switch configuration command and verification command is here.


1. Enter int to the privilege mode
<sw1>system view

2. Create the VLAN
[sw1]vlan 30
[sw1]des fiber

3. Configure interface trunk
[sw1]interface GigabitEthernet 0/0/1
[sw1-GigabitEthernet0/0/1]port link-type trunk

4. Configure interface access
[sw1-GigabitEthernet0/0/3]port link-type access
[sw1-GigabitEthernet0/0/4]port link-type access

5. Assign vlan to that port
[sw1]vlan 30
[sw1-vlan30]port GigabitEthernet 0/0/3
[sw1]vlan 30
[sw1-vlan30]port GigabitEthernet 0/0/4

6. Change port speed and duplex
[sw1]interface GigabitEthernet 0/0/3
[sw1-GigabitEthernet0/0/3]undo negotiation auto
[sw1-GigabitEthernet0/0/3]speed ?
  10                10M port speed mode
  100               100M port speed mode
  1000              1000M port speed mode
  auto-negotiation  Auto negotiation
[sw1-GigabitEthernet0/0/3]speed 100
[sw1]int gi0/0/4
[sw1-GigabitEthernet0/0/4]undo negotiation auto
[sw1-GigabitEthernet0/0/4]speed 100

[sw1-GigabitEthernet0/0/4]duplex ?
  full  Full-Duplex mode
  half  Half-Duplex mode
[sw1-GigabitEthernet0/0/4]duplex full


7. Configure VLAN and add VLAN in trunk port
[sw1-GigabitEthernet0/0/1]port trunk allow-pass vlan 301 302
Info: This operation may take a few seconds. Please wait for a moment...done.

8. MST Configuration

[sw1]stp region-configuration
Info: Please activate the stp region-configuration after it is modified.
[sw1-mst-region]region-name JP
[sw1-mst-region]instance 1 vlan instance 1 vlan 10 20 30 to 50 600 to 616
[sw1-mst-region]instance 0 vlan 302

9. Create management interface
[sw1]interface Vlanif 25
Error: Can not create this interface because the interface number of this type has reached its maximum.
[sw1]undo interface Vlanif 1
[sw1-Vlanif25]ip add 10.10.10.11 255.255.255.0
[sw1-Vlanif25]ip route-static 0.0.0.0 0.0.0.0 129.102.0.2


10. Configure SSH

[sw1]rsa local-key-pair create
The key name will be: sw1_Host
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
       it will take a few minutes.
Input the bits in the modulus[default = 2048]:1024
Generating keys...
.....++++++
..........++++++
.................+++++
...+++++

11. Create local user
[sw1]aaa
[sw1-aaa]local-user jpudasaini password ?
  cipher               User password with cipher text
  irreversible-cipher  User password with irreversible-cipher text
  <cr>

[sw1-aaa]local-user jpudasaini password
Please configure the login password (8-16)
It is recommended that the password consist of at least 2 types of characters, including lowercase letters, uppercase letters, numerals and special characters.
Please enter password:
Please confirm password:
Info: Add a new user.

[sw1-aaa]local-user jpudasaini service-type ssh telnet

12. Configure telnet session
[sw1]stelnet server enable
[sw1]ssh authentication-type default password
[sw1]ssh user jpudasaini
[sw1]ssh user jpudasaini authentication-type password
[sw1]ssh user jpudasaini service-type stelnet


[sw1]user-interface vty 0 4
[sw1-ui-vty0-4]authentication-mode aaa
[sw1-ui-vty0-4]protocol inbound ssh



[sw1-aaa]local-user jpudasaini privilege level 15
[sw1-aaa]local-user jpudasaini service-type ssh
[sw1]ssh authentication-type default password

13. DHCP Snooping enable
[huawei-sw1]dhcp enable
[huawei-sw1]dhcp snooping enable ipv4
[huawei-sw1]dhcp server detect

[huawei-sw1]dhcp snooping check dhcp-rate enable
<huawei-sw1>display dhcp snooping
[huawei-sw1]dhcp snooping check dhcp-rate 50

14. Apply to VLAN
[huawei-sw1]vlan 301
[huawei-sw1-vlan301]dhcp snooping enable

15. Apply to Interface
[huawei-sw1-GigabitEthernet0/0/3]dhcp snooping enable
[huawei-sw1-GigabitEthernet0/0/3]dhcp snooping check dhcp-rate enable


16. Apply to Trunk port
[huawei-sw1-GigabitEthernet0/0/4]dhcp snooping trusted


17. Verify Command
[huawei-sw1]display dhcp snooping configuration    
#
dhcp snooping enable
dhcp snooping check dhcp-rate enable
dhcp snooping check dhcp-rate 50
dhcp server detect
#
vlan 301
 dhcp snooping enable
#
interface GigabitEthernet0/0/3
 dhcp snooping enable
 dhcp snooping check dhcp-rate enable
#
interface GigabitEthernet0/0/4
 dhcp snooping trusted

3 comments:

  1. May u know cisco port fast equivalent command for huawei

    ReplyDelete
    Replies
    1. [sw1]int gi0/0/4
      [sw1-GigabitEthernet0/0/4]stp edged-port enable

      Delete
  2. This comment has been removed by the author.

    ReplyDelete