sysname CORESWITCH-00
telnet server enable
ftp server enable
dhcp enable
dhcp snooping enable \\ 防止dhpc 攻击的 安全机制
lldp enable \\ 二层的链路状态信息
undo portal url-encode enable \\ 关闭 url 编解码功能 默认开启
interface MEth0/0/1 \\ 配置 管理接口 可配置ip 只可以登录使用
easy-operation dtls disable \\ dtls 加密功能 升级有关 关闭可以升级
ecmp local-preference disable \\ 关闭 ecpm 本设备进入流量 优先转发 堆叠系统关闭
loopback-detect auto disable \\ 自动检测环路功能 确定没有环路可以关闭 减少浪费系统资源
set flow-change-ratio input-broadcast-detect disable \\ 关闭 接口流量突变警告 入方向
arp learning ip-network-cross enable \\ 跨网段arp学习功能 只能在配置恢复阶段可用 恢复后不能配置
arp anti-attack gateway-duplicate enable \\ arp 放网关冲突 功能
arp anti-attack packet-check sender-mac dst-mac \\ arp报文合法性检查 源ip 目的ip
stelnet server enable \\ ssh
ssh client first-time enable \\ 开启ssh客户端首次认证
rsa peer-public-key 192.168.40.4 \\ rsa 编码格式 名字 进入 公共秘钥 视图
public-key-code begin \\ 进入 公共秘钥 编辑视图
30820109
02820100
BA69970B 8EBE16D6 36FAEEF2 D5091134 CCAD46EE 47AA1A51 775C6555 249CC5BD
82DE5696 B14CD119 F191A05C 5037DC0D D4811581 05D38B93 1D683302 ECF48826
6AF1ACD3 8BCA9369 74CF98C5 9382E7CC 7D30BF37 17D4931E 26854754 33AD9371
4D45E9A9 DBD8419A EBCBA2E9 FD419727 76058256 43D89DA7 D67E595E FFD6EB8A
752BC353 5840AF27 1FD78F09 65AABDA0 768251DB 6711E469 63468C43 5BA68DCB
ABC43E19 8572E37A 3B225A2A F6B11E7D 40E1C5F6 AEFCE648 2D764293 515B2F44
6B88CC36 A0039678 9F853A38 54C70F39 F1CC7F12 009A5FB4 EC3F4A2B F7FC0CC0
2019EB18 2EAFF7C4 9DA1F02C 5BD888CC 5427A46B 4F24D463 634B8E33 C33B7A53
0203
010001
public-key-code end \\ 结束 公共秘钥编辑 视图
peer-public-key end \\ 结束 公共秘钥 视图
ssh client 192.168.40.4 assign rsa-key 192.168.40.4
user-interface console 0
authentication-mode password
set authentication password cipher abc123456
user-interface vty 0 4
authentication-mode aaa
protocol inbound all \\ 配置 vty用户所支持的协议 默认为ssh all为telnet和ssh
snmp-agent \\ 开启snmp功能 系统会自动生成id 与网管平台互通 管理功能
snmp-agent community read cipher abc123456 \\ 设置读团体名
snmp-anent sys-info version v2c v3 \\ 设置支持的版本 或all 配合snmp软件使用
local-user huawei password irreversible-cipher abc123456
local-user huawei privilege level 15
local-user huawei ftp-directoy flash:/
local-user huawei service-type http
local-user admin password irreversible-cipher abc123456
local-user admin privilege level 15
local-user admin ftp-directory flash:/
local-user admin service-type telnet ftp http ssh terminal
radius-server template default \\ 创建 radius 模板 可以用于 认证 计费 等 修改默认模板defaul
radius-server shared-key cipher abc123456 \\ 创建密码
ospf
import-route direct
area0
network 192.168.0.0 0.0.0.255
stp instance 0 root primary \\ 生成树 指定生成树实例ID 设置跟交换机
stp bpdu-protection \\ 生成树 bpdu保护功能 边缘端口不参与生成树计算 bpdu报文是运行生成树交换机之间的
stp tc-protection \\ 生成树 打开tc的保护开关 tc拓扑
vlan batch 9 to 28 100 1001 to 1002 2001 to 2015 3015 to 3016 4000
interface Vlanif4000
description to-Router
ip address 192.168.0.1 24
interface Eth-Trunk0
description To-Router
port link-type trunk
port trunk allow-pass vlan all
undo port trunk allow-pass vlan 1
interface g0/0/47
eth-trunk 0
interface g0/0/48
eth-trunk 0
interface Vlanif1
ip address 192.168.2.1 24
interface Vlanif10
ip address 192.168.10.254 24
interface Vlanif11
ip address 192.168.11.254 24
interface Vlanif12
ip address 192.168.12.254 24
interface Vlanif13
ip address 192.168.13.254 24
interface Vlanif14
ip address 192.168.14.254 24
interface Vlanif15
ip address 192.168.15.254 24
interface Vlanif16
ip address 192.168.16.254 24
interface Vlanif17
ip address 192.168.17.254 24
interface Vlanif18
ip address 192.168.18.254 24
interface Vlanif19
ip address 192.168.19.254 24
interface Vlanif20
ip address 192.168.20.254 24
interface Vlanif21
ip address 192.168.21.254 24
interface Vlanif22
ip address 192.168.22.254 24
interface Vlanif23
ip address 192.168.23.254 24
interface Vlanif24
ip address 192.168.24.254 24
interface Vlanif25
ip address 192.168.25.254 24
interface Vlanif26
ip address 192.168.26.254 24
interface Vlanif27
ip address 192.168.27.254 24
interface Vlanif28
ip address 192.168.28.254 24
interface Vlanif100
ip address 192.168.100.254 24
port-group group-member g0/0/2 to g0/0/4
port link-type trunk
port trunk allow-pass vlan 10 4000
undo port trunk allow-pass vlan 1
port-group group-member g0/0/5 to g0/0/12
port link-type trunk
port trunk allow-pass vlan all
undo port trunk allow-pass vlan 1
port-group group-member g0/0/21 to g0/0/22
port link-type access
port default vlan 100
port-group group-member g0/0/23 to g0/0/24
port link-type trunk
port trunk allow-pass vlan all
interface g0/0/25
port link-type access
port default vlan 3015
interface g0/0/26
port link-type access
port default vlan 3016
port-group group-member g0/0/27 to g0/0/39
port link-type access
port default vlan 100
vlan 1002
description AC To AP
vlan 2001
description G-1
vlan 2002
description G-2
vlan 2003
description G-3
vlan 2004
description G-4
vlan 2005
description G-5
vlan 2006
description G-6
vlan 2007
description G-7
vlan 2008
description G-8
vlan 2009
description G-10-1
vlan 2010
description G-10-2
vlan 2011
description G-AFD
vlan 2012
description G-OMD
vlan 2013
description G-HR
vlan 2014
description G-CFR
vlan 2015
description G-VIP
interface Vlanif1001
ip address 192.168.244.2 255.255.254.0
interface Vlanif1002
ip address 192.168.251.2 255.255.255.0
interface Vlanif2001
description G-1
ip address 10.100.1.1 255.255.255.0
dhcp select global
interface Vlanif2002
description G-2
ip address 10.100.2.1 255.255.255.0
dhcp select global
interface Vlanif2003
description G-3
ip address 10.100.3.1 255.255.255.0
dhcp select global
interface Vlanif2004
description G-4
ip address 10.100.4.1 255.255.255.0
dhcp select global
interface Vlanif2005
description G-5
ip address 10.100.5.1 255.255.255.0
dhcp select global
interface Vlanif2006
description G-6
ip address 10.100.6.1 255.255.255.0
dhcp select global
interface Vlanif2007
description G-7
ip address 10.100.7.1 255.255.255.0
dhcp select global
interface Vlanif2008
description G-8
ip address 10.100.8.1 255.255.255.0
dhcp select global
interface Vlanif2009
description G-10-1
ip address 10.100.9.1 255.255.255.0
dhcp select global
interface Vlanif2010
description G-10-2
ip address 10.100.10.1 255.255.255.0
dhcp select global
interface Vlanif2011
description G-AFD
ip address 10.100.11.1 255.255.255.0
dhcp select global
interface Vlanif2012
description G-OMD
ip address 10.100.12.1 255.255.255.0
dhcp select global
interface Vlanif2013
description G-HR
ip address 10.100.13.1 255.255.255.0
dhcp select global
interface Vlanif2014
description G-CFR
ip address 10.100.14.1 255.255.255.0
dhcp select global
interface Vlanif2015
description G-VIP
ip address 10.100.15.1 255.255.255.0
dhcp select global
interface Vlanif3015
ip address 10.15.20.254 255.255.255.0
interface Vlanif3016
ip address 10.16.17.254 255.255.255.0
ip pool G-1
gateway-list 10.100.1.1
network 10.100.1.0 mask 255.255.255.0
excluded-ip-address 10.100.1.2 10.100.1.10
dns-list 8.8.8.8 8.8.4.4
ip pool G-2
gateway-list 10.100.2.1
network 10.100.2.0 mask 255.255.255.0
excluded-ip-address 10.100.2.2 10.100.2.10
dns-list 8.8.8.8 8.8.4.4
ip pool G-3
gateway-list 10.100.3.1
network 10.100.3.0 mask 255.255.255.0
excluded-ip-address 10.100.3.2 10.100.3.10
dns-list 8.8.8.8 8.8.4.4
ip pool G-4
gateway-list 10.100.4.1
network 10.100.4.0 mask 255.255.255.0
excluded-ip-address 10.100.4.2 10.100.4.10
dns-list 8.8.8.8 8.8.4.4
ip pool G-5
gateway-list 10.100.5.1
network 10.100.5.0 mask 255.255.255.0
excluded-ip-address 10.100.5.2 10.100.5.10
dns-list 8.8.8.8 8.8.4.4
ip pool G-6
gateway-list 10.100.6.1
network 10.100.6.0 mask 255.255.255.0
excluded-ip-address 10.100.6.2 10.100.6.10
dns-list 8.8.8.8 8.8.4.4
ip pool G-7
gateway-list 10.100.7.1
network 10.100.7.0 mask 255.255.255.0
excluded-ip-address 10.100.7.2 10.100.7.10
dns-list 8.8.8.8 8.8.4.4
ip pool G-8
gateway-list 10.100.8.1
network 10.100.8.0 mask 255.255.255.0
excluded-ip-address 10.100.8.2 10.100.8.10
dns-list 8.8.8.8 8.8.4.4
ip pool G-10-1
gateway-list 10.100.9.1
network 10.100.9.0 mask 255.255.255.0
excluded-ip-address 10.100.9.2 10.100.9.10
dns-list 8.8.8.8 8.8.4.4
ip pool G-10-2
gateway-list 10.100.10.1
network 10.100.10.0 mask 255.255.255.0
excluded-ip-address 10.100.10.2 10.100.10.10
dns-list 8.8.8.8 8.8.4.4
ip pool G-AFD
gateway-list 10.100.11.1
network 10.100.11.0 mask 255.255.255.0
excluded-ip-address 10.100.11.2 10.100.11.10
dns-list 8.8.8.8 8.8.4.4
ip pool G-OMD
gateway-list 10.100.12.1
network 10.100.12.0 mask 255.255.255.0
excluded-ip-address 10.100.12.2 10.100.12.10
dns-list 8.8.8.8 8.8.4.4
ip pool G-HR
gateway-list 10.100.13.1
network 10.100.13.0 mask 255.255.255.0
excluded-ip-address 10.100.13.2 10.100.13.10
dns-list 8.8.8.8 8.8.4.4
ip pool G-CFR
gateway-list 10.100.14.1
network 10.100.14.0 mask 255.255.255.0
excluded-ip-address 10.100.14.2 10.100.14.10
dns-list 8.8.8.8 8.8.4.4
ip pool G-VIP
gateway-list 10.100.15.1
network 10.100.15.0 mask 255.255.255.0
excluded-ip-address 10.100.15.2 10.100.15.10
dns-list 8.8.8.8 8.8.4.4
