Huawei Training
Training Sum
OSPF:
- Each router calculates a loop-free tree with itself
- With this tree, a router determines the optimal path to each corner of a network
- used IGPs in the industry
- RFC 2328, is designed for IPv4. OSPFv3, as defined in RFC 2740
- exchange link status information, but not routes.
- aware of the intra-area network topology
- supports the variable length subnet mask (VLSM) mechanism and manual route summarization.
- The multi-area design enables OSPF to support a larger network
- Area ID = 32 b can be decimal and IP
- Router is 32b but only IP format
- sum of costs of all inbound interfaces
- 5 Protocol: Hello DD LSR LSU LSACK
- Three Types of OSPF Entries: OSPF neighbor table, LSDB table, and OSPF routing table.
- OSPF neighbor relationships are established by exchanging Hello packets.
- display ospf peer command to view status information.
- The Type field indicates an LSA type, and the AdvRouter field indicates the router that sends the LSA.
- Run the display ospf lsdb command to query the LSDB
- An OSPF routing table contains information, such as the destination IP address, cost, and next-hop IP address, which guides packet forwarding.
- Run the display ospf routing command to query the OSPF routing table.
- When LSDB synchronization between two routers is complete and the two routers start to calculate routes independently, the two routers establish an adjacency
- OSPF adjacency relationship establishment involves four steps: establishing a neighbor relationship, negotiating the master/slave status, exchanging LSDB information, and synchronizing LSDBs.
- Steps 1 to 4 involve interaction between both ends, and Step 5 is performed separately on each device.
- [R1-GigabitEthernet1/0/0] ospf network-type ?
- Generally, the network types of OSPF interfaces at both ends of a link must be the same. Otherwise, the two interfaces cannot establish a neighbor relationship.
- An OSPF network type can be manually changed on an interface to adapt to different network scenarios. For example, you can change the BMA network type to P2P.
- When an interface uses Ethernet encapsulation, the default network type of the OSPF interface is BMA.
- NBMA: A typical example is a Frame Relay (FR) network
- No link layer protocol is considered as a P2MP network by default. This type must be manually changed from another network type. a non-full-mesh NBMA network can be changed to a P2MP network
- Only the DR and BDR can establish adjacencies with other OSPF routers.
- The BDR monitors the status of the DR and takes over the role of the DR if the existing DR fails.
- An OSPF domain is a network that consists of a series of contiguous OSPF network devices that use the same policy
- An OSPF router floods LSAs in the same area. To ensure that all routers have the same understanding of the network topology, LSDBs need to be synchronized within an area.
- Types of OSPF Routers: Internal router, Area border router (ABR), Backbone router, AS boundary router (ASBR)
- Basic OSPF Configuration Commands
- [Huawei] ospf [ process-id | router-id router-id ]
- [Huawei] area area-id
(The area command creates an OSPF area and displays the OSPF area view. The area-id value can be a decimal integer or in dotted decimal notation. If the value is an integer, it ranges from 0 to 4294967295.)
- [Huawei-ospf-1-area-0.0.0.0] network network-address wildcard-mask
(The network-address parameter specifies the network segment address of the interface. The wildcard-mask
parameter is the wildcard of an IP address, which is equivalent to the reverse mask of the IP address (0 is converted to 1, and 1 to 0). For example, 0.0.0.255 indicates that the mask length is 24 bits)
- [Huawei-GE1/0/1] ospf cost cost èfrom 1 to 65535.
- [Huawei-ospf-1] bandwidth-reference value
(The bandwidth-reference command sets a bandwidth reference value that is used to calculate interface costs. The value ranges from 1 to 2147483648, in Mbit/s. The default value is 100 Mbit/s)
- [Huawei-GigabitEthernet0/0/0] ospf dr-priority priority
(The ospf dr-priority command sets a priority for an interface that participates in DR election. A larger value indicates a higher priority. The value ranges from 0 to 255.)
- The configuration process consists of three steps: configuring device interfaces, configuring OSPF, and verifying the result.
# Configure interfaces of R1.
- [R1] interface LoopBack 0
- [R1-LoopBack0] ip address 1.1.1.1 32
- [R1-LoopBack0] interface GigabitEthernet 0/0/0
- [R1-GigabitEthernet0/0/0] ip address 10.1.12.1 30
# Configure OSPF on R1.
- [R1] ospf 1 router-id 1.1.1.1
- [R1-ospf-1] area 0
- [R1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0
- [R1-ospf-1-area-0.0.0.0] network 10.1.12.0 0.0.0.3
<R1>display ip routing-table
- Set the source IP address to 1.1.1.1 and ping 3.3.3.3
<R1>ping -a 1.1.1.1 3.3.3.3
- Summary
l OSPF is a widely used routing protocol on the live network. This presentation describes basic concepts, application scenarios, and basic configurations of OSPF.
l The router ID, area, OSPF neighbor table, LSDB table, and OSPF routing table are basic OSPF concepts. Describe the establishment of OSPF neighbor relationships and adjacencies, which helps you better understand the link-state routing protocol.
l OSPF has more interesting details, such as LSA types, the SPF calculation process, and the OSPF special area. For more OSPF information, please continue your Huawei HCIP-Datacom certification courses.
STP
- IEEE 802.1D
- Ethernet switching network, use of redundant links may produce loops, leading to broadcast storms and an unstable MAC address table.
- Devices running STP exchange STP Bridge Protocol Data Units (BPDUs) to discover loops on the network and block appropriate ports.
- IEEE introduced the Rapid Spanning Tree Protocol (RSTP) to improve the network convergence speed. IEEE 802.1w
- The network redundancy is enhanced, but a Layer 2 loop occurs.
- Issues Caused by Layer 2 Loops: Typical Issue 1: Broadcast Storm, Typical Issue 2: MAC Address Flapping
- When STP is deployed on a network, switches exchange STP BPDUs and calculate a loop-free topology. Finally, one or more ports on the network are blocked to eliminate loops
- STP Can Dynamically Respond to Network Topology Changes and Adjust Blocked Ports
- STP running on a switch continuously monitors the network topology. When the network topology changes, STP can detect the changes and automatically adjust the network topology. Therefore, STP can solve the Layer 2 loop problem and provide a solution for network redundancy
- Layer 3: Common root cause: routing loop, Dynamic routing protocols have certain loop prevention capabilities. The TTL field in the IP packet header can be used to prevent infinite packet forwarding.
- Layer 2:
- Common root cause: Layer 2 redundancy is deployed on the network, or cables are incorrectly connected.
- Specific protocols or mechanisms are required to implement Layer 2 loop prevention.
- The Layer 2 frame header does not contain any information to prevent data frames from being forwarded infinitely
- BID consists of a 16-bit, bridge priority and a bridge MAC address.
- bridge priority and a bridge MAC address.
- The bridge priority occupies the leftmost 16 bits and the MAC address occupies the rightmost 48 bits
- smallest BID acts as the root bridge
- calculate a loop-free STP tree
- is the root of the loop free topology calculated by STP.
- smallest BID acts as the root bridge.
- port is used to calculate the root path cost (RPC),
- root bridge is the sum of costs of all inbound ports
- A PID is used to elect a designated port
- A PID consists of the leftmost four bits (port priority) and the rightmost 12 bits (port number).
- An STP-enabled port maintains a default port priority, which is 128 on Huawei switches. You can run a command to change the priority as required
- two types of BPDUs: Configuration BPDU, Topology Change Notification (TCN) BPDU
- Configuration BPDUs are the key to STP topology calculation. TCN BPDUs are triggered only when the network topology change
1. Root Identifier: Smallest BID of the root bridge
2. Root Path Cost: Smallest RPC
3. Bridge Identifier: Smallest BID of the network bridge
4. Port Identifier: Smallest PID
• each switch sends configuration BPDUs to the network. The configuration BPDU contains the BID of a switch.
• smallest bridge ID becomes the root bridge.
• Only one root bridge exists on a contiguous STP switching network.
• The role of the root bridge can be preempted.
• To ensure the stability of the switching network, you are advised to plan the STP network in advance and set the bridge priority of the switch that is planned as the root bridge to the minimum value 0.
- In most cases, all ports on the root bridge are designated ports
- PID has 2 bytes: For STP, the value of this field is always 0.
- PVI has 1 byte: For STP, the value of this field is always 0
- BPDU Type 1 byte: The value 0x00 for a configuration BPDU and 0x80 for a TCN BPDU.
- Flags 1 byte: STP uses only the leftmost two bits and the rightmost two bits: Topology Change Acknowledgment (TCA) and Topology Change (TC)
- Root ID 8 bytes: BID of the root bridge.
- RPC 4 bytes: STP cost of the path from the current port to the root bridge
- Bridge ID 8 bytes: BID of the sender.
- Port ID 2 bytes: sends BPDU, which consists of the port priority and port number
- Message Age 2 bytes: Number of seconds after a BPDU is sent from the root bridge. The value increases by 1 each time the BPDU passes through a network bridge. It refers to the number of hops to the root bridge.
- Max Age 2 bytes: If the bridge does not receive any BPDU for a period of time and the lifetime of the network bridge reaches the maximum, the network bridge considers that the link connected to the port is faulty. The default value is 20s
- Hello Time 2 bytes: Interval at which the root bridge sends configuration BPDUs. The default value is 2s.
- Forward Delay 2 bytes: Time that is spent in Listening or Learning state. The default value is 15s
working
- Each switch sends configuration BPDUs which contain BID. Smallest bridge ID becomes the root bridge. Only one root bridge exists. Set the bridge priority of the switch that is planned as the root bridge to the minimum value 0.
- Each non-root bridge selects a root port from its ports, only one root port.
- Multiple ports connected to the network, the root port receives the optimal configuration BPDU.
- In most cases, all ports on the root bridge are designated ports
- The last step of STP operations is to block the non-designated port on the network. After this step is complete, the Layer 2 loop on the network is eliminated.
- STP Port State: Disabled, Blocking, Listening, Learning, Forwarding
- Max Age timer (20s) to expire.
- Forward Delay timer (the default interval is 15s).
- it takes about 50s to recover from a root bridge failure.
- the alternate port restores to the Forwarding state after 30s
- By default, the aging time of MAC address entries is 300s.
- priority value of a switch is 32768
- STP Disadvantage: network topology changes service interruption. STP does not differentiate between port roles according to their states. Ports in Listening, Learning, and Blocking states are the same for users because none of these ports forwards service traffic. In terms of port use and configuration, the essential differences between ports lie in the port roles but not port states. Both root and designated ports can be in Listening state or Forwarding state, so the port roles cannot be differentiated according to
their states. The STP algorithm does not determine topology changes until the timer expires, delaying network convergence. The STP algorithm requires the root bridge to send configuration BPDUs after the network topology becomes stable, and other devices process and spread the configuration BPDUs through the entire network. This also delays convergence.
RSTP
- STP 802.1d
- MSTP 802.1s
- RSTP 802.1w
- RSTP defines three states for a port based on whether the port forwards user traffic and learns MAC addresses.
- In addition, RSTP introduces the edge port. The port connecting a switch to a terminal is configured as an edge port that enters the Forwarding state immediately after initialization, thus improving the working efficiency.
- RSTP processes configuration BPDUs differently from STP.
p When the topology becomes stable, the mode of sending configuration BPDUs is optimized.
p RSTP uses a shorter timeout interval of BPDUs.
p RSTP optimizes the method of processing inferior BPDUs.
l RSTP changes the configuration BPDU format and uses the Flags field to describe portroles.
l RSTP topology change processing: Compared with STP, RSTP is optimized to accelerate the response to topology changes.
- RSTP defines four port roles: root port, designated port, alternate port, and backup port.
- An edge port is located at the edge of a region and does not connect to any switching device.
- STP state: forwarding, learning, learning, blocking, disable. 50 s
- RSTP: forwarding, learning, discarding. 1-6 second
- l RSTP, an enhancement to STP, allows for fast network topology convergence.
l STP and RSTP both have a defect: All VLANs on a LAN share one spanning tree. As a result, inter-VLAN load balancing cannot be performed, and blocked links cannot transmit any traffic, which may lead to VLAN packet transmission failures.
- Huawei provides the VLAN-based Spanning Tree (VBST). VBST constructs a spanning tree in each VLAN so that traffic from different VLANs is load balanced along different spanning trees.
MSTP
- To fix the defects, the IEEE released the 802.1s standard that defines the Multiple Spanning Tree Protocol (MSTP) in 2002.
- MSTP is compatible with STP and RSTP, and can rapidly converge traffic and provides multiple paths to load balance VLAN traffic.
- MSTP divides a switching network into multiple regions. Each spanning tree is called a multiple spanning tree instance (MSTI). a single MSTI reduces communication costs and resource usage. a single MSTI reduces communication costs and resource usage. Multiple VLANs with the same topology can be mapped to a single MSTI. The forwarding state
of the VLANs for an interface is determined by the interface state in the MSTI.
- Smart Link is deployed on two switches where a host is dual homed. When the network is normal, one of the two uplinks is active, and the other is in standby state (does not carry service traffic). In this way, a Layer 2 loop is eliminated.
- When the active link is faulty, traffic is switched to the standby link in milliseconds. This ensures proper data forwarding.
- Smart Link is easy to configure.
- Smart Link does not involve protocol packet exchange, therefore greatly improving speed and reliability.
Eth-Trunk, intelligent stack (iStack), and cluster
- switch system (CSS) bandwidth and reliability
- deploying redundant links and using the Spanning Tree Protocol (STP), leading to low flexibility, time-consuming troubleshooting, and complex configuration
- Ethernet link aggregation, also called Eth-Trunk, bundles multiple physical links into a
logical link to increase link bandwidth, without having to upgrade hardware
- A link aggregation group (LAG) is a logical link formed by bundling
several links. Each LAG has one logical interface, known as an LAG
interface or Eth-Trunk interface.
• Member interface and member link: Physical interfaces that constitute
an Eth-Trunk interface are called member interfaces, and the link
corresponding to a member interface is known as a member link.
• Active interface and active link: An active interface is also called a
selected interface and is a member interface that participates in data
forwarding. The link corresponding to an active interface is called an
active link.
• Inactive interface and inactive link: An inactive interface is also called
an unselected interface and is a member interface that does not
participate in data forwarding. A link corresponding to an inactive
interface is referred to as an inactive link.
• Link aggregation mode: Based on whether the Link Aggregation
Control Protocol (LACP) is enabled, link aggregation can be classified
into manual mode and LACP mode.
• Other concepts: upper and lower thresholds for the number of active
interfaces
Active interface
Inactive interface
SW1
Eth-Trunk interface
Eth-Trunk interface
S U
- Manual mode: An Eth-Trunk is manually created, and its member interfaces are manually configured. LACP is not used
for negotiation between the two systems.
• In most cases, all links are active links. In this mode, all active links forward data and evenly share traffic. If an active link
is faulty, the LAG automatically evenly shares traffic among the remaining active links.
• If one of the devices at both ends of an LAG does not support LACP, you can use the manual mode
- • To ensure that the Eth-Trunk works properly, ensure that the peer interfaces of all member interfaces in the Eth-Trunk
meet the following requirements:
▫ The peer interfaces reside on the same device.
▫ The peer interfaces are added to the same Eth-Trunk.
• In manual mode, devices do not exchange packets. Therefore, the configuration needs to be manually confirmed
- • In manual mode, the device can determine whether the peer interface is working properly based only on
the physical layer status.
LACPDU
Device priority, MAC address for actor
Interface priority, Interface number for active
• LACP mode: A link aggregation mode that uses the LACP protocol. Devices exchange Link Aggregation Control Protocol
Data Units (LACPDUs) to ensure that the peer interfaces are member interfaces that belong to the same Eth-Trunk and
are on the same device.
• An LACPDU contains the device priority, MAC address, interface priority, and interface number.
System Priority
- • In LACP mode, the number of active interfaces selected by devices at both ends must be consistent;
otherwise, the Eth-Trunk cannot be set up. In this case, configure one end as the Actor. Then the other end
selects active interfaces according to the Actor.
• The Actor is determined based on the LACP system priority. A smaller value indicates a higher priority
- By default, the LACP system priority is 32768. A smaller value indicates a higher priority. Generally, the default value is used. When the priorities are the same, LACP selects the Actor by comparing the MAC addresses. A smaller MAC address indicates a higher priority 0 to 65535
Interface Priority
By default, the LACP interface priority of an interface is 32768. A smaller value indicates a higher priority. Generally, the default value is used. When the priorities are the same, LACP selects active interfaces based on interface numbers. A smaller interface number indicates a higher priority
- the interfaces with higher priorities and smaller interface numbers are selected as active interfaces
- If an active link fails, an inactive link with the highest priority is selected to replace the faulty link. This ensures that the overall bandwidth does not change and services are not interrupted
- When an Eth-Trunk is used to forward data, there are multiple physical links between devices at both ends of the Eth-Trunk. If data frames are forwarded on different links, data frames may arrive at the peer end in a different order in which they were transmitted, resulting in out-of-order packets
- Load balancing based on flows is recommended for an Eth-Trunk. In this mode, a flow is load balanced to the same link. This ensures that frames of the same flow are transmitted over the same physical link and implements
load balancing among physical links in an Eth-Trunk.
Load Balancing Mode
An Eth-Trunk can load balance traffic based on IP addresses or MAC addresses of packets. You can configure different load balancing modes (valid locally only for outgoing packets) to distribute data flows to different member interfaces.
• Traffic can be load balanced based on: source IP address, source MAC address, destination IP address, destination MAC address, source and destination IP addresses, and source and destination MAC addresses.
• For actual services, you need to configure a proper load balancing mode based on traffic characteristics. If a service traffic parameter changes frequently, it is easier to load balance traffic if you use the load balancing mode based on this frequently-changing parameter.
Typical Application Scenario
- To improve the access bandwidth and reliability of the server, bind two or more physical NICs into a NIC group and establish an Eth-Trunk with the switch.
- An iStack is a logical device consisting of two switches. A switch can be connected to the iStack through an EthTrunk to form a highly reliable loop-free network.
- If two firewalls are deployed in hot standby mode, the heartbeat link is used to detect the status of the peer device. To prevent status detection errors caused by single-interface or single-link faults, you can create an Eth-Trunk and use it as the heartbeat link for status detection
Configuration Commands
- [Huawei-GigabitEthernet0/0/1] lacp priority priority
- [Huawei-Eth-Trunk1] max active-linknumber {number}
- [Huawei-Eth-Trunk1] least active-linknumber {number}
- Exam:
- [SW1] interface eth-trunk 1
- [SW1-Eth-Trunk1] trunkport gigabitethernet 0/0/1 to 0/0/2
- [SW1-Eth-Trunk1] port link-type trunk
- [SW1-Eth-Trunk1] port trunk allow-pass vlan 10 20
- [SW2] interface eth-trunk 1
- [SW2-Eth-Trunk1] trunkport gigabitethernet 0/0/1 to 0/0/2
- [SW2-Eth-Trunk1] port link-type trunk
- [SW2-Eth-Trunk1] port trunk allow-pass vlan 10 20
- [SW1] interface eth-trunk 1
- [SW1-Eth-Trunk1] mode lacp
- [SW1-Eth-Trunk1] max active-linknumber 2
- [SW1-Eth-Trunk1] trunkport gigabitethernet 0/0/1 to 0/0/3
- [SW1-Eth-Trunk1] port link-type trunk
- [SW1-Eth-Trunk1] port trunk allow-pass vlan 10 20
- [SW1-Eth-Trunk1] quit
- [SW1] lacp priority 30000
- iStack and CSS
- iStack at access layer; CSS at core layer
- • iStack: Multiple iStack-capable switches are connected using stacking cables to form a logical switch that participates in data forwarding.
• Cluster switch system (CSS): Two CSS-capable switches are bundled into one logical switch.
- • A CSS consists of only two switches. Generally, modular switches support CSS, and fixed switches support iStack.
CSS
- One logical device simplifies O&M and facilitates management.
- If a physical device fails, the other device can take over the forwarding and control functions,
preventing single points of failure.
iStack
- Inter-device link aggregation is implemented on a loop-free physical network, so STP does not
need to be deployed.
- All links in the Eth-Trunk are used, and the link usage is 100%.
All
• Many-to-one virtualization: Switches can be virtualized into one logical switch (CSS) that has a unified control plane for unified management.
• Unified forwarding plane: Physical switches in a CSS use a unified forwarding plane, and share and synchronize forwarding information in real time.
• Inter-device link aggregation: Links between physical switches are aggregated into a single Eth-Trunk interface to interconnect with downstream devices
• When the port density of a switch cannot meet the access requirements, add new switches to set up an iStack to increase the number of ports.
• To increase the uplink bandwidth, add new switches to set up an iStack and add multiple physical links of the member switches to an Eth-Trunk. This increases the uplink bandwidth, implements inter-device backup and inter-device link redundancy, and improves reliability.
• Two devices form a CSS and are virtualized into a single logical device. This simplified network does not require Multiple Spanning Tree Protocol (MSTP) or Virtual Router Redundancy Protocol (VRRP), so network configuration is much simpler. Additionally, inter-device link aggregation speeds up network convergence and improves network reliability
• Core switches set up a CSS and use Eth-Trunks to connect to uplink and downlink devices, building a highly reliable and loop-free network. Core layer
• Aggregation switches set up an iStack and use Eth-Trunks to connect to uplink and downlink devices, building a highly reliable loop-free network. Aggregation layer
• Access devices that are geographically close to each other as access switches in a building) are virtualized into one (such logical device using iStack. This adds interfaces and simplifies management. Access layer
• An Eth-Trunk is used to connect to the aggregation layer. The logical network architecture is simple, and STP and VRRP are not required. This networking offers high reliability, high uplink bandwidth, and fast convergence. Access layer
- within the coverage of the wireless network
- Ethernet 802.3
- WLAN 802.11
- Wi-fi1 802.11 2.4GHz 2Mbits/s
- Wi-fi2 802.11b 2.4GHz 11Mbits/s
- Wi-fi3 802.11a g 2.4GHz 5GHz 54Mbits/s
- Wi-fi4 802.11n 2.4GHz 5GHz 300Mbits/s
- Wi-fi5 802.11ac Wave1 5GHz 1300Mbit/s ac Wave2 5GHz 6.9Gbits/s
- Wi-fi6 802.11ax 2.4GHz 5GHz 9.6Gbits/s
- Link fault: Direct link fault and indirect link fault
- Direct link fault: alternative restore after 30s but indirect is 50s
- MAC Change: wait 300s
- STP root primary priority: 0
- Second priority: 4096
- OSPF & DHCP: no port number
- Periodically: Broadcast and P2P = 10s; others = 30s
- Protocol No: ICMP =1; TCP = 6; UDP = 17; OSPF = 89; Telnet = 6; FTP = 6; TFTP = 17; NTP = 17; DNS = 17 & 6; SNMP = 17; SMTP = 17; SMTP = 17; DHCP = 67 Server & 68 Client; HTTP & HTTPs = 6; NTP 17
- Port No: Telnet = 23; FTP = 20 & 21; TFTP = 69; HTTP = 80; NTP = 123; DNS = 53; SNMP = 161 & 162; SMTP = 25; HTTPS = 443
- DHCP DORA Massage: Discovery, Offer, Request, Ack
- Port type: Flooding, forwarding, discarding
VRP
The Versatile Routing Platform (VRP) is a universal operating system (OS) platform for Huawei datacom products. It serves as the software core engine of Huawei's full series of routers from low-end to core ones, Ethernet switches, service gateways, and so on
- Provides a unified user interface and a unified management interface.
- Implements the functions of the control plane and defines the interface
specifications of the forwarding plane.
- Implements communication between the device forwarding plane and VRP
control plane.
VRP5
- Component-based design, Applicable to various Huawei products, High performance
VRP8
- Multi-process, Component-based design, Support for multi-CPU and multi-chassis
File System
- The system software is a must for device startup and operation, providing support, management, and services for a device. The common file name extension is .cc.
- A patch is a kind of software compatible with the system software. It is used to fix bugs in system software. The common file name extension is .pat.
- A configuration file stores configuration commands, enabling a device to start with the configurations in the file. The common file name extensions are .cfg, zip, and .dat.
- A PAF file effectively controls product features and resources. The common file name extension is .bin.
Installation Process
After a device is powered on, it runs the BootROM software to initialize the hardware and display hardware parameters. Then, it runs the system software and reads the configuration file from the default storage path to perform initialization.
- 2 device management modes: CLI and web system (GUI)
VRP User Interfaces
- a user interface can be a console user interface or virtual type terminal (VTY) user interface
- console user interface: The serial port of a user terminal can be directly connected
- VTY: After a Telnet or STelnet connection
VRP User Levels
- Visit level, Monitoring level, Configuration level, Management level
Login to the Web System: enter https://192.168.1.1
- To implement the login, directly connect your terminal's serial port to the device's console port, and use PuTTY to log in to the device. You can then configure the device after the login succeeds
- PuTTY is a connection software for login through Telnet, SSH, serial interfaces, and so on.
- In local login, the terminal is connected to the console port of the Huawei device through a serial port. Therefore, set Connection type to Serial. Set Serial line based on the actually used port on the terminal. Set Speed to
9600.
- Remote login methods include Telnet and SSH
- Connection type to SSH: use the default port number 22
- Connection type to Telnet: use the default port number 23.
CLI
• Command word: specifies the operation to be executed in a command, such as display (device status query) or reboot (device restart).
• Keyword: a special character string that is used to further restrict a command. It is an extension of a command and can also be used to express the command composition logic.
• Parameter list: is composed of parameter names and values to further restrict the command function. It can contain one or more pairs of parameter names and values.
Command Views: User View, System View, Others view
- Left cursor key ← or Ctrl+B: moves the cursor one character to the left.
- Right cursor key → or Ctrl+F: moves the cursor one character to the right.
- • CTRL_A: moves the cursor to the beginning of the current line.
- • CTRL_B: moves the cursor one character to the left.
- • CTRL_C: stops the running of the current command.
- • CTRL_E: moves the cursor to the end of the current line.
- • CTRL_X: deletes all characters on the left of the cursor.
- • CTRL_Y: deletes the character at the cursor and all characters on the right of
the cursor.
- • CTRL_Z: returns to the user view.
- • CTRL+]: terminates the current connection or switches to another connection.
Display
<Huawei>display configuration candidate
This command displays the commands that have been configured but not committed.
After configuration commands are committed, they are saved in the running configuration database.
<Huawei>display current-configuration
This command displays the effective parameter settings. After configurations are saved, the command configurations are stored in the startup configuration database.
<Huawei>display startup
The command displays the names of the system software, configuration files, PAF files, and patch files used for the current startup and to be used for the next startup. VRPv5 has the running and startup configuration databases but does not have the candidate configuration database. Therefore, a command configuration takes effect immediately after the command is executed, without being committed. However, in VRPv8, the configuration command takes effect only after the command committed.
Network layer protocols include Internet Control Message Protocol (ICMP) and Internet Packet Exchange (IPX), in addition to IP.
IPv4 Packet Format: Ethernet header, IP Header, TCP Header, User Data, Ethernet Tail: fixed size = 20 bytes & Optional size: 0 – 40 bytes
Default subnet masks of classes A, B, and C
▫ Class A: 8 bits, 0.0.0.0–127.255.255.255/8
▫ Class B: 16 bits, 128.0.0.0–191.255.255.255/16
▫ Class C: 24 bits, 192.0.0.0-223.255.255.255/24
Ethernet Switching
A collision domain is a set of nodes connected to the same shared medium. All nodes in a collision domain compete for the same bandwidth. Packets (unicast, multicast, or broadcast) sent by a node can be received by other nodes.
Ethernet Frame Format: Ethernet_II and IEEE 802.3
l A MAC address is 48 bits (6 bytes) in length.
l As typically represented, MAC addresses are recognizable as six groups of two hexadecimal digits, separated by hyphens, colons, or without a separator.
Host 1>arp -a
[Switch]display mac-address verbose
VLAN
- IEEE 802.1Q defines a 4-byte VLAN tag for Ethernet frames
• Tag protocol identifier (TPID): identifies the type of a frame. The value 0x8100 indicates an IEEE 802.1Q frame.
• Canonical format indicator (CFI): indicates whether a MAC address is in the canonical format. For Ethernet frames, the value of this field is 0.
• VLAN ID: identifies the VLAN to which a frame belongs
VLAN Assignment Methods: Interface-based assignment, MAC address-based assignment, IP subnet-based assignment, Protocol-based assignment, policy-based assignment
Interface-based VLAN Assignment:
• Principles
▫ VLANs are assigned based on interfaces.
▫ A network administrator preconfigures a PVID for each switch interface and assigns each interface to a VLAN corresponding to the PVID.
▫ After an interface receives an untagged frame, the switch adds a tag carrying the PVID of the interface to the frame. The frame is then transmitted in the specified VLAN.
• Port Default VLAN ID: PVID
▫ Default VLAN ID for an interface
▫ Value range: 1–4094
Layer 2 Ethernet Interface Types:
• Access interface
An access interface is used to connect a switch to a terminal, such as a PC or server. In general, the NICs on such a terminal receive and send only untagged frames. An access interface can be added to only one VLAN.
• Trunk interface
A trunk interface allows frames that belong to multiple VLANs to pass through and differentiates the frames using the 802.1Q tag. This type of interface is used to connect a switch to another switch or a sub-interface on a device, such as a router or firewall.
Hybrid interface
Similar to a trunk interface, a hybrid interface also allows frames that belong to multiple VLANs to pass through and differentiates the frames using the 802.1Q tag. You can determine whether to allow a hybrid interface to carry VLAN tags when sending the frames of one or more VLANs.
ACL
security and QoS.
control network access behaviors, prevent network attacks, and improve network bandwidth utilization,
-