Professional Documents
Culture Documents
com/cn
1e-learning /
HCNAHCNPe-Learning
HCIEHCIEe-Learning
HCIE Learning@huawei.com
2
+
/
3(LVC)
UC&C
LVC
4
eNSP
WLAN PlannerAP
eDesk
HedEx Lite
,
HCIE-DC
2016-10-11 , 1 , 134
HCIE-DC HCIE-DC
DC DC DC SDN
10
SDNeSight
HCIE-DC
HCIE-DC
DC
VS
DC Trill
Trill
DC M-LAG
M-LAG
DC
OSPF BGP
DC
DC VXLAN
VXLAN
DC eSight
eSight
LUN
FusionCompute FusionCompute
FusionCompute V3
FusionSphere OpenStack CPS FusionCompute
FusionCompute FusionSphere
OpenStack
FusionSphere OpenStack
2016-10-11 , 2 , 134
VDC/VPC VDC/VPC
VDC/VPC
CloudEngine 12800
CloudEngine 8800&7800&6800&5800
Huawei AR150&200&1200&2200&3200
HUAWEI USG6000 & NGFW Module
eSight
FusionCompute
FusionSphere ()
OceanStor 5300 V3&5500 V3&5600 V3&5800 V3&6800 V3
OceanStor eBackup
2016-10-11 , 3 , 134
1 ............................................................................................................... 8
1.1 .............................................................................................................. 8
1.2 ....................................................................................................... 8
1.3 ........................................................................................................... 9
2 .............................................................................................. 10
2.1 ................................................................................................................10
2.2 ......................................................................................................11
2.3 ................................................................................................................11
2.6 VS ................................................................................................23
2.6.1 .........................................................................................................23
2.6.2 ...............................................................................................23
2.6.3 VS...........................................................................................................23
2.6.4 VS ...........................................................................24
2.6.5 ..................................................................................................24
2.6.6 VS IP ..................................................................25
2.6.7 VS ........................................................................26
2.6.8 VS .........................................................................................26
3 -Trill ....................................................................................... 31
3.1 ................................................................................................................31
3.2 ......................................................................................................32
3.2.1 .........................................................................................................32
3.2.2 iStack ....................................................32
3.2.3 TRILL Carrier-vlan CE-vlan ...............................................34
3.2.4 TRILL ...............................................................34
3.2.5 nicknametrill-nameNET ....................................35
3.2.6 ..................................................................................................36
3.2.7 ..............................................37
3.2.8 ...................................................................38
3.2.9 TRILL .......................................................................................39
3.2.10 .........................................................................................................41
4 -M-LAG.................................................................................. 43
4.1 ................................................................................................................43
4.2 ......................................................................................................43
4.2.1 .........................................................................................................44
2016-10-11 , 5 , 134
4.3 ................................................................................................................44
4.3.1 DC2-AS Trill ................................................................................44
4.3.2 M-LAG ......................................................................................44
4.3.3 M-LAG Monitor Link ............................................................................46
4.3.4 M-LAG .............................................................................................46
4.3.5 ..................................................................................................48
5 .............................................................................................. 50
5.1 ................................................................................................................50
5.2 ......................................................................................................51
5.3 ................................................................................................................51
5.4 ................................................................................................................51
5.6 IP .....................................................................................................53
5.9 ..........................................................................................................59
5.10 ................................................................................................................59
6 .............................................................................................. 63
6.1 ................................................................................................................63
6.2 ......................................................................................................63
6.3 ................................................................................................................63
6.4 ................................................................................................................64
6.4.1 IP ....................................................................................................64
6.4.2 ..................................................................................................66
6.4.3 HA ..........................................................................................................68
6.4.4 ..................................................................................................69
6.5 ................................................................................................................69
7 VXLAN ............................................................................. 74
7.1 ................................................................................................................74
7.2 ......................................................................................................74
2016-10-11 , 6 , 134
7.3 ................................................................................................................74
7.4 ................................................................................................................74
7.4.1 Loopback ..................................................................................74
7.4.2 ..................................................................................................75
7.4.3 VXLAN .....................................................................................75
7.5 ..........................................................................................................76
7.6 ................................................................................................................77
7.7 ................................................................................................................77
8 eSight ................................................................................................. 81
8.1 ................................................................................................................81
8.2 ......................................................................................................81
8.3 ................................................................................................................81
8.4 ................................................................................................................81
8.4.1 SNMP .......................................................................................81
8.4.2 eSight SNMP .......................................................................82
8.4.3 eSight .......................................................................................85
8.4.4 eSight .......................................................................................86
9 ............................................................................................................. 90
10 ............................................................................................................. 96
15 ............................................................................................................... 117
16 ............................................................................................................... 128
2016-10-11 , 7 , 134
1.1
HCIE-DC SDN
FC SAN Openstack
VXLAN WEB
HCIE-DC
VXLAN
eSight
1.2
2016-10-11 , 8 , 134
1.2-1
1.3
2016-10-11 , 9 , 134
AR2200 3 V200R005C10
CE12804S 2 V100R006C00SPC600
CE6851-HI 2 V100R006C00SPC600
CE6850U-HI 4 V100R006C00SPC600
eSight V300R003C20SPC002
MangeOne V100R002C30SPC200
SNS2124 4 V200R001C00SPC300
OceanStor5300 V3 2 V300R003C00SPC100
FusionManager V100R005C10SPC700
FusionCompute V100R005C10SPC701
eBackup V100R002C00SPC200
1.3-1
2.1
CE5800/6800/7800
CE12800 CSS
Eth-Trunk
CE12800 VS
CE12800 VS
2016-10-11 , 10 , 134
2.2
2-2.2-1
ToR
2-1 CS1 CS2
10GE1/0/0 10GE2/0/0
SIPSystem
Inter-Connect Port MPU
SIP
ToR-1 ToR-2 ToR-1 ToR-2
40GE1/0/540GE1/0/6 1/1
CE12804S
ToR CE6851-48S6Q-HI
2.3
2016-10-11 , 11 , 134
3 VS VS
4 Eth-trunk
2.4 iStack
2.4.1
1
ID
2
3
2.4.2 TOR-1TOR-2
TOR-1 ID 1 150Domain ID 10
<HUAWEI> system-view
[~HUAWEI] sysname TOR-1
[*HUAWEI] commit
[~TOR-1] stack
[~TOR-1-stack] stack member 1 priority 150
[*TOR-1-stack] stack member 1 domain 10
[*TOR-1-stack] quit
[*TOR-1] commit
ID 1 TOR-1 ID
1
TOR-2 ID 2Domain ID 10 100
<HUAWEI> system-view
[~HUAWEI] sysname TOR-2
[*HUAWEI] commit
[~TOR-2] stack
[~TOR-2-stack] stack member 1 renumber 2 inherit-config
Warning: The stack configuration of member ID 1 will be inherited to member
ID 2 after the device resets. Continue? [Y/N]: y
[*TOR-2-stack] stack member 1 domain 10
[*TOR-2-stack] quit
[*TOR-2] commit
2016-10-11 , 12 , 134
inherit-config
inherit-config
ID
ID
inherit-config
2.4.3
2.4.4
Attribute Configuration:
-----------------------------------------
MemberID Domain Priority
Oper(Conf) Oper(Conf) Oper(Conf)
-----------------------------------------
1(1) --(10) 100(150)
-----------------------------------------
Stack-Port Configuration:
---------------------------------------------------------------------
Stack-Port Member Ports
---------------------------------------------------------------------
2016-10-11 , 13 , 134
2.4.5
TOR-1TOR-2
<TOR-1> save
Warning: The current configuration will be written to the device. Continue?
[Y/N]: y
<TOR-1> reboot
Warning: The system will reboot. Continue? [Y/N]: y
2.4.6
2.4.7
Stack Link:
----------------------------------------------------------------------
Stack-Port Port Status PeerPort PeerStatus
----------------------------------------------------------------------
Stack-Port1/1 40GE1/0/5 up 40GE2/0/5 up
Stack-Port1/1 40GE1/0/6 up 40GE2/0/6 up
Stack-Port2/1 40GE2/0/5 up 40GE1/0/5 up
Stack-Port2/1 40GE2/0/6 up 40GE1/0/6 up
----------------------------------------------------------------------
2016-10-11 , 14 , 134
-------------------------------
hybrid hybrid
-------------------------------
Attribute Configuration:
-----------------------------------------
MemberID Domain Priority
Oper(Conf) Oper(Conf) Oper(Conf)
-----------------------------------------
1(1) 10(10) 150(150)
2(2) 10(10) 100(100)
-----------------------------------------
Stack-Port Configuration:
----------------------------------------------------------------------
Stack-Port Member Ports
----------------------------------------------------------------------
Stack-Port1/1 40GE1/0/5 40GE1/0/6
Stack-Port2/1 40GE2/0/5 40GE2/0/6
----------------------------------------------------------------------
2.4.8
TOR-1 ToR-2
IP
Domain ID IP
Error-down
<TOR-1>system-view
Enter system view, return user view with return command.
[~TOR-1]interface MEth 0/0/0
[~TOR-1-MEth0/0/0]dual-active detect enable
[~TOR-1-MEth0/0/0]quit
[~TOR-1]commit
[~TOR-1]quit
IP
Console
IP
IP IP
IP
IP
<TOR-1>system-view
Enter system view, return user view with return command.
[~TOR-1]interface MEth 0/0/0
[~TOR-1-MEth0/0/0] dual-active backup ip address 172.21.21.40 255.255.0.0
member 2
[~TOR-1-MEth0/0/0]quit
2016-10-11 , 15 , 134
[~TOR-1]commit
[~TOR-1]quit
2.4.9
save
<TOR-1> save
Warning: The current configuration will be written to the device. Continue?
[Y/N]: y
2.4.10
ToR-1
#
sysname TOR-1
#
stack
#
stack member 1 domain 10
stack member 1 priority 150
#
stack member 2 domain 10
#
interface MEth0/0/0
ip address 172.21.21.17 255.255.0.0
dual-active backup ip address 172.21.21.40 255.255.0.0 member 2
dual-active detect enable
#
interface Stack-Port1/1
#
interface Stack-Port2/1
#
interface 40GE1/0/5
port mode stack
stack-port 1/1
port crc-statistics trigger error-down
device transceiver 40GBASE-COPPER
#
interface 40GE1/0/6
port mode stack
stack-port 1/1
port crc-statistics trigger error-down
device transceiver 40GBASE-COPPER
#
interface 40GE2/0/5
port mode stack
stack-port 2/1
port crc-statistics trigger error-down
device transceiver 40GBASE-COPPER
#
interface 40GE2/0/6
port mode stack
stack-port 2/1
port crc-statistics trigger error-down
device transceiver 40GBASE-COPPER
#
Return
#
2.5 CSS
2.5.1
2016-10-11 , 16 , 134
1) CS1-CS2
2) CS1-CS2
ID
3) CS1-CS2
4) CS1-CS2
5)
2.5.2
CS1 CS2
SIP
SIP
2.5-1
2.5-2
CS1&CS2 CEMPU
CS1 CS2
A- Sip5/0/0 A- Sip5/0/0
A- Sip5/0/1 B- Sip6/0/0
B- Sip6/0/0 A- Sip5/0/1
B- Sip6/0/1 B- Sip6/0/1
2.5-1 MPU
2016-10-11 , 17 , 134
CS1&CS2 CELPU
CS1 CS2
10GE1/0/0 10GE1/0/0
10GE2/0/0 10GE2/0/0
2.5-2 LPU
2.5.3 CS1CS2
CS1 ID 1 200Domain ID 12
<HUAWEI> system-view
[~HUAWEI] sysname CS1
[*HUAWEI] commit
[~CS1] stack
[~CS1-stack] stack member 1
[~CS1-stack] stack priority 200
[*CS1-stack] stack domain 12
[*CS1-stack] stack link-type mainboard-direct
[*CS1-stack] quit
[*CS1] commit
CS2 ID 2 150Domain ID 12
<HUAWEI> system-view
[~HUAWEI] sysname CS2
[*HUAWEI] commit
[~CS2] stack
[~CS2-stack] stack member 2
Warning: The device will use the configuration of member ID 2 after the
device resets. Continue? [Y/N]: y
[*CS2-stack] stack priority 150
[*CS2-stack] stack domain 12
[*CS2-stack] stack link-type mainboard-direct
[*CS2-stack] quit
[*CS2] commit
stack link-type
linecard-direct
2.5.4
2.5.5
Attribute Configuration:
---------------------------------------------------------------
MemberID Domain Priority Mode Enable
Oper(Conf) Oper(Conf) Oper(Conf) Oper(Conf) Oper
---------------------------------------------------------------
1(1) --(12) 100(200) MB(MB) Disable
---------------------------------------------------------------
Stack-Port Configuration:
---------------------------------------------------------------------
Stack-Port Member Ports
---------------------------------------------------------------------
Stack-Port1 10GE1/0/0 10GE2/0/0
---------------------------------------------------------------------
2.5.6
CS1
<CS1> save
Warning: The current configuration will be written to the device. Continue?
[Y/N]: y
<CS1> system-view
[~CS1] stack
[~CS1-stack] stack enable
Warning: Make sure that one or more dual-active detection methods are
configured once the conversion is complete and the device ente
rs the stack mode.
Current configuration will be converted to the next startup
saved-configuration file of stack mode.
System will reboot. Continue? [Y/N]: y
CS2
<CS2> save
Warning: The current configuration will be written to the device. Continue?
[Y/N]: y
<CS2> system-view
[~CS2] stack
[~CS2-stack] stack enable
Warning: Make sure that one or more dual-active detection methods are
configured once the conversion is complete and the device ente
rs the stack mode.
2016-10-11 , 19 , 134
2.5.7
CS1 STACK CS2 STACK
CS1 CS2
Console
IP
Stack Link:
----------------------------------------------------------------------
Stack-Port Port Status PeerPort PeerStatus
----------------------------------------------------------------------
Stack-Port1/1 10GE1/1/0/0 up 10GE2/1/0/0 up
Stack-Port1/1 10GE1/2/0/0 up 10GE2/2/0/0 up
Stack-Port2/1 10GE2/1/0/0 up 10GE1/1/0/0 up
Stack-Port2/1 10GE2/2/0/0 up 10GE1/2/0/0 up
----------------------------------------------------------------------
2016-10-11 , 20 , 134
Isolated Port : The port is in stack mode, but does not belong to any
Stack-Port
Attribute Configuration:
---------------------------------------------------------------
MemberID Domain Priority Mode Enable
Oper(Conf) Oper(Conf) Oper(Conf) Oper(Conf) Oper
---------------------------------------------------------------
1(1) 12(12) 200(200) MB(MB) Enable
2(2) 12(12) 150(150) MB(MB) Enable
---------------------------------------------------------------
Stack-Port Configuration:
----------------------------------------------------------------------
Stack-Port Member Ports
----------------------------------------------------------------------
Stack-Port1/1 10GE1/1/0/0 10GE1/2/0/0
Stack-Port2/1 10GE2/1/0/0 10GE2/2/0/0
----------------------------------------------------------------------
2.5-3
<CS1>system-view
Enter system view, return user view with return command.
[CS1]interface 10ge 1/1/0/5
[~CS-1-MEth0/0/0]dual-active detect mode direct
Warning: The interface will block common data packets, except BPDU packets.
Continue? [Y/N]: y
[~CS1-MEth0/0/0]quit
[CS1]interface 10ge 2/1/0/5
[~CS-1-MEth0/0/0]dual-active detect mode direct
Warning: The interface will block common data packets, except BPDU packets.
Continue? [Y/N]: y
[~CS1-MEth0/0/0]quit
[~CS1]commit
[CS1]quit
CSS
<CS1>display dual-active
Dual-active status: Normal
Dual-active detect mode: Direct
Dual-active detect configuration of MEth: Disable
Dual-active direct detect interfaces configured:
10GE1/1/0/5 up
10GE2/1/0/5 up
Dual-active relay detect interfaces configured:
-
Excluded ports(configurable):
-
2016-10-11 , 21 , 134
2.5.9
save
<CS1> save
Warning: The current configuration will be written to the device. Continue?
[Y/N]: y
2.5.10
#
sysname CS1
#
stack
#
stack mode
#
stack member 1 domain 12
stack member 1 priority 200
#
stack member 2 domain 12
stack member 2 priority 150
#
interface 10GE1/1/0/0
port mode stack
stack-port 1/1
port crc-statistics trigger error-down
device transceiver 10GBASE-COPPER
#
interface 10GE1/2/0/0
port mode stack
stack-port 1/1
port crc-statistics trigger error-down
device transceiver 10GBASE-COPPER
#
interface 10GE2/1/0/0
port mode stack
stack-port 2/1
port crc-statistics trigger error-down
device transceiver 10GBASE-COPPER
#
interface 10GE2/2/0/0
port mode stack
stack-port 2/1
port crc-statistics trigger error-down
device transceiver 10GBASE-COPPER
#
interface 10GE1/1/0/5
dual-active detect mode direct
device transceiver 10GBASE-COPPER
#
interface 10GE2/1/0/5
dual-active detect mode direct
device transceiver 10GBASE-COPPER
#
interface Sip1/5/0/0
#
interface Sip1/5/0/1
#
interface Sip1/6/0/0
2016-10-11 , 22 , 134
#
interface Sip1/6/0/1
#
interface Sip2/5/0/0
#
interface Sip2/5/0/1
#
interface Sip2/6/0/0
#
interface Sip2/6/0/1
#
Return
2.6 VS
2.6.1
2.6.2
2.6-1 VS
2.6.3 VS
Group VS
display device port-map [ slot slot-id ]
VS
VS1 VS2
[~CS1] admin
[~CS1-admin] virtual-system VS1
2016-10-11 , 23 , 134
2.6.4 VS
VS
VS resource
display virtual-system[ name vs-name ] verbose
VS
[~CS1-admin]resource-template Template-VS
[*CS1-admin-template:Template-VS]resource cpu weight 1
[*CS1-admin-template:Template-VS]resource vlan upper-limit 100
[*CS1-admin-template:Template-VS]resource memory ratio-threshold 5
[*CS1-admin-template:Template-VS]resource u4route upper-limit 100000
[*CS1-admin-template:Template-VS]quit
[*CS1-admin]commit
[~CS1-admin] virtual-system VS1
[*CS1-admin-VS:VS1] assign resource-template Template-VS
[*CS1-admin-VS:VS1] quit
[~CS1-admin] virtual-system VS2
[*CS1-admin-VS:VS2] assign resource-template Template-VS
[*CS1-admin-VS:VS2] quit
[*CS1-admin] commit
2.6.5
VS1
2016-10-11 , 24 , 134
vs2
2.6.6 VS IP
VS1 VS1 IP
2016-10-11 , 25 , 134
VS2 VS2 IP
2.6.7 VS
VS
IP Telnet VS PC
C:\Documents and Settings\Administrator> telnet 172.16.16.29 Enter
VS
C:\Users\Administrator>telnet 172.21.21.29
Warning: Telnet is not a secure protocol, and it is recommended to use
Stelnet.
Password:
Info: The max number of VTY users is 5, the number of current VTY users
online i
s 2, and total number of terminal users online is 2.
The current login time is 2016-08-08 15:13:17.
<VS1>
2.6.8 VS
2016-10-11 , 26 , 134
#
sysname CS1
#
admin
resource-template Template-VS
resource u4route upper-limit 100000
resource vlan upper-limit 100
resource cpu weight 1
resource memory ratio-threshold 5
virtual-system VS1
port-mode port
resource u4route upper-limit 100000
resource m4route upper-limit 1000
resource u6route upper-limit 16000
resource m6route upper-limit 100
resource vlan upper-limit 100
undo resource mpls enable
undo resource trill enable
undo resource mcast enable
resource vpn-instance upper-limit 256
resource cpu weight 1
resource memory ratio-threshold 5
resource disk ratio-threshold 100
assign interface 10GE2/1/0/1
assign interface 10GE2/1/0/2
assign interface 10GE2/1/0/3
assign interface 10GE2/1/0/4
virtual-system VS2
port-mode port
resource u4route upper-limit 100000
resource m4route upper-limit 1000
resource u6route upper-limit 16000
resource m6route upper-limit 100
resource vlan upper-limit 100
undo resource mpls enable
undo resource trill enable
undo resource mcast enable
resource vpn-instance upper-limit 256
resource cpu weight 1
resource memory ratio-threshold 5
resource disk ratio-threshold 100
assign interface 10GE2/2/0/1
assign interface 10GE2/2/0/2
assign interface 10GE2/2/0/3
assign interface 10GE2/2/0/4
#
Return
VS1
#
sysname VS1
#
interface MEth0/0/0/0
ip address 172.21.21.29 255.255.0.0
#
interface 10GE2/1/0/1
#
interface 10GE2/1/0/2
#
interface 10GE2/1/0/3
device transceiver 10GBASE-COPPER
#
interface 10GE2/1/0/4
device transceiver 10GBASE-COPPER
#
interface NULL0
#
ssh authorization-type default aaa
#
user-interface vty 0 4
authentication-mode password
2016-10-11 , 27 , 134
VS2
#
sysname VS2
#
interface MEth0/0/0/0
ip address 172.21.21.30 255.255.0.0
#
interface 10GE2/2/0/1
device transceiver 10GBASE-COPPER
#
interface 10GE2/2/0/2
device transceiver 10GBASE-COPPER
#
interface 10GE2/2/0/3
device transceiver 10GBASE-COPPER
#
interface 10GE2/2/0/4
device transceiver 10GBASE-COPPER
#
interface NULL0
#
ssh authorization-type default aaa
#
user-interface vty 0 4
authentication-mode password
user privilege level 3
set authentication password cipher
$1a$~!mo7/C7W%$I+1BY/9J.T$5.!MVMlNYH1{y9Rj2w"M[>c3')4wW$
#
2.7 Eth-trunk
2.7.1
2016-10-11 , 28 , 134
2-1 Eth-Trunk
5-1 CS1 AS
Eth-Trunk
2.7.2
1) Eth-Trunk
2)
2.7.3
Eth-Trunk
CS1 Eth-Trunk10 CS1 AS
Eth-Trunk LACP
[*CS1-Eth-Trunk10] quit
[*CS1] commit
CS1
2.7.4
Eth-trunk CS1
Partner:
----------------------------------------------------------------------
ActorPortName SysPri SystemID PortPri PortNo PortKey
PortState
10GE1/1/0/13 32768 384c-4f0b-6a61 32768 1 2625
10111100
10GE1/1/0/14 32768 384c-4f0b-6a61 32768 4 2625
10111100
2016-10-11 , 30 , 134
2.7.5 CS1
#
sysname CS1
#
interface Eth-Trunk10
mode lacp-static
#
interface 10GE1/1/0/13
eth-trunk 10
#
interface 10GE1/1/0/14
eth-trunk 10
#
interface 10GE2/1/0/13
eth-trunk 10
#
interface 10GE2/1/0/14
eth-trunk 10
#
return
2.7.6 AS
#
sysname AS
#
interface Eth-Trunk10
mode lacp-static
#
interface 10GE1/0/13
eth-trunk 10
#
interface 10GE1/0/14
eth-trunk 10
#
interface 10GE2/0/13
eth-trunk 10
#
interface 10GE2/0/14
eth-trunk 10
#
Return
3 -Trill
3.1
TRILL
TRILL
TRILL
2016-10-11 , 31 , 134
3.2
3.2-1 Trill
3.2.1
1 iStack
2 Trill Trill
3 Trill Trill
4 Trill Trill
3.2.2 iStack
DC2-CS1
<DC2-CS1>reset saved-configuration
The action will delete the saved configuration on the device.
The configuration will be erased to reconfigure.Continue? [Y/N]:Y
2016-10-11 , 32 , 134
...
An initial password is required for the first login via the console.
Continue to set it? [Y/N]: y
Set a password and keep it safe! Otherwise you will not be able to login
via the console.
<Huawei>system-view immediately
Enter system view, return user view with return command.
[Huawei]sysname DC1-CS1
[DC1-CS1]undo telnet server disable
Warning: TELNET is not a secure protocol, and it is recommended to use
Stelnet.
[DC1-CS1]user-interface vty 0 4
[DC1-CS1-ui-vty0-4]authentication-mode password
Warning: The "password" authentication mode is not secure, and it is
strongly recommended to use "aaa" authentication mode.
[DC1-CS1-ui-vty0-4]set authentication password cipher Huawei@123
Warning: The "password" authentication mode is not secure, and it is
strongly recommended to use "aaa" authentication mode.
[DC1-CS1-ui-vty0-4]user privilege level 3
[DC1-CS1-ui-vty0-4]quit
[DC1-CS1]lldp enable
Info: Global LLDP is already enabled.
[DC1-CS1]interface MEth 0/0/0
[DC1-CS1-MEth0/0/0]ip address 172.21.21.17 16
[DC1-CS1-MEth0/0/0]quit
[DC1-CS1]quit
<DC1-CS1>
DC2-CS1
<DC2-CS1>reset saved-configuration
The action will delete the saved configuration on the device.
The configuration will be erased to reconfigure.Continue? [Y/N]:Y
Warning: Now the configuration on the device is being deleted.
Info: Succeeded in clearing the configuration in the device.
<DC2-CS1>reboot
slot 1:
Next startup system software: flash:/CE6851HI-V100R006C00SPC600.cc
Next startup saved-configuration file: NULL
Next startup paf file: default
Next startup patch package: NULL
Warning: The current configuration will be saved to the next startup
saved-configuration file. Continue? [Y/N]:N
Warning: The system will reboot. Continue? [Y/N]:Y
...
An initial password is required for the first login via the console.
Continue to set it? [Y/N]: y
Set a password and keep it safe! Otherwise you will not be able to login
via the console.
2016-10-11 , 33 , 134
<Huawei>system-view immediately
Enter system view, return user view with return command.
[Huawei]sysname DC1-CS2
[DC1-CS2]undo telnet server disable
Warning: TELNET is not a secure protocol, and it is recommended to use
Stelnet.
[DC1-CS2]user-interface vty 0 4
[DC1-CS2-ui-vty0-4]authentication-mode password
Warning: The "password" authentication mode is not secure, and it is
strongly recommended to use "aaa" authentication mode.
[DC1-CS2-ui-vty0-4]set authentication password cipher Huawei@123
Warning: The "password" authentication mode is not secure, and it is
strongly recommended to use "aaa" authentication mode.
[DC1-CS2-ui-vty0-4]user privilege level 3
[DC1-CS2-ui-vty0-4]quit
[DC1-CS2]lldp enable
Info: Global LLDP is already enabled.
[DC1-CS2]interface MEth 0/0/0
[DC1-CS2-MEth0/0/0]ip address 172.21.21.16 16
[DC1-CS2-MEth0/0/0]quit
[DC1-CS2]quit
<DC1-CS2>
RB1
<DC2-CS1>system-view
Enter system view, return user view with return command.
[~DC2-CS1]trill
[~DC2-CS1-trill]carrier-vlan 2000
[~DC2-CS1-trill]commit
[~DC2-CS1-trill]quit
RB2
<DC2-CS2>system-view
Enter system view, return user view with return command.
[~DC2-CS2]trill
[~DC2-CS2-trill]carrier-vlan 2000
[~DC2-CS2-trill]commit
[~DC2-CS2-trill]quit
RB3
<DC2-AS>system-view
Enter system view, return user view with return command.
[~DC2-AS]trill
[~DC2-AS-trill]carrier-vlan 2000
[~DC2-AS-trill]ce-vlan 200
[~DC2-AS-trill]commit
[~DC2-AS-trill]quit
3.2.4 TRILL
TRILL
Trunk
2016-10-11 , 34 , 134
RB1
[~DC2-CS1]interface 40GigabitEthernet1/0/1
[~DC2-CS1-40GigabitEthernet1/0/1 ]port link-type trunk
[~DC2-CS1-40GigabitEthernet1/0/1 ]trill enable
[~DC2-CS1-40GigabitEthernet1/0/1 ]quit
[~DC2-CS1]interface 40GigabitEthernet1/0/2
[~DC2-CS1-40GigabitEthernet1/0/2 ]port link-type trunk
[~DC2-CS1-40GigabitEthernet1/0/2 ]trill enable
[~DC2-CS1-40GigabitEthernet1/0/2 ]quit
[~DC2-CS1]commit
RB2
[~DC2-CS2]interface 40GigabitEthernet1/0/1
[~DC2-CS2-40GigabitEthernet1/0/1 ]port link-type trunk
[~DC2-CS2-40GigabitEthernet1/0/1 ]trill enable
[~DC2-CS2-40GigabitEthernet1/0/1 ]quit
[~DC2-CS2]interface 40GigabitEthernet1/0/2
[~DC2-CS2-40GigabitEthernet1/0/2 ]port link-type trunk
[~DC2-CS2-40GigabitEthernet1/0/2 ]trill enable
[~DC2-CS2-40GigabitEthernet1/0/2 ]quit
[~DC2-CS2]commit
RB3
[~DC2-AS]interface 40GigabitEthernet1/0/1
[~DC2-AS-40GigabitEthernet1/0/1 ]port link-type trunk
[~DC2-AS-40GigabitEthernet1/0/1 ]trill enable
[~DC2-AS-40GigabitEthernet1/0/1 ]quit
[~DC2-AS]interface 40GigabitEthernet1/0/2
[~DC2-AS-40GigabitEthernet1/0/2 ]port link-type trunk
[~DC2-AS-40GigabitEthernet1/0/2 ]trill enable
[~DC2-AS-40GigabitEthernet1/0/2 ]quit
[~DC2-AS]interface 40GigabitEthernet2/0/1
[~DC2-AS-40GigabitEthernet2/0/1 ]port link-type trunk
[~DC2-AS-40GigabitEthernet2/0/1 ]trill enable
[~DC2-AS-40GigabitEthernet2/0/1 ]quit
[~DC2-AS]interface 40GigabitEthernet2/0/2
[~DC2-AS-40GigabitEthernet2/0/1 ]port link-type trunk
[~DC2-AS-40GigabitEthernet2/0/1 ]trill enable
[~DC2-AS-40GigabitEthernet2/0/1 ]quit
[~DC2-AS]commit
3.2.5 nicknametrill-nameNET
RB1
[~DC2-CS1]trill
[~DC2-CS1-trill]network-entity 00.0000.0000.1111.00
Info: Ensure that the nickname is unique.
[~DC2-CS1-trill]nickname 1111 priority 255 root-priority 65535
[~DC2-CS1-trill]trill-name RB1
[~DC2-CS1-trill]commit
[~DC2-CS1-trill]display this
#
trill
trill-name RB1
network-entity 00.0000.0000.1111.00
nickname 1111 priority 255 root-priority 65535
carrier-vlan 2000
2016-10-11 , 35 , 134
#
return
RB2
[~DC2-CS2]trill
[~DC2-CS2-trill]network-entity 00.0000.0000.2222.00
[~DC2-CS2-trill]nickname 2222 priority 200 root-priority 60000
Info: Ensure that the nickname is unique.
[~DC2-CS2-trill]trill-name RB2
[~DC2-CS2-trill]commit
[~DC2-CS2-trill]display this
#
trill
trill-name RB2
network-entity 00.0000.0000.2222.00
nickname 2222 priority 200 root-priority 60000
carrier-vlan 2000
#
return
RB3
[~DC2-AS]trill
[~DC2-AS-trill]trill-name RB3
[~DC2-AS-trill]network-entity 00.0000.0000.3333.00
Info: Ensure that the nickname is unique.
[~DC2-AS-trill]commit
[~DC2-AS-trill]display this
#
trill
trill-name RB3
network-entity 00.0000.0000.3333.00
carrier-vlan 2000
ce-vlan 200
#
return
RB1 LSDB
Total LSP(s): 8
3.2.6
RB1 Trill
Total Peer(s): 2
Total Peer(s): 4
RB3 Trill
Total Route(s): 2
3.2.7
16 RB3
nickname RB3 RB2
2016-10-11 , 37 , 134
Total Route(s): 2
RB3
1
[~DC2-AS]trill
[~DC2-AS -trill]maximum load-balancing 1
[~DC2-AS -trill]commit
[~DC2-AS -trill]quit
number TRILL
number
RB ID ID RB
RB3 Trill
Total Route(s): 2
3.2.8
cost 500
<DC2-AS>system-view
Enter system view, return user view with return command.
[~DC2-AS]trill
[~DC2-AS-trill]maximum load-balance 16
[*DC2-AS-trill]quit
[*DC2-AS]interface 40GE 2/0/2
[*DC2-AS-40GE2/0/2]trill cost 600
[*DC2-AS-40GE2/0/2]quit
[*DC2-AS]commit
[~DC2-AS]quit
2016-10-11 , 38 , 134
<DC2-AS>
Total Route(s): 2
3.2.9 TRILL
[DC2-CS1]trill
[DC2-CS1-trill]area-authentication-mode md5 cipher Huawei
[DC2-CS1-trill]quit
[DC2-CS1]quit
<DC2-CS1>
RB1
Total Peer(s): 2
Total LSP(s): 1
RB2
[DC2-CS2]trill
[DC2-CS2-trill]area-authentication-mode md5 cipher Huawei
[DC2-CS2-trill]quit
[DC2-CS2]quit
<DC2-CS2>
RB3
[DC2-AS]trill
[DC2-AS-trill]area-authentication-mode md5 cipher Huawei
[DC2-AS-trill]quit
[DC2-AS]quit
<DC2-AS>
Total LSP(s): 4
TRILL
TRILL TRILL
Hello
Hello
TRILL
TRILL
RB1
<DC2-CS1>system-view
Enter system view, return user view with return command.
[*DC2-AS]interface 40GE 2/0/2
[*DC2-AS-40GE2/0/2]trill cost 500
[*DC2-AS-40GE2/0/2]quit
2016-10-11 , 40 , 134
RB1
Total Peer(s): 2
RB1 40GE1/0/1
RB1
Total Peer(s): 1
3.2.10
RB1
#
sysname DC2-CS1
#
2016-10-11 , 41 , 134
drop-profile default
#
trill
trill-name RB1
network-entity 00.0000.0000.1111.00
nickname 1111 priority 255 root-priority 65535
carrier-vlan 2000
area-authentication-mode md5 cipher %$%$-eFAUjux/+YnI|%*^%*^$%)*
#
interface 40GE1/0/1
port link-type trunk
undo port trunk allow-pass vlan 1
trill enable
trill authentication-mode simple
cipher %^%#bVwVF9@;{4}ePe/||8[4FsJ4<s#SBRE0pD"\&%3'%^%#
device transceiver 40GBASE-COPPER
#
interface 40GE1/0/2
port link-type trunk
undo port trunk allow-pass vlan 1
trill enable
device transceiver 40GBASE-COPPER
#
RB2
#
sysname DC2-CS2
#
drop-profile default
#
trill
trill-name RB2
network-entity 00.0000.0000.2222.00
nickname 2222 priority 200 root-priority 60000
carrier-vlan 2000
area-authentication-mode md5 cipher %$%$-_)(*&(^|NwsHa2,pg^%$%$
#
interface 40GE1/0/1
port link-type trunk
undo port trunk allow-pass vlan 1
trill enable
device transceiver 40GBASE-COPPER
#
interface 40GE1/0/2
port link-type trunk
undo port trunk allow-pass vlan 1
trill enable
device transceiver 40GBASE-COPPER
#
RB3
sysname DC2-AS
#
drop-profile default
#
trill
trill-name RB3
network-entity 00.0000.0000.3333.00
carrier-vlan 2000
ce-vlan 200
nickname 3333
area-authentication-mode md5 cipher %$%$-eFAUjux/+YnI|NwsHa2,pg^%$%$
#
interface 40GE1/0/1
port link-type trunk
undo port trunk allow-pass vlan 1
trill enable
device transceiver 40GBASE-COPPER
2016-10-11 , 42 , 134
#
interface 40GE1/0/2
port link-type trunk
undo port trunk allow-pass vlan 1
trill enable
device transceiver 40GBASE-COPPER
#
interface 40GE2/0/1
port link-type trunk
undo port trunk allow-pass vlan 1
trill enable
trill cost 500
device transceiver 40GBASE-COPPER
#
interface 40GE2/0/2
port link-type trunk
undo port trunk allow-pass vlan 1
trill enable
trill cost 500
device transceiver 40GBASE-COPPER
#
4 -M-LAG
4.1
M-LAG
M-LAG
M-LAG
4.2
4.2-1 Trill
4.2.1
1 DC2-AS Trill
2 M-LAG
4.3
[DC2-AS]undo trill
Warning: The TRILL process will be deleted. Continue? [Y/N]:Y
[DC2-AS]quit
<DC2-AS>
4.3.2 M-LAG
DC2-AS
<DC2-AS> system-view
[*DC2-AS] interface 40GE1/0/1
[*DC2-AS-40GE1/0/1]undo port link-type
[*DC2-AS-40GE1/0/1]quit
[*DC2-AS] interface 40GE1/0/2
[*DC2-AS-40GE1/0/2]undo port link-type
[*DC2-AS-40GE1/0/2]quit
[*DC2-AS] interface 40GE2/0/1
[*DC2-AS-40GE2/0/1]undo port link-type
[*DC2-AS-40GE2/0/1]quit
[*DC2-AS] interface 40GE2/0/2
[*DC2-AS-40GE2/0/2]undo port link-type
[*DC2-AS-40GE2/0/2]quit
[*DC2-AS] interface eth-trunk 10
[*DC2-AS-Eth-Trunk10] mode lacp-static
[*DC2-AS-Eth-Trunk10] port link-type trunk
[*DC2-AS-Eth-Trunk10] port trunk allow-pass vlan 200
[*DC2-AS-Eth-Trunk10] trunkport 40ge 1/0/1 to 1/0/2
[*DC2-AS-Eth-Trunk10] trunkport 40ge 2/0/1 to 2/0/2
[*DC2-AS-Eth-Trunk10] quit
[*DC2-AS] commit
DC2-CS2
4.3.4 M-LAG
2016-10-11 , 46 , 134
DC2-CS1 M-LAG
DC2-CS2 M-LAG
DC2-CS1
<DC2-CS1>display eth-trunk 10
Eth-Trunk10's state information is:
Local:
LAG ID: 10 Working Mode: Static
Preempt Delay: Disabled Hash Arithmetic: profile default
System Priority: 10 System ID: 00e0-fc00-0000
Least Active-linknumber: 1 Max Active-linknumber: 16
Operating Status: up Number Of Up Ports In Trunk: 2
Timeout Period: Slow
----------------------------------------------------------------------
----------
ActorPortName Status PortType PortPri PortNo PortKey PortState
Weight
40GE1/0/1 Selected 40GE 32768 3 417 10111100 1
40GE1/0/2 Selected 40GE 32768 4 417 10111100 1
Partner:
----------------------------------------------------------------------
----------
ActorPortName SysPri SystemID PortPri PortNo PortKey
PortState
40GE1/0/1 32768 384c-4f0b-6a51 32768 1 2721
10111100
40GE1/0/2 32768 384c-4f0b-6a51 32768 4 2721
10111100
DC2-AS
<DC2-AS>display eth-trunk 10
Eth-Trunk10's state information is:
Local:
LAG ID: 10 Working Mode: Static
Preempt Delay: Disabled Hash Arithmetic: profile default
System Priority: 32768 System ID: 384c-4f0b-6a51
Least Active-linknumber: 1 Max Active-linknumber: 16
2016-10-11 , 47 , 134
Partner:
----------------------------------------------------------------------
----------
ActorPortName SysPri SystemID PortPri PortNo PortKey
PortState
40GE1/0/1 10 00e0-fc00-0000 32768 3 417
10111100
40GE1/0/2 10 00e0-fc00-0000 32768 32772 417
10111100
40GE2/0/1 10 00e0-fc00-0000 32768 32771 417
10111100
40GE2/0/2 10 00e0-fc00-0000 32768 4 417
10111100
4.3.5
DC2-CS1
#
dfs-group 1
priority 150
source nickname 1111
pseudo-nickname 9999
#
stp mode rstp
stp v-stp enable
#
lacp m-lag system-id 00e0-fc00-0000
lacp m-lag priority 10
#
trill
trill-name RB1
network-entity 00.0000.0000.1111.00
nickname 1111 priority 255 root-priority 65535
carrier-vlan 2000
area-authentication-mode md5 cipher %$%$-eFAUjux/+YnI|%*^%*^$%)*
#
interface Eth-Trunk1
mode lacp-static
peer-link 1
port vlan exclude 2000
#
interface Eth-Trunk10
port link-type trunk
port trunk allow-pass vlan 200
mode lacp-static
dfs-group 1 m-lag 1
#
interface 10GE1/0/1
undo portswitch
ip address 10.2.6.1 255.255.255.252
#
interface 10GE1/0/20
port link-type trunk
trill enable
device transceiver 10GBASE-COPPER
#
interface 40GE1/0/1
eth-trunk 10
device transceiver 40GBASE-COPPER
2016-10-11 , 48 , 134
#
interface 40GE1/0/2
eth-trunk 10
device transceiver 40GBASE-COPPER
#
interface 40GE1/0/5
eth-trunk 1
device transceiver 40GBASE-COPPER
#
interface 40GE1/0/6
eth-trunk 1
device transceiver 40GBASE-COPPER
#
monitor-link group 1
port 10GE1/0/1 uplink
port Eth-Trunk10 downlink 1
#
return
DC2-CS2
#
dfs-group 1
priority 120
source nickname 2222
pseudo-nickname 9999
#
stp mode rstp
stp v-stp enable
#
lacp m-lag system-id 00e0-fc00-0000
lacp m-lag priority 10
#
trill
trill-name RB2
network-entity 00.0000.0000.2222.00
nickname 2222 priority 200 root-priority 60000
carrier-vlan 2000
area-authentication-mode md5 cipher %$%$-_)(*&(^|NwsHa2,pg^%$%$
#
interface Eth-Trunk1
mode lacp-static
peer-link 1
port vlan exclude 2000
#
interface Eth-Trunk10
port link-type trunk
port trunk allow-pass vlan 200
mode lacp-static
dfs-group 1 m-lag 1
#
interface 10GE1/0/1
undo portswitch
ip address 10.2.7.1 255.255.255.252
#
interface 10GE1/0/20
port link-type trunk
trill enable
device transceiver 10GBASE-COPPER
#
interface 40GE1/0/1
eth-trunk 10
device transceiver 40GBASE-COPPER
#
interface 40GE1/0/2
eth-trunk 10
device transceiver 40GBASE-COPPER
#
interface 40GE1/0/5
eth-trunk 1
device transceiver 40GBASE-COPPER
#
2016-10-11 , 49 , 134
interface 40GE1/0/6
eth-trunk 1
device transceiver 40GBASE-COPPER
#
monitor-link group 1
port 10GE1/0/1 uplink
port Eth-Trunk10 downlink 1
#
return
DC2-AS
#
interface Eth-Trunk10
port link-type trunk
port trunk allow-pass vlan 200
mode lacp-static
#
interface 40GE1/0/1
eth-trunk 10
device transceiver 40GBASE-COPPER
#
interface 40GE1/0/2
eth-trunk 10
device transceiver 40GBASE-COPPER
#
interface 40GE2/0/1
eth-trunk 10
device transceiver 40GBASE-COPPER
#
interface 40GE2/0/2
eth-trunk 10
device transceiver 40GBASE-COPPER
#
return
5.1
CE AR OSPF OSPF
CE AR BGP OSPF
2016-10-11 , 50 , 134
5.2
2-5.2-1
5.3
1 IP
2 OSPF OSPF
3 BGP BGP
5.4
IP
2016-10-11 , 51 , 134
IP IP
Loopback0 10.2.1.4/32
5.4-1 IP
DC2-CS1
DC2-CS2
DC2-AS
5.6 IP
DC1-CS IP IP
[~DC1-CS]interface eth-trunk 10
[~DC1-CS-Eth-Trunk 10]undo portswitch
[~DC1-CS-Eth-Trunk 10]ip address 10.1.14.1 24
[~DC1-CS-Eth-Trunk 10]quit
[~DC1-CS]interface 10ge1/1/0/8
[~DC1-CS-10GigabitEthernet1/1/0/8]undo portswitch
[~DC1-CS-10GigabitEthernet1/1/0/8]ip address 10.1.15.1 24
[~DC1-CS-10GigabitEthernet1/1/0/8]quit
[~DC1-CS]interface 10ge2/1/0/8
[~DC1-CS-10GigabitEthernet2/1/0/8]undo portswitch
[~DC1-CS-10GigabitEthernet2/1/0/8]ip address 10.1.51.1 24
[~DC1-CS-10GigabitEthernet2/1/0/8]quit
[~DC1-CS]interface LoopBack 0
[~DC1-CS-LoopBack0]ip address 10.1.1.1 32
2016-10-11 , 53 , 134
[~DC1-CS-LoopBack0]quit
[~DC1-CS]commit
5.7 OSPF
2016-10-11 , 54 , 134
OSPF OSPF
Eth-trunk 10 10ge1/0/1
10ge1/1/0/3 0 40ge1/0/1
DC1-CS DC2-CS1 0
10ge2/1/0/3 40ge1/0/5
Loopback0 Loopback0
Eth-trunk 10 10ge1/0/1
DC1-AS 0
Loopback0 40ge1/0/1
DC2-CS2 0
G0/0/1 40ge1/0/5
Router1
G0/0/2 0 Loopback0
Loopback0 40ge1/0/1
Loopback0
5.7-1OSPF
OSPF DC1-CS
OSPF DC2-CS1
2016-10-11 , 55 , 134
OSPF
DC1-CS DC1-AS DC1-CS DR
Hello Hello
Smart-discover
DC1-CS
[~DC1-CS]interface eth-trunk 10
[~DC1-CS-Eth-Trunk10]ospf dr-priority 255
[~DC1-CS-Eth-Trunk10]ospf smart-discover
Info: OSPF smart-discover is enabled.
[~DC1-CS-Eth-Trunk10]quit
[~DC1-CS]commit
DC1-AS
[~DC1-AS]interface eth-trunk 10
[~DC1-AS-Eth-Trunk10]ospf smart-discover
Info: OSPF smart-discover is enabled.
[~DC1-AS-Eth-Trunk10]quit
[~DC1-AS]commit
OSPF
DC1-CS Router1
MD5 Key ID 1 Huawei@123
DC1-CS
[~DC1-CS]interface 10ge1/1/0/8
[~DC1-CS-10GigabitEthernet1/1/0/8]ospf authentication-mode md5 1 cipher
Huawei@123
[~DC1-CS-10GigabitEthernet1/1/0/8]quit
[~DC1-CS]interface 10ge2/1/0/8
[~DC1-CS-10GigabitEthernet2/1/0/8]ospf authentication-mode md5 1 cipher
Huawei@123
[~DC1-CS-10GigabitEthernet2/1/0/8]quit
[~DC1-CS]commit
Router1
[Router1]interface ge0/0/1
[Router1-GigabitEthernet0/0/1]ospf authentication-mode md5 1 cipher
Huawei@123
[Router1-GigabitEthernet0/0/1]quit
[Router1]interface ge0/0/2
[Router1-GigabitEthernet0/0/2]ospf authentication-mode md5 1 cipher
Huawei@123
[Router1-GigabitEthernet0/0/2]quit
2016-10-11 , 56 , 134
[Router1]
OSPF
VS1 VS2 Stub LSDB
DC1-CS
[~DC1-CS]ospf 1
[~DC1-CS-ospf-1]area 1
[~DC1-CS-ospf-1-area-0.0.0.1]stub
[~DC1-CS-ospf-1-area-0.0.0.1]quit
[~DC1-CS-ospf-1]area 2
[~DC1-CS-ospf-1-area-0.0.0.2]stub
[~DC1-CS-ospf-1-area-0.0.0.2]quit
[~DC1-CS-ospf-1]commit
VS1
[~VS1]ospf 1
[~VS1-ospf-1]area 1
[~VS1-ospf-1-area-0.0.0.1]stub
[~VS1-ospf-1-area-0.0.0.1]quit
[~VS1-ospf-1]commit
VS2
[~VS2]ospf 1
[~VS2-ospf-1]area 2
[~VS2-ospf-1-area-0.0.0.2]stub
[~VS2-ospf-1-area-0.0.0.2]quit
[~VS2-ospf-1]commit
5.8 BGP
BGP AS BGP
12.1.1.2
Internet 123
21.1.1.2
5.8-1 BGP AS
Router1 BGP
<Router1>system-view
[Router1]bgp 1000
[Router1-bgp]router-id 10.1.1.1
[Router1-bgp]peer 12.1.1.2 as-number 123
[Router1-bgp]quit
[Router1]quit
<Router1>
2016-10-11 , 57 , 134
Router2 BGP
<Router2>system-view
[Router2]bgp 2000
[Router2-bgp]router-id 10.2.1.4
[Router2-bgp]peer 21.1.1.2 as-number 123
[Router2-bgp]quit
[Router2]quit
<Router2>
<Internet>system-view
[Internet]bgp 123
[Internet-bgp]router-id 123.123.123.123
[Internet-bgp]peer 12.1.1.1 as-number 1000
[Internet-bgp]peer 21.1.1.1 as-number 2000
[Internet-bgp]network 123.123.123.123 255.255.255.255
[Internet-bgp]quit
[Internet]quit
<Internet>
BGP DC1-Router
BGP DC1-Router
BGP
BGP GTSM
IP TTL
Router1 BGP
<Router1>system-view
2016-10-11 , 58 , 134
[Router1]bgp 1000
[Router1-bgp]peer 12.1.1.2 valid-ttl-hops 1
[Router1-bgp]quit
[Router1]quit
<Router1>
Router2 BGP
<Router2>system-view
[Router2]bgp 2000
[Router2-bgp]peer 21.1.1.1 valid-ttl-hops 1
[Router2-bgp]quit
[Router2]quit
<Router2>
5.9
BGP OSPF
123.123.123.123 Router1
Router1 BGP OSPF
<Router1>system-view
[Router1]bgp 1000
[Router1-bgp]import ospf 1
[Router1-bgp]quit
[Router1]quit
<Router1>
<Router1>system-view
[Router1]ospf 1
[Router1-bgp]import bgp
[Router1-bgp]quit
[Router1]quit
<Router1>
5.10
DC1-Router
#
sysname DC1-Router
#
interface Ethernet1/0/0
ip address 12.1.1.1 255.255.255.252
#
interface Ethernet1/0/1
ip address 112.1.1.1 255.255.255.252
#
interface GigabitEthernet0/0/0
ip address 172.21.21.2 255.255.0.0
#
interface GigabitEthernet0/0/1
ip address 10.1.15.5 255.255.255.0
#
interface GigabitEthernet0/0/2
ip address 10.1.51.5 255.255.255.0
#
interface LoopBack0
2016-10-11 , 59 , 134
DC1-CS
#
interface Eth-Trunk10
undo portswitch
ip address 10.1.14.1 255.255.255.0
ospf dr-priority 255
ospf smart-discover
mode lacp-static
#
interface 10GE1/1/0/8
undo portswitch
ip address 10.1.15.1 255.255.255.0
device transceiver 1000BASE-T
#
interface 10GE2/1/0/8
undo portswitch
ip address 10.1.51.1 255.255.255.0
device transceiver 1000BASE-T
#
interface LoopBack0
ip address 10.1.1.1 255.255.255.255
#
ospf 1 router-id 10.1.1.1
area 0.0.0.0
network 10.1.1.1 0.0.0.0
network 10.1.14.1 0.0.0.0
network 10.1.15.1 0.0.0.0
network 10.1.51.1 0.0.0.0
DC1-AS
#
interface Eth-Trunk10
undo portswitch
ip address 10.1.14.4 255.255.255.0
ospf smart-discover
mode lacp-static
#
interface LoopBack0
ip address 10.1.1.4 255.255.255.255
#
interface NULL0
#
ospf 1 router-id 10.1.1.4
area 0.0.0.0
network 10.1.1.4 0.0.0.0
network 10.1.14.4 0.0.0.0
2016-10-11 , 60 , 134
DC2-Router
#
sysname DC2-Router
#
interface Ethernet1/0/0
ip address 21.1.1.1 255.255.255.252
#
interface Ethernet1/0/1
ip address 221.1.1.1 255.255.255.252
#
interface GigabitEthernet0/0/0
ip address 172.21.21.15 255.255.0.0
#
interface GigabitEthernet0/0/1
ip address 10.2.14.4 255.255.255.0
#
interface GigabitEthernet0/0/2
ip address 10.2.24.4 255.255.255.0
#
interface LoopBack0
ip address 10.2.1.4 255.255.255.255
#
bgp 2000
router-id 10.2.1.4
peer 21.1.1.2 as-number 123
#
ipv4-family unicast
undo synchronization
peer 21.1.1.2 enable
#
ospf 1 router-id 10.2.1.4
area 0.0.0.0
network 10.2.1.4 0.0.0.0
network 10.2.14.4 0.0.0.0
network 10.2.41.4 0.0.0.0
#
DC2-CS1
#
interface 10GE1/0/1
undo portswitch
ip address 10.2.14.1 255.255.255.0
device transceiver 1000BASE-T
#
interface 40GE1/0/1
undo portswitch
ip address 10.2.13.1 255.255.255.0
device transceiver 40GBASE-COPPER
#
interface 40GE1/0/5
undo portswitch
ip address 10.2.12.1 255.255.255.0
device transceiver 40GBASE-COPPER
#
interface 40GE1/0/6
device transceiver 40GBASE-COPPER
#
interface LoopBack0
ip address 10.2.1.1 255.255.255.255
#
ospf 1 router-id 10.2.1.1
area 0.0.0.0
network 10.2.1.1 0.0.0.0
network 10.2.12.1 0.0.0.0
network 10.2.13.1 0.0.0.0
network 10.2.14.1 0.0.0.0
DC2-CS2
2016-10-11 , 61 , 134
#
interface 10GE1/0/1
undo portswitch
ip address 10.2.24.2 255.255.255.0
device transceiver 1000BASE-T
#
interface 40GE1/0/1
undo portswitch
ip address 10.2.23.2 255.255.255.0
device transceiver 40GBASE-COPPER
#
interface 40GE1/0/5
undo portswitch
ip address 10.2.12.2 255.255.255.0
device transceiver 40GBASE-COPPER
#
interface LoopBack0
ip address 10.2.1.2 255.255.255.255
#
ospf 1 router-id 10.2.1.2
area 0.0.0.0
network 10.2.1.2 0.0.0.0
network 10.2.12.2 0.0.0.0
network 10.2.23.2 0.0.0.0
network 10.2.24.4 0.0.0.0
#
DC2-AS
#
interface 40GE1/0/1
undo portswitch
ip address 10.2.13.3 255.255.255.0
device transceiver 40GBASE-COPPER
#
interface 40GE2/0/1
undo portswitch
ip address 10.2.23.3 255.255.255.0
device transceiver 40GBASE-COPPER
#
interface LoopBack0
ip address 10.2.1.3 255.255.255.0
#
ospf 1 router-id 10.2.1.3
area 0.0.0.0
network 10.2.1.3 0.0.0.0
network 10.2.13.3 0.0.0.0
network 10.2.31.3 0.0.0.0
#
2016-10-11 , 62 , 134
6.1
NGFW
NGFW HA
NFGW
NGFW UTM
6.2
192.168.60.0 HTTPS
6.2-1
6.3
2016-10-11 , 63 , 134
1 IP
2 OSPF
3 HA
4
6.4
6.4.1 IP
IP
G2/0/8 10.1.123.2/24
G1/0/0 10.1.23.2/24
G2/0/8 10.1.123.3/24
G1/0/0 10.1.23.3/24
6.4-1 IP
DC1-CS IP
[~DC1-CS]vlan 123
[~DC1-CS-vlan123]quit
[~DC1-CS]vlan 231
[~DC1-CS-vlan231]quit
[~DC1-CS]interface vlanif 123
[~DC1-CS-vlan123]ip address 10.1.123.1 24
[~DC1-CS]quit
[~DC1-CS]interface vlanif 231
[~DC1-CS-vlan231]ip address 10.1.231.1 24
[~DC1-CS]quit
[~DC1-CS]interface 10ge1/1/0/4
[~DC1-CS-10GigabitEthernet1/1/0/4]port link-type trunk
[~DC1-CS-10GigabitEthernet1/1/0/4]port trunk allow-pass vlan 123 231
[~DC1-CS-10GigabitEthernet1/1/0/4]quit
[~DC1-CS]interface 10ge1/2/0/4
[~DC1-CS-10GigabitEthernet1/2/0/4]port link-type trunk
[~DC1-CS-10GigabitEthernet1/2/0/4]port trunk allow-pass vlan 123 231
[~DC1-CS-10GigabitEthernet1/2/0/4]quit
[~DC1-CS]commit
2016-10-11 , 64 , 134
VS1
[~VS1]vlan 123
[~VS1-vlan123]quit
[~VS1]vlan 231
[~VS1-vlan231]quit
[~VS1]interface 10ge2/1/0/4
[~VS1-10GigabitEthernet2/1/0/4]port link-type trunk
[~VS1-10GigabitEthernet2/1/0/4]port trunk allow-pass vlan 123 231
[~VS1-10GigabitEthernet2/1/0/4]quit
[~VS1]interface 10ge2/1/0/1
[~VS1-10GigabitEthernet2/1/0/1]port link-type access
[~VS1-10GigabitEthernet2/1/0/1]port default vlan 123
[~VS1-10GigabitEthernet2/1/0/1]quit
[~VS1]interface 10ge2/1/0/2
[~VS1-10GigabitEthernet2/1/0/2]port link-type access
[~VS1-10GigabitEthernet2/1/0/2]port default vlan 231
[~VS1-10GigabitEthernet2/1/0/2]quit
[~VS1]commit
VS2
[~VS2]vlan 123
[~VS2-vlan123]quit
[~VS2]vlan 231
[~VS2-vlan231]quit
[~VS2]interface 10ge2/2/0/4
[~VS2-10GigabitEthernet2/2/0/4]port link-type trunk
[~VS2-10GigabitEthernet2/2/0/4]port trunk allow-pass vlan 123 231
[~VS2-10GigabitEthernet2/2/0/4]quit
[~VS2]interface 10ge2/2/0/1
[~VS2-10GigabitEthernet2/2/0/1]port link-type access
[~VS2-10GigabitEthernet2/2/0/1]port default vlan 123
[~VS2-10GigabitEthernet2/2/0/1]quit
[~VS2]interface 10ge2/2/0/2
[~VS2-10GigabitEthernet2/2/0/2]port link-type access
[~VS2-10GigabitEthernet2/2/0/2]port default vlan 231
[~VS2-10GigabitEthernet2/2/0/2]quit
[~VS2]commit
DC1-FW1 IP
<DC1-FW1>system-view
Enter system view, return user view with Ctrl+Z.
[DC1-FW1]int GigabitEthernet2/0/8
[DC1-FW1-GigabitEthernet2/0/8]ip address 10.1.123.2 255.255.255.0
[DC1-FW1-GigabitEthernet2/0/8]quit
[DC1-FW1]int GigabitEthernet2/0/9
[DC1-FW1-GigabitEthernet2/0/9]ip address 10.1.231.2 255.255.255.0
[DC1-FW1-GigabitEthernet2/0/9]quit
[DC1-FW1]int GigabitEthernet1/0/0
[DC1-FW1-GigabitEthernet1/0/0]ip address 10.1.23.2 255.255.255.0
[DC1-FW1-GigabitEthernet1/0/0]quit
DC1-FW2 IP
<DC1-FW2>system-view
Enter system view, return user view with Ctrl+Z.
[DC1-FW2]int GigabitEthernet2/0/8
[DC1-FW2-GigabitEthernet2/0/8]ip address 10.1.123.3 255.255.255.0
[DC1-FW2-GigabitEthernet2/0/8]quit
[DC1-FW2]int GigabitEthernet2/0/9
[DC1-FW2-GigabitEthernet2/0/9]ip address 10.1.231.3 255.255.255.0
[DC1-FW2-GigabitEthernet2/0/9]quit
[DC1-FW2]int GigabitEthernet1/0/0
[DC1-FW2-GigabitEthernet1/0/0]ip address 10.1.23.3 255.255.255.0
[DC1-FW2-GigabitEthernet1/0/0]quit
2016-10-11 , 65 , 134
6.4.2
G2/0/8 Untrust 85
G1/0/0 HA 10
G2/0/8 Untrust 85
G1/0/0 HA 10
6.4-2
DC1-FW1
<DC1-FW1>system-view
Enter system view, return user view with Ctrl+Z.
[DC1-FW1]firewall zone trust
[DC1-FW1-zone-trust]add interface GigabitEthernet 2/0/9
[DC1-FW1-zone-trust]quit
[DC1-FW1]firewall zone untrust
[DC1-FW1-zone-untrust]add interface GigabitEthernet 2/0/8
[DC1-FW1-zone-untrust]quit
[DC1-FW1]firewall zone name HA
[DC1-FW1-zone-HA]set priority 10
[DC1-FW1-zone-HA]add interface GigabitEthernet 1/0/0
[DC1-FW1-zone-HA]quit
DC1-FW2
<DC1-FW2>system-view
Enter system view, return user view with Ctrl+Z.
[DC1-FW2]firewall zone trust
[DC1-FW2-zone-trust]add interface GigabitEthernet 2/0/9
[DC1-FW2-zone-trust]quit
[DC1-FW2]firewall zone untrust
[DC1-FW2-zone-untrust]add interface GigabitEthernet 2/0/8
[DC1-FW2-zone-untrust]quit
[DC1-FW2]firewall zone name HA
[DC1-FW2-zone-HA]set priority 10
[DC1-FW2-zone-HA]add interface GigabitEthernet 1/0/0
[DC1-FW2-zone-HA]quit
DC1-FW1 DC1-FW2
2016-10-11 , 66 , 134
6.4-1
DC1-CS
DC1-CS OSPF
[~DC1-CS]ospf 1
[~DC1-CS-ospf-1]area 1
[~DC1-CS-ospf-1-area-0.0.0.1]network 10.1.123.1 0.0.0.0
[~DC1-CS-ospf-1-area-0.0.0.1]quit
[~DC1-CS-ospf-1]commit
[DC1-FW1] ospf 1
[DC1-FW1-ospf-10] area 1
[DC1-FW1-ospf-10-area-0.0.0.1] network 10.1.123.2 0.0.0.0
2016-10-11 , 67 , 134
[DC1-FW1-ospf-10-area-0.0.0.1] quit
[DC1-FW1]ip service-set OSPF type object
[DC1-FW1-object-service-set-OSPF]service 0 protocol 89
[DC1-FW1-object-service-set-OSPF]quit
[DC1-FW1] security-policy
[DC1-FW1-policy-security] rule name ospf
[DC1-FW1-policy-security-rule-ospf] source-zone local untrust
[DC1-FW1-policy-security-rule-ospf] destination-zone local untrust
[DC1-FW1-policy-security-rule-ospf] service OSPF
[DC1-FW1-policy-security-rule-ospf] action permit
[DC1-FW1] ip route-static 192.168.60.0 255.255.255.0 10.1.231.1
preference 5
[DC1-FW2] ospf 1
[DC1-FW2-ospf-10] area 1
[DC1-FW2-ospf-10-area-0.0.0.1] network 10.1.123.3 0.0.0.0
[DC1-FW2-ospf-10-area-0.0.0.1] quit
[DC1-FW2]ip service-set OSPF type object
[DC1-FW2-object-service-set-OSPF]service 0 protocol 89
[DC1-FW2-object-service-set-OSPF]quit
[DC1-FW2] security-policy
[DC1-FW2-policy-security] rule name ospf
[DC1-FW2-policy-security-rule-ospf] source-zone local untrust
[DC1-FW2-policy-security-rule-ospf] destination-zone local untrust
[DC1-FW2-policy-security-rule-ospf] service OSPF
[DC1-FW2-policy-security-rule-ospf] action permit
[DC1-FW2] ip route-static 192.168.60.0 255.255.255.0 10.1.231.1
preference 5
6.4.3 HA
HA link-group
DC1-FW1 DC1-FW2 ( DC1-FW2
DC1-FW1 )
DC1-FW1 HA
[DC1-FW1]hrp enable
[DC1-FW1]interface GigabitEthernet 2/0/8
[DC1-FW1-GigabitEthernet2/0/8]link-group 1
[DC1-FW1-GigabitEthernet2/0/8]vrrp vrid 1 virtual-ip 10.1.123.254 active
[DC1-FW1-GigabitEthernet2/0/8]vrrp virtual-mac enable
[DC1-FW1-GigabitEthernet2/0/8]hrp track active
[DC1-FW1-GigabitEthernet2/0/8]quit
[DC1-FW1]interface GigabitEthernet 2/0/9
[DC1-FW1-GigabitEthernet2/0/9]link-group 1
[DC1-FW1-GigabitEthernet2/0/9]hrp track active
[DC1-FW1-GigabitEthernet2/0/9]quit
[DC1-FW1]hrp interface GigabitEthernet 1/0/0 remote 10.1.23.3
HRP_A[DC1-FW1]security-policy
HRP_A[DC1-FW1-policy-security]rule name hrp
HRP_A[DC1-FW1-policy-security-hrp]source-zone local HA
HRP_A[DC1-FW1-policy-security-hrp]destination-zone local HA
HRP_A[DC1-FW1-policy-security-hrp]source-address 10.1.23.2 32
HRP_A[DC1-FW1-policy-security-hrp]source-address 10.1.23.3 32
HRP_A[DC1-FW1-policy-security-hrp]destination-address 10.1.23.2 32
HRP_A[DC1-FW1-policy-security-hrp]destination-address 10.1.23.3 32
HRP_A[DC1-FW1-policy-security-hrp]action permit
HRP_A[DC1-FW1-policy-security-hrp]quit
HRP_A[DC1-FW1-policy-security]quit
HRP_A[DC1-FW1]
DC1-FW2 HA HA
DC1-FW2
2016-10-11 , 68 , 134
[DC1-FW2]hrp enable
[DC1-FW2]interface GigabitEthernet 2/0/8
[DC1-FW2-GigabitEthernet2/0/8]link-group 1
[DC1-FW2-GigabitEthernet2/0/8]vrrp vrid 1 virtual-ip 10.1.123.254
standby
[DC1-FW2-GigabitEthernet2/0/8]vrrp virtual-mac enable
[DC1-FW2-GigabitEthernet2/0/8]hrp track active
[DC1-FW2-GigabitEthernet2/0/8]quit
[DC1-FW2]interface GigabitEthernet 2/0/9
[DC1-FW2-GigabitEthernet2/0/9]link-group 1
[DC1-FW2-GigabitEthernet2/0/9]hrp track active
[DC1-FW2-GigabitEthernet2/0/9]quit
[DC1-FW2]hrp interface GigabitEthernet 1/0/0 remote 10.1.23.2
HRP_S[DC1-FW2]security-policy
HRP_S[DC1-FW2-policy-security]rule name hrp
HRP_S[DC1-FW2-policy-security-hrp]source-zone local HA
HRP_S[DC1-FW2-policy-security-hrp]destination-zone local HA
HRP_S[DC1-FW2-policy-security-hrp]source-address 10.1.23.2 32
HRP_S[DC1-FW2-policy-security-hrp]source-address 10.1.23.3 32
HRP_S[DC1-FW2-policy-security-hrp]destination-address 10.1.23.2 32
HRP_S[DC1-FW2-policy-security-hrp]destination-address 10.1.23.3 32
HRP_S[DC1-FW2-policy-security-hrp]action permit
HRP_S[DC1-FW2-policy-security-hrp]quit
HRP_S[DC1-FW2-policy-security]quit
HRP_S[DC1-FW2]
6.4.4
HRP_A[DC1-FW1]security-policy
HRP_A[DC1-FW1-policy-security]rule name HTTP_IN
HRP_A[DC1-FW1-policy-security-hrp]source-zone untrust
HRP_A[DC1-FW1-policy-security-hrp]destination-zone trust
HRP_A[DC1-FW1-policy-security-hrp]destination-address 192.168.60.0 24
HRP_A[DC1-FW1-policy-security-hrp]service https
HRP_A[DC1-FW1-policy-security-hrp]action permit
HRP_A[DC1-FW1-policy-security-hrp]quit
HRP_A[DC1-FW1-policy-security]quit
HRP_A[DC1-FW1]
6.5
DC1-CS
#
vlan batch 123 231
#
acl number 3000
rule 5 permit ip destination 192.168.60.0 0.0.0.255
#
traffic classifier in type or
if-match acl 3000
#
traffic behavior in
redirect nexthop 10.1.123.254
#
traffic policy in
classifier in behavior in precedence 5
#
interface vlanif 123
ip address 10.1.123.1 24
#
interface vlanif 231
ip address 10.1.231.1 24
#
interface 10GE1/1/0/8
2016-10-11 , 69 , 134
undo portswitch
ip address 10.1.15.1 255.255.255.0
traffic-policy in inbound
device transceiver 1000BASE-T
#
interface 10GE2/1/0/8
undo portswitch
ip address 10.1.51.1 255.255.255.0
traffic-policy in inbound
device transceiver 1000BASE-T
#
interface 10GE1/1/0/4
port link-type trunk
port trunk allow-pass vlan 123 231
device transceiver 10GBASE-COPPER
#
interface 10GE1/2/0/4
port link-type trunk
port trunk allow-pass vlan 123 231
device transceiver 10GBASE-COPPER
#
ospf 1 router-id 10.1.1.1
area 0.0.0.1
network 10.1.123.1 0.0.0.0
#
VS1
#
vlan batch 123 231
#
interface 10GE2/1/0/1
port link-type access
port default vlan 123
#
interface 10GE2/1/0/2
port link-type access
port default vlan 231
#
interface 10GE2/1/0/4
port link-type trunk
port trunk allow-pass vlan 123 231
#
VS2
#
vlan batch 123 231
#
interface 10GE2/2/0/1
port link-type access
port default vlan 123
#
interface 10GE2/2/0/2
port link-type access
port default vlan 231
#
interface 10GE2/2/0/4
port link-type trunk
port trunk allow-pass vlan 123 231
#
DC1-FW1
#
hrp enable
hrp interface GigabitEthernet0/0/1 remote 10.1.23.3
#
2016-10-11 , 70 , 134
sysname DC1-FW1
#
interface GigabitEthernet0/0/0
alias GE0/MGMT
ip address 172.21.21.4 255.255.0.0
#
interface GigabitEthernet0/0/1
ip address 10.1.23.2 255.255.255.0
#
interface GigabitEthernet2/0/8
link-group 1
ip address 10.1.123.2 255.255.255.0
vrrp vrid 1 virtual-ip 10.1.123.254 active
hrp track active
#
interface GigabitEthernet2/0/9
link-group 1
ip address 10.1.231.2 255.255.255.0
hrp track active
#
interface Loopback0
ip address 10.1.1.2 255.255.255.0
#
firewall zone local
set priority 100
#
firewall zone trust
set priority 85
add interface GigabitEthernet2/0/9
#
firewall zone untrust
set priority 5
add interface GigabitEthernet2/0/8
#
firewall zone name HA
set priority 10
add interface GigabitEthernet1/0/0
#
ip service-set OSPF type object
service 0 protocol 89
#
ospf 1
area 0.0.0.1
network 10.1.123.2 0.0.0.0
#
ip route-static 192.168.60.0 255.255.255.0 10.1.231.1 preference 5
#
security-policy
rule name hrp
source-zone HA
source-zone local
destination-zone HA
destination-zone local
source-address 10.1.23.2 32
source-address 10.1.23.3 32
destination-address 10.1.23.2 32
destination-address 10.1.23.3 32
action permit
rule name HTTP_IN
source-zone untrust
destination-zone trust
destination-address 192.168.60.0 24
service https
action permit
rule name ospf
source-zone local
source-zone untrust
destination-zone local
destination-zone untrust
service ospf
action permit
#
2016-10-11 , 71 , 134
DC1-FW2
#
hrp enable
hrp interface GigabitEthernet0/0/1 remote 10.1.23.2
#
sysname DC1-FW2
#
interface GigabitEthernet0/0/0
alias GE0/MGMT
ip address 172.21.21.3 255.255.0.0
#
interface GigabitEthernet0/0/1
ip address 10.1.23.3 255.255.255.0
#
interface GigabitEthernet2/0/8
link-group 1
ip address 10.1.123.3 255.255.255.0
vrrp vrid 1 virtual-ip 10.1.123.254 standby
hrp track active
#
interface GigabitEthernet2/0/9
link-group 1
ip address 10.1.231.3 255.255.255.0
hrp track active
#
firewall zone local
set priority 100
#
firewall zone trust
set priority 85
add interface GigabitEthernet2/0/9
#
firewall zone untrust
set priority 5
add interface GigabitEthernet2/0/8
#
firewall zone name HA
set priority 10
add interface GigabitEthernet1/0/0
#
ip service-set OSPF type object
service 0 protocol 89
#
ospf 1
area 0.0.0.1
network 10.1.123.3 0.0.0.0
#
ip route-static 192.168.60.0 255.255.255.0 10.1.231.1 preference 5
#
security-policy
rule name hrp
source-zone HA
source-zone local
destination-zone HA
destination-zone local
source-address 10.1.23.2 32
source-address 10.1.23.3 32
destination-address 10.1.23.2 32
destination-address 10.1.23.3 32
action permit
rule name HTTP_IN
source-zone untrust
destination-zone trust
destination-address 192.168.60.0 24
service https
action permit
rule name ospf
source-zone local
source-zone untrust
destination-zone local
destination-zone untrust
service ospf
2016-10-11 , 72 , 134
action permit
#
2016-10-11 , 73 , 134
7 VXLAN
7.1
VXLAN
VXLAN
7.2
7.2-1 VXLAN
7.3
1 Loopback
2 VXLAN
3 VXLAN
4 VXLAN
7.4
7.4.1 Loopback
2016-10-11 , 74 , 134
DC2-CS2
7.4.2
NVO3 ACL
7.4.3 VXLAN
DC2-AS
[~DC2-AS] bridge-domain 10
[*DC2-AS-bd10] vxlan vni 5000
[*DC2-AS-bd10] quit
[*DC2-AS] interface nve 1
[*DC2-AS-Nve1] source 10.2.1.4
[*DC2-AS-Nve1] vni 5000 head-end peer-list 10.2.1.10
[*DC2-AS-Nve1] quit
[*DC2-AS] commit
DC2-CS1
[~DC2-CS1] bridge-domain 10
[*DC2-CS1-bd10] vxlan vni 5000
[*DC2-CS1-bd10] quit
[*DC2-CS1] interface nve 1
[*DC2-CS1-Nve1] source 10.2.1.10
[*DC2-CS1-Nve1] vni 5000 head-end peer-list 10.2.1.3
2016-10-11 , 75 , 134
[*DC2-CS1-Nve1] quit
[~DC2-CS1] interface eth-trunk 2
[*DC2-CS1-Eth-Trunk1] service type tunnel
[*DC2-CS1-Eth-Trunk1] quit
[*DC2-CS1] interface 10ge 1/0/24
[*DC2-CS1-10GE1/0/24] eth-trunk 1
[*DC2-CS1-10GE1/0/24] quit
[*DC2-CS1] commit
DC2-CS2
[~DC2-CS2] bridge-domain 10
[*DC2-CS2-bd10] vxlan vni 5000
[*DC2-CS2-bd10] quit
[*DC2-CS2] interface nve 1
[*DC2-CS2-Nve1] source 10.2.1.10
[*DC2-CS2-Nve1] vni 5000 head-end peer-list 10.2.1.3
[*DC2-CS2-Nve1] quit
[~DC2-CS2] interface eth-trunk 2
[*DC2-CS2-Eth-Trunk1] service type tunnel
[*DC2-CS2-Eth-Trunk1] quit
[*DC2-CS2] interface 10ge 1/0/24
[*DC2-CS2-10GE1/0/24] eth-trunk 1
[*DC2-CS2-10GE1/0/24] quit
[*DC2-CS2] commit
VM VLAN700 ToR
7.5
VXLAN
DC2-CS1 DC2-CS2
NVE IP BDIF IP MAC
DC2-CS1
[~DC2-CS1] dfs-group 1
[*DC2-CS1-dfs-group-1] source ip 10.2.1.1
[*DC2-CS1-dfs-group-1] active-active-gateway
[*DC2-CS1-dfs-group-1-active-active-gateway] peer 10.2.1.2
[*DC2-CS1-dfs-group-1-active-active-gateway] quit
[*DC2-CS1-dfs-group-1] quit
[*DC2-CS1] commit
DC2-CS1
[*DC2-CS1] ospf
[*DC2-CS1-ospf-1] area 0
[*DC2-CS1-ospf-1-area-0.0.0.0] network 192.168.10.1 0.0.0.0
[*DC2-CS1-ospf-1-area-0.0.0.0] quit
[*DC2-CS1-ospf-1] quit
[*DC2-CS1] commit
DC2-CS2
[~DC2-CS2] dfs-group 1
[*DC2-CS2-dfs-group-1] source ip 10.2.1.2
[*DC2-CS2-dfs-group-1] active-active-gateway
[*DC2-CS2-dfs-group-1-active-active-gateway] peer 10.2.1.1
[*DC2-CS2-dfs-group-1-active-active-gateway] quit
[*DC2-CS2-dfs-group-1] quit
[*DC2-CS2] commit
DC2-CS2
[*DC2-CS2] ospf
[*DC2-CS2-ospf-1] area 0
[*DC2-CS2-ospf-1-area-0.0.0.0] network 192.168.10.1 0.0.0.0
[*DC2-CS2-ospf-1-area-0.0.0.0] quit
[*DC2-CS2-ospf-1] quit
[*DC2-CS2] commit
7.6
7.7
DC2-CS1
#
assign forward nvo3 acl extend enable
2016-10-11 , 77 , 134
#
dfs-group 1
source ip 10.2.1.1
#
active-active-gateway
peer 10.2.1.2
#
ip tunnel mode vxlan
#
bridge-domain 10
vxlan vni 5000
#
interface eth-trunk 2
service type tunnel
#
interface Vbdif10
ip address 192.168.10.1 255.255.255.0
mac-address 0000-5e00-0101
#
interface 10ge1/0/24
eth-trunk 1
#
interface 40GE1/0/1
undo portswitch
ip address 10.2.13.1 255.255.255.0
#
interface 40GE1/0/5
undo portswitch
ip address 10.2.12.1 255.255.255.0
#
interface LoopBack0
ip address 10.2.1.1 255.255.255.255
#
interface LoopBack1
ip address 10.2.1.10 255.255.255.255
#
interface Nve1
source 10.2.1.10
vni 5000 head-end peer-list 10.2.1.3
#
ospf 1
area 0.0.0.0
network 10.2.12.1 0.0.0.0
network 10.2.13.1 0.0.0.0
network 10.2.1.1 0.0.0.0
network 10.2.1.10 0.0.0.0
network 192.168.10.1 0.0.0.0
#
return
DC2-CS2
#
assign forward nvo3 acl extend enable
#
dfs-group 1
source ip 10.2.1.2
#
active-active-gateway
peer 10.2.1.1
#
ip tunnel mode vxlan
#
bridge-domain 10
vxlan vni 5000
#
interface eth-trunk 2
service type tunnel
#
interface Vbdif10
ip address 192.168.10.1 255.255.255.0
mac-address 0000-5e00-0101
#
2016-10-11 , 78 , 134
interface 10ge1/0/24
eth-trunk 1
#
interface 40GE1/0/1
undo portswitch
ip address 10.2.23.2 255.255.255.0
#
interface 40GE1/0/5
undo portswitch
ip address 10.2.12.2 255.255.255.0
#
interface LoopBack0
ip address 10.2.1.2 255.255.255.255
#
interface LoopBack1
ip address 10.2.1.10 255.255.255.255
#
interface Nve1
source 10.2.1.10
vni 5000 head-end peer-list 10.2.1.3
#
ospf 1
area 0.0.0.0
network 10.2.12.2 0.0.0.0
network 10.2.23.2 0.0.0.0
network 10.2.1.2 0.0.0.0
network 10.2.1.10 0.0.0.0
network 192.168.10.1 0.0.0.0
#
return
DC2-AS
#
assign forward nvo3 acl extend enable
#
vlan batch 700
#
ip tunnel mode vxlan
#
bridge-domain 10
l2 binding vlan 700
vxlan vni 5000
#
interface 10GE1/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
device transceiver 10GBASE-COPPER
#
interface 10GE1/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
device transceiver 10GBASE-COPPER
#
interface 10GE1/0/3
port link-type trunk
port trunk allow-pass vlan 2 to 4094
device transceiver 10GBASE-COPPER
#
interface 10GE1/0/4
port link-type trunk
port trunk allow-pass vlan 2 to 4094
device transceiver 10GBASE-COPPER
#
interface 10GE1/0/5
port link-type trunk
port trunk allow-pass vlan 2 to 4094
device transceiver 10GBASE-COPPER
#
interface 10GE2/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
device transceiver 10GBASE-COPPER
2016-10-11 , 79 , 134
#
interface 10GE2/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
device transceiver 10GBASE-COPPER
#
interface 10GE2/0/3
port link-type trunk
port trunk allow-pass vlan 2 to 4094
device transceiver 10GBASE-COPPER
#
interface 10GE2/0/4
port link-type trunk
port trunk allow-pass vlan 2 to 4094
device transceiver 10GBASE-COPPER
#
interface 10GE2/0/5
port link-type trunk
port trunk allow-pass vlan 2 to 4094
device transceiver 10GBASE-COPPER
#
interface 40GE1/0/1
undo portswitch
ip address 10.2.13.3 255.255.255.0
#
interface 40GE2/0/1
undo portswitch
ip address 10.2.23.3 255.255.255.0
#
interface LoopBack0
ip address 10.2.1.3 255.255.255.255
#
interface Nve1
source 10.2.1.3
vni 5000 head-end peer-list 10.2.1.10
#
ospf 1
area 0.0.0.0
network 10.2.13.3 0.0.0.0
network 10.2.23.3 0.0.0.0
network 10.2.1.3 0.0.0.0
#
Return
2016-10-11 , 80 , 134
8 eSight
8.1
eSight
SNMP
eSight
8.2
8.2-1 eSight
8.3
1 SNMP
2 eSight
3 eSight
4 eSight
8.4
8.4.1 SNMP
SNMPv2 Trap
2016-10-11 , 81 , 134
IP IP
DC1-FW1 172.21.21.4
DC1-CS DC1-CS
[*DC1-CS] snmp-agent
[*DC1-CS] snmp-agent community read cipher Huawei@123
[*DC1-CS] snmp-agent community write cipher Huawei@456
[*DC1-CS] snmp-agent sys-info version v2c
[*DC1-CS] snmp-agent target-host trap address udp-domain 16.1.1.15 params
securityname cipher Huawei@123
[*DC1-CS] snmp-agent trap source MEth0/0/0/0
[*DC1-CS] snmp-agent trap enable
[*DC1-CS] commit
[DC1-FW1] snmp-agent
[DC1-FW1] snmp-agent community read Huawei@123
[DC1-FW1] snmp-agent community write Huawei@456
[DC1-FW1] snmp-agent sys-info version v2c
[DC1-FW1] snmp-agent target-host trap address udp-domain 16.1.1.15 params
securityname Huawei@123
[DC1-FW1] snmp-agent target-host trap address udp-domain 16.1.1.15 params
securityname Huawei@123 v2c
[DC1-FW1] snmp-agent trap source GigabitEthernet0/0/0
[DC1-FW1] snmp-agent trap enable
2 HCIE V2CTrap
Huawei@123
3->
2016-10-11 , 83 , 134
4 IP 172.21.21.1-172.21.21.80 Root
SNMP HCIE
2016-10-11 , 84 , 134
5->->
8.4.3 eSight
eSight
+
HCIE
Top N CPU
Top N
Top N
Top N
2016-10-11 , 85 , 134
8.4.4 eSight
eSight eSight
Web
->-> CPU
2016-10-11 , 86 , 134
CPU
2016-10-11 , 87 , 134
2016-10-11 , 88 , 134
2016-10-11 , 89 , 134
LUN LUN
LUN V3
admin
1. IP S5300T V3
LUN
2.
LUN
LUN
LUN LUN
3. LUN LUN
LUN LUN02_DC1 600G
SmartThin
NOTE: SmartThin Thin LUN
LUN LUN
4.
2016-10-11 , 90 , 134
5. SmartTier SmartQos
6. LUN
7.
2016-10-11 , 91 , 134
8. LUN
LUNGroup003_DC1 LUN02_DC1,
LUN
9. LUN LUN
10.
2016-10-11 , 92 , 134
11.
12. Linux
13. FC(
) WWN
2016-10-11 , 93 , 134
14.
15.
16.
2016-10-11 , 94 , 134
17.
HostGroup002_DC01
Host002_DC_1_H01 Host002_DC_1_H02
HostGroup002_DC01
2016-10-11 , 95 , 134
10
1. LUN LUN
--
2.
3. Pair
Metro()
4. 600G LUN
600G LUN LUN
2016-10-11 , 96 , 134
LUNv Pair
5. ()
6.
2016-10-11 , 97 , 134
7. LUN 20-30
8. LUN
9.
LUN LUN
2016-10-11 , 98 , 134
10.
11.
12.
2016-10-11 , 99 , 134
11 FusionCompute
1. FusionCompute
admin
DC1_Branch DC2_HQ
2.
3. 600G LUN
5.
6. 600G LUN
7. fcsan
8. DC1_Branch DC2_HQ
9. fcsan
3. +
DC1_Branch
4.
5. az1.dc
6.
7.
FusionCompute fcsan
8.
9.
13 FusionSphere OpenStack
10.
DC01 az1.dc
DC02
11.
12. DC01
fc-nova-compute
13. DC02
15.
16.
17.
DC=1
18. DC02
2016-10-11 , 109 , 134
19.
20.
21. VPC
Net01
23. DC2
14 VDC/VPC
1. cloud_adminFusionSphere123
ManageOne SC VDCVDC VDC
2. VDC
3. DC_Service
4. vdc
5. VDC
VDC VDC01
6. vdc01admin
vdc01user
vdc01admin
vdc01user
7. ManageOne SC ( ManageOne SC
web ) VDC vdc01admin VPC
8. VPC VPC
9.
10.
11. VPC
15
1.
ManageOne vdc01user
vdc01admin
ManageOne SC cloud_admin
FusionSphere123
2.
VDC
3.
4.
5.
6.
7. Cloud_VM
8. Cloud_VM
9. vdc01user ManageOne SC
10. Cloud_VM
11. Windows
12. DC01
13. Net01
14. :DC1_VM01
15.
17.
18.
19. vdc01user
21.
22. ManageOne SC
23. VNC
24.
25. Easywebsvr
Easywebsvr
26.
27. C:\
28.
29.
30.
31. C
16
2. FusionCompute eBackup
3. ebackup
4. ebackup
FusionSphere+
5. FusionCompute IP ebackup
6.
7. DC1_VM01
NFS NFS
OceanStor eBackup ebackup
8.
NFS
9. store
10.
11. -- backup
DC1_VM01
12.
Policy
13.
backup_play
14. backup
15. Policy
16. store
17.
18.
19.