HCIE-DC Lab Exercise Chinese Only 136 Pages 20160922

(http://learning.huawei.
com/cn
1e-learning /
HCNAHCNPe-Learning
HCIEHCIEe-Learning
HCIE Learning@huawei.com
2
+
/
3(LVC)
UC&C
LVC
4
eNSP
WLAN PlannerAP
eDesk
HedEx Lite
,

HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential 1

HCIE-DC
2016-10-11 , 1 , 134

HCIE-DC HCIE-DC
DC DC DC SDN

10
SDNeSight
HCIE-DC
HCIE-DC

DC
VS
DC Trill
Trill
DC M-LAG
M-LAG
DC
OSPF BGP
DC

DC VXLAN
VXLAN
DC eSight
eSight
LUN

FusionCompute FusionCompute
FusionCompute V3
FusionSphere OpenStack CPS FusionCompute
FusionCompute FusionSphere
OpenStack
FusionSphere OpenStack

2016-10-11 , 2 , 134

VDC/VPC VDC/VPC
VDC/VPC

CloudEngine 12800
CloudEngine 8800&7800&6800&5800
Huawei AR150&200&1200&2200&3200
HUAWEI USG6000 & NGFW Module
eSight
FusionCompute
FusionSphere ()
OceanStor 5300 V3&5500 V3&5600 V3&5800 V3&6800 V3
OceanStor eBackup

2016-10-11 , 3 , 134

1 ............................................................................................................... 8
1.1 .............................................................................................................. 8
1.2 ....................................................................................................... 8
1.3 ........................................................................................................... 9
2 .............................................................................................. 10
2.1 ................................................................................................................10
2.2 ......................................................................................................11
2.3 ................................................................................................................11
2.4 iStack ..............................................................................................12

2.4.1 .........................................................................................................12
2.4.2 TOR-1TOR-2 .....................................................................12
2.4.3 ..................................................................................................13
2.4.4 ...........................................................................................13
2.4.5 ........................................................................................14
2.4.6 .................................................................................14
2.4.7 ..................................................................................................14
2.4.8 ..................................................................................................15
2.4.9 ...........................................................................................16
2.4.10 ..................................................................................................16
2.5 CSS .................................................................................................16

2.5.1 .........................................................................................................16
2.5.2 ..................................................................................................17
2.5.3 CS1CS2 ............................................................................18
2.5.4 ..................................................................................................18
2.5.5 ...........................................................................................19
2.5.6 ..........................................................................19
2.5.7 ....................................................................................20
2.5.8 CSS DAD .............................................................................21
2.5.9 ...........................................................................................22
2.5.10 ..................................................................................................22
2016-10-11 , 4 , 134

2.6 VS ................................................................................................23
2.6.1 .........................................................................................................23
2.6.2 ...............................................................................................23
2.6.3 VS...........................................................................................................23
2.6.4 VS ...........................................................................24
2.6.5 ..................................................................................................24
2.6.6 VS IP ..................................................................25
2.6.7 VS ........................................................................26
2.6.8 VS .........................................................................................26
2.7 Eth-trunk .................................................................................................28

2.7.1 .........................................................................................................28
2.7.2 .........................................................................................................29
2.7.3 .........................................................................................................29
2.7.4 ..................................................................................................30
2.7.5 CS1 ..............................................................................................31
2.7.6 AS ................................................................................................31
3 -Trill ....................................................................................... 31
3.1 ................................................................................................................31
3.2 ......................................................................................................32
3.2.1 .........................................................................................................32
3.2.2 iStack ....................................................32
3.2.3 TRILL Carrier-vlan CE-vlan ...............................................34
3.2.4 TRILL ...............................................................34
3.2.5 nicknametrill-nameNET ....................................35
3.2.6 ..................................................................................................36
3.2.7 ..............................................37
3.2.8 ...................................................................38
3.2.9 TRILL .......................................................................................39
3.2.10 .........................................................................................................41
4 -M-LAG.................................................................................. 43
4.1 ................................................................................................................43
4.2 ......................................................................................................43
4.2.1 .........................................................................................................44
2016-10-11 , 5 , 134

4.3 ................................................................................................................44
4.3.1 DC2-AS Trill ................................................................................44
4.3.2 M-LAG ......................................................................................44
4.3.3 M-LAG Monitor Link ............................................................................46
4.3.4 M-LAG .............................................................................................46
4.3.5 ..................................................................................................48
5 .............................................................................................. 50
5.1 ................................................................................................................50
5.2 ......................................................................................................51
5.3 ................................................................................................................51
5.4 ................................................................................................................51
5.5 Trill M-LAG .........................................................................................52
5.6 IP .....................................................................................................53
5.7 OSPF .............................................................................................................54
5.8 BGP ...............................................................................................................57
5.9 ..........................................................................................................59
5.10 ................................................................................................................59
6 .............................................................................................. 63
6.1 ................................................................................................................63
6.2 ......................................................................................................63
6.3 ................................................................................................................63
6.4 ................................................................................................................64
6.4.1 IP ....................................................................................................64
6.4.2 ..................................................................................................66
6.4.3 HA ..........................................................................................................68
6.4.4 ..................................................................................................69
6.5 ................................................................................................................69
7 VXLAN ............................................................................. 74
7.1 ................................................................................................................74
7.2 ......................................................................................................74
2016-10-11 , 6 , 134

7.3 ................................................................................................................74
7.4 ................................................................................................................74
7.4.1 Loopback ..................................................................................74
7.4.2 ..................................................................................................75
7.4.3 VXLAN .....................................................................................75
7.5 ..........................................................................................................76
7.6 ................................................................................................................77
7.7 ................................................................................................................77
8 eSight ................................................................................................. 81
8.1 ................................................................................................................81
8.2 ......................................................................................................81
8.3 ................................................................................................................81
8.4 ................................................................................................................81
8.4.1 SNMP .......................................................................................81
8.4.2 eSight SNMP .......................................................................82
8.4.3 eSight .......................................................................................85
8.4.4 eSight .......................................................................................86
9 ............................................................................................................. 90
10 ............................................................................................................. 96
11 FusionCompute ....................................................................................... 100
12 FusionSphere OpenStack CPS ...................................................................... 103
13 FusionSphere OpenStack ............................................................................... 107
14 VDC/VPC ........................................................................................................ 113
15 ............................................................................................................... 117
16 ............................................................................................................... 128
2016-10-11 , 7 , 134

1.1
HCIE-DC SDN
FC SAN Openstack
VXLAN WEB
HCIE-DC

VXLAN
eSight
1.2
2016-10-11 , 8 , 134

1.2-1
1.3
2016-10-11 , 9 , 134

AR2200 3 V200R005C10
CE12804S 2 V100R006C00SPC600

CE6851-HI 2 V100R006C00SPC600
CE6850U-HI 4 V100R006C00SPC600
USG 6370 2 V200R001C00SPC300
eSight V300R003C20SPC002

MangeOne V100R002C30SPC200
SNS2124 4 V200R001C00SPC300

OceanStor5300 V3 2 V300R003C00SPC100
FusionSphere OpenStack V100R005C10
FusionManager V100R005C10SPC700

FusionCompute V100R005C10SPC701
eBackup V100R002C00SPC200
1.3-1
2.1

CE5800/6800/7800
CE12800 CSS
Eth-Trunk

CE12800 VS
CE12800 VS
2016-10-11 , 10 , 134

2.2
2-2.2-1

ToR

2-1 CS1 CS2
10GE1/0/0 10GE2/0/0
SIPSystem
Inter-Connect Port MPU
SIP
ToR-1 ToR-2 ToR-1 ToR-2
40GE1/0/540GE1/0/6 1/1
CE12804S
ToR CE6851-48S6Q-HI
2.3
2016-10-11 , 11 , 134

1 iStack iStack DAD
2 CSS CSS DAD
3 VS VS
4 Eth-trunk
2.4 iStack
2.4.1
1
ID
2

3

2.4.2 TOR-1TOR-2
TOR-1 ID 1 150Domain ID 10
<HUAWEI> system-view
[~HUAWEI] sysname TOR-1
[*HUAWEI] commit
[~TOR-1] stack
[~TOR-1-stack] stack member 1 priority 150
[*TOR-1-stack] stack member 1 domain 10
[*TOR-1-stack] quit
[*TOR-1] commit
ID 1 TOR-1 ID
1
TOR-2 ID 2Domain ID 10 100
[~HUAWEI] sysname TOR-2
[*HUAWEI] commit
[~TOR-2] stack
[~TOR-2-stack] stack member 1 renumber 2 inherit-config
Warning: The stack configuration of member ID 1 will be inherited to member
ID 2 after the device resets. Continue? [Y/N]: y
[*TOR-2-stack] stack member 1 domain 10
[*TOR-2-stack] quit
[*TOR-2] commit
2016-10-11 , 12 , 134

stack renumber new-member-id [ inherit-config ]

ID
inherit-config

inherit-config
ID
ID
inherit-config
2.4.3
TOR-1 40GE1/0/540GE1/0/6 1/1
[~TOR-1] interface stack-port 1/1

[*TOR-1-Stack-Port1/1] port member-group interface 40ge 1/0/5 to 1/0/6
Warning: The interface(s) (40GE1/0/5-1/0/6) will be converted to stack mode.
[Y/N]: y
[*TOR-1-Stack-Port1/1] quit
[*TOR-1] commit
[~TOR-1] quit
TOR-2 40GE1/0/540GE1/0/6 1/1
[~TOR-2] interface stack-port 1/1

[*TOR-2-Stack-Port1/1] port member-group interface 40ge 1/0/5 to 1/0/6
Warning: The interface(s) (40GE1/0/51/0/6) will be converted to stack
mode. [Y/N]: y
[*TOR-2-Stack-Port1/1] quit
[*TOR-2] commit
[~TOR-2] quit
2.4.4
display stack configuration

TOR-1
<TOR-1> display stack configuration

Oper : Operation
Conf : Configuration
* : Offline configuration
Isolated Port: The port is in stack mode, but does not belong to any
Stack-Port
Attribute Configuration:
-----------------------------------------
MemberID Domain Priority
Oper(Conf) Oper(Conf) Oper(Conf)
-----------------------------------------
1(1) --(10) 100(150)
-----------------------------------------
Stack-Port Configuration:
---------------------------------------------------------------------
Stack-Port Member Ports
---------------------------------------------------------------------
2016-10-11 , 13 , 134

Stack-Port1/1 40GE1/0/5 40GE1/0/6

---------------------------------------------------------------------
2.4.5
TOR-1TOR-2
<TOR-1> save
Warning: The current configuration will be written to the device. Continue?
[Y/N]: y
<TOR-1> reboot
Warning: The system will reboot. Continue? [Y/N]: y
2.4.6
2.4.7
<TOR-1> display stack

----------------------------------------------------------------------
MemberID Role MAC Priority DeviceType Description
----------------------------------------------------------------------
+1 Master 5451-1b81-57d0 150 CE6851-48S6Q-HI
2 Standby 5451-1b81-57e0 100 CE6851-48S6Q-HI
----------------------------------------------------------------------
+ indicates the device through which the user logs in.
<TOR-1> display stack topology

Stack Topology:
----------------------------------------------
Stack-Port 1 Stack-Port 2
MemberID Status Neighbor Status Neighbor
----------------------------------------------
1 up 2 -- --
2 up 1 -- --
----------------------------------------------
Stack Link:
----------------------------------------------------------------------
Stack-Port Port Status PeerPort PeerStatus
----------------------------------------------------------------------
Stack-Port1/1 40GE1/0/5 up 40GE2/0/5 up
----------------------------------------------------------------------
<TOR-1>dis stack configuration

Oper : Operation
Isolated Port : The port is in stack mode, but does not belong to any
Stack-Port
System Forwarding Model:

-------------------------------
Oper Conf
2016-10-11 , 14 , 134

-------------------------------
hybrid hybrid
-------------------------------
-----------------------------------------
MemberID Domain Priority
Oper(Conf) Oper(Conf) Oper(Conf)
-----------------------------------------
1(1) 10(10) 150(150)
2(2) 10(10) 100(100)
-----------------------------------------
----------------------------------------------------------------------
----------------------------------------------------------------------
Stack-Port1/1 40GE1/0/5 40GE1/0/6
Stack-Port2/1 40GE2/0/5 40GE2/0/6
----------------------------------------------------------------------
2.4.8

TOR-1 ToR-2

IP

Domain ID IP
Error-down
<TOR-1>system-view
Enter system view, return user view with return command.
[~TOR-1]interface MEth 0/0/0
[~TOR-1-MEth0/0/0]dual-active detect enable
[~TOR-1-MEth0/0/0]quit
[~TOR-1]commit
[~TOR-1]quit
IP

Console

IP
IP IP
IP
IP

<TOR-1>system-view
[~TOR-1]interface MEth 0/0/0
[~TOR-1-MEth0/0/0] dual-active backup ip address 172.21.21.40 255.255.0.0
member 2
[~TOR-1-MEth0/0/0]quit
2016-10-11 , 15 , 134

[~TOR-1]commit
[~TOR-1]quit
2.4.9
save
<TOR-1> save
[Y/N]: y
2.4.10
ToR-1
#
sysname TOR-1
#
stack
#
stack member 1 domain 10
stack member 1 priority 150
#
#
interface MEth0/0/0
ip address 172.21.21.17 255.255.0.0
dual-active backup ip address 172.21.21.40 255.255.0.0 member 2
dual-active detect enable
#
interface Stack-Port1/1
#
interface Stack-Port2/1
#
interface 40GE1/0/5
port mode stack
stack-port 1/1
port crc-statistics trigger error-down
device transceiver 40GBASE-COPPER
#
interface 40GE1/0/6
port mode stack
stack-port 1/1
#
interface 40GE2/0/5
port mode stack
stack-port 2/1
#
interface 40GE2/0/6
port mode stack
stack-port 2/1
#
Return
#
2.5 CSS
2.5.1
2016-10-11 , 16 , 134

1) CS1-CS2

2) CS1-CS2
ID
3) CS1-CS2

4) CS1-CS2
5)
2.5.2
CS1 CS2
SIP
SIP
2.5-1
2.5-2
CS1&CS2 CEMPU
CS1 CS2
A- Sip5/0/0 A- Sip5/0/0
A- Sip5/0/1 B- Sip6/0/0
B- Sip6/0/0 A- Sip5/0/1
B- Sip6/0/1 B- Sip6/0/1
2.5-1 MPU
2016-10-11 , 17 , 134

CS1&CS2 CELPU
CS1 CS2
10GE1/0/0 10GE1/0/0
10GE2/0/0 10GE2/0/0
2.5-2 LPU
2.5.3 CS1CS2
CS1 ID 1 200Domain ID 12

[~HUAWEI] sysname CS1
[*HUAWEI] commit
[~CS1] stack
[~CS1-stack] stack member 1
[~CS1-stack] stack priority 200
[*CS1-stack] stack domain 12
[*CS1-stack] stack link-type mainboard-direct
[*CS1-stack] quit
[*CS1] commit
CS2 ID 2 150Domain ID 12

[~HUAWEI] sysname CS2
[*HUAWEI] commit
[~CS2] stack
[~CS2-stack] stack member 2
Warning: The device will use the configuration of member ID 2 after the
device resets. Continue? [Y/N]: y
[*CS2-stack] stack priority 150
[*CS2-stack] stack domain 12
[*CS2-stack] stack link-type mainboard-direct
[*CS2-stack] quit
[*CS2] commit
stack link-type
linecard-direct
2.5.4
CS1 10GE1/0/0 10GE2/0/0

CS2 10GE1/0/0 10GE2/0/0 CS2
CS1
[~CS1] port-group group1

[*CS1-port-group-group1] group-member 10ge 1/0/0
[*CS1-port-group-group1] group-member 10ge 2/0/0
[*CS1-port-group-group1] shutdown
[*CS1-port-group-group1] quit
[*CS1] commit
[~CS1] interface stack-port 1
2016-10-11 , 18 , 134

[*CS1-Stack-Port1] port member-group interface 10ge 1/0/0

[*CS1-Stack-Port1] port member-group interface 10ge 2/0/0
[*CS1-Stack-Port1] quit
[*CS1] commit
[~CS1] port-group group1
[~CS1-port-group-group1] undo shutdown
[*CS1-port-group-group1] quit
[*CS1] commit
[~CS1] quit
2.5.5
display stack configuration

CS1
<CS1> display stack configuration

Oper : Operation
Isolated Port: The port is in stack mode, but does not belong to any
Stack-Port
---------------------------------------------------------------
MemberID Domain Priority Mode Enable
Oper(Conf) Oper(Conf) Oper(Conf) Oper(Conf) Oper
---------------------------------------------------------------
1(1) --(12) 100(200) MB(MB) Disable
---------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
Stack-Port1 10GE1/0/0 10GE2/0/0
---------------------------------------------------------------------
2.5.6
CS1
<CS1> save
[Y/N]: y
<CS1> system-view
[~CS1] stack
[~CS1-stack] stack enable
Warning: Make sure that one or more dual-active detection methods are
configured once the conversion is complete and the device ente
rs the stack mode.
Current configuration will be converted to the next startup
saved-configuration file of stack mode.
System will reboot. Continue? [Y/N]: y
CS2
<CS2> save
[Y/N]: y
<CS2> system-view
[~CS2] stack
[~CS2-stack] stack enable
Warning: Make sure that one or more dual-active detection methods are
configured once the conversion is complete and the device ente
rs the stack mode.
2016-10-11 , 19 , 134

Current configuration will be converted to the next startup

saved-configuration file of stack mode.
System will reboot. Continue? [Y/N]: y
2.5.7

CS1 STACK CS2 STACK
CS1 CS2
Console
IP
<CS1> display stack

----------------------------------------------------------------------
MemberID Role MAC Priority DeviceType Description
----------------------------------------------------------------------
1 Master e028-6148-7e00 200 CE12804S
2 Standby e028-6121-3000 150 CE12804S
----------------------------------------------------------------------
<CS1>display stack topology

Stack Forwarding Topology:
----------------------------
Stack-Port 1
MemberID Status Neighbor
----------------------------
1 up 2
2 up 1
----------------------------
Stack Management Topology:

--------------------------------------------
Port Status PeerPort
--------------------------------------------
Sip1/5/0/0 up Sip2/5/0/0
Sip1/5/0/1 up Sip2/6/0/0
Sip1/6/0/0 up Sip2/5/0/1
Sip1/6/0/1 up Sip2/6/0/1
Sip2/5/0/0 up Sip1/5/0/0
Sip2/5/0/1 up Sip1/6/0/0
Sip2/6/0/0 up Sip1/5/0/1
Sip2/6/0/1 up Sip1/6/0/1
--------------------------------------------
Stack Link:
----------------------------------------------------------------------
Stack-Port Port Status PeerPort PeerStatus
----------------------------------------------------------------------
Stack-Port1/1 10GE1/1/0/0 up 10GE2/1/0/0 up
----------------------------------------------------------------------
<CS1>display stack configuration

Oper : Operation
2016-10-11 , 20 , 134

Isolated Port : The port is in stack mode, but does not belong to any
Stack-Port
---------------------------------------------------------------
MemberID Domain Priority Mode Enable
Oper(Conf) Oper(Conf) Oper(Conf) Oper(Conf) Oper
---------------------------------------------------------------
1(1) 12(12) 200(200) MB(MB) Enable
2(2) 12(12) 150(150) MB(MB) Enable
---------------------------------------------------------------
----------------------------------------------------------------------
----------------------------------------------------------------------
Stack-Port1/1 10GE1/1/0/0 10GE1/2/0/0
Stack-Port2/1 10GE2/1/0/0 10GE2/2/0/0
----------------------------------------------------------------------
2.5.8 CSS DAD
CS1 CS2 10GE1/0/5

TOR-1 ToR-2

2.5-3
<CS1>system-view
[CS1]interface 10ge 1/1/0/5
[~CS-1-MEth0/0/0]dual-active detect mode direct
Warning: The interface will block common data packets, except BPDU packets.
Continue? [Y/N]: y
[~CS1-MEth0/0/0]quit
[CS1]interface 10ge 2/1/0/5
[~CS-1-MEth0/0/0]dual-active detect mode direct
Warning: The interface will block common data packets, except BPDU packets.
Continue? [Y/N]: y
[~CS1-MEth0/0/0]quit
[~CS1]commit
[CS1]quit
CSS
<CS1>display dual-active
Dual-active status: Normal
Dual-active detect mode: Direct
Dual-active detect configuration of MEth: Disable
Dual-active direct detect interfaces configured:
10GE1/1/0/5 up
10GE2/1/0/5 up
Dual-active relay detect interfaces configured:
-
Excluded ports(configurable):
-
2016-10-11 , 21 , 134

Excluded ports(can not be configured):

10GE1/1/0/0
10GE1/2/0/0
10GE2/1/0/0
10GE2/2/0/0
2.5.9
save
<CS1> save
[Y/N]: y
2.5.10
#
sysname CS1
#
stack
#
stack mode
#
#
#
interface 10GE1/1/0/0
port mode stack
stack-port 1/1
#
port mode stack
stack-port 1/1
#
port mode stack
stack-port 2/1
#
port mode stack
stack-port 2/1
#
dual-active detect mode direct
#
dual-active detect mode direct
#
interface Sip1/5/0/0
#
#
2016-10-11 , 22 , 134

#
#
#
#
#
#
Return
2.6 VS
2.6.1
vs1 vs2 vs1 vs2

VS VS VS IP

2.6.2
2.6-1 VS
1-1 CS1 CS2 CSS

VS VS1 VS2
2.6.3 VS
VS VS1 VS2 port VS1

10GE2/1/0/110G2/1/0/4 VS2 10GE2/2/0/1
10G2/2/0/4
Group VS
display device port-map [ slot slot-id ]
VS
[CS1]dis device port-map slot 1/1

----------------------------------------------------------------------
Slot Type Engine Interface
----------------------------------------------------------------------
1/1 CE-L24XS-EC 0 10GE1/1/0/0 - 10GE1/1/0/23
----------------------------------------------------------------------
VS1 VS2
[~CS1] admin
[~CS1-admin] virtual-system VS1
2016-10-11 , 23 , 134

[*CS1-admin-VS:VS1] port-mode port

[*CS1-admin-VS:VS1] assign interface 10GE 2/1/0/1 to 2/1/0/4
Warning: All configurations of the interfaces will be deleted. All
interfaces of the same group will be assigned. Continue? [Y/N]: y
[*CS1-admin-VS:VS1] quit
[*CS1-admin-VS:VS2] port-mode port
[*CS1-admin-VS:VS2] assign interface 10GE 2/2/0/1 to 2/2/0/4
Warning: All configurations of the interfaces will be deleted. All
interfaces of the same group will be assigned. Continue? [Y/N]: y
[*CS1-admin] commit
2.6.4 VS
Template-VS VS1 VS2 VS1

VS2 CPU 1VLAN 100
5IPv4 10000
VS
VS resource
display virtual-system[ name vs-name ] verbose
VS
[~CS1-admin]resource-template Template-VS
[*CS1-admin-template:Template-VS]resource cpu weight 1
[*CS1-admin-template:Template-VS]resource vlan upper-limit 100
[*CS1-admin-template:Template-VS]resource memory ratio-threshold 5
[*CS1-admin-template:Template-VS]resource u4route upper-limit 100000
[*CS1-admin-template:Template-VS]quit
[*CS1-admin]commit
[*CS1-admin-VS:VS1] assign resource-template Template-VS
[*CS1-admin-VS:VS2] assign resource-template Template-VS
[*CS1-admin] commit
2.6.5
VS1
[~CS1-admin] display virtual-system name VS1 verbose

Name : VS1
Status : running
Description :
Create time : 2016-08-08 14:59:09
Port mode : port
System MAC : e028-6148-7e20
Assigned slot(s)
pvmb : 1/5
pvmb : 1/6
pvmb : 2/5
pvmb : 2/6
CPU(s)
slot 1/6 : 0%
slot 2/5 : 0%
Memory(s)
slot 1/6 : 25%, 103528/404546 (Used Kbytes/Max Kbytes)
Disk(s)
1/5#flash:/VS_VS1: 0%, 20/3212276 (Used Kbytes/Max Kbytes)
2016-10-11 , 24 , 134


Assigned interface(s)
10GE2/1/0/1, slot 2/1
10GE2/1/0/2, slot 2/1
10GE2/1/0/3, slot 2/1
10GE2/1/0/4, slot 2/1
Assigned resource(s)
u4route : 100000(Max)
m4route : 1000(Max)
m6route : 100(Max)
vlan : 100(Max)
vpn-instance : 256(Max)
cpu : 1(weight)
memory : 5(ratio-threshold)
disk : 100(ratio-threshold)
mpls : disable
trill : disable
mcast : disable
vs2
[~CS1-admin] display virtual-system name VS2 verbose

Name : VS2
Status : running
Description :
Create time : 2016-08-08 14:59:50
Port mode : port
System MAC : e028-6148-7e28
Assigned slot(s)
pvmb : 1/5
pvmb : 1/6
pvmb : 2/5
pvmb : 2/6
CPU(s)
slot 1/6 : 0%
slot 2/5 : 0%
Memory(s)
Disk(s)
Assigned interface(s)
10GE2/2/0/1, slot 2/2
10GE2/2/0/2, slot 2/2
10GE2/2/0/3, slot 2/2
10GE2/2/0/4, slot 2/2
Assigned resource(s)
m4route : 1000(Max)
m6route : 100(Max)
vlan : 100(Max)
vpn-instance : 256(Max)
cpu : 1(weight)
memory : 5(ratio-threshold)
disk : 100(ratio-threshold)
mpls : disable
trill : disable
mcast : disable
2.6.6 VS IP
VS1 VS1 IP
2016-10-11 , 25 , 134

<DC1-CS1>switch virtual-system VS1

<DC1-CS1-VS1>system-view immediately
[DC1-CS1-VS1]int meth0/0/0/0
[DC1-CS1-VS1-MEth0/0/0/0]ip add 172.21.21.29 16
[DC1-CS1-VS1-MEth0/0/0/0]quit
[DC1-CS1-VS1]user-interface vty 0 4
[DC1-CS1-VS1-ui-vty0-4]authentication-mode password
Warning: The "password" authentication mode is not secure, and it is
strongly recommended to use "aaa" authentication mode.
[DC1-CS1-VS1-ui-vty0-4]set authentication password cipher Huawei@123
[DC1-CS1-VS1-ui-vty0-4]user privilege level 3
[DC1-CS1-VS1-ui-vty0-4]quit
[DC1-CS1-VS1]quit
<DC1-CS1-VS1>quit
VS2 VS2 IP
<DC1-CS1>switch virtual-system VS2

<DC1-CS1-VS2>system-view immediately
[DC1-CS1-VS2]int meth0/0/0/0
[DC1-CS1-VS2-MEth0/0/0/0]ip add 172.21.21.30 16
[DC1-CS1-VS2-MEth0/0/0/0]quit
[DC1-CS1-VS2]user-interface vty 0 4
[DC1-CS1-VS2-ui-vty0-4]authentication-mode password
[DC1-CS1-VS2-ui-vty0-4]set authentication password cipher Huawei@123
[DC1-CS1-VS2-ui-vty0-4]user privilege level 3
[DC1-CS1-VS2-ui-vty0-4]quit
[DC1-CS1-VS2]quit
<DC1-CS1-VS2>quit
2.6.7 VS
VS
IP Telnet VS PC

C:\Documents and Settings\Administrator> telnet 172.16.16.29 Enter

VS
Microsoft Windows [Version 6.1.7601]

Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\Administrator>telnet 172.21.21.29
Warning: Telnet is not a secure protocol, and it is recommended to use
Stelnet.
Password:
Info: The max number of VTY users is 5, the number of current VTY users
online i
s 2, and total number of terminal users online is 2.
The current login time is 2016-08-08 15:13:17.
<VS1>
2.6.8 VS
2016-10-11 , 26 , 134

#
sysname CS1
#
admin
resource-template Template-VS
resource u4route upper-limit 100000
resource vlan upper-limit 100
resource cpu weight 1
resource memory ratio-threshold 5
virtual-system VS1
port-mode port
resource m4route upper-limit 1000
undo resource mpls enable
undo resource trill enable
undo resource mcast enable
resource vpn-instance upper-limit 256
resource disk ratio-threshold 100
assign interface 10GE2/1/0/1
virtual-system VS2
port-mode port
undo resource mpls enable
undo resource trill enable
undo resource mcast enable
resource vpn-instance upper-limit 256
resource disk ratio-threshold 100
#
Return
VS1
#
sysname VS1
#
interface MEth0/0/0/0
ip address 172.21.21.29 255.255.0.0
#
#
#
#
#
interface NULL0
#
ssh authorization-type default aaa
#
user-interface vty 0 4
authentication-mode password
2016-10-11 , 27 , 134

user privilege level 3

set authentication password cipher
$1a$^1ID)_tem+$"41UL^4*u2vZTX%y[*!1y,IkLJH0mD7O\N&s<{l>$
#
VS2
#
sysname VS2
#
interface MEth0/0/0/0
ip address 172.21.21.30 255.255.0.0
#
#
#
#
#
interface NULL0
#
ssh authorization-type default aaa
#
user-interface vty 0 4
authentication-mode password
user privilege level 3
set authentication password cipher
$1a$~!mo7/C7W%$I+1BY/9J.T$5.!MVMlNYH1{y9Rj2w"M[>c3')4wW$
#
2.7 Eth-trunk
2.7.1
2016-10-11 , 28 , 134

2-1 Eth-Trunk

5-1 CS1 AS
Eth-Trunk
2.7.2
1) Eth-Trunk

2)

2.7.3
Eth-Trunk
CS1 Eth-Trunk10 CS1 AS
Eth-Trunk LACP
[~CS1] interface eth-trunk 10

[*CS1-Eth-Trunk10] trunkport 10ge 1/1/0/13
[*CS1-Eth-Trunk10] mode lacp-static
2016-10-11 , 29 , 134

[*CS1-Eth-Trunk10] quit
[*CS1] commit
[~AS] interface eth-trunk 10

[*AS-Eth-Trunk10] trunkport 10ge 1/0/13
[*AS-Eth-Trunk10] mode lacp-static
[*AS-Eth-Trunk10] quit
[*AS] commit
CS1
[~CS1] interface eth-trunk 10

[~CS1-Eth-Trunk1] undo local-preference disable
[*CS1] commit
2.7.4
display eth-trunk membership trunk-id

Eth-Trunk Eth-Trunk10
<CS1> display eth-trunk membership 10

Trunk ID: 10
Used Status: Valid
Type: Ethernet
Working Mode: Static
Number Of Ports in Trunk: 4
Number Of Up Ports in Trunk: 4
Operating Status: up
Interface 10GE1/1/0/13, valid, operate up, weight=1

Eth-trunk CS1
<CS1> display eth-trunk 10

Eth-Trunk10's state information is:
Local:
LAG ID: 10 Working Mode: Static
Preempt Delay: Disabled Hash Arithmetic: profile default
System Priority: 32768 System ID: e028-6148-7e01
Least Active-linknumber: 1 Max Active-linknumber: 32
Operating Status: up Number Of Up Ports In Trunk: 4
Timeout Period: Slow
----------------------------------------------------------------------
ActorPortName Status PortType PortPri PortNo PortKey PortState
Weight
10GE1/1/0/13 Selected 10GE 32768 9 2625 10111100 1
10GE1/1/0/14 Selected 10GE 32768 10 2625 10111100 1
10GE2/1/0/13 Selected 10GE 32768 11 2625 10111100 1
10GE2/1/0/14 Selected 10GE 32768 12 2625 10111100 1
Partner:
----------------------------------------------------------------------
ActorPortName SysPri SystemID PortPri PortNo PortKey
PortState
10GE1/1/0/13 32768 384c-4f0b-6a61 32768 1 2625
10111100
10GE1/1/0/14 32768 384c-4f0b-6a61 32768 4 2625
10111100
2016-10-11 , 30 , 134

10GE2/1/0/13 32768 384c-4f0b-6a61 32768 3 2625

10111100
10GE2/1/0/14 32768 384c-4f0b-6a61 32768 2 2625
10111100
2.7.5 CS1
#
sysname CS1
#
interface Eth-Trunk10
mode lacp-static
#
eth-trunk 10
#
eth-trunk 10
#
eth-trunk 10
#
eth-trunk 10
#
return
2.7.6 AS
#
sysname AS
#
mode lacp-static
#
interface 10GE1/0/13
eth-trunk 10
#
eth-trunk 10
#
eth-trunk 10
#
eth-trunk 10
#
Return
3 -Trill
3.1
TRILL
TRILL
TRILL
2016-10-11 , 31 , 134

3.2
3.2-1 Trill
RB1 RB2 RB3

TRILL
nickname

RB3 TRILL Cost
RB1 RB3 TRILL Trill
3.2.1
1 iStack
2 Trill Trill
3 Trill Trill
4 Trill Trill
3.2.2 iStack
DC2-CS1
<DC2-CS1>reset saved-configuration
The action will delete the saved configuration on the device.
The configuration will be erased to reconfigure.Continue? [Y/N]:Y
2016-10-11 , 32 , 134

Warning: Now the configuration on the device is being deleted.

Info: Succeeded in clearing the configuration in the device.
<DC2-CS1>reboot
slot 1:
Next startup system software: flash:/CE6851HI-V100R006C00SPC600.cc
Next startup saved-configuration file: NULL
Next startup paf file: default
Next startup patch package: NULL
Warning: The current configuration will be saved to the next startup
saved-configuration file. Continue? [Y/N]:N
Warning: The system will reboot. Continue? [Y/N]:Y
...
An initial password is required for the first login via the console.
Continue to set it? [Y/N]: y
Set a password and keep it safe! Otherwise you will not be able to login
via the console.
Please configure the login password (8-16)

Enter Password: Huawei@123
Confirm Password: Huawei@123
<Huawei>system-view immediately
[Huawei]sysname DC1-CS1
[DC1-CS1]undo telnet server disable
Warning: TELNET is not a secure protocol, and it is recommended to use
Stelnet.
[DC1-CS1]user-interface vty 0 4
[DC1-CS1-ui-vty0-4]authentication-mode password
[DC1-CS1-ui-vty0-4]set authentication password cipher Huawei@123
[DC1-CS1-ui-vty0-4]user privilege level 3
[DC1-CS1-ui-vty0-4]quit
[DC1-CS1]lldp enable
Info: Global LLDP is already enabled.
[DC1-CS1]interface MEth 0/0/0
[DC1-CS1-MEth0/0/0]ip address 172.21.21.17 16
[DC1-CS1-MEth0/0/0]quit
[DC1-CS1]quit
<DC1-CS1>
DC2-CS1
<DC2-CS1>reset saved-configuration
The action will delete the saved configuration on the device.
The configuration will be erased to reconfigure.Continue? [Y/N]:Y
Warning: Now the configuration on the device is being deleted.
Info: Succeeded in clearing the configuration in the device.
<DC2-CS1>reboot
slot 1:
Next startup system software: flash:/CE6851HI-V100R006C00SPC600.cc
Next startup saved-configuration file: NULL
Next startup paf file: default
Next startup patch package: NULL
Warning: The current configuration will be saved to the next startup
saved-configuration file. Continue? [Y/N]:N
Warning: The system will reboot. Continue? [Y/N]:Y
...
An initial password is required for the first login via the console.
Continue to set it? [Y/N]: y
Set a password and keep it safe! Otherwise you will not be able to login
via the console.
Please configure the login password (8-16)

Enter Password: Huawei@123
2016-10-11 , 33 , 134

Confirm Password: Huawei@123
<Huawei>system-view immediately
[Huawei]sysname DC1-CS2
[DC1-CS2]undo telnet server disable
Warning: TELNET is not a secure protocol, and it is recommended to use
Stelnet.
[DC1-CS2]user-interface vty 0 4
[DC1-CS2-ui-vty0-4]authentication-mode password
[DC1-CS2-ui-vty0-4]set authentication password cipher Huawei@123
[DC1-CS2-ui-vty0-4]user privilege level 3
[DC1-CS2-ui-vty0-4]quit
[DC1-CS2]lldp enable
Info: Global LLDP is already enabled.
[DC1-CS2]interface MEth 0/0/0
[DC1-CS2-MEth0/0/0]ip address 172.21.21.16 16
[DC1-CS2-MEth0/0/0]quit
[DC1-CS2]quit
<DC1-CS2>
3.2.3 TRILL Carrier-vlan CE-vlan
TRILL Carrier-vlan 2000

RB3 RB CE-vlan 200
RB1
<DC2-CS1>system-view
[~DC2-CS1]trill
[~DC2-CS1-trill]carrier-vlan 2000
[~DC2-CS1-trill]commit
[~DC2-CS1-trill]quit
RB2
[~DC2-CS2]trill
[~DC2-CS2-trill]carrier-vlan 2000
[~DC2-CS2-trill]quit
RB3
<DC2-AS>system-view
[~DC2-AS]trill
[~DC2-AS-trill]carrier-vlan 2000
[~DC2-AS-trill]ce-vlan 200
[~DC2-AS-trill]commit
[~DC2-AS-trill]quit
3.2.4 TRILL
TRILL
Trunk
2016-10-11 , 34 , 134

RB1
[~DC2-CS1]interface 40GigabitEthernet1/0/1
[~DC2-CS1-40GigabitEthernet1/0/1 ]port link-type trunk
[~DC2-CS1-40GigabitEthernet1/0/1 ]trill enable
[~DC2-CS1-40GigabitEthernet1/0/1 ]quit
[~DC2-CS1]commit
RB2
[~DC2-CS2]commit
RB3
[~DC2-AS]interface 40GigabitEthernet1/0/1
[~DC2-AS-40GigabitEthernet1/0/1 ]port link-type trunk
[~DC2-AS-40GigabitEthernet1/0/1 ]trill enable
[~DC2-AS-40GigabitEthernet1/0/1 ]quit
[~DC2-AS]commit
3.2.5 nicknametrill-nameNET
nickname trill-nameNET nickname

priority
RB1
[~DC2-CS1]trill
[~DC2-CS1-trill]network-entity 00.0000.0000.1111.00
Info: Ensure that the nickname is unique.
[~DC2-CS1-trill]nickname 1111 priority 255 root-priority 65535
[~DC2-CS1-trill]trill-name RB1
[~DC2-CS1-trill]display this
#
trill
trill-name RB1
network-entity 00.0000.0000.1111.00
nickname 1111 priority 255 root-priority 65535
carrier-vlan 2000
2016-10-11 , 35 , 134

#
return
RB2
[~DC2-CS2]trill
[~DC2-CS2-trill]network-entity 00.0000.0000.2222.00
[~DC2-CS2-trill]nickname 2222 priority 200 root-priority 60000
[~DC2-CS2-trill]trill-name RB2
[~DC2-CS2-trill]display this
#
trill
trill-name RB2
network-entity 00.0000.0000.2222.00
carrier-vlan 2000
#
return
RB3
[~DC2-AS]trill
[~DC2-AS-trill]trill-name RB3
[~DC2-AS-trill]network-entity 00.0000.0000.3333.00
[~DC2-AS-trill]commit
[~DC2-AS-trill]display this
#
trill
trill-name RB3
network-entity 00.0000.0000.3333.00
carrier-vlan 2000
ce-vlan 200
#
return
RB1 LSDB
<DC2-CS1>display trill lsdb

Database information for TRILL
----------------------------------------------------------------------
*(By LSPID)-Self LSP, +-Self LSP(Extended),
ATT-Attached, P-Partition, OL-Overload
Total LSP(s): 8
LSPID/Trill Name Seq Num Checksum HoldTime Length

ATT/P/OL
----------------------------------------------------------------------
RB1.00-00* 0x00000009 0x1ccd 1025 88 0/0/0
RB2.00-00 0x00000007 0x5ff9 1000 88 0/0/0
RB3.00-00 0x00000008 0x11d2 1021 99 0/0/0
RB3.00-01 0x00000004 0xb573 1021 46 0/0/0
RB3.00-00 0x00000026 0x1402 998 99 0/0/0
RB3.00-01 0x0000001f 0x5881 860 46 0/0/0
5451.1b81.57d1.00-00 0x0000002b 0xe71b 858 83 0/0/0
5451.1b81.57e1.00-00 0x0000002b 0xd778 860 83 0/0/0
3.2.6
RB1 Trill
<DC2-CS1>display trill interface

2016-10-11 , 36 , 134

Interface information for TRILL

----------------------------------------------------------------------
Total Interface(s): 2
Interface Circuit-ID State MTU Type DRB-State DVLAN Port-Type

----------------------------------------------------------------------
40GE1/0/1 054 UP 1497 L1 Non-DRB -- p2p
40GE1/0/2 055 UP 1497 L1 Non-DRB -- p2p
RB1 RB3 Trill
<DC2-CS1>display trill peer
Peer information for TRILL

----------------------------------------------------------------------
Total Peer(s): 2
System ID/Trill Name Interface Circuit ID State HoldTime Type

PRI
----------------------------------------------------------------------
RB3 40GE1/0/1 0000000030 Report 27s L1
RB3 40GE1/0/2 0000000061 Report 27s L1
Total Peer(s): 4
<DC2-AS>display trill peer

----------------------------------------------------------------------
Total Peer(s): 4
System ID/Trill Name Interface Circuit ID State HoldTime Type PRI

----------------------------------------------------------------------
RB1 40GE1/0/1 0000000053 Report 28s L1 --
RB2 40GE1/0/2 0000000054 Report 29s L1 --
RB2 40GE2/0/1 0000000053 Report 24s L1 --
RB1 40GE2/0/2 0000000054 Report 22s L1 --
RB3 Trill
<DC2-AS>display trill route
TRILL Unicast Routing Table

----------------------------------------------------------------------
Flags: D-Download To Fib
Total Route(s): 2
Nickname Cost Flag OutInterface OuterVlan NextHop Hop

----------------------------------------------------------------------
1111 500 D 40GE1/0/1 2000 1111/5451-1b81-57d1 1
40GE2/0/2 2000 1111/5451-1b81-57d1 1
2222 500 D 40GE1/0/2 2000 2222/5451-1b81-57e1 1
40GE2/0/1 2000 2222/5451-1b81-57e1 1
RB3 RB2 RB1
3.2.7
16 RB3
nickname RB3 RB2
2016-10-11 , 37 , 134


----------------------------------------------------------------------
Total Route(s): 2

----------------------------------------------------------------------
1111 500 D 40GE1/0/1 2000 1111/5451-1b81-57d1 1
40GE2/0/2 2000 1111/5451-1b81-57d1 1
2222 500 D 40GE1/0/2 2000 2222/5451-1b81-57e1 1
40GE2/0/1 2000 2222/5451-1b81-57e1 1
RB3
1
[~DC2-AS]trill
[~DC2-AS -trill]maximum load-balancing 1
[~DC2-AS -trill]commit
[~DC2-AS -trill]quit
number TRILL
number
RB ID ID RB
RB3 Trill

----------------------------------------------------------------------
Total Route(s): 2

----------------------------------------------------------------------
1111 500 D 40GE1/0/1 2000 1111/5451-1b81-57d1 1
2222 500 D 40GE1/0/2 2000 2222/5451-1b81-57e1 1
3.2.8

cost 500
RB3 RB3 RB1

40GE1/0/1 RB3 40GE2/0/2 600
RB3 16
<DC2-AS>system-view
[~DC2-AS]trill
[~DC2-AS-trill]maximum load-balance 16
[*DC2-AS-trill]quit
[*DC2-AS]interface 40GE 2/0/2
[*DC2-AS-40GE2/0/2]trill cost 600
[*DC2-AS-40GE2/0/2]quit
[*DC2-AS]commit
[~DC2-AS]quit
2016-10-11 , 38 , 134

<DC2-AS>
RB3 TRILL RB3 cost

RB3 RB1

----------------------------------------------------------------------
Total Route(s): 2

----------------------------------------------------------------------
1111 500 D 40GE1/0/1 2000 1111/5451-1b81-57d1 1
2222 500 D 40GE1/0/2 2000 2222/5451-1b81-57e1 1
40GE2/0/1 2000 2222/5451-1b81-57e1 1
3.2.9 TRILL
RB1 TRILL MD5 Huawei
[DC2-CS1]trill
[DC2-CS1-trill]area-authentication-mode md5 cipher Huawei
[DC2-CS1-trill]quit
[DC2-CS1]quit
<DC2-CS1>
RB1 TRILL LSDB

TRILL Hello LSDB LSP
TRILL LSP SNP RB1
RB LSP LSDB LSP
RB1

----------------------------------------------------------------------
Total Peer(s): 2

PRI
----------------------------------------------------------------------
RB3 40GE1/0/1 0000000030 Report 25s L1
RB3 40GE1/0/2 0000000061 Report 28s L1
RB1 Trill reset trill all Trill

----------------------------------------------------------------------
Total LSP(s): 1
LSPID/Trill Name Seq Num Checksum HoldTime Length ATT/P/OL

----------------------------------------------------------------------
RB1.00-00* 0x0000000c 0x67f8 1193 107 0/0/0
2016-10-11 , 39 , 134

RB2~RB3 TRILL RB1
RB2
[DC2-CS2]trill
[DC2-CS2-trill]area-authentication-mode md5 cipher Huawei
[DC2-CS2-trill]quit
[DC2-CS2]quit
<DC2-CS2>
RB3
[DC2-AS]trill
[DC2-AS-trill]area-authentication-mode md5 cipher Huawei
[DC2-AS-trill]quit
[DC2-AS]quit
<DC2-AS>
RB1 TRILL LSDB RB2 RB3

LSP

----------------------------------------------------------------------
Total LSP(s): 4
LSPID/Trill Name Seq Num Checksum HoldTime Length

ATT/P/OL
----------------------------------------------------------------------
RB1.00-00* 0x0000000e 0x12d2 1197 88 0/0/0
RB2.00-00 0x0000000a 0x59fc 1088 88 0/0/0
RB3.00-00 0x0000000f 0x03d9 1139 99 0/0/0
RB3.00-01 0x00000008 0xad77 1104 46 0/0/0
RB3.00-00 0x00000026 0x1402 208 99 0/0/0
RB3.00-01 0x0000001f 0x5881 70 46 0/0/0
5451.1b81.57d1.00-00 0x0000002b 0xe71b 68 83 0/0/0
5451.1b81.57e1.00-00 0x0000002b 0xd778 70 83 0/0/0
TRILL
TRILL TRILL
Hello
Hello
TRILL
TRILL
RB1 RB3 40GE1/0/1

simple 123456
RB3 40GE2/0/2 500
RB1
[*DC2-AS]interface 40GE 2/0/2
[*DC2-AS-40GE2/0/2]trill cost 500
2016-10-11 , 40 , 134

RB1

----------------------------------------------------------------------
Total Peer(s): 2

PRI
----------------------------------------------------------------------
RB3 40GE1/0/1 0000000030 Report 27s L1
RB3 40GE1/0/2 0000000061 Report 26s L1
RB1 40GE1/0/1
[~DC2-CS1]interface 40GE 1/0/1

[~DC2-CS1-40GE1/0/1]trill authentication-mode simple cipher 123456
[*DC2-CS1-40GE1/0/1]quit
[*DC2-CS1]commit
[~DC2-CS1]quit
<DC2-CS1>
RB1
RB1 TRILL RB1 RB3

40GE1/0/1 reset trill all
Trill

----------------------------------------------------------------------
Total Peer(s): 1

PRI
----------------------------------------------------------------------
RB3 40GE1/0/2 0000000061 Report 23s L1
RB3 40GE1/0/1 TRILL
[~DC2-AS]interface 40GE 1/0/1

[~DC2-AS-40GE1/0/1]trill authentication-mode simple cipher 123456
[*DC2-AS]commit
[~DC2-AS]quit
<DC2-AS>
RB1 RB3 RB1 RB3 40GE1/0/1

3.2.10
RB1
#
sysname DC2-CS1
#
2016-10-11 , 41 , 134

drop-profile default
#
trill
trill-name RB1
network-entity 00.0000.0000.1111.00
carrier-vlan 2000
area-authentication-mode md5 cipher %$%$-eFAUjux/+YnI|%*^%*^$%)*
#
interface 40GE1/0/1
port link-type trunk
undo port trunk allow-pass vlan 1
trill enable
trill authentication-mode simple
cipher %^%#bVwVF9@;{4}ePe/||8[4FsJ4<s#SBRE0pD"\&%3'%^%#
#
interface 40GE1/0/2
trill enable
#
RB2
#
sysname DC2-CS2
#
#
trill
trill-name RB2
network-entity 00.0000.0000.2222.00
carrier-vlan 2000
area-authentication-mode md5 cipher %$%$-_)(*&(^|NwsHa2,pg^%$%$
#
interface 40GE1/0/1
trill enable
#
interface 40GE1/0/2
trill enable
#
RB3
sysname DC2-AS
#
#
trill
trill-name RB3
network-entity 00.0000.0000.3333.00
carrier-vlan 2000
ce-vlan 200
nickname 3333
area-authentication-mode md5 cipher %$%$-eFAUjux/+YnI|NwsHa2,pg^%$%$
#
interface 40GE1/0/1
trill enable
2016-10-11 , 42 , 134

#
interface 40GE1/0/2
trill enable
#
interface 40GE2/0/1
trill enable
trill cost 500
#
interface 40GE2/0/2
trill enable
trill cost 500
#
4 -M-LAG
4.1
M-LAG
M-LAG
M-LAG
4.2
4.2-1 Trill
DC2-AS Trill ToR

DC2-CS1 DC2-CS2 M-LAG
2016-10-11 , 43 , 134

DC2-CS1 DC2-CS2 Monitor Link

4.2.1
1 DC2-AS Trill
2 M-LAG
3 M-LAG DFS V-STP
4 M-LAG Monitor Link
4.3
4.3.1 DC2-AS Trill
[DC2-AS]undo trill
Warning: The TRILL process will be deleted. Continue? [Y/N]:Y
[DC2-AS]quit
<DC2-AS>
4.3.2 M-LAG
DC2-AS
<DC2-AS> system-view
[*DC2-AS] interface 40GE1/0/1
[*DC2-AS-40GE1/0/1]undo port link-type
[*DC2-AS] interface eth-trunk 10
[*DC2-AS-Eth-Trunk10] mode lacp-static
[*DC2-AS-Eth-Trunk10] port link-type trunk
[*DC2-AS-Eth-Trunk10] port trunk allow-pass vlan 200
[*DC2-AS-Eth-Trunk10] trunkport 40ge 1/0/1 to 1/0/2
[*DC2-AS-Eth-Trunk10] trunkport 40ge 2/0/1 to 2/0/2
[*DC2-AS-Eth-Trunk10] quit
[*DC2-AS] commit
DC2-CS1 DC2-CS2 V-STPDFS Grouppeer-link M-LAG

DC2-CS1
2016-10-11 , 44 , 134

[~DC2-CS1] stp mode rstp

[*DC2-CS1] stp v-stp enable
[*DC2-CS1] dfs-group 1
[*DC2-CS1-dfs-group-1] source nickname 1111
[*DC2-CS1-dfs-group-1] pseudo-nickname 9999
[*DC2-CS1-dfs-group-1] priority 150
[*DC2-CS1-dfs-group-1] quit
[*DC2-CS1] interface 10GE1/0/20
[*DC2-CS1-10GE1/0/20]port link-type trunk
[*DC2-CS1-10GE1/0/20]trill enable
//10GE1/0/20 Trill
[*DC2-CS1-40GE1/0/1]undo trill enable
[*DC2-CS1-40GE1/0/1]undo port link-type
[*DC2-CS1] interface eth-trunk 1
[*DC2-CS1-Eth-Trunk1] trunkport 40ge 1/0/5
[*DC2-CS1-Eth-Trunk1] mode lacp-static
[*DC2-CS1-Eth-Trunk1] peer-link 1
[*DC2-CS1-Eth-Trunk1] port vlan exclude 2000
[*DC2-CS1-Eth-Trunk1] quit
//40GE1/0/5 40GE1/0/6 DFS Peer-link
[*DC2-CS1-Eth-Trunk10] port link-type trunk
[*DC2-CS1-Eth-Trunk10] port trunk allow-pass vlan 200
[*DC2-CS1-Eth-Trunk10] dfs-group 1 m-lag 1
[*DC2-CS1] commit
DC2-CS2
[~DC2-CS2] stp mode rstp

[*DC2-CS2] stp v-stp enable
[*DC2-CS2] dfs-group 1
[*DC2-CS2-dfs-group-1] source nickname 2222
[*DC2-CS2-dfs-group-1] pseudo-nickname 9999
[*DC2-CS2-dfs-group-1] priority 120
[*DC2-CS2-10GE1/0/20]port link-type trunk
[*DC2-CS2-10GE1/0/20]trill enable
//10GE1/0/20 Trill
[*DC2-CS2-Eth-Trunk1] peer-link 1
[*DC2-CS2-Eth-Trunk1] port vlan exclude 2000
//40GE1/0/5 40GE1/0/6 DFS Peer-link
[*DC2-CS2-Eth-Trunk10] port link-type trunk
[*DC2-CS2-Eth-Trunk10] port trunk allow-pass vlan 200
2016-10-11 , 45 , 134


[*DC2-CS2-Eth-Trunk10] dfs-group 1 m-lag 1
[*DC2-CS2] commit
4.3.3 M-LAG Monitor Link
DC2-CS1 DC2-CS2 LACP M-LAG ID
[~DC2-CS1] lacp m-lag priority 10

[*DC2-CS1] lacp m-lag system-id 00e0-fc00-0000
[*DC2-CS1] commit
[~DC2-CS1] lacp m-lag priority 10

[*DC2-CS1] lacp m-lag system-id 00e0-fc00-0000
[*DC2-CS1] commit
DC2-CS1 Monitor Link
[~DC2-CS1] monitor-link group 1

[*DC2-CS1-mtlk-group1] port 10ge 1/0/1 uplink
[*DC2-CS1-mtlk-group1] port eth-trunk 10 downlink 1
[*DC2-CS1-mtlk-group1] quit
[*DC2-CS1] commit
DC2-CS2 Monitor Link
[~DC2-CS2] monitor-link group 1

[*DC2-CS2-mtlk-group1] port 10ge 1/0/1 uplink
[*DC2-CS2-mtlk-group1] port eth-trunk 10 downlink 1
[*DC2-CS2-mtlk-group1] quit
[*DC2-CS2] commit
4.3.4 M-LAG
display dfs-group M-LAG DC2-CS1
[~DC2-CS1] display dfs-group 1 m-lag

* : Local node
Heart beat state : OK
Node 1 *
Dfs-Group ID : 1
Priority : 150
Address : nickname 1111
State : Master
Causation : -
System ID : 5451-1b81-57d1
SysName : DC2-CS1
Version : V100R006C00SPC600
Device Type : CE6851HI
Node 2
Dfs-Group ID : 1
Priority : 120
Address : nickname 2222
State : Backup
Causation : -
System ID : 5451-1b81-57e1
SysName : DC2-CS2
Version : V100R006C00SPC600
Device Type : CE6851HI
2016-10-11 , 46 , 134

DC2-CS1 M-LAG
[~DC2-CS1] display dfs-group 1 node 1 m-lag brief

* - Local node
M-Lag ID Interface Port State Status

1 Eth-Trunk 10 Up active(*)-active
DC2-CS2 M-LAG
[~DC2-CS2] display dfs-group 1 node 1 m-lag brief

* - Local node
M-Lag ID Interface Port State Status

1 Eth-Trunk 10 Up active-active(*)
DC2-CS1 M-LAG STP
<DC2-CS1>dis dfs-group 1 m-lag check stp

* : This option must be kept consistent on the local and
remote ends.
Local Remote Result
*Protocal Status : Enabled Enabled OK
Priority : 32768 32768 OK
*Foward Delay (s) : 15 15 OK
*Hello Time (s) : 2 2 OK
*Max Age (s) : 20 20 OK
DC2-CS1
<DC2-CS1>display eth-trunk 10
Local:
System Priority: 10 System ID: 00e0-fc00-0000
----------------------------------------------------------------------
----------
Weight
40GE1/0/1 Selected 40GE 32768 3 417 10111100 1
40GE1/0/2 Selected 40GE 32768 4 417 10111100 1
Partner:
----------------------------------------------------------------------
----------
PortState
40GE1/0/1 32768 384c-4f0b-6a51 32768 1 2721
10111100
40GE1/0/2 32768 384c-4f0b-6a51 32768 4 2721
10111100
DC2-AS
<DC2-AS>display eth-trunk 10
Local:
System Priority: 32768 System ID: 384c-4f0b-6a51
2016-10-11 , 47 , 134


----------------------------------------------------------------------
----------
Weight
40GE1/0/1 Selected 40GE 32768 1 2721 10111100 1
40GE1/0/2 Selected 40GE 32768 2 2721 10111100 1
40GE2/0/1 Selected 40GE 32768 3 2721 10111100 1
40GE2/0/2 Selected 40GE 32768 4 2721 10111100 1
Partner:
----------------------------------------------------------------------
----------
PortState
40GE1/0/1 10 00e0-fc00-0000 32768 3 417
10111100
40GE1/0/2 10 00e0-fc00-0000 32768 32772 417
10111100
40GE2/0/1 10 00e0-fc00-0000 32768 32771 417
10111100
40GE2/0/2 10 00e0-fc00-0000 32768 4 417
10111100
4.3.5
DC2-CS1
#
dfs-group 1
priority 150
source nickname 1111
pseudo-nickname 9999
#
stp mode rstp
stp v-stp enable
#
lacp m-lag system-id 00e0-fc00-0000
lacp m-lag priority 10
#
trill
trill-name RB1
network-entity 00.0000.0000.1111.00
carrier-vlan 2000
area-authentication-mode md5 cipher %$%$-eFAUjux/+YnI|%*^%*^$%)*
#
mode lacp-static
peer-link 1
port vlan exclude 2000
#
port trunk allow-pass vlan 200
mode lacp-static
dfs-group 1 m-lag 1
#
interface 10GE1/0/1
undo portswitch
ip address 10.2.6.1 255.255.255.252
#
trill enable
#
interface 40GE1/0/1
eth-trunk 10
2016-10-11 , 48 , 134

#
interface 40GE1/0/2
eth-trunk 10
#
interface 40GE1/0/5
eth-trunk 1
#
interface 40GE1/0/6
eth-trunk 1
#
monitor-link group 1
port 10GE1/0/1 uplink
port Eth-Trunk10 downlink 1
#
return
DC2-CS2
#
dfs-group 1
priority 120
source nickname 2222
pseudo-nickname 9999
#
stp mode rstp
stp v-stp enable
#
lacp m-lag system-id 00e0-fc00-0000
lacp m-lag priority 10
#
trill
trill-name RB2
network-entity 00.0000.0000.2222.00
carrier-vlan 2000
area-authentication-mode md5 cipher %$%$-_)(*&(^|NwsHa2,pg^%$%$
#
mode lacp-static
peer-link 1
port vlan exclude 2000
#
mode lacp-static
dfs-group 1 m-lag 1
#
interface 10GE1/0/1
undo portswitch
ip address 10.2.7.1 255.255.255.252
#
trill enable
#
interface 40GE1/0/1
eth-trunk 10
#
interface 40GE1/0/2
eth-trunk 10
#
interface 40GE1/0/5
eth-trunk 1
#
2016-10-11 , 49 , 134

interface 40GE1/0/6
eth-trunk 1
#
monitor-link group 1
port 10GE1/0/1 uplink
port Eth-Trunk10 downlink 1
#
return
DC2-AS
#
mode lacp-static
#
interface 40GE1/0/1
eth-trunk 10
#
interface 40GE1/0/2
eth-trunk 10
#
interface 40GE2/0/1
eth-trunk 10
#
interface 40GE2/0/2
eth-trunk 10
#
return
5.1

CE AR OSPF OSPF

CE AR BGP OSPF

2016-10-11 , 50 , 134

5.2
2-5.2-1
5.3
1 IP
2 OSPF OSPF
3 BGP BGP
5.4
IP
2016-10-11 , 51 , 134

IP IP
Eth-trunk 10 10.1.14.1/24 10ge1/0/1 10.2.14.1/24
10ge1/1/0/8 10.1.15.1/24 40ge1/0/1 10.2.13.1/24

DC1-CS DC2-CS1
10ge2/1/0/8 10.1.51.1/24 40ge1/0/5 10.2.12.1/24
Loopback0 10.1.1.1/32 Loopback0 10.2.1.1/32
DC1-AS Eth-trunk 10 10.1.14.4/24 10ge1/0/1 10.2.24.2/24
Loopback0 10.1.1.4/32 40ge1/0/1 10.2.23.2/24

DC2-CS2
G0/0/1 10.1.15.5/24 40ge1/0/5 10.2.12.2/24
Router1 G0/0/2 10.1.51.5/24 Loopback0 10.2.1.2/32
E1/0/0 12.1.1.1/30 40ge1/0/1 10.2.13.3/24
Loopback0 10.1.1.5/32 DC2-AS 40ge2/0/1 10.2.23.3/24
E1/0/0 12.1.1.2/30 Loopback0 10.2.1.3/24
Internet E2/0/0 21.1.1.2/30 G0/0/1 10.2.14.4/24
Loopback0 123.123.123.123/32 G0/0/2 10.2.24.4/24

Router2
E1/0/0 21.1.1.1/30
Loopback0 10.2.1.4/32
5.4-1 IP
5.5 Trill M-LAG
DC2-CS1
[DC2-CS1]interface 40GE 1/0/1

[DC2-CS1-40GE1/0/1]undo eth-trunk
[DC2-CS1-40GE1/0/1]quit
[DC2-CS1]undo interface Eth-Trunk 1
Info: Operating, please wait for a moment..........done.
[DC2-CS1]monitor-link group 1
[DC2-CS1-mtlk-group1]undo port 10GE 1/0/1 uplink
[DC2-CS1-mtlk-group1]q
[DC2-CS1]undo monitor-link group 1
[DC2-CS1]undo trill
Warning: The TRILL process will be deleted. Continue? [Y/N]:y
2016-10-11 , 52 , 134

Info: Operating, please wait for a moment....done.

[DC2-CS1]undo dfs-group 1
Warning: The DFS-group will be deleted. Continue? [Y/N]:y
[DC2-CS1]
DC2-CS2

Info: Operating, please wait for a moment..........done.
[DC2-CS2]monitor-link group 1
[DC2-CS2-mtlk-group1]undo port 10GE 1/0/1 uplink
[DC2-CS2-mtlk-group1]q
[DC2-CS2]undo monitor-link group 1
[DC2-CS2]undo trill
Warning: The TRILL process will be deleted. Continue? [Y/N]:y
Info: Operating, please wait for a moment....done.
[DC2-CS2]undo dfs-group 1
Warning: The DFS-group will be deleted. Continue? [Y/N]:y
[DC2-CS2]
DC2-AS
[DC2-AS]interface 40GE 1/0/1

[DC2-AS-40GE1/0/1]undo eth-trunk
[DC2-AS-40GE1/0/1]quit
[DC2-AS]undo interface Eth-Trunk 1
5.6 IP
DC1-CS IP IP
[~DC1-CS]interface eth-trunk 10
[~DC1-CS-Eth-Trunk 10]undo portswitch
[~DC1-CS-Eth-Trunk 10]ip address 10.1.14.1 24
[~DC1-CS-Eth-Trunk 10]quit
[~DC1-CS]interface 10ge1/1/0/8
[~DC1-CS-10GigabitEthernet1/1/0/8]undo portswitch
[~DC1-CS-10GigabitEthernet1/1/0/8]ip address 10.1.15.1 24
[~DC1-CS-10GigabitEthernet1/1/0/8]quit
[~DC1-CS-10GigabitEthernet2/1/0/8]undo portswitch
[~DC1-CS-10GigabitEthernet2/1/0/8]ip address 10.1.51.1 24
[~DC1-CS]interface LoopBack 0
[~DC1-CS-LoopBack0]ip address 10.1.1.1 32
2016-10-11 , 53 , 134

[~DC1-CS-LoopBack0]quit
[~DC1-CS]commit
5.7 OSPF
2016-10-11 , 54 , 134

OSPF OSPF
Eth-trunk 10 10ge1/0/1
10ge1/1/0/3 0 40ge1/0/1
DC1-CS DC2-CS1 0
10ge2/1/0/3 40ge1/0/5
Loopback0 Loopback0
Eth-trunk 10 10ge1/0/1
DC1-AS 0
Loopback0 40ge1/0/1
DC2-CS2 0
G0/0/1 40ge1/0/5
Router1
G0/0/2 0 Loopback0
Loopback0 40ge1/0/1
G0/0/1 DC2-AS 40ge2/0/1 0
Router2 G0/0/2 0 Loopback0
Loopback0
5.7-1OSPF
DC1-CS OSPF 3.6 OSPF

1
[~DC1-CS]ospf 1 router-id 10.1.1.1

\\ OSPF router-id
[~DC1-CS-ospf-1]area 0
\\
[~DC1-CS-ospf-1-area-0.0.0.0]network 10.1.14.1 0.0.0.0
[~DC1-CS-ospf-1]commit
OSPF DC1-CS
<DC1-CS>display ospf peer brief

OSPF Process 1 with Router ID 10.1.1.1
Peer Statistic Information
Total number of peer(s): 3
Peer(s) in full state: 3
----------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 10GE1/1/0/8 10.1.1.5 Full
0.0.0.0 10GE2/1/0/8 10.1.1.5 Full
0.0.0.0 Eth-Trunk10 10.1.1.4 Full
----------------------------------------------------------------------
OSPF DC2-CS1
2016-10-11 , 55 , 134

<DC2-CS>display ospf peer brief

OSPF Process 1 with Router ID 10.2.1.1
Peer Statistic Information
Total number of peer(s): 3
Peer(s) in full state: 3
----------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 10GE1/0/1 10.2.1.4 Full
0.0.0.0 40GE1/0/1 10.2.1.3 Full
0.0.0.0 40GE1/0/5 10.2.1.2 Full
----------------------------------------------------------------------
OSPF
DC1-CS DC1-AS DC1-CS DR
Hello Hello
Smart-discover
DC1-CS
[~DC1-CS]interface eth-trunk 10
[~DC1-CS-Eth-Trunk10]ospf dr-priority 255
[~DC1-CS-Eth-Trunk10]ospf smart-discover
Info: OSPF smart-discover is enabled.
[~DC1-CS-Eth-Trunk10]quit
[~DC1-CS]commit
DC1-AS
[~DC1-AS]interface eth-trunk 10
[~DC1-AS-Eth-Trunk10]ospf smart-discover
Info: OSPF smart-discover is enabled.
[~DC1-AS-Eth-Trunk10]quit
[~DC1-AS]commit
OSPF
DC1-CS Router1
MD5 Key ID 1 Huawei@123
DC1-CS
[~DC1-CS-10GigabitEthernet1/1/0/8]ospf authentication-mode md5 1 cipher
Huawei@123
[~DC1-CS-10GigabitEthernet2/1/0/8]ospf authentication-mode md5 1 cipher
Huawei@123
[~DC1-CS]commit
Router1
[Router1]interface ge0/0/1
[Router1-GigabitEthernet0/0/1]ospf authentication-mode md5 1 cipher
Huawei@123
[Router1-GigabitEthernet0/0/1]quit
[Router1]interface ge0/0/2
[Router1-GigabitEthernet0/0/2]ospf authentication-mode md5 1 cipher
Huawei@123
[Router1-GigabitEthernet0/0/2]quit
2016-10-11 , 56 , 134

[Router1]
OSPF
VS1 VS2 Stub LSDB

DC1-CS
[~DC1-CS]ospf 1
[~DC1-CS-ospf-1-area-0.0.0.1]stub
[~DC1-CS-ospf-1-area-0.0.0.1]quit
[~DC1-CS-ospf-1-area-0.0.0.2]stub
VS1
[~VS1]ospf 1
[~VS1-ospf-1]area 1
[~VS1-ospf-1-area-0.0.0.1]stub
[~VS1-ospf-1-area-0.0.0.1]quit
[~VS1-ospf-1]commit
VS2
[~VS2]ospf 1
[~VS2-ospf-1]area 2
[~VS2-ospf-1-area-0.0.0.2]stub
[~VS2-ospf-1-area-0.0.0.2]quit
[~VS2-ospf-1]commit
5.8 BGP
BGP AS BGP
Router1 1000 12.1.1.1
Router2 2000 21.1.1.1
12.1.1.2
Internet 123
21.1.1.2
5.8-1 BGP AS
Router1 BGP
<Router1>system-view
[Router1]bgp 1000
[Router1-bgp]router-id 10.1.1.1
[Router1-bgp]peer 12.1.1.2 as-number 123
[Router1-bgp]quit
[Router1]quit
<Router1>
2016-10-11 , 57 , 134

Router2 BGP
[Router2]bgp 2000
[Router2-bgp]router-id 10.2.1.4
[Router2-bgp]peer 21.1.1.2 as-number 123
[Router2-bgp]quit
[Router2]quit
<Router2>
Internet BGP Internet
<Internet>system-view
[Internet]bgp 123
[Internet-bgp]router-id 123.123.123.123
[Internet-bgp]peer 12.1.1.1 as-number 1000
[Internet-bgp]peer 21.1.1.1 as-number 2000
[Internet-bgp]network 123.123.123.123 255.255.255.255
[Internet-bgp]quit
[Internet]quit
<Internet>
BGP DC1-Router
<DC1-Router>display bgp peer
BGP local router ID : 10.1.1.1

Local AS number : 1000
Total number of peers : 1 Peers in established state : 1
Peer V AS MsgRcvd MsgSent OutQ Up/Down State

PrefRcv
12.1.1.2 4 123 10 5 0 00:02:09 Established

6
BGP DC1-Router
<DC1-Router>display bgp routing-table
BGP Local router ID is 10.1.1.1

Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 6

Network NextHop MED LocPrf PrefVal Path/Ogn
12.1.1.0/30 12.1.1.2 0 0 123i

*> 21.1.1.0/30 12.1.1.2 0 0 123i
*> 112.1.1.0/30 12.1.1.2 0 0 123i
*> 123.123.123.123/32 12.1.1.2 0 0 123i
*> 172.22.22.0/24 12.1.1.2 0 0 123i
*> 221.1.1.0/30 12.1.1.2 0 0 123i
BGP
BGP GTSM
IP TTL
Router1 BGP
2016-10-11 , 58 , 134

[Router1]bgp 1000
[Router1-bgp]peer 12.1.1.2 valid-ttl-hops 1
[Router1-bgp]quit
[Router1]quit
<Router1>
Router2 BGP
[Router2]bgp 2000
[Router2-bgp]peer 21.1.1.1 valid-ttl-hops 1
[Router2-bgp]quit
[Router2]quit
<Router2>
5.9
BGP OSPF
123.123.123.123 Router1

Router1 BGP OSPF
[Router1]bgp 1000
[Router1-bgp]import ospf 1
[Router1-bgp]quit
[Router1]quit
<Router1>
Router1 OSPF BGP
[Router1]ospf 1
[Router1-bgp]import bgp
[Router1-bgp]quit
[Router1]quit
<Router1>
5.10
DC1-Router
#
sysname DC1-Router
#
interface Ethernet1/0/0
ip address 12.1.1.1 255.255.255.252
#
ip address 112.1.1.1 255.255.255.252
#
interface GigabitEthernet0/0/0
ip address 172.21.21.2 255.255.0.0
#
ip address 10.1.15.5 255.255.255.0
#
ip address 10.1.51.5 255.255.255.0
#
interface LoopBack0
2016-10-11 , 59 , 134

ip address 10.1.1.5 255.255.255.255

#
bgp 1000
router-id 10.1.1.1
peer 12.1.1.2 as-number 123
peer 12.1.1.2 valid-ttl-hops 1
#
ipv4-family unicast
undo synchronization
import-route ospf 1
peer 12.1.1.2 enable
#
ospf 1 router-id 10.1.1.5
import-route bgp
area 0.0.0.0
network 10.1.1.5 0.0.0.0
network 10.1.15.5 0.0.0.0
network 10.1.51.5 0.0.0.0
#
DC1-CS
#
undo portswitch
ip address 10.1.14.1 255.255.255.0
ospf dr-priority 255
ospf smart-discover
mode lacp-static
#
undo portswitch
ip address 10.1.15.1 255.255.255.0
device transceiver 1000BASE-T
#
undo portswitch
ip address 10.1.51.1 255.255.255.0
#
interface LoopBack0
ip address 10.1.1.1 255.255.255.255
#
area 0.0.0.0
network 10.1.1.1 0.0.0.0
network 10.1.14.1 0.0.0.0
network 10.1.15.1 0.0.0.0
network 10.1.51.1 0.0.0.0
DC1-AS
#
undo portswitch
ip address 10.1.14.4 255.255.255.0
ospf smart-discover
mode lacp-static
#
interface LoopBack0
ip address 10.1.1.4 255.255.255.255
#
interface NULL0
#
area 0.0.0.0
network 10.1.1.4 0.0.0.0
network 10.1.14.4 0.0.0.0
2016-10-11 , 60 , 134

DC2-Router
#
sysname DC2-Router
#
ip address 21.1.1.1 255.255.255.252
#
ip address 221.1.1.1 255.255.255.252
#
ip address 172.21.21.15 255.255.0.0
#
ip address 10.2.14.4 255.255.255.0
#
ip address 10.2.24.4 255.255.255.0
#
interface LoopBack0
ip address 10.2.1.4 255.255.255.255
#
bgp 2000
router-id 10.2.1.4
peer 21.1.1.2 as-number 123
#
ipv4-family unicast
undo synchronization
peer 21.1.1.2 enable
#
area 0.0.0.0
network 10.2.1.4 0.0.0.0
network 10.2.14.4 0.0.0.0
network 10.2.41.4 0.0.0.0
#
DC2-CS1
#
interface 10GE1/0/1
undo portswitch
ip address 10.2.14.1 255.255.255.0
#
interface 40GE1/0/1
undo portswitch
ip address 10.2.13.1 255.255.255.0
#
interface 40GE1/0/5
undo portswitch
ip address 10.2.12.1 255.255.255.0
#
interface 40GE1/0/6
#
interface LoopBack0
ip address 10.2.1.1 255.255.255.255
#
area 0.0.0.0
network 10.2.1.1 0.0.0.0
network 10.2.12.1 0.0.0.0
network 10.2.13.1 0.0.0.0
network 10.2.14.1 0.0.0.0
DC2-CS2
2016-10-11 , 61 , 134

#
interface 10GE1/0/1
undo portswitch
ip address 10.2.24.2 255.255.255.0
#
interface 40GE1/0/1
undo portswitch
ip address 10.2.23.2 255.255.255.0
#
interface 40GE1/0/5
undo portswitch
ip address 10.2.12.2 255.255.255.0
#
interface LoopBack0
ip address 10.2.1.2 255.255.255.255
#
area 0.0.0.0
network 10.2.1.2 0.0.0.0
network 10.2.12.2 0.0.0.0
network 10.2.23.2 0.0.0.0
network 10.2.24.4 0.0.0.0
#
DC2-AS
#
interface 40GE1/0/1
undo portswitch
ip address 10.2.13.3 255.255.255.0
#
interface 40GE2/0/1
undo portswitch
ip address 10.2.23.3 255.255.255.0
#
interface LoopBack0
ip address 10.2.1.3 255.255.255.0
#
area 0.0.0.0
network 10.2.1.3 0.0.0.0
network 10.2.13.3 0.0.0.0
network 10.2.31.3 0.0.0.0
#
2016-10-11 , 62 , 134

6.1
NGFW
NGFW HA
NFGW
NGFW UTM
6.2
192.168.60.0 HTTPS

6.2-1
6.3
2016-10-11 , 63 , 134

1 IP
2 OSPF
3 HA
4
6.4
6.4.1 IP
IP
VLANIF 123 10.1.123.1/24

DC1-CS
VLANIF 231 10.1.231.1/24
G2/0/8 10.1.123.2/24
DC1-FW1 G2/0/9 10.1.231.2/24
G1/0/0 10.1.23.2/24
G2/0/8 10.1.123.3/24
DC1-FW2 G2/0/9 10.1.231.3/24
G1/0/0 10.1.23.3/24
6.4-1 IP
DC1-CS IP
[~DC1-CS]vlan 123
[~DC1-CS-vlan123]quit
[~DC1-CS]vlan 231
[~DC1-CS-vlan231]quit
[~DC1-CS]interface vlanif 123
[~DC1-CS-vlan123]ip address 10.1.123.1 24
[~DC1-CS]quit
[~DC1-CS]interface vlanif 231
[~DC1-CS-vlan231]ip address 10.1.231.1 24
[~DC1-CS]quit
[~DC1-CS-10GigabitEthernet1/1/0/4]port link-type trunk
[~DC1-CS-10GigabitEthernet1/1/0/4]port trunk allow-pass vlan 123 231
[~DC1-CS-10GigabitEthernet1/2/0/4]port link-type trunk
[~DC1-CS-10GigabitEthernet1/2/0/4]port trunk allow-pass vlan 123 231
[~DC1-CS]commit
2016-10-11 , 64 , 134

VS1
[~VS1]vlan 123
[~VS1-vlan123]quit
[~VS1]vlan 231
[~VS1-vlan231]quit
[~VS1]interface 10ge2/1/0/4
[~VS1-10GigabitEthernet2/1/0/4]port link-type trunk
[~VS1-10GigabitEthernet2/1/0/4]port trunk allow-pass vlan 123 231
[~VS1-10GigabitEthernet2/1/0/4]quit
[~VS1-10GigabitEthernet2/1/0/1]port link-type access
[~VS1-10GigabitEthernet2/1/0/1]port default vlan 123
[~VS1]commit
VS2
[~VS2]vlan 123
[~VS2-vlan123]quit
[~VS2]vlan 231
[~VS2-vlan231]quit
[~VS2-10GigabitEthernet2/2/0/4]port link-type trunk
[~VS2-10GigabitEthernet2/2/0/4]port trunk allow-pass vlan 123 231
[~VS2]commit
DC1-FW1 IP
<DC1-FW1>system-view
Enter system view, return user view with Ctrl+Z.
[DC1-FW1]int GigabitEthernet2/0/8
[DC1-FW1-GigabitEthernet2/0/8]ip address 10.1.123.2 255.255.255.0
[DC1-FW1-GigabitEthernet2/0/8]quit
DC1-FW2 IP
2016-10-11 , 65 , 134

6.4.2
G2/0/8 Untrust 85
DC1-FW1 G2/0/9 Trust 5
G1/0/0 HA 10
G2/0/8 Untrust 85
DC1-FW2 G2/0/9 Trust 5
G1/0/0 HA 10
6.4-2
DC1-FW1
[DC1-FW1]firewall zone trust
[DC1-FW1-zone-trust]add interface GigabitEthernet 2/0/9
[DC1-FW1-zone-trust]quit
[DC1-FW1]firewall zone untrust
[DC1-FW1-zone-untrust]add interface GigabitEthernet 2/0/8
[DC1-FW1-zone-untrust]quit
[DC1-FW1]firewall zone name HA
[DC1-FW1-zone-HA]set priority 10
[DC1-FW1-zone-HA]add interface GigabitEthernet 1/0/0
[DC1-FW1-zone-HA]quit
DC1-FW2
[DC1-FW2]firewall zone trust
[DC1-FW2-zone-trust]add interface GigabitEthernet 2/0/9
[DC1-FW2-zone-trust]quit
[DC1-FW2]firewall zone untrust
[DC1-FW2-zone-untrust]add interface GigabitEthernet 2/0/8
[DC1-FW2-zone-untrust]quit
[DC1-FW2]firewall zone name HA
[DC1-FW2-zone-HA]set priority 10
[DC1-FW2-zone-HA]add interface GigabitEthernet 1/0/0
[DC1-FW2-zone-HA]quit
DC1-FW1 DC1-FW2
2016-10-11 , 66 , 134

6.4-1
DC1-CS
[DC1-CS] acl 3000

[DC1-CS-acl-adv-3000] rule permit ip destination 192.168.60.0 0.0.0.255
[DC1-CS-acl-adv-3000] quit
[DC1-CS] traffic classifier in
[DC1-CS-classifier-in] if-match acl 3000
[DC1-CS-classifier-in] quit
[DC1-CS] traffic behavior in
[DC1-CS-behavior-in] redirect nexthop 10.1.123.254
[DC1-CS-behavior-in] quit
[DC1-CS] traffic policy in
[DC1-CS-trafficpolicy-in] classifier in behavior in
[DC1-CS-trafficpolicy-in] quit
[DC1-CS] interface 10GE1/1/0/8
[DC1-CS-10GE1/1/0/8] traffic-policy in inbound
[DC1-CS-10GE1/1/0/8] quit
[DC1-CS] interface 10GE2/1/0/8
[DC1-CS-10GE2/1/0/8] traffic-policy in inbound
[DC1-CS-10GE2/1/0/8] quit
DC1-CS OSPF
[~DC1-CS]ospf 1
DC1-FW1 , 192.168.60.0 trust
[DC1-FW1] ospf 1
[DC1-FW1-ospf-10] area 1
[DC1-FW1-ospf-10-area-0.0.0.1] network 10.1.123.2 0.0.0.0
2016-10-11 , 67 , 134

[DC1-FW1-ospf-10-area-0.0.0.1] quit
[DC1-FW1]ip service-set OSPF type object
[DC1-FW1-object-service-set-OSPF]service 0 protocol 89
[DC1-FW1-object-service-set-OSPF]quit
[DC1-FW1] security-policy
[DC1-FW1-policy-security] rule name ospf
[DC1-FW1-policy-security-rule-ospf] source-zone local untrust
[DC1-FW1-policy-security-rule-ospf] destination-zone local untrust
[DC1-FW1-policy-security-rule-ospf] service OSPF
[DC1-FW1-policy-security-rule-ospf] action permit
[DC1-FW1] ip route-static 192.168.60.0 255.255.255.0 10.1.231.1
preference 5
DC1-FW2 , 192.168.60.0 trust
[DC1-FW2] ospf 1
[DC1-FW2-ospf-10] area 1
[DC1-FW2-ospf-10-area-0.0.0.1] network 10.1.123.3 0.0.0.0
[DC1-FW2-ospf-10-area-0.0.0.1] quit
[DC1-FW2]ip service-set OSPF type object
[DC1-FW2-object-service-set-OSPF]service 0 protocol 89
[DC1-FW2-object-service-set-OSPF]quit
[DC1-FW2] security-policy
[DC1-FW2-policy-security] rule name ospf
[DC1-FW2-policy-security-rule-ospf] source-zone local untrust
[DC1-FW2-policy-security-rule-ospf] destination-zone local untrust
[DC1-FW2-policy-security-rule-ospf] service OSPF
[DC1-FW2-policy-security-rule-ospf] action permit
[DC1-FW2] ip route-static 192.168.60.0 255.255.255.0 10.1.231.1
preference 5
6.4.3 HA
HA link-group
DC1-FW1 DC1-FW2 ( DC1-FW2
DC1-FW1 )
DC1-FW1 HA
[DC1-FW1]hrp enable
[DC1-FW1]interface GigabitEthernet 2/0/8
[DC1-FW1-GigabitEthernet2/0/8]link-group 1
[DC1-FW1-GigabitEthernet2/0/8]vrrp vrid 1 virtual-ip 10.1.123.254 active
[DC1-FW1-GigabitEthernet2/0/8]vrrp virtual-mac enable
[DC1-FW1-GigabitEthernet2/0/8]hrp track active
[DC1-FW1]hrp interface GigabitEthernet 1/0/0 remote 10.1.23.3
HRP_A[DC1-FW1]security-policy
HRP_A[DC1-FW1-policy-security]rule name hrp
HRP_A[DC1-FW1-policy-security-hrp]source-zone local HA
HRP_A[DC1-FW1-policy-security-hrp]destination-zone local HA
HRP_A[DC1-FW1-policy-security-hrp]source-address 10.1.23.2 32
HRP_A[DC1-FW1-policy-security-hrp]source-address 10.1.23.3 32
HRP_A[DC1-FW1-policy-security-hrp]destination-address 10.1.23.2 32
HRP_A[DC1-FW1-policy-security-hrp]action permit
HRP_A[DC1-FW1-policy-security-hrp]quit
HRP_A[DC1-FW1-policy-security]quit
HRP_A[DC1-FW1]
DC1-FW2 HA HA
DC1-FW2
2016-10-11 , 68 , 134

[DC1-FW2]hrp enable
[DC1-FW2-GigabitEthernet2/0/8]vrrp vrid 1 virtual-ip 10.1.123.254
standby
[DC1-FW2-GigabitEthernet2/0/8]vrrp virtual-mac enable
[DC1-FW2]hrp interface GigabitEthernet 1/0/0 remote 10.1.23.2
HRP_S[DC1-FW2]security-policy
HRP_S[DC1-FW2-policy-security]rule name hrp
HRP_S[DC1-FW2-policy-security-hrp]source-zone local HA
HRP_S[DC1-FW2-policy-security-hrp]destination-zone local HA
HRP_S[DC1-FW2-policy-security-hrp]source-address 10.1.23.2 32
HRP_S[DC1-FW2-policy-security-hrp]source-address 10.1.23.3 32
HRP_S[DC1-FW2-policy-security-hrp]destination-address 10.1.23.2 32
HRP_S[DC1-FW2-policy-security-hrp]destination-address 10.1.23.3 32
HRP_S[DC1-FW2-policy-security-hrp]action permit
HRP_S[DC1-FW2-policy-security-hrp]quit
HRP_S[DC1-FW2-policy-security]quit
HRP_S[DC1-FW2]
6.4.4
DC1-FW1 DC1-FW2 HRP
HRP_A[DC1-FW1]security-policy
HRP_A[DC1-FW1-policy-security]rule name HTTP_IN
HRP_A[DC1-FW1-policy-security-hrp]source-zone untrust
HRP_A[DC1-FW1-policy-security-hrp]destination-zone trust
HRP_A[DC1-FW1-policy-security-hrp]service https
HRP_A[DC1-FW1-policy-security-hrp]action permit
HRP_A[DC1-FW1-policy-security-hrp]quit
HRP_A[DC1-FW1-policy-security]quit
HRP_A[DC1-FW1]
6.5
DC1-CS
#
vlan batch 123 231
#
acl number 3000
rule 5 permit ip destination 192.168.60.0 0.0.0.255
#
traffic classifier in type or
if-match acl 3000
#
traffic behavior in
redirect nexthop 10.1.123.254
#
traffic policy in
classifier in behavior in precedence 5
#
interface vlanif 123
ip address 10.1.123.1 24
#
interface vlanif 231
ip address 10.1.231.1 24
#
2016-10-11 , 69 , 134

undo portswitch
ip address 10.1.15.1 255.255.255.0
traffic-policy in inbound
#
undo portswitch
ip address 10.1.51.1 255.255.255.0
traffic-policy in inbound
#
port trunk allow-pass vlan 123 231
#
#
area 0.0.0.1
network 10.1.123.1 0.0.0.0
#
VS1
#
vlan batch 123 231
#
port link-type access
port default vlan 123
#
#
#
VS2
#
vlan batch 123 231
#
#
#
#
DC1-FW1
#
hrp enable
hrp interface GigabitEthernet0/0/1 remote 10.1.23.3
#
2016-10-11 , 70 , 134

sysname DC1-FW1
#
alias GE0/MGMT
ip address 172.21.21.4 255.255.0.0
#
ip address 10.1.23.2 255.255.255.0
#
link-group 1
ip address 10.1.123.2 255.255.255.0
vrrp vrid 1 virtual-ip 10.1.123.254 active
hrp track active
#
link-group 1
ip address 10.1.231.2 255.255.255.0
hrp track active
#
interface Loopback0
ip address 10.1.1.2 255.255.255.0
#
firewall zone local
set priority 100
#
firewall zone trust
set priority 85
add interface GigabitEthernet2/0/9
#
firewall zone untrust
set priority 5
#
firewall zone name HA
set priority 10
#
ip service-set OSPF type object
service 0 protocol 89
#
ospf 1
area 0.0.0.1
network 10.1.123.2 0.0.0.0
#
ip route-static 192.168.60.0 255.255.255.0 10.1.231.1 preference 5
#
security-policy
rule name hrp
source-zone HA
source-zone local
destination-zone HA
destination-zone local
source-address 10.1.23.2 32
destination-address 10.1.23.2 32
action permit
rule name HTTP_IN
source-zone untrust
destination-zone trust
service https
action permit
rule name ospf
source-zone local
source-zone untrust
destination-zone untrust
service ospf
action permit
#
2016-10-11 , 71 , 134

DC1-FW2
#
hrp enable
hrp interface GigabitEthernet0/0/1 remote 10.1.23.2
#
sysname DC1-FW2
#
alias GE0/MGMT
ip address 172.21.21.3 255.255.0.0
#
ip address 10.1.23.3 255.255.255.0
#
link-group 1
ip address 10.1.123.3 255.255.255.0
vrrp vrid 1 virtual-ip 10.1.123.254 standby
hrp track active
#
link-group 1
ip address 10.1.231.3 255.255.255.0
hrp track active
#
firewall zone local
set priority 100
#
firewall zone trust
set priority 85
#
firewall zone untrust
set priority 5
#
firewall zone name HA
set priority 10
#
ip service-set OSPF type object
service 0 protocol 89
#
ospf 1
area 0.0.0.1
network 10.1.123.3 0.0.0.0
#
ip route-static 192.168.60.0 255.255.255.0 10.1.231.1 preference 5
#
security-policy
rule name hrp
source-zone HA
source-zone local
destination-zone HA
action permit
rule name HTTP_IN
source-zone untrust
destination-zone trust
service https
action permit
rule name ospf
source-zone local
source-zone untrust
destination-zone untrust
service ospf
2016-10-11 , 72 , 134

action permit
#
2016-10-11 , 73 , 134

7 VXLAN
7.1
VXLAN
VXLAN
7.2
7.2-1 VXLAN
7.3
1 Loopback
2 VXLAN
3 VXLAN
4 VXLAN
7.4
7.4.1 Loopback
2016-10-11 , 74 , 134

DC2-CS1 DC2-CS2 IP OSPF

DC2-AS
DC2-CS1
[*DC2-CS1] interface loopback 1

[*DC2-CS1-Loopback1]ip address 10.2.1.10 32
[*DC2-CS1-Loopback1]quit
[*DC2-CS1] ospf
[*DC2-CS1-ospf-1] area 0
[*DC2-CS1-ospf-1-area-0.0.0.0] network 10.2.1.10 0.0.0.0
[*DC2-CS1-ospf-1-area-0.0.0.0] quit
[*DC2-CS1-ospf-1] quit
[*DC2-CS1] commit
DC2-CS2
[*DC2-CS2] interface loopback 1

[*DC2-CS2-Loopback1]ip address 10.2.1.10 32
[*DC2-CS2-Loopback1]quit
[*DC2-CS2] ospf
[*DC2-CS2] commit
7.4.2
NVO3 ACL DC2-CS2 DC2-AS

DC1-CS1
[~DC2-CS1] ip tunnel mode vxlan

[*DC2-CS1] assign forward nvo3 acl extend enable
[*DC2-CS1] commit
NVO3 ACL

7.4.3 VXLAN
DC2-AS
[~DC2-AS] bridge-domain 10
[*DC2-AS-bd10] vxlan vni 5000
[*DC2-AS-bd10] quit
[*DC2-AS] interface nve 1
[*DC2-AS-Nve1] source 10.2.1.4
[*DC2-AS-Nve1] vni 5000 head-end peer-list 10.2.1.10
[*DC2-AS-Nve1] quit
[*DC2-AS] commit
DC2-CS1
[~DC2-CS1] bridge-domain 10
[*DC2-CS1-bd10] vxlan vni 5000
[*DC2-CS1-bd10] quit
[*DC2-CS1] interface nve 1
[*DC2-CS1-Nve1] source 10.2.1.10
[*DC2-CS1-Nve1] vni 5000 head-end peer-list 10.2.1.3
2016-10-11 , 75 , 134

[*DC2-CS1-Nve1] quit
[~DC2-CS1] interface eth-trunk 2
[*DC2-CS1-Eth-Trunk1] service type tunnel
[*DC2-CS1] interface 10ge 1/0/24
[*DC2-CS1-10GE1/0/24] eth-trunk 1
[*DC2-CS1-10GE1/0/24] quit
[*DC2-CS1] commit
DC2-CS2
[~DC2-CS2] bridge-domain 10
[*DC2-CS2-bd10] vxlan vni 5000
[*DC2-CS2-bd10] quit
[*DC2-CS2] interface nve 1
[*DC2-CS2-Nve1] source 10.2.1.10
[*DC2-CS2-Nve1] vni 5000 head-end peer-list 10.2.1.3
[*DC2-CS2-Nve1] quit
[~DC2-CS2] interface eth-trunk 2
[*DC2-CS2-Eth-Trunk1] service type tunnel
[*DC2-CS2] interface 10ge 1/0/24
[*DC2-CS2-10GE1/0/24] eth-trunk 1
[*DC2-CS2-10GE1/0/24] quit
[*DC2-CS2] commit
display vxlan tunnel VXLAN DC2-CS1

[~DC2-CS1] display vxlan vni

Number of vxlan vni : 3
VNI BD-ID State
---------------------------------------
5000 10 up
[~DC2-CS1] display vxlan tunnel

Number of vxlan tunnel : 3
Tunnel ID Source Destination State Type
--------------------------------------------------------------
4026531842 10.2.1.10 10.2.1.3 up static
VM VLAN700 ToR
[~DC2-AS] vlan 700

[*DC2-AS-vlan10] quit
[*DC2-AS] bridge-domain 10
[*DC2-AS-bd10] l2 binding vlan 700
[*DC2-AS-bd10] quit
[*DC2-AS] commit
7.5
VXLAN
[~DC2-CS1] interface vbdif 10

[*DC2-CS1-Vbdif10] ip address 192.168.10.1 24
[*DC2-CS1-Vbdif10] mac-address 0000-5e00-0101
[*DC2-CS1-Vbdif10] quit
[*DC2-CS1] commit
[~DC2-CS2] interface vbdif 10

[*DC2-CS2-Vbdif10] ip address 192.168.10.1 24
[*DC2-CS2-Vbdif10] mac-address 0000-5e00-0101
[*DC2-CS2-Vbdif10] quit
[*DC2-CS2] commit
2016-10-11 , 76 , 134

DC2-CS1 DC2-CS2
NVE IP BDIF IP MAC
DC2-CS1
[~DC2-CS1] dfs-group 1
[*DC2-CS1-dfs-group-1] source ip 10.2.1.1
[*DC2-CS1-dfs-group-1] active-active-gateway
[*DC2-CS1-dfs-group-1-active-active-gateway] peer 10.2.1.2
[*DC2-CS1-dfs-group-1-active-active-gateway] quit
[*DC2-CS1] commit
DC2-CS1
[*DC2-CS1] ospf
[*DC2-CS1] commit
DC2-CS2
[~DC2-CS2] dfs-group 1
[*DC2-CS2-dfs-group-1] source ip 10.2.1.2
[*DC2-CS2-dfs-group-1] active-active-gateway
[*DC2-CS2-dfs-group-1-active-active-gateway] peer 10.2.1.1
[*DC2-CS2-dfs-group-1-active-active-gateway] quit
[*DC2-CS2] commit
DC2-CS2
[*DC2-CS2] ospf
[*DC2-CS2] commit
7.6
display dfs-group 1 active-active-gateway DFS

Group DC2-CS1
[~DC2-CS1] display dfs-group 1 active-active-gateway

A:Active I:Inactive
-------------------------------------------------------------------
Peer System name State Duration
10.2.1.2 DC2-CS1 A 0:0:8
7.7
DC2-CS1
#
assign forward nvo3 acl extend enable
2016-10-11 , 77 , 134

#
dfs-group 1
source ip 10.2.1.1
#
active-active-gateway
peer 10.2.1.2
#
ip tunnel mode vxlan
#
bridge-domain 10
vxlan vni 5000
#
interface eth-trunk 2
service type tunnel
#
interface Vbdif10
ip address 192.168.10.1 255.255.255.0
mac-address 0000-5e00-0101
#
interface 10ge1/0/24
eth-trunk 1
#
interface 40GE1/0/1
undo portswitch
ip address 10.2.13.1 255.255.255.0
#
interface 40GE1/0/5
undo portswitch
ip address 10.2.12.1 255.255.255.0
#
interface LoopBack0
ip address 10.2.1.1 255.255.255.255
#
interface LoopBack1
ip address 10.2.1.10 255.255.255.255
#
interface Nve1
source 10.2.1.10
vni 5000 head-end peer-list 10.2.1.3
#
ospf 1
area 0.0.0.0
network 10.2.12.1 0.0.0.0
network 10.2.13.1 0.0.0.0
network 10.2.1.1 0.0.0.0
network 10.2.1.10 0.0.0.0
network 192.168.10.1 0.0.0.0
#
return
DC2-CS2
#
#
dfs-group 1
source ip 10.2.1.2
#
active-active-gateway
peer 10.2.1.1
#
#
bridge-domain 10
vxlan vni 5000
#
interface eth-trunk 2
service type tunnel
#
interface Vbdif10
ip address 192.168.10.1 255.255.255.0
mac-address 0000-5e00-0101
#
2016-10-11 , 78 , 134

interface 10ge1/0/24
eth-trunk 1
#
interface 40GE1/0/1
undo portswitch
ip address 10.2.23.2 255.255.255.0
#
interface 40GE1/0/5
undo portswitch
ip address 10.2.12.2 255.255.255.0
#
interface LoopBack0
ip address 10.2.1.2 255.255.255.255
#
interface LoopBack1
ip address 10.2.1.10 255.255.255.255
#
interface Nve1
source 10.2.1.10
#
ospf 1
area 0.0.0.0
network 10.2.12.2 0.0.0.0
network 10.2.23.2 0.0.0.0
network 10.2.1.2 0.0.0.0
network 10.2.1.10 0.0.0.0
network 192.168.10.1 0.0.0.0
#
return
DC2-AS
#
#
vlan batch 700
#
#
bridge-domain 10
l2 binding vlan 700
vxlan vni 5000
#
interface 10GE1/0/1
port trunk allow-pass vlan 2 to 4094
#
interface 10GE1/0/2
#
interface 10GE1/0/3
#
interface 10GE1/0/4
#
interface 10GE1/0/5
#
interface 10GE2/0/1
2016-10-11 , 79 , 134

#
interface 10GE2/0/2
#
interface 10GE2/0/3
#
interface 10GE2/0/4
#
interface 10GE2/0/5
#
interface 40GE1/0/1
undo portswitch
ip address 10.2.13.3 255.255.255.0
#
interface 40GE2/0/1
undo portswitch
ip address 10.2.23.3 255.255.255.0
#
interface LoopBack0
ip address 10.2.1.3 255.255.255.255
#
interface Nve1
source 10.2.1.3
#
ospf 1
area 0.0.0.0
network 10.2.13.3 0.0.0.0
network 10.2.23.3 0.0.0.0
network 10.2.1.3 0.0.0.0
#
Return
2016-10-11 , 80 , 134

8 eSight
8.1
eSight
SNMP
eSight
8.2
8.2-1 eSight
8.3
1 SNMP
2 eSight
3 eSight
4 eSight
8.4
8.4.1 SNMP
SNMPv2 Trap

2016-10-11 , 81 , 134

SNMPv2 Huawei123 Huawei456Trap

Huawei@123
IP IP
DC1-CS 172.21.21.14 DC1-FW2 172.21.21.3
DC1-AS 172.21.21.6 VS1 172.21.21.29
DC2-CS1 172.21.21.17 VS2 172.21.21.30
DC2-CS2 172.21.21.16 DC1-Router 172.21.21.2
DC2-AS 172.21.21.80 DC2-Router 172.21.21.15
DC1-FW1 172.21.21.4
DC1-CS DC1-CS
[*DC1-CS] snmp-agent
[*DC1-CS] snmp-agent community read cipher Huawei@123
[*DC1-CS] snmp-agent community write cipher Huawei@456
[*DC1-CS] snmp-agent sys-info version v2c
[*DC1-CS] snmp-agent target-host trap address udp-domain 16.1.1.15 params
securityname cipher Huawei@123
[*DC1-CS] snmp-agent trap source MEth0/0/0/0
[*DC1-CS] snmp-agent trap enable
[*DC1-CS] commit
DC1-Router DC2-Router DC1-Router
[DC1-Router] snmp-agent community read Huawei@123

[DC1-Router] snmp-agent community write Huawei@456
[DC1-Router] snmp-agent sys-info version v2c
[DC1-Router] snmp-agent target-host trap-hostname eSight address
16.1.1.15 udp-port 162 trap-paramsname Huawei@123
[DC1-Router] snmp-agent target-host trap-paramsname hello v2c
securityname Huawei@123
[DC1-Router] snmp-agent trap source GigabitEthernet0/0/0
[DC1-Router] snmp-agent trap enable
[DC1-Router] snmp-agent
DC1-FW1 DC1-FW2 DC1-FW1
[DC1-FW1] snmp-agent
[DC1-FW1] snmp-agent community read Huawei@123
[DC1-FW1] snmp-agent community write Huawei@456
[DC1-FW1] snmp-agent sys-info version v2c
[DC1-FW1] snmp-agent target-host trap address udp-domain 16.1.1.15 params
securityname Huawei@123
[DC1-FW1] snmp-agent target-host trap address udp-domain 16.1.1.15 params
securityname Huawei@123 v2c
[DC1-FW1] snmp-agent trap source GigabitEthernet0/0/0
[DC1-FW1] snmp-agent trap enable
8.4.2 eSight SNMP

2016-10-11 , 82 , 134

1->->SNMP ,-> SNMP

2 HCIE V2CTrap
Huawei@123
3->
2016-10-11 , 83 , 134

4 IP 172.21.21.1-172.21.21.80 Root
SNMP HCIE
2016-10-11 , 84 , 134

5->->
8.4.3 eSight
eSight
+
HCIE

Top N CPU
Top N
Top N
Top N

2016-10-11 , 85 , 134

8.4.4 eSight
eSight eSight
Web

->-> CPU

2016-10-11 , 86 , 134

CPU
2016-10-11 , 87 , 134

2016-10-11 , 88 , 134

2016-10-11 , 89 , 134

LUN LUN
LUN V3
admin
1. IP S5300T V3
LUN
2.
LUN
LUN
LUN LUN

3. LUN LUN
LUN LUN02_DC1 600G
SmartThin

NOTE: SmartThin Thin LUN
LUN LUN

4.
2016-10-11 , 90 , 134

5. SmartTier SmartQos

6. LUN
7.
2016-10-11 , 91 , 134

8. LUN
LUNGroup003_DC1 LUN02_DC1,
LUN
9. LUN LUN
10.
2016-10-11 , 92 , 134

11.
12. Linux

13. FC(
) WWN
2016-10-11 , 93 , 134

14.
15.
16.
2016-10-11 , 94 , 134

17.

HostGroup002_DC01
Host002_DC_1_H01 Host002_DC_1_H02
HostGroup002_DC01
2016-10-11 , 95 , 134

10
1. LUN LUN
--
2.
3. Pair
Metro()
4. 600G LUN
600G LUN LUN

2016-10-11 , 96 , 134

LUNv Pair
5. ()

6.
2016-10-11 , 97 , 134

7. LUN 20-30

8. LUN

9.
LUN LUN

2016-10-11 , 98 , 134

10.
11.
12.
2016-10-11 , 99 , 134

11 FusionCompute
1. FusionCompute
admin
DC1_Branch DC2_HQ

2.
3. 600G LUN
2016-10-11 , 100 , 134

4. DC1_Branch DC2_HQ 600G
5.
6. 600G LUN
7. fcsan

2016-10-11 , 101 , 134

8. DC1_Branch DC2_HQ

9. fcsan
2016-10-11 , 102 , 134

12 FusionSphere OpenStack CPS
1. FusionCompute FusionSphere OpenStack

CPS
admin FusionSphere OpenStack CPS

2.
HUAWEI +
3. +
DC1_Branch
2016-10-11 , 103 , 134

4.
5. az1.dc
2016-10-11 , 104 , 134

6.
7.
FusionCompute fcsan
8.
2016-10-11 , 105 , 134

9.
2016-10-11 , 106 , 134

13 FusionSphere OpenStack
FusionSphere OpenStack CPS FusionSphere

OpenStack
cloud_admin FusionSphere OpenStack
FusionSphere123
10.
DC01 az1.dc
DC02
11.
12. DC01
2016-10-11 , 107 , 134

fc-nova-compute
13. DC02
14. DC01 DC1=1

DC02 2
15.
16.
2016-10-11 , 108 , 134

17.

DC=1
18. DC02
2016-10-11 , 109 , 134

19.
20.
21. VPC
Net01
2016-10-11 , 110 , 134

22. Net01 Net01
23. DC2
2016-10-11 , 111 , 134

2016-10-11 , 112 , 134

14 VDC/VPC
1. cloud_adminFusionSphere123
ManageOne SC VDCVDC VDC
2. VDC

3. DC_Service
2016-10-11 , 113 , 134

4. vdc
5. VDC
VDC VDC01
6. vdc01admin
vdc01user
vdc01admin
vdc01user
2016-10-11 , 114 , 134

7. ManageOne SC ( ManageOne SC
web ) VDC vdc01admin VPC
8. VPC VPC
9.
2016-10-11 , 115 , 134

10.
11. VPC
2016-10-11 , 116 , 134

15
1.
ManageOne vdc01user
vdc01admin

ManageOne SC cloud_admin
FusionSphere123

2.

VDC
3.
2016-10-11 , 117 , 134

4.
5.
6.
7. Cloud_VM
2016-10-11 , 118 , 134

8. Cloud_VM
9. vdc01user ManageOne SC
10. Cloud_VM
2016-10-11 , 119 , 134

11. Windows
12. DC01
13. Net01
14. :DC1_VM01

2016-10-11 , 120 , 134

15.
16. vdc01admin ManageOne SC

17.
18.
2016-10-11 , 121 , 134

19. vdc01user
20. DC02 Net02

DC2_VM01
FusionCompute
2016-10-11 , 122 , 134

21.
22. ManageOne SC
23. VNC
2016-10-11 , 123 , 134

24.

25. Easywebsvr
Easywebsvr
2016-10-11 , 124 , 134

26.
27. C:\
28.
2016-10-11 , 125 , 134

29.
30.
31. C
2016-10-11 , 126 , 134

2016-10-11 , 127 , 134

16
1. OceanStor eBackup ebackup admin

2. FusionCompute eBackup

3. ebackup

2016-10-11 , 128 , 134

4. ebackup
FusionSphere+
5. FusionCompute IP ebackup

2016-10-11 , 129 , 134

6.
7. DC1_VM01

NFS NFS
OceanStor eBackup ebackup

8.
NFS
2016-10-11 , 130 , 134

9. store
10.
11. -- backup
DC1_VM01
2016-10-11 , 131 , 134

12.
Policy
13.
backup_play
2016-10-11 , 132 , 134

14. backup
15. Policy
16. store
17.

2016-10-11 , 133 , 134

18.
19.
2016-10-11 , 134 , 134

(http://learning.huawei.com/cn
1e-learning /
HCNAHCNPe-Learning
HCIEHCIEe-Learning
HCIE Learning@huawei.com
2
+
/
3(LVC)
UC&C
LVC
4
eNSP
WLAN PlannerAP
eDesk
HedEx Lite
,

HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential 1

HCIE-DC Lab Exercise Chinese Only 136 Pages 20160922

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

HCIE-DC Lab Exercise Chinese Only 136 Pages 20160922

Uploaded by

Copyright:

Available Formats

(http://learning.huawei.

HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential 1

2.4 iStack ..............................................................................................12

2.5 CSS .................................................................................................16

2.7 Eth-trunk .................................................................................................28

5.5 Trill M-LAG .........................................................................................52

5.7 OSPF .............................................................................................................54

5.8 BGP ...............................................................................................................57

11 FusionCompute ....................................................................................... 100

12 FusionSphere OpenStack CPS ...................................................................... 103

13 FusionSphere OpenStack ............................................................................... 107

14 VDC/VPC ........................................................................................................ 113

USG 6370 2 V200R001C00SPC300

FusionSphere OpenStack V100R005C10

1 iStack iStack DAD

2 CSS CSS DAD

stack renumber new-member-id [ inherit-config ]

TOR-1 40GE1/0/540GE1/0/6 1/1

[~TOR-1] interface stack-port 1/1

TOR-2 40GE1/0/540GE1/0/6 1/1

[~TOR-2] interface stack-port 1/1

display stack configuration

<TOR-1> display stack configuration

Stack-Port1/1 40GE1/0/5 40GE1/0/6

<TOR-1> display stack

<TOR-1> display stack topology

<TOR-1>dis stack configuration

System Forwarding Model:

CS1 10GE1/0/0 10GE2/0/0

[~CS1] port-group group1

[*CS1-Stack-Port1] port member-group interface 10ge 1/0/0

display stack configuration

<CS1> display stack configuration

Current configuration will be converted to the next startup

<CS1> display stack

<CS1>display stack topology

Stack Management Topology:

<CS1>display stack configuration

2.5.8 CSS DAD

CS1 CS2 10GE1/0/5

Excluded ports(can not be configured):

vs1 vs2 vs1 vs2

1-1 CS1 CS2 CSS

VS VS1 VS2 port VS1

[CS1]dis device port-map slot 1/1

[*CS1-admin-VS:VS1] port-mode port

Template-VS VS1 VS2 VS1

[~CS1-admin] display virtual-system name VS1 verbose

2/5#flash:/VS_VS1: 0%, 16/3212276 (Used Kbytes/Max Kbytes)

[~CS1-admin] display virtual-system name VS2 verbose

<DC1-CS1>switch virtual-system VS1

<DC1-CS1>switch virtual-system VS2

Microsoft Windows [Version 6.1.7601]

user privilege level 3

[~CS1] interface eth-trunk 10

[~AS] interface eth-trunk 10

[~CS1] interface eth-trunk 10

display eth-trunk membership trunk-id

<CS1> display eth-trunk membership 10

Interface 10GE1/1/0/13, valid, operate up, weight=1

<CS1> display eth-trunk 10

10GE2/1/0/13 32768 384c-4f0b-6a61 32768 3 2625

RB1 RB2 RB3

Warning: Now the configuration on the device is being deleted.