Huawei Bootcamp Notes

wireshark

Switches generate multiple collision domains and one broadcast domain. 24 ports, 24
collision domains. S5700. core switches, edge switch. ARP manages Mac learning of
connected devices. packet switching.

Router - gateway between networks, generate broadcast domains. AR2200. Few Lan
ports.

VRP

Platform for networking products:

-routinng, switching

v5 & 8 in common use.

Console ports: miniUSB (drivers), LAN

Connection properties:

-baud rate 9600, data bits, parity, stop bits, flow control

-Login credentials for security

Ethernet- communication protocol. uses frames, MAC address.

ARP: Resolving mac addresses to forward frames to the right comps.

Broadcast storm: destination device unknown.

Gateway separates broadcast domains. Gateway isolates broadcast storms. Does not
allow storms from one network to another.

A router physical interface can be divided into several virtual sub interfaces.

10.0.13.0 - network address x.x.x.1-x.x.x.254 usable addresses. 255- broadcast ip.

CLI command views: user, system, interface, protocol

sysname Nairobi

undo sysname
 display current

ctrl+z/quit

save

interface gigabit/fast ethernet 0/0/0

ip address 10.0.13.1 24 or 32 to save ip

display this

ping 10.0.13.2 test connection to mombasa

display startup - checking an updated software

loopback interface

static routing

ip route-static ?

Nairobi router configuration:

interface gigabit/fast ethernet 0/0/0 -> ip address 10.0.13.1 24

loopback interface -> ip address 1.1.1.1 32

ip route-static 2.2.2.2 32 10.0.13.2 // configuring nairobi router to ping the loopback

interface of mombasa router

gateway address (next hop) - the address of the destination router

gigabit ethernet interface - the exit interface router (sending router)

ip route-static 1.1.1.1 32 10.0.13.1 (gateway address)

HOMEWORK:

The use of loopback interface?

VLAN?

IP subnetting?
DAY 2: NOTES

Logical grouping of hosts not limited to physical location. VLAN broadcast groups
separated by routers. A switch can produce several logical broadcast domains instead of
one.

Establishes extra logical broadcast domains on a switch. i.e. logical isolation of traffic at
the data link layer.

A VLAN tag is inserted into a frame to help distinguish frames from each VLAN. Has a
VLAN Id. Default VLAN 1.

The switch adds tags to frames.

Frames sent to another VLAN are discarded by the switch.

Link types: Trunk and Access.

Trunk - transmission of VLAN traffic between switches. Passes more than one VLAN.

Access - connect to user devices. Has only one untagged VLAN. Computers connected to
the same VLAN on a switch don't have to tag their frames to communicate.

Port VLAN ID(PVID)- The default VLAN for each interface. Set default VLAN 1 for all
ports.

Access ports remove VLAN tags bfore forwarding.

With 2 switches configured say VLAN 10, A comp sending a frame via VLAN 20 , has
its frame tagged in order to pass via this trunk link.

Hybrid ports defined as either tagged or untagged. Thus VLAN communication can be
defined on a port by port basis.

e.g. VoIP phones ( given priority). from switch access port to phone from phone to comp.
Phone VLAN 10, Comp VLAN 20. The phone frames are tagged but those from the
comp are untagged.

Port one untagged VLAN.

Vlan assignment methods:

-Port based (default - most common), Mac address based, Ip subnet based, Protocol
based, Policy based (combination).
step 1 for switch 1

define the vlan: vlan 10

define the vlan: vlan batch 2 to 9

step 2 for switch 1

define the gigabitethernet 0/0/2 as access: port link-type access

configure it to vlan 10 default: port default vlan 10

while in the system view log into vlan 10 interface in order to give the description:
description VOIP_vlan

define the gigabitethernet 0/0/3 as access: port link-type access

configure it to vlan 5 default: port default vlan 5

while in the system view log into vlan 5 interface in order to give the description:
description data_vlan

step 3 for switch 1

define the gigabitethernet 0/0/1 as trunk: port link-type trunk

configure it to allow vlan 5 and vlan 10: port trunk allow-pass vlan 5 10

while in the system view log into vlan 5 interface in order to give the description:
description both data_vlan and VOIP_vlan pass through

Do the same for switch 2

Command to check VLANs configured on interfaces: display port vlan

Step 4 for the PCs

Click on each PC then enter the ip address and subnet mask for each.

PC 11 (in VLAN 10): 192.168.0.2 255.255.255.0

PC 12 (in VLAN 5): 192.168.1.2

PC 13 (in VLAN 10): 192.168.0.3 255.255.255.0

PC 14 (in VLAN 5): 192.168.1.3

Now Ping the computers in the same and different VLAN and notice the difference. The
VLAN 10 comps can reach each other but different VLANs are unreachable to one
another.

INTERFACE UNDER VLAN???

DEFINING HYBRID PORT

By default hybrid ports.

has at least 2 vlans running.

An huawei hybrid port can allow more than one untagged VLAN frame.

Best suited for access ports.

VOIP and AP can be configured to tag frames by themselves.

voice vlan

distinguishes, isolates and prioritizes voice traffic over service traffic for quality of
service assurance.

CONFIGURE HYBRID==

Hub: receives and broadcasts packets while a switch is intelligent, it broadcasts on a first
time basis, then learns the mac addresses of devices afterwards. Has a mac address table.
This minimises the bandwidth and resources consumed in the network.

Without a router, no matter the number of switches, there is only one broadcast domain.

A router links different VLANs.

With routing loops, it is possible to create redundancy and ensure that packets find an
alternative route when a network link is broken.

Otherwise when a loop may cause a broadcast storm.

VLAN ROUTING

It is impossible to perform inter VLAN routing without an additional layer 3 device.

A single VLAN trunk supports different VLANs through subinterfaces.

Router-on-a-stick: A physical interface of a router split into several sub interfaces. i.e. 2
IPs for the same interface to allow different VLANs.

Router

interface GigabitEthernet0/0/0.1
dot1q termination vid 5
ip address 192.168.2.254 255.255.255.0

interface GigabitEthernet0/0/0.2
dot1q termination vid 10 -> defining a trunk port
ip address 192.168.3.254 255.255.255.0

switch

interface GigabitEthernet0/0/3
port link-type access
port default vlan 10
interface GigabitEthernet0/0/2
port link-type access
port default vlan 5

interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 5 10

pc

pc2:
Then ping PC1 from PC2.
Layer 2

DAY 3 NOTES:
STP
Redundancy in a switching network minimizes connection failure but there are potential
loops.
Such loops cause broadcast storms and duplicated frames to be received by end stations.
Also causes intability of mac address tables.
To solve this the redundant links are blocked logically.
Has 5 states.
Election of a root bridge:

The start point is the bridge ID (16 bit bridge priority and 48 bit mac address).
This BID can be changed to force a switch with a higher mac address to be appointed as
the root bridge. spans from 0 - 32768. The switch with the lowest BID is elected as the
root bridge.
configuration BPDU for convergence to elect the root bridge. TCN BPDU
Path cost and RPC.
Port roles: root, designated, alternate, backup, disabled
PORT ID: Final means of realising port roles after BID and RPC has been tested.
TIMERs.
Port role establishment process: BID and RPC are used.
Root failure.
Direct
Switch 1 configuration: Primary switch (both interfaces forwarding)
sysname S1
stp mode stp
stp root primary
View the above configurations set: di cu
display stp brief

Switch 2 configuration: secondary switch (1 interfaces forwarding, other discarding.

After shutting down the forwarding interface, the discarding interface changes to
learning mode)
sysname S1
stp mode stp
stp root primary
di cu
display stp brief

After shutting down the forwarding interface g0/0/1

after forward delay timer elapses, g0/0/2 starts forwarding.

To view the stp status of a port: display stp int g0/0/2

RSTP
Has 3 states: discarding, learning and forwarding. Has a faster convergence speed.
undo stp mode
undo stp root
stp mode rstp
di cu
dis stp bri

inside the interface g0/0/1: undo shutdown

SW1: root bridge

di stp
di stp bri

SW2: non-root bridge

di stp
di stp bri

port g0/0/1 is forwarding because it's a root port.

port g0/0/2 is discarding because it's an alternate/backup port.

This is the non root bridge, if i shut down the forwarding interface i.e. interface g0/0/1,
the interface g0/0/2 immediately begins forwarding. After bringing the interface g0/0/1
online again, it picks up the role of root port and begins forwarding once more.

IP Routing
outgoing interface

next hop

default route: 0.0.0.0

Protocol - route

Preference - smallest value

Cost - smallest cost

RIP cant run IPv6. Distance vector hop based (15 hops). For small network.

OSPF: Dependent on cost, speed.

Static routing: Manually configured by an admin. preferred for small networks.

Routing protocols: Used for large networks. RIP, RIPv2, OSPF, BGP, EIGRP, ISIS.

Routers forward packets based on routing tables and Forwarding information base (FIB).
Routing tables: Aid in selection of routes

FIB: Forward packets.

Most routers know their outgoing interface but not the next hop. Some select few routers
can ping their gateway/next hop and discover its address.

Routing decisions:

·0 Longest match: A router performs an AND operation on the destination address of

the packet and the network mask of each entry in the FIB table. It then compares
the result of the operation with entries in the FIB table to find a match.

·1 Preference:

With multiple routing info sources, the route with the highest preference (smallest
value) is selected as the optimal route.
·2 Cost Metric: Length of a path to a destination network. Each segment provides its
cost value. The cost can also be determined by the bandwidth.
 Practical: Ip routing

AR1:
sysname Nairobi

interface loopback 0
ip address 192.168.1.1 24

int g0/0/0
ip address 10.10.0.1 24

AR2:
sysname Mombasa
int g0/0/0
ip address 10.10.0.2 24

int g0/0/1
ip address 192.168.2.1 24

The PC is also assigned an IP address 192.168.2.2

Our aim in this exercise it to successfully ping the loopback interface 0 of AR1
(192.168.1.1). A ping will only be possible if a packet can be sent from the PC to the
loopback and back to the PC successfully.

Stepwise, this will be achieved in this manner:

We first ping to the address of int g0/0/1 of AR2 (192.168.2.1) to establish

that this direct route is OK.
Secondly, we then try to ping the address of the outgoing interface of
the PC i.e. the interface g0/0/0 of AR2 (10.10.0.2). This one will fail
if we have not keyed in the gateway address (192.168.2.1) into the PC
gateway address configuration. If it has been set, it succeeds.

As seen in the caption below, the gateway has already been configured,
therefore a ping test done thereafter succeeds.

The result of pinging interface g0/0/0 from the PC.

Next we have to ping we have to configure a static route from the
network segment 192.168.1.0 to its next hop, which is the interface
g0/0/0 of AR1 (IP 10.10.0.1) This is shown below.

After establishing this route, a ping test to the loopback interface will not be successful
because there is no route back to the the PC. The unsuccessful ping of the loopback
interface is shown below:

To solve this particular problem, we shall have to configure another static route from the
loopback interface where we have reached so far to its next hop address 10.10.0.2 (int
g0/0/0 of AR2). This is inside the Nairobi router, AR1 Command Line Interface.

Now, if we try to ping, it will be successful:

OSPF
Router 1/AR1/R1

[Huawei]sysname R1

[R1]interface loopback 0

[R1-LoopBack0]ip address 10.0.1.1 24

[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip address 10.0.13.1 24

[R1]int g0/0/1
[R1-GigabitEthernet0/0/1]ip address 10.0.12.1 24

Router 2/AR2/R2

[Huawei]sysname R2

[R2]interface loopback 0
[R2-LoopBack0]ip address 10.0.2.2 24

[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip address 10.0.12.2 24

Router 3/AR3/R3

sysname R3

[Huawei]interface loopback 0
[Huawei-LoopBack0]ip address 10.0.3.3 24

[Huawei]interface loopback 2
[Huawei-LoopBack2]ip address 172.16.0.1 24

[Huawei-LoopBack2]int g0/0/0
[Huawei-GigabitEthernet0/0/0]ip address 10.0.13.3 24

Configure OSPF
OSPF areas can be a min of 1. Several overlapping areas are used in
order to update their link status databases. In a case like ours where
one area is used, the networks to be covered by the OSPF are defined.

In these configurations, we use the ip address of loopback interfaces 0

of routers 1, 2 and 3 as the ospf ids.
Then we define the ospf areas for each of them and then declare the
network segment as below as belonging to the created to the ospf areas.

Router 1
[R1]ospf 1 router-id 10.0.1.1
[R1-ospf-1]area 0

[R1-ospf-1-area-0.0.0.0]network 10.0.1.0 0.0.0.255

[R1-ospf-1-area-0.0.0.0]network 10.0.13.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 10.0.12.0 0.0.0.255

Router 2
[R2]ospf 1 router-id 10.0.2.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 10.0.2.0 0.0.0.255
[R2-ospf-1-area-0.0.0.0]network 10.0.12.0 0.0.0.255
Router 3
[R3]ospf 1 router-id 10.0.3.3
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 10.0.3.0 0.0.0.255

[R3-ospf-1-area-0.0.0.0]network 10.0.13.0 0.0.0.255

ospf 1: For generating and synchronizing a single Link state database. By use of different
OSPF process IDs for each router, multiple LSDBs are created.

Area 0: Declares the area covered by the router.

network 10.0.1.0 0.0.0.255 : This advertises the network segment into area 0.

Adjacency between 2 routers is established when the "NeighbourCurrentState = Full"

Verification of OSPF configuration: confirming convergence is complete in R1, R2

& R3

To confirm that the routers are now automatically and dynamically learning the ip
addresses of indirect interfaces, we display the ip routing-table using the below
command:

In Router 1, enter the following command:

display ip routing-table //This command is entered in user view.
As seen in the diagram above, OSPF has learnt a route to router 3 interface address
10.0.13.3 and also learnt the route to address 10.0.12.2
Router 2 routing table
NB//: This router discovers the route to loopback interface 10.0.1.1, loopback interface
10.0.3.3 and the route to the network 10.0.13.0 through the next hop address 10.0.12.1
Router 3 routing table
NB//: This router discovers the route to loopback interface 10.0.1.1, loopback interface
10.0.2.2 and the route to the network 10.0.12.0 through the next hop address 10.0.13.1
from the link state database of router 2 with which it has an area overlap.
Next is to establish connectivity between R2 & R1, R2 & R3.
To do this, a ping test is done from R2.
First, ping the loopback interface 10.0.1.1 of router 1
Then, ping the loopback interface 10.0.3.3 of router 3:

When i ran the command display ospf peer in router 1, there is an adjacency between R2
& R1.
Even on trying the same command in R1, there is no neighbour relationship. There is
only a relationship with R3:

When i ran the command Display ospf peer brief gives this:

Run the Display ospf peer brief command on the other routers.
Checking the OSPF hello interval and dead interval:
From router 1 run: display ospf interface g0/0/0
From router 1 run: ospf timer hello 15 or ospf timer dead 60. If these times are not equal
for all routers in an area, the router with a different time intervals will not have its routes
seen by the others.

Advertising default routes in OSPF

Since the loopback interface 2 address 172.16.0.1 in router 3 was not part of the declared
network segments, when i try to ping it from Router 1, it will not work as seen below:

For us to reach this interface, the OSPF is configured to advertise default routes on
Router 3. This is done with the command below:
[R3]ip route-static 0.0.0.0 0.0.0.0 loopback 2
Then we log into OSPF process 1, in order to advertise the default route in it to the OSPF
area.
[R3]ospf 1
[R3-ospf-1]default-route-advertise

Now when we ping it again, it works:

HOMEWORK
advertisement of default routes in OSPF PAGE 113 ip 172.16.0.1/24??
Link status advertisement (LSA)
Link state database (LSDB)

DAY 4 NOTES:

HDLC

Output of PPP and HDLC , different passwords, no connection.

It is a serial tech utilised for WAN but is being replaced for the more reliable ethernet
technology.

Serial can operate in synchronous (clocked) and asychronous (data bytes or frames are
controlled by start and stop bits) modes.

HDLC configuration

Router 1

sysname R1

Router 2

sysname R1
Router 3

sysname R1

FRAME RELAY

Router 1

sysname S1

int s0/0/0

link-protocol fr

ip address

undo fr inarp

fr map ip 10.0.123.2 102 broadcast

fr map ip 10.0.123.3 103 broadcast

interface loopback 0

ip address 10.0.1.1 24