华为网络设备常用命令个人总结的一些华为命令删除设备配置resetsaved-configuration重启reboot看当前配置文件displaycurrent-configuration改设备名sysname保存配置save进入特权模式sysview华为只有2层模式不像ciscoenale之后还要conft定义aclaclnubmereXXXX(3000以上)进入以后rulepermit/den注意华为默认没有denyanyany防火墙上端口加载ACL[Quidway-Ethernet0/0]firewallpacket-filter3000inbound防火墙上新增加用户local-userXXX(用户名)passwordsimpleXXX(密码)local-userXXXservice-typeppp删除某条命令undo(类似与cisco的no)静态路由iproute-static0.0.0对vpdn用户设置acl的接口inte***ceVirtual-Template1查看路由表displayiprouting-table设定telnet密码user-inte***cevty04userprivilegelevel3setauthenticationpasswordsimpleXXX启动/关闭启动unshut关闭shut动态nat设置aclnumber3000inte***ceEthernet1/0description====To-Internet(WAN)====natoutbound3000ipsecpolicypolicy1利用acl来做符合acl的IP地址可以出去(注意此处的ACL隐含了denyanyany)不符合的IP地址不可以出去创建vlan[shzb-crsw-s6506-1]vlan100华为vlan不支持name将port放入vlan创建了vlan后进入vlan模式[shzb-crsw-s6506-1-vlan100]portGigabitEthernet1/0/1toGigabitEthernet1/0/8表示从G1/0/1到1/0/8放入VLAN100创建trunkinte***ceGigabitEthernet1/0/1duplexfullspeed1000*portlink-typetrunk*porttrunkpermitvlanallportlink-aggregationgroup1带*号的是创建trunk链路的语句vlan地址指定inte***ceVlan-inte***ce2descriptionservervrrpvrid2priority120vrrpvrid2preempt-modetimerdelay10其中vrrp语句指定vrrp类似与hsrp使用vrrp要注意的是华为不支持pvst只能一台完全是主,一台完全是备份在主vrrp设备上要指定stpinstance0rootprimarystpTC-protectionenablestpenable在从vrrp设备上要指定stpinstance0rootsecondarystpTC-protectionenablestpenable交换机下面绑acl首先进入接口模式,输入qos命令[shzb-crsw-s6506-1-GigabitEthernet1/0/1]qos在输入如下命令[shzb-crsw-s6506-1-qoss-GigabitEthernet1/0/1]packet-filterinboundip-group3000华为交换机只能指定inbound方向启用ospf[shzb-crsw-s6506-1]ospf100[shzb-crsw-s6506-1-ospf-100]area0[shzb-crsw-s65配置ospf重发布[shzb-crsw-s6506-1-ospf-100]import-routestatic建立link-group(类似与cisco的channel-group)link-aggregationgroup1modemanual然后进入接口portlink-aggregationgroup1启用VRRP之前必须输入vrrpping-enable使得客户能ping网关交换机命令~~~~~~~~~~[Quidway]discur;显示当前配置[Quidway]displaycurrent-configuration;显示当前配置[Quidway]displayinterfaces;显示接口信息[Quidway]displayvlanall;显示路由信息[Quidway]displayversion;显示版本信息[Quidway]superpassword;修改特权用户密码[Quidway]sysname;交换机命名[Quidway]interfaceethernet0/1;进入接口视图[Quidway]interfacevlanx;进入接口视图[Quidway]rip;三层交换支持[Quidway]local-userftp[Quidway]user-interfacevty04;进入虚拟终端[S3026-ui-vty0-4]authentication-modepassword;设置口令模式[S3026-ui-vty0-4]setauthentication-modepasswordsimple222;设置口令[S3026-ui-vty0-4]userprivilegelevel3;用户级别[Quidway]interfaceethernet0/1;进入端口模式[Quidway]inte0/1;进入端口模式[Quidway-Ethernet0/1]duplex{half|full|auto};配置端口工作状态[Quidway-Ethernet0/1]speed{10|100|auto};配置端口工作速率[Quidway-Ethernet0/1]flow-control;配置端口流控[Quidway-Ethernet0/1]mdi{across|auto|normal};配置端口平接扭接[Quidway-Ethernet0/1]portlink-type{trunk|access|hybrid};设置端口工作模式[Quidway-Ethernet0/1]portaccessvlan3;当前端口加入到VLAN[Quidway-Ethernet0/2]porttrunkpermitvlan{ID|All};设trunk允许的VLAN[Quidway-Ethernet0/3]porttrunkpvidvlan3;设置trunk端口的PVID[Quidway-Ethernet0/1]undoshutdown;激活端口[Quidway-Ethernet0/1]shutdown;关闭端口[Quidway-Ethernet0/1]quit;返回[Quidway]vlan3;创建VLAN[Quidway-vlan3]portethernet0/1;在VLAN中增加端口[Quidway-vlan3]porte0/1;简写方式[Quidway-vlan3]portethernet0/1toethernet0/4;在VLAN中增加端口[Quidway-vlan3]porte0/1toe0/4;简写方式[Quidway]monitor-portinterface_typeinterface_num;指定镜像端口[Quidway]portmirrorinterface_typeinterface_num;指定被镜像端口[Quidway]portmirrorint_listobserving-portint_typeint_num;指定镜像和被镜像[Quidway]descriptionstring;指定VLAN描述字符[Quidway]description;删除VLAN描述字符[Quidway]displayvlan[vlan_id];查看VLAN设置[Quidway]stp{enable|disable};设置生成树,默认关闭[Quidway]stppriority4096;设置交换机的优先级[Quidway]stproot{primary|secondary};设置为根或根的备份[Quidway-Ethernet0/1]stpcost200;设置交换机端口的花费[Quidway]link-aggregatione0/1toe0/4ingress|both;端口的聚合[Quidway]undolink-aggregatione0/1|all;始端口为通道号[SwitchA-vlanx]isolate-user-vlanenable;设置主vlan[SwitchA]isolate-user-vlanxsecondarylist;设置主vlan包括的子vlan[Quidway-Ethernet0/2]porthybridpvidvlanid;设置vlan的pvid[Quidway-Ethernet0/2]porthybridpvid;删除vlan的pvid[Quidway-Ethernet0/2]porthybridvlanvlan_id_listuntagged;设置无标识的vlan如果包的vlanid与PVId一致,则去掉vlan信息.默认PVID=1。所以设置PVID为所属vlanid,设置可以互通的vlan为untagged.----------------------------------------路由器命令~~~~~~~~~~[Quidway]displayversion;显示版本信息[Quidway]displaycurrent-configuration;显示当前配置[Quidway]displayinterfaces;显示接口信息[Quidway]displayiproute;显示路由信息[Quidway]sysnameaabbcc;更改主机名[Quidway]superpasswrod123456;设置口令[Quidway]interfaceserial0;进入接口[Quidway-serial0]ipaddressipmask|mask_len;配置端口IP地址[Quidway-serial0]undoshutdown;激活端口[Quidway]link-protocolhdlc;绑定hdlc协议[Quidway]user-interfacevty04[Quidway-ui-vty0-4]authentication-modepassword[Quidway-ui-vty0-4]setauthentication-modepasswordsimple222[Quidway-ui-vty0-4]userprivilegelevel3[Quidway-ui-vty0-4]quit[Quidway]debugginghdlcallserial0;显示所有信息[Quidway]debugginghdlceventserial0;调试事件信息[Quidway]debugginghdlcpacketserial0;显示包的信息静态路由:[Quidway]iproute-staticipmask{interfacenumber|nexthop}[value][reject|blackhole]例如:动态路由:[Quidway]rip;设置动态路由[Quidway]ripwork;设置工作允许[Quidway]ripinput;设置入口允许[Quidway]ripoutput;设置出口允许[Quidway-rip]networkall;设置与所有网络交换[Quidway-rip]peerip-address;[Quidway-rip]summary;路由聚合[Quidway]ripversion1;设置工作在版本1[Quidway]ripversion2mul