考点1:配置交换机的名称和密文密码
《huawei》 //用户视图
《huawei》 system-view //进入系统视图设置
[huawei] //系统视图
[huawei] quit /return //退出系统视图模式
[huawei] sysname DT //设置主机名
[huawei] user-interface console 0 //进入控制台
[huawei-ui-console 0] authentication-mode password
[huawei-ui-console 0] set authentication password/aaa cipher
(密文) /simple(明文)huawei //配置密文密码
考点2:配置交换机的远程管理IP地址
[huawei] interface Vlanif 1 //进入vlan1
[huawei-Vlanif1] ip address 192.168.1.254 24 //配置IP
[huawei-Vlanif1] undo shutdown // 开启接口
[huawei] dns domain dtwlxy.com //设置域名
[huawei] dns server 192.168.254.254 //设置域名ip
display vlan //显示vlan
save //保存 reboot //重启设备
display curr //显示当前配置
《huawei》undo terminal monitor //取消提示信息
考点3:配置交换机端口速率,双工,ARP
[huawei] int g 0/0/1 //进入端口
[huawei- g0/0/1] description negotiation auto //取消协商
[huawei- g0/0/1]duplex full //全双工
[huawei- gigabitEthernet 0/0/1] auto duplex full //自动
[huawei- gigabitEthernet 0/0/1] speed 10 //速率10M
[huawei- gigabitEthernet 0/0/1] auto speed 100 //自动
[huawei] arp static 192.168.1.8 5489-98cf-2603 //绑定
[huawei] display arp
[huawei] display arp all //查看ARP
考点4:配置路由器接口IP和静态路由
[huawei] int g0/0/1 //进入接口
[huawei- gigabitEthernet 0/0/1] ip address 192.168.1.6 24
//配置ip地址
[huawei- gigabitEthernet 0/0/1] undo shutdown //开启
dis cur 或者 [huawei] dis cur //查看ARP
[huawei] ip route-static 192.168.20.0 24 10.0.12.2
// 配置静态路由
[huawei] ip route-static 192.168.10.24 24 serial0/0/1
[huawei] ip route-static 0.0.0.0 0 192.168.1.5 //默认静态路由
[huawei] display ip route-table //查看路由表
考点5:配置交换机VLAN相关命令
[huawei] vlan 10 或vlan 20 //创建VLAN
[huawei-vlan10] description dt //VLAN 描述
[huawei] vlan batch 30 40 //批量创建多个VLAN
[huawei] vlan batch 30 to 40 //批量创建连续VLAN
[huawei] int g0/0/1 //进入接口
[huawei-g0/0/1] port link-type access //访问接口
[huawei-g0/0/1]port default vlan10 //加入默认VLAN
[huawei-g0/0/2]port link-type trunk //干道口
[huawei-g0/0/2]port trunk allow-pass vlan 10 20
//允许VLAN10 20 口
[huawei-g0/0/2] port trunk allow-pass vlan all //允许所有vlan
[huawei] int e0/0/2 //进入接口
[huawei-E0/0/2] port link-type hybrid //混合口模式
[huawei-E0/0/2] undo port default vlan //删除默认vlan
[huawei-E0/0/2] port hybrid untagged vlan 20 //去标签
[huawei-E0/0/2] port hybrid pvid vlan 2 设置默认端口
[huawei-E0/0/2]port trunk allow-pass vlan 10 to 100
//允许通过连续vlan
[huawei-E0/0/2] undo port trunk allow-pass vlan 10 to 100
//不允许通过连续vlan
[huawei] display port vlan //查看vlan
[huawei] display vlan //查看vlan
考点6:配置交换机VLAN一致性GVRP:通过VLAN注册协议,国际标准,双向注册
Normal模式:(类似于Cisco交换机服务器模式)
[huawei] gvrp //开启gvrp也是默认模式
Fixed模式:(类似于Cisco交换机的客户机模式)
[huawei] gvrp registration fixed
Forbidden 模式: (类似于Cisco交换机透明模式)
[huawei] gvrp registration forbidden
[huawei] display vlan summary //查看vlan汇总
[huawei] display gvrp status //查看gvrp状态
考点7:配置路由器RIP协议:RIPv1 RIPv2
[huawei] rip //启用RIP默认v1
[huawei-rip-1] network 192.168.1.0 //发布直连网段
[huawei-rip-1] version 2 //配置v2版本
[huawei] dis rip //查看rip
[huawei] dis rip database //查看rip数据库
[huawei] dis rip routing-table //查看rip数据库
优先级:直连0、静态60、rip 100、ospf 10/150
考点8:配置路由器OSPF协议
[huawei] ospf 1 //查看ospf默认是进程1
[huawei-ospf-1] area 0 //进入区域0
[huawei-ospf-1-area-0.0.0.0] network 192.168.3.0 0.0.0.255
//发布直连网段
[huawei-ospf-1] silent-interface g0/0/2 //被动接口
[huawei] dis ospf interface //查看ospf通告
[huawei] dis ospf peer //查看ospf邻居
[huawei] dis ip routing-table //查看路由表
[huawei] dis ospf routing //查看ospf路由表
反掩码:Acl OSPF EIGRP IPsec
考点9:配置基于全局DHCP协议
[huawei] dhcp enable //开启dhcp
[huawei] ip pool dt //地址池名
[huawei-ip-pool-dt] network 192.168.1.0 //地址池
[huawei-ip-pool-dt] lease day 2 //租约默认1
[huawei-ip-pool-dt] gateway-list 192.168.1.254 //网关
[huawei-ip-pool-dt] excluded-ip-address 192.168.1.250 192.168.1.253 //排除ip范围
[huawei-ip-pool-dt] dns-list 8.8.8.8 //DNS服务器
[huawei-G0/0/0] dhcp select global //基于全局
考点10:配置基于接口DHCP协议
[huawei] dhcp enable //开启dhcp接口
[huawei] int g0/0/1 //进入接口
[huawei-G0/0/1] dhcp select interface //基于接口
[huawei-G0/0/1] dhcp server lease day 2 //租约默认为1
[huawei-G0/0/1] dhcp server excluded-ip-address 192.168.1.1 192.168.1.10 //排除范围
[huawei-G0/0/1] dhcp server dns-list 8.8.8.8 //DNS
[huawei] display ip pool //查看dhcp
客户端:自动获取,利用ipconfig/ifconfig查看
考点11:配置路由器基本ACL:2000-2999
[huawei] acl 2000 //配置基本acl
[huawei-acl-basic-2000]rule 5 permit/deny source 1.1.1.1 0
//允许源ip(注意反掩码0,默认步长为5)
[huawei-acl-basic-2000]rule 10 deny any //拒绝任意
[huawei]user-interface vty 0 4
[huawei-ui-vty0-4]acl 2000 inbound //应用acl
[huawei] dis acl all //查看acl全部消息
[huawei] dis acl 2000 //查看acl2000
考点12:配置路由器高级ACL:3000-3999
[huawei] acl 3000 //配置基本acl
[huawei-acl-adv-3000] rule permit ip source 1.1.1.1 0 destination 4.4.4.4 0 //允许访问
[huawei] user-interface vty 0 4 //进入虚拟接口
[huawei-ui-vty0-4] acl 3000 outbound //应用acl
[huawei] int g0/0/1 //进入接口
[huawei-G0/0/1] traffic-filter inbound acl 3000 //应用
[huawei] display acl all //查看所有的acl
考点13:配置路由器动态NAT:(多对少)
[huawei] nat address-group 1 202.169.10.50 202.169.10.60
//外部ip
[huawei] acl 2001 配置acl(过滤 抓流量)
[huawei-acl-basic-2001] rule 5 permit source 172.17.1.0 0.0.0.255 //内部ip
[huawei] interface g0/0/1 //进入接口
[huawei-gigabitEthernet0/0/1] nat outbound 2001 address-group 1 no-pat(不使用端口转换) //应用NAT
[huawei] display nat outbound //查看NAT
考点14:配置路由器静态NAT:(一对一)
[huawei] int g0/0/1 //进入接口
[huawei-GigabitEthernet0/0/1] nat static global 202.169.10.5 inside 172.16.1.1 //一对一转换
//配置路由器动态NAPT(多对一)
[huawei] interface g0/0/0 //进入端口
[huawei-GigabitEthernet0/0/0] nat outbound 2001
//多对一转换
[huawei] display nat static //查看静态NAT
考点15:配置三层交换机VLAN间路由
首先基本配置,ip,VLAN等。
[huawei] int vlanif 10 //进入接口
[huawei-Vlanif10] ip add 192.198.1.254 24 //配IP
[huawei] int vlanif 20 //进入接口
[huawei-Vlanif10] ip add 192.198.2.254 24 //配IP
[huawei] display ip interface brief //接口简略信息
[huawei] display port vlan //接口vlan信息
[huawei] display vlan //查看vlan信息
考点16:配置单臂路由VLAN间通信
首先基本配置,ip,VLAN等。
[huawei-GigabitEthernet0/0/1.1] ip address 192.168.1.254 24 //配置ip
[huawei-GigabitEthernet0/0/1.1] dot1q termination vid 10
//封装
[huawei-GigabitEthernet0/0/1.1] arp broadcast enable
//开启arp
[huawei] display ip interface brief //查看接口
[huawei]display ip routing-table //查看路由表
[huawei] display current-configuration //查看配置