Huawei s series layer 3 switch configuration

A layer-3 switch is a switch with routing functions. Since routing belongs to the function of the third layer of the network layer in the OSI model, it is called a layer-3 switch.

A layer-3 switch can work at either layer-2 or layer-3, and can be deployed at the access layer or at the aggregation layer as a gateway for users.

Case 1: Switch configuration in a single network environment

switch 1

pc1

1. Connect the switch (SecureCRT as an example):

(1) Connect the host computer and the switch with a console cable (2) My computer - right click management - device manager (3) Write down the communication port COM x1

2. The remote tool establishes a connection

Protocol: serial Port: The port of this machine - COM x 

1. configuration password

interface console 0 (attempt to enter the console)

authentication-mode password (configure the authentication mode as password authentication)

set authentication password cipher admin123456 (configure authentication password, remember to save)

Sys

enter aaa

 local-user admin password cipher 123456 (set your own username and password)

Local-user admin privilege level 15 (set the highest level to 15)

Local-user admin service-type telnet terminal ssh (open ssh protocol remote login)

Dis local-user (view created users)

3. Enter switch configuration mode

show current configuration

display current-configuration 

quit #exit

4. Close Huawei prompt information

undo info-center enable

2. Group operation:

Divide different ports on the switch into different virtual groups, which is convenient for batch operations, and can also be operated on ports independently.

#Create/enter group, enter or create group 1, the number can be customized

#port-group 1

# Pack Gigabit Ethernet ports 1-8 into "Group 1"

 #group-member gigabitethernet 0/0/1 to gigabitethernet 0/0/8

#Create group 1, add 100M port 21 to group 1

 #Enter group "1", that is, batch operation port 1-8

port-group 1 

3. Vlan settings:

Create a network segment: vlan 10

vlan batch 10

Enter network segment 10 settings:

interface vlan10

Set the Internet access IP of the vlan, and configure the vlan IP and mask named 10, which is the gateway address of this network segment:

ip address 192.168.1.1 255.255.255.0/24

Create a dhcp pool for vlan10:

ip pool vlan10 

Configure ip address, subnet mask

network 192.168.1.0 mask 255.255.255.0/24

configure gateway

gateway-list 192.168.1.1

configure dns

dns-list 114.114.114.114

Configure the IP address that does not participate in the allocation

excluded-ip-address 192.168.11.1 192.168.1.2

Enter vlan10 to enable the dhcp function

you are vlan10

Open dhcp service

dhcp select global

4. Set the port type and configure 100M port 21

Three port differences:

Port Introduction (access, trunk, hybrid)

Access port 21

inter eth 0/0/21

Configure the interface access type as access

port link-type access

Configure the interface to join VLAN 10

port default vlan 10

quit

save saves the current configuration.

Case 2: Configure different network segments to access each other

Multiple departments are located on different network segments, and each department needs to access the Internet. Realize mutual visits between Department A and Department B

Use the following ideas to configure:

Configuration process:

1. Configure vlan10 and vlan20 on switch SW1

1. Create a network segment: vlan batch 10 20

vlan batch 10 20

Enter network segment 10 settings:

interface vlan10

Set the Internet gateway and subnet mask of vlan:

ip address 192.168.1.254 24

quit

quit

2. Create a dhcp pool for vlan10:

ip pool vlan10 

Configure ip address, subnet mask

network 192.168.1.0 mask 24

configure gateway

gateway-list 192.168.1.254

configure dns

dns-list 114.114.114.114

Configure IP addresses that do not participate in allocation can also be network segments

excluded-ip-address 192.168.1.2  192.168.1.20

Enable the dhcp service globally

dhcp enable

Enter vlan10 to enable the dhcp function

3.int vlan10

Open dhcp service

dhcp select global

Enter vlan network segment 20 settings:

interface vlan20

Set the Internet access IP address of the vlan, and configure the vlan IP and mask named 10, which is the gateway address of this network segment:

ip address 192.168.2.254 24

quit

quit

Create a dhcp pool for vlan20:

ip pool vlan20 

Configure ip address, subnet mask

network 192.168.2.0 mask 24

configure gateway

gateway-list 192.168.20.254

configure dns

dns-list 114.114.114.114

Enable the dhcp service globally

dhcp enable

Enter vlan20 to enable the dhcp function

int vlan20

Open dhcp service

dhcp select global

2. Configure the SW2 switch, divide vlan10 and vlan20, and add the interface to vlan

Configure port 21

you are e0/0/21

port link-type access

port default vlan 10

Configure port 22

you are e0/0/22

port link-type access

port default vlan 20

3. Configure the interconnection interface of SW1 and SW2 as a trunk interface, and release vlan10 and vlan20

SW1 placement E0/0/1 port
inter tEthernet 0/0/1
port link-type trunk     
port trunk allow-pass vlan 10 20

SW2 placement GE0/0/1 port
inter Ethernet 0/0/1
port link-type trunk        
port trunk allow-pass vlan 10 20