RGOS daily management operations

I. Introduction

• The current situation of informatization development requires the implantation of new technologies into network operating systems. The new generation general operating system RGOS launched by Ruijie Networks is a full reflection of technological innovation. It is a completely modular system designed for safe network operation and management. Network operating systems that support multiple platforms.
• The three main features of the RGOS operating system are modularity, security, and openness. Since its inception, Ruijie Networks' general operating system RGOS has been widely used in many domestic industries, and its practical application value has been deeply loved and praised by users. Centered on user needs and guided by application value, Ruijie Networks has gradually improved RGOS through continuous technological innovation. The new generation of general operating system RGOS, with its unique stability, security and other technical advantages, is more conducive to improving user Use value to create greater benefits for users.

2. Overview of RGOS platform

• RGOS stands for "Ruijie General Operating System", which is the operating system of network equipment.
  • The software version developed based on RGOS is currently 11.x, also known as the 11.x platform
• Advantage:
  • Modular design facilitates operation and maintenance management.
  • Fault isolation improves new function development and testing efficiency and system stability.
  • It is transparent to the hardware platform and has high compatibility.

2.1. Common login methods for Ruijie devices

• Local login:
  • Console login: For new or cleared devices, you need to use the Console port.
• Remote login:
  • Telnet login: Use the IP network to log in remotely, but the transmitted data is not encrypted.
  • SSH login: Use IP network to log in remotely, transmit data encrypted, and have high security. SSHv2 version is commonly used.
  • Web login: Use the web page to log in, and the operation is more visual and convenient.
  • Note: Most devices require console login for deployment, and some devices can be logged in directly via Telnet/Web.
• Commonly used login software: SecureCRT, Putty, HyperTerminal (only available in XP).

2.2. Log in using Console

• Console overview:
  • Connect the console interface of the device through the configuration cable.
  • Use terminal software for device management configuration.
  • Initialization, out-of-band management.
• Console management configuration
  • Baud rate: 9600
  • Data bits: 8
  • Parity: None
  • Stop bit: 1
  • Data flow control: none

2.3. Telnet remote management

• Telnet Overview
  • Refers to device management configuration through the Telnet program in the Windows command line prompt or other third-party Telnet programs
  • Remote management, in-band management
  • Depends on device IP address and Telnet password
  • Data is not encrypted
• Telnet configuration
  • Protocol: Telnet
  • Default port: 23
  • The device enables Telnet service by default

2.4. SSH remote management

• SSH overview
  • Use SSH protocol program (SecureCRT) for device management configuration
  • Remote management, in-band management
  • Depends on management IP address
  • Rely on global username and password
  • data encryption
• SSH management configuration
  • Protocol: SSH
  • Default port: 22

#网络设备上开启SSH服务配置:
Ruijie(config)#enable service ssh-server
Ruijie(config)#crypto key generate {
    
    rsa|dsa}

2.5. Login software: SecureCRT

• Log management:
  • According to Ruijie Network Technical Service Department’s “JSZD-001 Technical Service Department Employees’ Behavior Rewards and Punishment Regulations” Article 3 of the Engineer’s Network Operating Standards: When bringing an engineer’s personal computer into the customer’s network, it is necessary to do anti-virus work on the computer in advance to avoid The computer virus affects the normal use of the customer's network and the logging function is turned on (including the Telnet console turning on the log printing function).

• CRT interactive window:

  • You can use the interactive window when the log scrolls quickly and the screen cannot be typed.
  • Type commands in the interactive window and execute them in multiple session windows.
    

• Xmodem uses:

  • Use Xmodem to upload scripts or download configuration files. Take uploading as an example:

#完成配置文件拷贝后，执行配置初始化调用：
copy flash:tmp/startup flash:config.text
copy startup-config running-config

3. CLI command line operation

3.1. CLI command line basics

• After logging in to the device using Console, Telnet, or SSH, the CLI command line interface will appear, similar to the DOS command line.
• Compared with the CMD command line, the RGOS CLI is easy to use and has rich prompt information and error information.

3.2. CLI mode

• User mode:
  • There is a " " symbol before the character cursor >.
  • Limited viewing of device information.
• Privileged mode:
  • There is a " " symbol before the character cursor #.
  • View all device information.
• Global configuration mode:
  • The character before the cursor (config)#is composed of " ".
  • Configure global device parameters.
• Interface configuration mode:
  • The character before the cursor (config-if-xx)#is composed of " ".
  • Configure device interface parameters.

#用户模式
Ruijie>
#特权模式
Ruijie#
#全局配置模式
Ruijie(config)#
#接口配置模式
Ruijie(config-if-FastEthernet)#

3.3. CLI mode exchange

3.4. Command line features

3.4.1. Split screen display

• In the command line interface, if the displayed content exceeds the scope of one page, it will be displayed in split screen.
• The “–more–” prompt appears on the command line
  • Use the "Enter" key to display line by line
  • Use the "space" key to turn pages

3.4.2. Command abbreviations and getting help

• The RGOS command line supports command abbreviations, which can be used if the command can be uniquely identified.

• But when the command is not unique, it needs to be written so that it can be uniquely identified.
  

• If you forget or have questions about the command, you can enter "?" at any time for prompts.

3.4.3. Error prompt

• When a command is entered incorrectly, the system will prompt
  • "% Unrecognized host or address, or protocol not running" means that the command cannot be recognized and there is no such protocol.
  • "% Incomplete command." means that the input command is incomplete.
  • "% Invalid input detected at '^' marker." means that the position command shown is wrong.
  • There are many other tips. It is recommended to pay more attention to the console messages and error prompts when configuring the command line.

3.4.4. History records and TAB completion

• During the command line configuration process, use the "TAB" key to complete the current command.
• Proficient in using the "TAB" key and the "?" prompt help, you can effectively memorize commands.
  

4. Basic operation of equipment

4.1. Device naming

• Device naming is used to identify device information.
• Configuration specifications.
  • Generally refer to customer specifications.
  • If customized: refer to the device's geographical location, network location, device model, device number and other factors to formulate a unified naming specification (AABB-CC-DD)
    • AA: Indicates the geographical location of the device.
    • BB: Indicates the network location of the device.
    • CC: Indicates the model of the device.
    • DD: Indicates the number of the device.

#配置命令
Ruijie(config)# hostname wlzx-core-8610-1

4.2. Configure the management IP of the network device

• After configuring the management IP, remote management of the device can be facilitated.
• The Layer 2 switch is implemented by configuring the management VLAN, and the switch can be understood as a terminal and needs to be configured with a gateway.
• Any Layer 3 interface IP of a multi-layer device can be used as the management IP.

#管理IP配置命令
Ruijie(config)#vlan 10
Ruijie(config)#int vlan 10
Ruijie(config-if-VLAN 10)#ip add 10.1.1.254 255.255.255.0 		//管理IP地址
Ruijie(config-if-VLAN 10)#no shutdown
Ruijie(config)#ip default-gateway 10.1.1.200 					//当前设备的网关，将被管理设备理解为一台PC终端

4.3. Configure the login password of the network device

• Device management security through configurable passwords
• Configure privileged mode password

Ruijie(config)#enable secret level 15 0 ruij

• Configure Telnet password

Ruijie(config)#line vty 0 4
Ruijie(config-line)#password ruij

• Configure global user password

Ruijie(config)#username admin password ruijie

• Cipher text display password

Ruijie(config)#service password-encryption

4.4. Commonly used show commands

4.5. Check device status

• The Show command is one of the most commonly used commands when operating RGOS.
• You can use the show command in any command line mode to view the configuration or status of the current device.
• Note: show runThe command views the current device configuration, not the saved configuration.
  • Configuration view:show run-config

• Pipe character application overview
  • You can add the pipe character "|" after the Show command to specify the output of information.
• Pipe character type
  • | begin xyz: Output information starts from xyz
  • | exclude xyz: Output information excludes xyz
  • | include xyz: The output information contains xyz

4.6. Interface description

• The interface description is used to identify the device interface information, making it easier to identify the purpose of the interface when viewing the interface status.
• Configuration specifications:
  • According to customer specification.
  • Customization: to-peer device name-peer interface name.

#配置命令
WLZX-core-8610-2(config)#int giga 6/1
WLZX-core-8610-2(config)#description to-wlzx-core-8610-1-giga6/1

4.7. Banner configuration

• When logging in to the device, output prompts or warning messages
• configuration specification
  • customer specification
  • customize

#配置命令
wlzx-core-8610-1(config)#banner login ^
Enter TEXT message.  End with the character '^'.
Your behavior will be recorded!!
^
wlzx-core-8610-1(config)#

4.8. Time configuration

• The function of the NTP protocol is to allow network devices to display accurate time for easy monitoring and maintenance.
• Manual setting sets the time through clock set.

Ruijie#clock set hh:mm:ss day month year

• Automatically set/synchronize time (depends on NTP/SNTP server)

Ruijie（config）# {sntp|ntp} enable
Ruijie（config）# {sntp|ntp} server ip_addr

4.9. SNMP configuration

• Simple Notwork Management, network management software obtains device operating information, configures devices, and locates faults through this protocol
  • SNMP has versions v1/v2c/v3, and v2c is used by default.
  • v1/v2c uses community name for authentication
  • V3 version is more secure

#SNMP配置：
Ruijie(config)#snmp-server community ruijie {ro|rw}
//ro表示只读属性，网管软件通过该团体名只能获取相关信息
//rw表示可读写属性，网管软件通过该团体名可以执行设备配置操作

4.10. Log application

• The log records some key information during the operation of the equipment, which is particularly important when a failure occurs.
• The logging function is enabled by default and records information in memory. The log will be lost after restarting.
• In the project, it is recommended to build a syslog server to record key equipment (aggregation/core) log information

#日志服务配置：
Ruijie(config)#service sequence-numbers 
Ruijie(config)#service sysname
Ruijie(config)#logging userinfo command-log
Ruijie(config)#logging server ip_addr
Ruijie(config)#logging source interface loopback 0
Ruijie#terminal monitor

4.11. Network communication test

• Ping is used to test the connectivity of the network, and you can use combined commands to conduct rich network tests.

Ruijie#ping 192.168.100.10 source 10.1.1.1 ntime 100 length 1500 timeout 3
//测试从源10.1.1.1到达192.168.100.10的连通性，连续ping100次，每个包长度1500字节，超时时间3秒

• Tracertoute is used to display all network devices that a data packet passes from the source address to the destination address.
  • It is used to check the connectivity of the network and accurately locate the location of the fault when a network fault occurs.

Ruijie#traceroute 192.168.100.10 source 10.1.1.1 probe 10 ttl 1 3 timeout 3
//测试从源10.1.1.1到192.168.100.10的连通性，并显示路径上的网络设备，探测数据包每跳最多跟踪10条路
由（例如负载均衡时，会朝多个方向进行探测），TTL值范围是1-3（最多3跳），超时时间3秒

5. System file management

5.1. RGOS file system

• As shown below, the data saved in the flash will not be lost when the power is turned off:
  • Configuration file:config.text
  • RGOS system files:rgos.bin
  • Log file:syslog.text
  • Other running files
• When the device is powered on, all RGOS and configuration files will be loaded into the memory and run.

5.2. Device configuration management

• When the device starts, the file is read from the Flash media config.textand used as the configuration of the current device.
• Running configIs the currently running configuration, which will be written after saving config.text.