Huawei device command line operation basics

Language 2023-12-27 17:14:28 views: null
  • Familiarity with the VRP command line and proficiency in VRP configuration are essential for efficient management of Huawei network equipment.

Device initialization starts

  • If administrators and engineers want to access Huawei products running on the universal routing platform VRP , they must first enter the startup program. The startup interface information provides the running program started by the system, the running VRP version and its loading path. After the startup is completed, the system prompts that the automatic configuration mode is currently running. Users can choose to continue using automatic configuration mode or enter manual configuration mode. If you select manual configuration mode, enter Y at the prompt . In the absence of special requirements, we choose manual configuration mode.

 Command line view

 

  •  The hierarchical command structure of VRP defines many command line views, and each command can only be executed in a specific view. This example introduces common command line views. Each command is registered in one or more command views. The user can only run the corresponding command by entering the view where the command is located. After entering the configuration interface of the VRP system, the first view that appears on the VRP is the user view. In this view, users can view the running status and statistical information of the device.
  • To modify system parameters, the user must enter the system view. Users can also enter other functional configuration views through the system view, such as interface view and protocol view.
  • You can determine the current view through the prompt, for example: " < >" indicates the user view, and " [ ]" indicates other views except the user view.

Command line functionality

  • To simplify operations, the system provides shortcut keys to enable users to quickly perform operations. System-defined shortcut keys are provided in the table above. Other shortcut key functions are as follows:
CTRL+B moves the cursor one character to the left.
CTRL+D deletes the character at the current cursor position.
CTRL+E moves the cursor to the end of the current line.
CTRL+F moves the cursor one character to the right.
CTRL+H deletes a character to the left of the cursor.
CTRL+N displays the next command in the history command buffer.
CTRL+P displays the previous command in the history command buffer.
CTRL+W deletes a string to the left of the cursor.
CTRL+X deletes all characters to the left of the cursor.
CTRL+Y deletes the cursor position and all characters to the right.
ESC+B moves the cursor one string to the left.
ESC+D deletes a string to the right of the cursor.
ESC+F moves the cursor one string to the right.

 Command line functionality

 

  • There are other function keys that can be used to perform similar operations. For example, like CTRL+H , backspace can also delete a character to the left of the cursor. The left cursor key (←) and the right cursor key (→) can be used to perform the same functions as CTRL+B and CTRL+F respectively. The down cursor key (↓) can be used to perform the same function as Ctrl+N , and the up cursor key (↑) can replace CTRL+P .
  • In addition, if the first few letters of the command word are unique, the system can automatically complete the command after inputting the first few letters of the command. As shown in this example, the user only needs to enter inter and press the Tab key, and the system will automatically supplement the command with interface . If the command word is not unique, pressing the Tab key will display all possible commands. If you enter in and press the Tab key, the system will display the following commands in order: info-center , interface .

Command line online help

  •  VRP provides two help functions, namely partial help and full help.
  • Partial help means that when the user enters a command, if he only remembers the first one or a few characters of the command keyword, he can use the partial help of the command line to get tips for all keywords starting with the string, as in this example shown in .
  • Full help means that in any command view, the user can type " ? " to obtain all commands and their brief descriptions in the command view; if a command keyword is typed, followed by " ? " separated by spaces , if the If the position is a keyword, all keywords and their descriptions will be listed.

Basic configuration steps

 

  • There is usually more than one device deployed on the network, and administrators need to manage these devices in a unified manner. When debugging the device, the first task is to set the device name. The device name is used to uniquely identify a device. The default device name of the AR2200E router is Huawei , while the default device name of the S5720 switch is HUAWEI . Once the device name is set, it takes effect immediately.

 Configure system clock

 

  • The system clock is the system timestamp on the device. Due to different regions, users can set the system clock according to local regulations. Users must set the system clock correctly to ensure it remains synchronized with other devices.
  • The formula for setting the system clock is: UTC+ time zone offset + daylight saving time offset. The clock datetime command sets the system clock in the format of HH:MM:SS YYYY-MM-DD . However, it should be noted that if the time zone is not set, or the time zone is set to zero, the set date and time will be considered UTC time, so it is recommended to set the time zone before configuring the system time and date.
  • The clock timezone command is used to set local time zone information. The specific command parameter is time-zone-name { add | minus } offset . The parameter add represents the time offset increased by time-zone-name compared with UTC time . That is, based on the system's default UTC time zone, plus offset , you can get the time zone time identified by time-zone-name ; the parameter minus refers to the time offset that time-zone-name reduces compared to UTC time. Shift amount. That is, based on the system's default UTC time zone, subtracting offset , you can get the time zone time identified by time-zone-name .
  • Some areas implement daylight saving time, so when entering the daylight saving time implementation period, the system time must be adjusted for daylight saving time according to the user's settings. VRP supports daylight saving time function. For example, in the UK, daylight saving time ranges from the last Sunday in March to the last Sunday in October. Then you can specify the start and end time of daylight saving time by executing the command.

Configure header message

 

  • The header command is used to set the header information displayed on the terminal when the user logs in to the device.
  • The login parameter specifies the header information displayed when the user activates the terminal connection during the login device authentication process.
  • The shell parameter specifies the header information that is displayed when the user successfully logs in to the device and a session has been established.
  • The content of the header can be a string or a file name. When the content of the header is a string, the title information uses the first English character as the starting symbol and the last identical English character as the ending symbol. Under normal circumstances, it is recommended to use English special symbols and ensure that there are no English characters in the message body. this symbol.
  • In this example, the content of the header is a string. Strings can contain 1-2000 characters, including spaces. Use the header { login | shell } information text command to set the header in string form .
  • To set the header in file form , use the header { login | shell } file file-name command. The file-name parameter specifies the file name used for the title information. Before and after login, the content of the file will be displayed in text form.

command level 

  •  The system manages commands hierarchically to increase device security. The device administrator can set the user level, and users of a certain level can use the command line of the corresponding level. By default, the command level is divided into levels 0 to 3 , and the user level is divided into levels 0 to 15 . User level 0 is the access level, which corresponds to network diagnostic tool commands ( ping , tracert ), commands to access external devices from this device ( Telnet client), some display commands, etc. User level 1 is the monitoring level, corresponding to command levels 0 and 1 , including commands for system maintenance and display and other commands. User level 2 is the configuration level, which includes providing direct network services to users, including routing and commands at various network levels. User level 3-15 is the management level, corresponding to command level 3. This level is mainly used for commands for system operation and provides support for business, including file system, FTP , TFTP download, file exchange configuration, power supply control, and backup board. Control, user management, command level settings, system internal parameter settings, and debugging commands for business fault diagnosis . This example shows how to modify the command level. Executing the save command in user view requires level 3 permissions.
  • In specific use, if we have multiple administrator accounts, but only one administrator is allowed to save the system configuration, we can increase the level of the save command to level 4 and define that only this administrator has level 4 permissions. In this way, you can control the use of commands without affecting other users.

user interface

  • The maximum configurable range of the VTY interface is 0-14 . 
  • Each type of user interface has a corresponding user interface view. The user-interface ( User-interface ) view is a command line view provided by the system, which is used to configure and manage all physical interfaces and logical interfaces that work in asynchronous interaction mode, so as to achieve the purpose of unified management of various user interfaces. Before connecting to the device, the user sets user interface parameters. The user interfaces supported by the system include Console user interface and VTY user interface. The control port ( Console Port ) is a communication serial port provided by the main control board of the device. Virtual Type Terminal is a virtual line port. After the user establishes a Telnet or SSH connection with the device through the terminal, a VTY is established , that is, the user can log in to the device through VTY . The device generally supports up to 15 users accessing via VTY at the same time . Run the user-interface maximum-vty number command to configure the maximum number of VTY user interfaces that can log in to the device at the same time. If the maximum number of logged-in users is set to 0 , no user can log in to the router through Telnet or SSH . The display user-interface command is used to view user interface information.
  • Different devices, or using different versions of VRP software systems, may have different maximum number of VTY interfaces that can be used .

 Configure user interface commands

 

  •  Users can set the properties of the Console interface and VTY interface to improve system security. If a user connected to the device remains idle without disconnecting, it may bring great risks to the system, so after waiting for a timeout period, the system will automatically terminate the connection. This idle cut-off time is also called the timeout time, and the default is 10 minutes.
  • When the information output by the display command exceeds one page, the system will paginate the output content, and use the space bar to switch to the next page.
  • If the information output on one page is too little or too much, the user can execute the screen-length command to modify the number of lines on the page when the information is output. The default number of rows is 24 , and the maximum number of rows supported is 512 . It is not recommended to set the number of lines to 0 as no output will be displayed.
  • After each command is executed, the execution record is saved in the historical command cache area. Users can use (↑) , (↓) , CTRL+P , Ctrl+N shortcut keys to call these commands. The history command cache can store 10 commands by default. You can change the number of commands that can be stored by running history-command max-size . A maximum of 256 commands can be stored.

Configure login permissions

  • This page introduces the password configuration method for login permissions when only using a password to log in.
  • Without permission restrictions, unauthorized users can use the device to obtain information and change configurations. From the perspective of device security, it is necessary to restrict user access and operation permissions. User permissions and user authentication are two ways to improve terminal security. User permission requirements specify the level of the user. Users of a certain level can only execute commands of a specific level.
  • After configuring the user authentication method of the user interface, when users log in to the device, they need to enter a password for authentication, which limits the user's access rights to the device. When making Telnet connections through VTY , all users accessing the device must be authenticated.
  • The device provides three authentication modes, AAA mode, password authentication mode and non-authentication mode. AAA authentication mode has high security because user name and password must be entered when logging in. Password authentication only requires entering the login password, so all users use the same password. Using the non-authentication mode means logging in directly to the device without user authentication. It should be noted that the Console interface uses non-authentication mode by default.
  • For Telnet login users, authorization is very necessary. It is best to set the user name, password and specify the permissions associated with the account.
  • Note: There are differences in the execution of the set authentication password cipher command in different VRP versions : some platforms require you to enter the password after pressing Enter, while other platforms can enter the password directly after the command. Therefore, please refer to the corresponding VRP product documentation when operating specific products .

Configure interface IP address

 

  • To run IP services on an interface, the interface must be configured with an IP address. An interface generally requires only one IP address. In special cases, it may also be possible to configure a secondary IP address for the interface. For example, when the interface of router AR2200E is connected to a physical network, the hosts in the physical network belong to two network segments. In order to allow hosts in both network segments to access other networks through the router AR2200E , you can configure a primary IP address and a secondary IP address. An interface can only have one primary IP address. If the interface is configured with a new primary IP address, the new primary IP address replaces the original primary IP address.
  • Users can use the ip address <ip-address> { mask | mask-length } command to configure an IP address for the interface. In this command, mask represents a 32- bit subnet mask, such as 255.255.255.0 , and mask-length represents is a replaceable mask length value, such as 24 , and the two can be used interchangeably.
  • The Loopback interface is a logical interface that can be used to virtualize a network or an IP host. When running multiple protocols, because the Loopback interface is stable and reliable, it can also be used as a management interface.
  • When configuring an IP address for a physical interface, you need to pay attention to the physical status of the interface. By default, the interface status of Huawei routers and switches is up ; if the interface has been manually closed, you should use undo shutdown to open the interface after configuring the IP address .

Chapter summary

Q: How many users can Huawei network equipment support using the console port to log in at the same time?

Answer: lOnly one user of Huawei network equipment can log in to the Console interface at the same time, so the Console user number is fixed at 0 .

Q: After using the command interface loopback interface 0 , what is the status of the loopback 0 interface?

Answer: The Loopback interface is a logical interface. The Loopback interface does not exist before it is created . Since its creation, the Loopback interface has always existed and remains in the Up state unless it is manually closed.

Guess you like

Origin blog.csdn.net/yy123cisco/article/details/135151914
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com