Hcna-Hntd Entry Lab Guide v2.2
Hcna-Hntd Entry Lab Guide v2.2
Hcna-Hntd Entry Lab Guide v2.2
With any Huawei Career Certification, you have the privilege on http://learning.huawei.com/en to enjoy:
n
1、e-Learning Courses: Logon http://learning.huawei.com/en and enter Huawei Training/e-Learning
/e
o m
If you have the HCNA/HCNP certificate:You can access Huawei Career Certification and Basic Technology e-Learning
courses.
e i .c
If you have the HCIE certificate: You can access all the e-Learning courses which marked for HCIE Certification Users.
aw
Methods to get the HCIE e-Learning privilege : Please associate HCIE certificate information with your Huawei account, and
hu
arn
Content: Huawei product training material and Huawei career certification training material.
//le
Method:Logon http://learning.huawei.com/en and enter Huawei Training/Classroom Training ,then you can download
training material in the specific training introduction page.
p :
3、 Priority to participate in Huawei Online Open Class (LVC)
t t
s :h
The Huawei career certification training and product training covering all ICT technical domains like R&S, UC&C, Security,
4、Learning Tools: rc e
Storage and so on, which are conducted by Huawei professional instructors.
u
s o
eNSP :Simulate single Router&Switch device and large network.
R e
WLAN Planner :Network planning tools for WLAN AP products.
n g
In addition, Huawei has built up Huawei Technical Forum which allows candidates to discuss technical issues with Huawei experts ,
ni
share exam experiences with others or be acquainted with Huawei Products.
a r
Statement:
L e
r e
This material is for personal use only, and can not be used by any individual or organization for any commercial purposes.
o
M
HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential 1
Huawei Certification
HCNA-HNTD
e n
ENTRY m
/
o
i.c
e
aw
Huawei Networking Technology and Device
hu
Lab Guide g .
ni n
ar
l e
: //
t tp
: h
e s
r c
o u
es
R
i n g
a rn
L e
e
or
M
aw
u
Notice
g .h
ni n
r
lea
The information in this manual is subject to change without notice. Every effort has
//
been made in the preparation of this manual to ensure accuracy of the contents, but all
:
warranty of any kind, express or implied.
t t p
statements, information, and recommendations in this manual do not constitute the
s :h
r c e
s ou
Re
i n g
n
ar
Le
Huawei Certification
Version 2.2
Huawei Certification System
Relying on its strong technical and professional training and certification system
and in accordance with customers of different ICT technology levels, Huawei
certification is committed to providing customers with authentic, professional
certification, and addresses the need for the development of quality engineers that
are capable of supporting Enterprise networks in the face of an ever changing ICT
industry. The Huawei certification portfolio for routing and switching (R&S) is
e n
comprised of three levels to support and validate the growth and value of customer /
skills and knowledge in routing and switching technologies.
o m
e
The Huawei Certified Network Associate (HCNA) certification level validates the
i.c
aw
skills and knowledge of IP network engineers to implement and support small to
u
.h
medium-sized enterprise networks. The HCNA certification provides a rich
g
ni n
foundation of skills and knowledge for the establishment of such enterprise
networks, along with the capability to implement services and features within
r
lea
existing enterprise networks, to effectively support true industry operations.
: //
t t p
HCNA certification covers fundamentals skills for TCP/IP, routing, switching and
related IP network technologies, together with Huawei data communications
:h
products, and skills for versatile routing platform (VRP) operation and
s
management.
r c e
s ou
The Huawei Certified Network Professional (HCNP-R&S) certification is aimed at
Re
enterprise network engineers involved in design and maintenance, as well as
i n g
professionals who wish to develop an in depth knowledge of routing, switching,
network efficiency and optimization technologies. HCNP-R&S consists of three
n
ar
units including Implementing Enterprise Routing and Switching Network (IERS),
e
e LImproving Enterprise Network Performance (IENP), and Implementing Enterprise
or
Network Engineering Project (IEEP), which includes advanced IPv4 routing and
switching technology principles, network security, high availability and QoS, as well
M as application of the covered technologies in Huawei products.
e n
/
o m
Ethernet link Serial link e i.c
aw
u
g .h
Lab Environment Specification
n i n
In order to ensure that the configuration given a inrthis lab is supported on
/ l e device models and VRP
/
all devices, it is recommended that the following
:
tp
versions be used:
ht
s :
Identifier Device Model
r c e VRP version
o u
R1
s
AR 2220E
e
Version 5.160 (AR2200 V200R007C00SPC600)
R
R2
R3
a rn AR 2220E Version 5.160 (AR2200 V200R007C00SPC600)
e n
LAB 2-1 BASIC DEVICE NAVIGATION AND CONFIGURATION ............................................................................. 11
/
o m
i.c
MODULE 3 STP AND RSTP ................................................................................................................ 22
w e
LAB 3-1 CONFIGURING STP ...................................................................................................................... 22
u a
LAB 3-2 CONFIGURING RSTP .................................................................................................................... 39
g .h
n
MODULE 4 ROUTING CONFIGURATION ............................................................................................ 48
ni
r
lea
LAB 4-1 CONFIGURING STATIC ROUTES AND DEFAULT ROUTES ........................................................................ 48
//
LAB 4-2 CONFIGURING RIPV1 AND RIPV2................................................................................................... 65
p :
t t
LAB 4-3 RIPV2 ROUTE AGGREGATION AND AUTHENTICATION ......................................................................... 80
:h
LAB 4-4 OSPF SINGLE-AREA CONFIGURATION ............................................................................................. 96
s
r c e
MODULE 5 FTP AND DHCP ............................................................................................................. 113
s ou
LAB 5-1 CONFIGURING FTP SERVICES ....................................................................................................... 113
Re
LAB 5-2 IMPLEMENTING DHCP ............................................................................................................... 121
i n g
n
e ar
e L
or
M
Module 1 Establishing Basic Networks with eNSP
Learning Objectives
e n
/
As a result of this lab section, you should achieve the following tasks:
o m
Set up and navigate the eNSP simulator application.
e i.c
aw
Establish a simple peer-to-peer network in eNSP.
u
g.h
ni n
Perform capture of IP packets using Wireshark within eNSP.
r
//lea
p :
t t
s:h
r c e
sou
Re
i n g
n
e ar
e L
or
M
Tasks
e n
Step 1 Initiate eNSP /
o m
i . c for
This step introduces how to start and navigate the eNSP simulator application
w
rapid development of TCP/IP knowledge and familiarity with network operation.e If
eNSP is not available, please inform the course instructor
u a
. h be presented. The
i
left panel houses the icons that represent the various products n g and devices that are
After launching eNSP, the following application user interface will
it on the canvas.
w e
be applied. Select the Laptop icon and drag it to the canvas, release the icon
a
. hu
i n g
r n
l e a
: //
t tp
: h
e s
r c
o u
e s
R
i n g
a rn
L e
r e
o
M
The same action should be taken to position a second laptop on the canvas for
establishing the peer-to-peer network topology.
Select the connections icon from the upper left panel to reveal a list of media that
can be applied to the topology. Select the copper (Ethernet) medium from the list.
e n
Once the icon has been clicked, the cursor will represent a connector to show the /
o m
current role of the cursor as a connector. Click on the client device to reveal a list of
aw
u
g .h
ni n
r
//lea
p :
t t
s :h
r c e
s ou
Re
i n g
n
e ar
e L
or
M
Once this has been achieved, click on the peering device to apply the opposite end
of the medium to the end system. Again select the interface Ethernet 0/0/1 to
establish the medium between the two devices and complete the construction of a
peer-to-peer topology.
e
Select the end system and use the right click option to display a properties menu.n
The settings option should be selected in order to display the current system /
settings for the end system devices.
o m
e i.c
aw
u
g.h
ni n
r
//lea
p :
t t
s:h
r c e
sou
Re
i n g
n
e ar
e L
or
M
e n
Ensure the Basic Config tab is selected and enter a host name in the Host Name field
/
window. Ensure the IPv4 configuration is currently set to static and configure an IP
o m
address in the IP address window. It is recommended that the address (together with
e i.c
the subnet mask) be configured as shown in the below example. Once this has been
configured, click the Apply button in the bottom left corner of the window before
closing with the x in the top left corner of the CLIENT 1 window.
aw
u
g.h
ni n
r
//lea
p :
t t
s :h
r c e
sou
Re
i n g
n
e ar
e L
or
M
The same process is required for CLIENT2. It is recommended that initially the IP
address 192.168.1.2 be configured, with a subnet mask of 255.255.255.0.
The basic configuration enables peer-to-peer communication to be supported
The devices can be activated using one of two methods. The first involves using the
right click option to open the properties menu and select start for the individual
icons. The alternative involves dragging the cursor over the icons (as shown) to
e n
/
highlight multiple devices and using the right click settings option start multiple
devices simultaneously.
o m
e i.c
aw
u
g.h
ni n
r
//lea
p :
t t
s :h
r c e
sou
Re
i n g
n
e ar
e L
or
MOnce the devices are online and active, it is common to notice a change in the status
of the connectors through a switch in the colour of the red dot on the medium to
green, highlighting that the status of the connectors is now up.
e n
/
Select the device to for whose interface is to be monitored and use the right click
m
option to display the settings menu. Highlight the capture data option to reveal a list
o
i.c
of interfaces that belong to the device and are available for observation by the
e
packet capture tool. Select the interface from the list that is to be monitored.
w
u a
g.h
ni n
r
//lea
p :
t t
s :h
r c e
sou
Re
i n g
n
e ar
e L
or
M
The selection of an interface will result in the activation of the Wireshark packet
capture tool for the selected interface. If additional interfaces are to be monitored,
separate instances of the same packet capture tool will be activated.
r n
l e a
: / /
t tp
: h
e s
r c
o u
es
R
i n g
a rn
L e
r e
o
M
The generation of traffic will be confirmed by the resulting output in which case the
number of packets transmitted are shown to also be received.
e n
An instance of the Wireshark packet capture tool should currently be active /
following the action to capture data on the client interface. Maximize the active
o m
window to observe the results of the packet capture process.
i . c
w e
a
. hu
i n g
r n
l e a
: //
t tp
: h
e s
r c
o u
e scontains many functions for management of the packet
R the more common functions includes the filter function to
The Wireshark application
capture process. One
i
isolate the packet n g of
capture display to a select group of packets or protocols. This can
rn the filter field below the menu bar. The simplest filter method
e a
be achieved using
involves entering the protocol name (in lower case) and pressing Enter. In the given
L
e filter window will result in only the protocol entered in the filter field being
example packets for two protocols have been captured, entering either icmp, or arp
intorthe
o
M
displayed in the output.
The packet capture tool consists of three panels, to show the list of packets, a
breakdown of the content of each packet and finally display the equivalent data
format of the packet. The breakdown is invaluable for understanding the format of
protocol packets and displays the details for protocols as referenced at each layer of
the OSI reference model.
Learning Objectives
e n
As a result of this lab section, you should achieve the following tasks: /
o m
Configure device system parameters including device name, the system
i . c time,
i n g
Topology n
a r
L e
r e
o
M
Figure 2.1 Lab topology for basic VRP navigation and operation.
e n
Tasks /
o m
Step 1 View the system information i.ce
Run the display version command to view the software version andahardware
w
information for the system.
. hu
<Huawei>display version
i n g
Huawei Versatile Routing Platform Software
r n
l e a
VRP (R) software, Version 5.160 (AR2200 V200R007C00SPC600)
Copyright (C) 2011-2013 HUAWEI TECH CO., LTD
: //
tp
Huawei AR2220E Router uptime is 0 week, 3 days, 21 hours, 43 minutes
BKP 0 version information:
h t
......output omitted......
s :
The command output includes the r e
c VRP operating system version, device model, and
startup time.
o u
e s
Step 2 Change the systemR time parameter
i n g
rn
The system automatically saves the time. If the time is incorrect, run the clock
e
timezone and
time. L
a clock datetime commands in the user view to change the system
r e
o
<Huawei>clock timezone Local add 08:00:00
The keyword Local can be exchanged with the current regional timezone name, and
Run the display clock command to check that the new system time has taken effect.
e n
The question mark (?) is a wildcard, and the Tab is used as a shortcut to enter /
commands.
o m
<Huawei>display ?
e i.c
Cellular Cellular interface
aw
u
aaa AAA
.h
access-user User access
accounting-scheme Accounting scheme
i n g
n
acl <Group> acl command group
r
lea
actual Current actual
adp-ipv4 Ipv4 information
adp-mpls Adp-mpls module
: //
alarm Alarm
t t p
:h
antenna Current antenna that outputting radio
s
anti-attack Specify anti-attack configurations
ap
c e
<Group> ap command group
r
ou
ap-auth-mode Display AP authentication mode
s
......output omit......
e
R that start with a specific letter or string of letters, enter
To display all the commands
n
the desired letters and
i g the question mark (?). The system displays all the commands
a
system displaysrnall the commands that start with dis.
that start with the letters entered. For example, if the string dis? is entered, the
L
If a space
eexists between the character string and the question mark (?), the system
will r e the commands corresponding to the string and display the parameters
identify
ofothe command. For example, if the string dis ? is entered and only the display
Mcommand matches the dis string, the system displays the parameters of the display
command. If multiple commands start with dis, the system displays an error.
The Tab key can also be pressed to complete a command. For example, if dis is
entered followed by Tab, the system completes the display command. If multiple
commands start with dis, the appropriate command can be selected.
If there are no other commands starting with the same letters, dis or disp can be
Run the system-view command to access the system view to configure interfaces
and protocols.
e n
<Huawei>system-view
/
Enter system view, return user view with Ctrl+Z.
o m
i.c
[Huawei]
r n
Change the name of the R1 router to R1.
l e a
[Huawei]sysname R1
: //
[R1]
t tp
Change the name of the R3 router to R3. : h
e s
[Huawei]sysname R3
r c
[R3]
o u
e s
R login information
Step 6 Configure the
i n g
n information to indicate the login result.
Configure therlogin
e a
L
[R1]header shell information "Welcome to the Huawei certification lab."
e
r
o the preceding command to configure the login information. To check whether
Mthe login information has been changed, exit from the router command line
Run
The console port by default does not have a login password. Users must configure a
password for the console port before logging in to the device.
The password can be changed in the password authentication mode to huawei in
e n
plain text.
/
If there is no activity on the console port for the period of time specified bym
. o the
c log
in to the system again using the configured password. e i
timeout interval, the system will automatically log out the user. When this occurs,
aw
The default timeout interval is set to 10 minutes. If a 10 minutes idle
reasonable amount of time for the timeout interval, change the h u period is not a
ni n
[R1]user-interface console 0
ar
e
[R1-ui-console0]authentication-mode password
[R1-ui-console0]set authentication password cipher
// l
:
tp
Warning: The "password" authentication mode is not secure, and it is strongly recommended to
use "aaa" authentication mode.
ht
Enter Password(<8-128>):
s :
Confirm password:
r
[R1-ui-console0] idle-timeout 20 0
c e
o u
e
Run the display this commands to check the configuration results.
R
g
[R1-ui-console0]display this
i
[V200R007C00SPC600]
n
#
a rn
e
user-interface con 0
L
authentication-mode password
e
o r
set authentication password cipher %$%$fIn'6>NZ6*~as(#J:WU%,#72Uy8cVlN^NXkT51E
^RX;>#75,%$%$
M idle-timeout 20 0
Log out of the system and log back in, using the password set. It should be noted
that this password is required to be set when the router is first initialized.
[R1-ui-console0]return
<R1>quit
Login authentication
Password:
: h
#
e s
c
interface GigabitEthernet0/0/0
ur
description This interface connects to R3-G0/0/0
s o
ip address 10.0.13.1 255.255.255.0
#
return Re
i n g
rn
Run the display interface command to view the interface description.
a
e
[R1]display interface GigabitEthernet0/0/0
L
e
GigabitEthernet0/0/0 current state : UP
o r
Line protocol current state : UP
M
Last line protocol up time : 2016-03-11 04:13:09
Description:This interface connects to R3-G0/0/0
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 10.0.13.1/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 5489-9876-830b
Last physical up time : 2016-03-10 03:24:01
Last physical down time : 2016-03-10 03:25:29
Current system time: 2016-03-11 04:15:30
g
Ignoreds: 0, Frames: 0
Output: 181 packets, 63244 bytes
ni n
Unicast: 0, Multicast:
r
0
lea
Broadcast: 181, Jumbo: 0
://
Discard: 0, Total Error: 0
tp
Collisions: 0, ExcessiveCollisions: 0
Late Collisions: 0, Deferreds:
t 0
:h
Input bandwidth utilization threshold : 100.00%
s
r c
Input bandwidth utilization : 0.01%e
Output bandwidth utilization threshold: 100.00%
ou
Output bandwidth utilization : 0%
es
R
The command output shows that the physical status and protocol status of the
functional. i n g
interface are UP, and the corresponding physical layer and data link layer are
a
Once the statusrnhas been verified, configure the IP address and description for the
e R3.
interfaceLof
r e
o
[R3]interface GigabitEthernet 0/0/0
M
[R3-GigabitEthernet0/0/0]ip address 10.0.13.3 255.255.255.0
[R3-GigabitEthernet0/0/0]description This interface connects to R1-G0/0/0
After completing the configuration, run the ping command to test the connection
between R1 and R3.
<R1>ping 10.0.13.3
PING 10.0.13.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.13.3: bytes=56 Sequence=1 ttl=255 time=35 ms
i n g
n
Idx Attr Size(Byte) Date Time(LMT) FileName
0 -rw- 1,738,816 Mar 10 2016 11:50:24
ar
web.zip
1 -rw- 68,288,896 Mar 10 2016 14:17:5
l e
ar2220E-v200r007c00spc600.cc
2 -rw- 739 Mar 10 2016 16:01:17
: // vrpcfg.zip
1,927,476 KB total (1,856,548 KB free)
t tp
: h
s
<R3>dir
Directory of flash:/
r c e
u
Idx Attr Size(Byte) Date Time(LMT) FileName
0 -rw- 1,738,816
s o
Mar 10 2016 11:50:58 web.zip
1 -rw-
2 -rw- 739 Re
68,288,896 Mar 10 2016 14:19:0
Mar 10 2016 16:03:04
ar2220E-v200r007c00spc600.cc
vrpcfg.zip
i n g
1,927,476 KB total (1,855,076 KB free)
rn
e a
Step 10 Manage device configuration files
L
e to display the saved-configuration file.
o r
Attempt
M<R1>display saved-configuration
There is no correct configuration file in FLASH
Run the following command again to view the saved configuration information:
e n
/
<R1>display saved-configuration
m
[V200R007C00SPC600]
#
o
sysname R1
header shell information "Welcome to Huawei certification lab"
e i.c
#
aw
u
.h
board add 0/1 1SA
g
board add 0/2 1SA
……output omit……
i n
n information:
Run the following command to view the current configuration
ar
l e
<R1>display current-configuration
: //
tp
[V200R007C00SPC600]
#
ht
sysname R1
s :
#
r c e
header shell information "Welcome to Huawei certification lab"
i n g
rn
A router can store multiple configuration files. Run the following command to view
e a
the configuration file to currently be used after the next startup:
e L
<R3>display startup
o r
MainBoard:
M
Startup system software: flash:/ar2220E-V200R007C00SPC600.cc
Next startup system software: flash:/ar2220E-V200R007C00SPC600.cc
Backup system software for next startup: null
Startup saved-configuration file: null
Next startup saved-configuration file: flash:/vrpcfg.zip
Startup license file: null
Next startup license file: null
Startup patch package: null
e n
/
The device configurations will be erased to reconfigure.
m
Are you sure? (y/n)[n]:y
Clear the configuration in the device successfully.
o
<R3>reset saved-configuration
e i.c
This will delete the configuration in the flash memory.
aw
u
.h
The device configurations will be erased to reconfigure.
g
Are you sure? (y/n)[n]:y
Clear the configuration in the device successfully.
ni n
r
Step 11 Device restart procedure
// lea
:
t tp
Use the reboot command to restart the router.
: h
s
<R1>reboot
c e
Info: The system is now comparing the configuration, please wait.
r
u
Warning: All the configuration will be saved to the next startup configuration. Continue ?
[y/n]:n
s o
Re
System will reboot! Continue ? [y/n]:y
Info: system is rebooting ,please wait...
i n g
rn
<R3>reboot
a
Info: The system is now comparing the configuration, please wait.
e
L
Warning: All the configuration will be saved to the next startup configuration. Continue ?
e
r
[y/n]:n
o
System will reboot! Continue ? [y/n]:y
[R1]display current-configuration
[V200R007C00SPC600]
#
sysname R1
header shell information "Welcome to Huawei certification lab"
#
e n
interface GigabitEthernet0/0/0
/
description This interface connects to R3-G0/0/0
o m
i.c
ip address 10.0.13.1 255.255.255.0
#
w e
a
user-interface con 0
authentication-mode password
u
.h
set authentication password cipher %$%$4D0K*-E"t/I7[{HD~kgW,%dgkQQ!&|;XTDq9SFQJ.27M%dj,%$%
g
$
ni n
r
idle-timeout 20 0
lea
#
//
return
p :
[R3]display current-configuration
t t
:h
[V200R007C00SPC600]
#
e s
sysname R3
r c
ou
#
s
interface GigabitEthernet0/0/0
e
R
description This interface connect to R1-G0/0/0
#
i n g
ip address 10.0.13.3 255.255.255.0
n
ar
user-interface con 0
L e
authentication-mode password
set authentication password cipher %$%$M8\HO3:72:ERQ8JLoHU8,%t+lE:$9=a7"8%yMoARB]$B%t.,%$%
e
or
$
user-interface vty 0 4
M
#
return
Learning Objectives
e n
/
As a result of this lab section, you should achieve the following tasks:
o m
Enable and disable STP
e i.c
Change the STP mode that is used by a switch aw
hu
Change the bridge priority to control root bridge election
g .
i n
nroot port and designated
Change the port priority to control election of the
ar
l e
port
: //
t tp of the root port and designated port
h
Change the port cost to control election
:
Configure an edge port
e s
r c
o u
Topology
es
R
i n g
a rn
L e
r e
o
M Figure 3.1 STP topology
Scenario
Assume that you are a network administrator of a company. The company network
consists of two layers: core layer and access layer. The network uses a design that
Tasks
: h
[S1-GigabitEthernet0/0/1]shutdown
e s
[S1-GigabitEthernet0/0/1]quit
r c
u
[S1]interface GigabitEthernet 0/0/2
o
s
[S1-GigabitEthernet0/0/2]shutdown
e
R
[S1-GigabitEthernet0/0/2]quit
g
[S1]interface GigabitEthernet 0/0/3
i n
[S1-GigabitEthernet0/0/3]shutdown
rn
[S1-GigabitEthernet0/0/3]quit
a
e
[S1]interface GigabitEthernet 0/0/13
L
[S1-GigabitEthernet0/0/13]shutdown
e
o r
[S1-GigabitEthernet0/0/13]quit
[S1]interface GigabitEthernet 0/0/14
M[S1-GigabitEthernet0/0/14]shutdown
[S1-GigabitEthernet0/0/14]quit
<Quidway>system-view
Enter system view, return user view with Ctrl+Z.
[Quidway]sysname S2
[S2]interface GigabitEthernet 0/0/1
[S2-GigabitEthernet0/0/1]shutdown
g
Enter system view, return user view with Ctrl+Z.
[Quidway]sysname S3
ni n
[S3]interface Ethernet 0/0/1
r
lea
[S3-Ethernet0/0/1]shutdown
//
[S3-Ethernet0/0/1]quit
[S3]interface Ethernet 0/0/13
p :
[S3-Ethernet0/0/13]shutdown
t t
[S3-Ethernet0/0/13]quit
s:h
[S3]interface Ethernet 0/0/7
[S3-Ethernet0/0/7]shutdown
r c e
s ou
e
<Quidway>system-view
R
Enter system view, return user view with Ctrl+Z.
[Quidway]sysname S4
i n g
n
[S4]inter Ethernet 0/0/1
ar
[S4-Ethernet0/0/1]shutdown
e
[S4-Ethernet0/0/1]quit
L
e
[S4]inter Ethernet 0/0/14
or
[S4-Ethernet0/0/14]shutdown
M
[S4-Ethernet0/0/14]quit
[S4]interface Ethernet 0/0/6
[S4-Ethernet0/0/6]shutdown
In the lab, S1 and S2 are connected through two links, and STP is used. Enable STP
on S1 and S2 and set S1 as the root.
[S1]stp mode stp
Info: This operation may take a few seconds. Please wait for a moment...done.
Run the display stp brief command to view brief information about STP.
<S1>display stp brief
e n
MSTID Port Role STP State Protection
/
0 GigabitEthernet0/0/9 DESI FORWARDING NONE
o m
i.c
0 GigabitEthernet0/0/10 DESI FORWARDING NONE
g .h
n
0 GigabitEthernet0/0/10 ALTE DISCARDING NONE
i
Run the display stp interface command to view the a rnstatus of a port.
/ l e STP
: /
t tp
h
<S1>display stp interface GigabitEthernet 0/0/10
:
s
-------[CIST Global Info][Mode STP]-------
e
CIST Bridge :0
c
.d0d0-4ba6-aab0
r
Config Times
u
:Hello 2s MaxAge 20s FwDly 15s MaxHop 20
o
Active Times
s
:Hello 2s MaxAge 20s FwDly 15s MaxHop 20
e
R
CIST Root/ERPC :0 .d0d0-4ba6-aab0 / 0 (This bridge is the root)
g
CIST RegRoot/IRPC :0 .d0d0-4ba6-aab0 / 0
CIST RootPortId
i n :0.0
rn
BPDU-Protection :Disabled
e a
CIST Root Type :Primary root
L
TC or TCN received :11
e
o r
TC count per hello :0
STP Converge Mode :Normal
g
TCN: 0, Config: 5, RST: 0, MST: 0
Last forwarding time: 2016/11/21 14:55:11 UTC
ni n
r
//lea
<S2>display stp interface GigabitEthernet 0/0/10
p :
-------[CIST Global Info][Mode STP]-------
t t
CIST Bridge :4096 .d0d0-4ba6-ac20
s :h
Config Times
Active Times
r c e
:Hello 2s MaxAge 20s FwDly 15s MaxHop 20
:Hello 2s MaxAge 20s FwDly 15s MaxHop 20
ou
CIST Root/ERPC :0 .d0d0-4ba6-aab0 / 20000
CIST RegRoot/IRPC
es
:4096 .d0d0-4ba6-ac20 / 0
CIST RootPortId
R
:128.9 (GigabitEthernet0/0/9)
BPDU-Protection
i g
:Disabled
n
n
CIST Root Type :Secondary root
ar
TC or TCN received :122
e
TC count per hello :0
L
e
STP Converge Mode :Normal
or
Share region-configuration :Enabled
M
Time since last TC :0 days 1h:50m:0s
Number of TC :17
Last TC occurred :GigabitEthernet0/0/9
----[Port10(GigabitEthernet0/0/10)][DISCARDING]----
Port Protocol :Enabled
Port Role :Alternate Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=20000
i n g
Step 2 Control root bridge election. r n
//lea
:
Run the display stp command to view information about the root bridge.
p
t t
:h
<S1>display stp
s
-------[CIST Global Info][Mode STP]-------
CIST Bridge :0
c e
.d0d0-4ba6-aab0
r
ou
Config Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
Active Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
CIST Root/ERPC :0
es
.d0d0-4ba6-aab0 / 0 (This bridge is the root)
CIST RegRoot/IRPC :0
R.d0d0-4ba6-aab0 / 0
CIST RootPortId
i n g
:0.0
BPDU-Protection
n :Disabled
CIST Root Type
e ar :Primary root
L
TC or TCN received :11
e
or
TC count per hello :0
STP Converge Mode :Normal
M
Share region-configuration :Enabled
Time since last TC :0 days 2h:32m:25s
……output omit……
<S2>display stp
-------[CIST Global Info][Mode STP]-------
CIST Bridge :4096 .d0d0-4ba6-ac20
in so that S2 becomes
the root bridge. A smaller bridge priority value indicates a higher bridge priority.
n
r
Change the priorities of S1 and S2 to 8192 and 4096 respectively
a
the root bridge.
/ l e
[S1]undo stp root
: /
[S1]stp priority 8192
t tp
: h
[S2]undo stp root
e s
[S2]stp priority 4096
r c
o uto view information about the new root bridge.
Run the display stp command
e s
<S1>display stp
R
n g
-------[CIST Global Info][Mode STP]-------
i
rn
CIST Bridge :8192 .d0d0-4ba6-aab0
e a
Config Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
L
Active Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
r e
CIST Root/ERPC :4096 .d0d0-4ba6-ac20 / 20000
o
CIST RegRoot/IRPC :8192 .d0d0-4ba6-aab0 / 0
MCIST RootPortId
BPDU-Protection
:128.9 (GigabitEthernet0/0/9)
:Disabled
TC or TCN received :47
TC count per hello :0
STP Converge Mode :Normal
Share region-configuration :Enabled
Time since last TC :0 days 0h:6m:55s
……output omit……
g
……output omit……
ni n
new root bridge. ar
The highlighted lines in the preceding information indicate that S2 has become the
l e
Shut down interfaces Gigabit Ethernet 0/0/9 and//Gigabit Ethernet 0/0/10 on S2 to
p :
isolate S2.
t t
[S2]interface GigabitEthernet 0/0/9
: h
[S2-GigabitEthernet0/0/9]shutdown
e s
[S2-GigabitEthernet0/0/9]quit
r c
o u
[S2]interface GigabitEthernet 0/0/10
e s
[S2-GigabitEthernet0/0/10]shutdown
R
<S1>display stp
i n g
rn
-------[CIST Global Info][Mode STP]-------
a
CIST Bridge :8192 .d0d0-4ba6-aab0
L e
Config Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
e
Active Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
o r
CIST Root/ERPC :8192 .d0d0-4ba6-aab0 / 0 (This bridge is the root)
M
CIST RegRoot/IRPC :8192 .d0d0-4ba6-aab0 / 0
CIST RootPortId :0.0
BPDU-Protection :Disabled
TC or TCN received :174
TC count per hello :0
STP Converge Mode :Normal
Share region-configuration :Enabled
Time since last TC :0 days 0h:12m:51s
The highlighted lines in the preceding information indicate that S1 becomes the root
bridge when S2 is faulty.
Re-enable the interfaces that have been disabled on S2.
[S2]interface GigabitEthernet 0/0/9
[S2-GigabitEthernet0/0/9]undo shutdown
e n
/
[S2-GigabitEthernet0/0/9]quit
m
[S2]interface GigabitEthernet 0/0/10
[S2-GigabitEthernet0/0/10]undo shutdown
o
<S1>display stp ei.c
-------[CIST Global Info][Mode STP]-------
aw
u
.h
CIST Bridge :8192 .d0d0-4ba6-aab0
g
Config Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
Active Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
ni n
CIST Root/ERPC :4096 .d0d0-4ba6-ac20 / 20000
r
lea
CIST RegRoot/IRPC :8192 .d0d0-4ba6-aab0 / 0
CIST RootPortId :128.9 (GigabitEthernet0/0/9)
: //
BPDU-Protection :Disabled
TC or TCN received :47
t t p
TC count per hello :0
s :h
STP Converge Mode :Normal
r
Share region-configuration :Enabled
c e
ou
Time since last TC :0 days 0h:6m:55s
……output omit……
es
R
<S2>display stp
i n g
n
-------[CIST Global Info][Mode STP]-------
ar
CIST Bridge :4096 .d0d0-4ba6-ac20
Le
Config Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
e
Active Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
o r
CIST Root/ERPC :4096 .d0d0-4ba6-ac20 / 0 (This bridge is the root)
M
CIST RegRoot/IRPC :4096 .d0d0-4ba6-ac20 / 0
CIST RootPortId :0.0
BPDU-Protection :Disabled
TC or TCN received :135
TC count per hello :0
STP Converge Mode :Normal
Share region-configuration :Enabled
Time since last TC :0 days 0h:8m:4s
The highlighted lines in the preceding information indicate that S2 has been
restored and has become the root bridge once again.
Run the display stp brief command on S1 to view the roles of the interfaces.
e n
<S1>display stp brief /
MSTID Port Role STP State Protection
o m
0
0
GigabitEthernet0/0/9
GigabitEthernet0/0/10
ROOT
ALTE
FORWARDING
DISCARDING
NONE
NONE
e i.c
a w is the
hu G0/0/10 will
The preceding information shows that G0/0/9 is the root port and G0/0/10
alternate port. You can change port priorities so that port interface
g .
become the root port and G0/0/9 will become the alternate port.
ni n
Change priorities of G0/0/9 and G0/0/10 on S2. r
avalue indicates a lower priority.
/ l e
The priorities of G0/0/9 and G0/0/10 on S2 are:/set to 32 and 16; therefore, G0/0/10
The default port priority is 128. A larger port priority
e s
c
[S2-GigabitEthernet0/0/9]stp port priority 32
r
[S2-GigabitEthernet0/0/9]quit
o u
s
[S2]interface GigabitEthernet 0/0/10
e
R
[S2-GigabitEthernet0/0/10]stp port priority 16
a rn
<S2>display stp interface GigabitEthernet 0/0/9
L e
-------[CIST Global Info][Mode STP]-------
e
CIST Bridge :4096 .d0d0-4ba6-ac20
o r
Config Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
M
Active Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
CIST Root/ERPC :4096 .d0d0-4ba6-ac20 / 0 (This bridge is the root)
CIST RegRoot/IRPC :4096 .d0d0-4ba6-ac20 / 0
CIST RootPortId :0.0
BPDU-Protection :Disabled
TC or TCN received :147
TC count per hello :0
STP Converge Mode :Normal
g
Port Protocol Type :Config=auto / Active=dot1s
BPDU Encapsulation :Config=stp / Active=stp
ni n
PortTimes :Hello 2s MaxAge 20s FwDly 15s RemHop 20
r
lea
TC or TCN send :35
//
TC or TCN received :2
BPDU Sent :1013
p :
TCN: 0, Config: 1013, RST: 0, MST: 0
t t
BPDU Received :2
s :h
r c e
TCN: 2, Config: 0, RST: 0, MST: 0
Last forwarding time: 2016/11/22 10:00:00 UTC
s ou
e
<S2>display stp interface GigabitEthernet 0/0/10
R
-------[CIST Global Info][Mode STP]-------
CIST Bridge
i g
:4096 .d0d0-4ba6-ac20
n
n
Config Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
ar
Active Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
Le
CIST Root/ERPC :4096 .d0d0-4ba6-ac20 / 0 (This bridge is the root)
e
CIST RegRootIRPC :4096 .d0d0-4ba6-ac20 / 0
o r
CIST RootPortId :0.0
M
BPDU-Protection :Disabled
TC or TCN received :147
TC count per hello :0
STP Converge Mode :Normal
Share region-configuration :Enabled
Time since last TC :0 days 0h:8m:19s
Number of TC :41
Last TC occurred :GigabitEthernet0/0/10
g
TC or TCN received :1
BPDU Sent :1032
ni n
TCN: 0, Config: 1032, RST: 0, MST: 0
r
lea
BPDU Received :2
//
TCN: 1, Config: 1, RST: 0, MST: 0
Last forwarding time: 2016/11/22 10:00:11 UTC
p :
t t
Run the display stp brief command on S1
: h to view the role of the interfaces.
e s
<S1>display stp brief
r c
MSTID Port
s
0 GigabitEthernet0/0/9 ALTE DISCARDING NONE
0
R e
GigabitEthernet0/0/10 ROOT FORWARDING NONE
e L
or
[S1]interface GigabitEthernet 0/0/10
[S1-GigabitEthernet0/0/10]shutdown
The highlighted line in the preceding information indicates that G0/0/9 has become
the root port. Resume the default priorities of G0/0/9 and G0/0/10 on S2 and
re-enable the shutdown interfaces on S1.
e n
Run the display stp brief and display stp interface command on S1 to view them
/
roles of interfaces.
. co
<S1>display stp brief e i
MSTID Port Role STP State
aw
Protection
hu
0 GigabitEthernet0/0/9 ROOT FORWARDING NONE
0 GigabitEthernet0/0/10 ALTE DISCARDING
g .
NONE
ni n
[S1]display stp interface GigabitEthernet 0/0/9
ar
l e
//
----[CIST][Port9(GigabitEthernet0/0/9)][FORWARDING]----
Port Protocol :Enabled
:
Port Role :Root Port
t tp
Port Priority :128
: h
Port Cost(Dot1T )
s
:Config=auto / Active=20000
e
Designated Bridge/Port
c
:4096.4c1f-cc45-aacc / 128.9
r
Port Edged
u
:Config=default / Active=disabled
o
Point-to-point
s
:Config=auto / Active=true
e
R
Transit Limit :147 packets/hello-time
g
Protection Type :None
Port STP Mode
i n :STP
a rn
Port Protocol Type :Config=auto / Active=dot1s
e
BPDU Encapsulation :Config=stp / Active=stp
e L
PortTimes :Hello 2s MaxAge 20s FwDly 15s RemHop 0
o r
TC or TCN send
TC or TCN received
:4
:90
M BPDU Sent :5
TCN: 4, Config: 1, RST: 0, MST: 0
BPDU Received :622
TCN: 0, Config: 622, RST: 0, MST: 0
g
TCN: 3, Config: 1, RST: 0, MST: 0
BPDU Received :637
n i n
TCN: 0, Config: 637, RST: 0, MST: 0
r
a that G0/0/9 and G0/0/10 cost
l e
//
The greyed line in the preceding information indicates
:
tp
is 20000 by default.
Change the cost of G0/0/9 to 200000 on S1.
ht
s :
[S1]interface GigabitEthernet 0/0/9
r c e
[S1-GigabitEthernet0/0/9]stp cost 200000
o u
e s
Run the display stp brief and display stp interface command on S1 to view the
roles of interfaces.
R
i n g
<S1>display stp interface GigabitEthernet 0/0/9
rn
----[CIST][Port9(GigabitEthernet0/0/9)][DISCARDING]----
a
e
Port Protocol :Enabled
e L
Port Role :Alternate Port
o r
Port Priority
Port Cost(Dot1T )
:128
:Config=200000 / Active=200000
M Designated Bridge/Port
Port Edged
:4096.4c1f-cc45-aacc / 128.9
:Config=default / Active=disabled
Point-to-point :Config=auto / Active=true
Transit Limit :147 packets/hello-time
Protection Type :None
Port STP Mode :STP
Port Protocol Type :Config=auto / Active=dot1s
BPDU Encapsulation :Config=stp / Active=stp
e i.c
The highlighted lines in the preceding information indicates thatwG0/0/10 has
become the root port. u a
. h
Final Configuration i n g
r n
l e a
//
<S1>display current-configuration
#
:
!Software Version V200R008C00SPC500
t tp
sysname S1
: h
#
e s
stp mode stp
r c
stp instance 0 priority 8192
o u
#
es
R
interface GigabitEthernet0/0/1
g
shutdown
#
i n
rn
interface GigabitEthernet0/0/2
a
e
shutdown
#
e L
o r
interface GigabitEthernet0/0/3
shutdown
M#
interface GigabitEthernet0/0/9
stp instance 0 cost 200000
#
interface GigabitEthernet0/0/10
#
interface GigabitEthernet0/0/13
shutdown
e n
/
m
<S2>display current-configuration
#
o
!Software Version V200R008C00SPC500
sysname S2
ei.c
#
aw
u
.h
stp mode stp
g
stp instance 0 priority 4096
#
ni n
interface GigabitEthernet0/0/1
r
lea
shutdown
//
#
interface GigabitEthernet0/0/2
p :
shutdown
t t
#
s:h
interface GigabitEthernet0/0/3
shutdown
r c e
ou
#
es
interface GigabitEthernet0/0/6
shutdown
R
#
i n g
n
interface GigabitEthernet0/0/7
ar
shutdown
#
L e
e
interface GigabitEthernet0/0/9
or
#
M
interface GigabitEthernet0/0/10
#
user-interface con 0
user-interface vty 0 4
#
return
<S3>display current-configuration
g
#
return
ni n
r
lea
<S4>display current-configuration
//
#
!Software Version V100R006C05
p :
sysname S4
t t
#
s:h
interface Ethernet0/0/14
shutdown
r c e
ou
#
interface Ethernet0/0/1
es
shutdown
R
#
i n g
n
interface Ethernet0/0/6
ar
shutdown
#
L e
e
user-interface con 0
or
user-interface vty 0 4
M
#
return
Learning Objectives
As a result of this lab section, you should achieve the following tasks:
Re
Scenario
i n g
rn are a network administrator of a company. The company network
a
Assume that you
consists ofetwo layers: core layer and access layer. The network uses a redundancy
o
RSTPr route convergence at the edge network and configure RSTP protection
Mfunction.
If you are starting this section with a non-configured device, begin here and then
move to step 3. For those continuing from previous labs, begin at step 2.
Irrelevant interfaces must be disabled to ensure test result accuracy.
e n
/
Shut down port interfaces Ethernet 0/0/1 on S3, Ethernet 0/0/13 and Ethernet 0/0/7
on S3; GigabitEthernet 0/0/1, GigabitEthernet 0/0/2, GigabitEthernetco
m
i. 0/0/1,
0/0/3,
GigabitEthernet 0/0/13, GigabitEthernet 0/0/14 on S1; GigabitEthernet
e
w0/0/6 on S4
GigabitEthernet 0/0/2, GigabitEthernet 0/0/3, GigabitEthernet 0/0/6, GigabitEthernet
0/0/7 on S2; as well as Ethernet 0/0/1, Ethernet 0/0/14 and Ethernet a
u without any
before starting STP configuration. Ensure that the devices . hstart
n
configuration files. If STP is disabled, run the stp enable command
i g to enable STP.
r n
l e a
//
<Quidway>system-view
:
tp
Enter system view, return user view with Ctrl+Z.
[Quidway]sysname S1
ht
:
[S1]interface GigabitEthernet 0/0/1
[S1-GigabitEthernet0/0/1]shutdown
e s
[S1-GigabitEthernet0/0/1]quit
r c
u
[S1]interface GigabitEthernet 0/0/2
o
s
[S1-GigabitEthernet0/0/2]shutdown
e
R
[S1-GigabitEthernet0/0/2]quit
i n g
[S1]interface GigabitEthernet 0/0/3
[S1-GigabitEthernet0/0/3]shutdown
rn
[S1-GigabitEthernet0/0/3]quit
a
L e
[S1]interface GigabitEthernet 0/0/13
[S1-GigabitEthernet0/0/13]shutdown
r e
[S1-GigabitEthernet0/0/13]quit
o
[S1]interface GigabitEthernet 0/0/14
M[S1-GigabitEthernet0/0/14]shutdown
[S1-GigabitEthernet0/0/14]quit
<Quidway>system-view
Enter system view, return user view with Ctrl+Z.
[Quidway]sysname S2
[S2]interface GigabitEthernet 0/0/1
ni n
[Quidway]sysname S3
r
lea
[S3]interface Ethernet 0/0/1
//
[S3-Ethernet0/0/1]shutdown
[S3-Ethernet0/0/1]quit
p :
[S3]interface Ethernet 0/0/13
t t
[S3-Ethernet0/0/13]shutdown
s:h
[S3-Ethernet0/0/13]quit
[S3]interface Ethernet 0/0/7
r c e
ou
[S3-Ethernet0/0/7]shutdown
es
<Quidway>system-view
R
i n g
Enter system view, return user view with Ctrl+Z.
n
[Quidway]sysname S4
ar
[S4]inter Ethernet 0/0/1
e
[S4-Ethernet0/0/1]shutdown
L
e
[S4-Ethernet0/0/1]quit
or
[S4]inter Ethernet 0/0/14
M
[S4-Ethernet0/0/14]shutdown
[S4-Ethernet0/0/14]quit
[S4]interface Ethernet 0/0/6
[S4-Ethernet0/0/6]shutdown
Remove the configured STP priority from S1 and S2, and assigned cost on S1.
:
CIST Bridge
s
:32768.d0d0-4ba6-aab0
e
Config Times
c
:Hello 2s MaxAge 20s FwDly 15s MaxHop 20
r
Active Times
u
:Hello 2s MaxAge 20s FwDly 15s MaxHop 20
o
s
CIST Root/ERPC :32768.d0d0-4ba6-aab0 / 0 (This bridge is the root)
CIST RegRoot/IRPC
R e
:32768.d0d0-4ba6-aab0 / 0
g
CIST RootPortId :0.0
BPDU-Protection
i n :Disabled
rn
TC or TCN received :362
e a
TC count per hello :0
e L
STP Converge Mode :Normal
o r
Share region-configuration :Enabled
Time since last TC :0 days 0h:0m:45s
M……output omit……
[S2]display stp
-------[CIST Global Info][Mode RSTP]-------
CIST Bridge :32768.d0d0-4ba6-ac20
Config Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
Active Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
CIST Root/ERPC :32768.d0d0-4ba6-aab0 / 20000
e n
/
……output omit……
o m
i.c
Step 4 Configure an edge port.
w e
Configure ports connected to the user terminals as edge ports. An edge port can
u a
transition to the forwarding state without participating in the RSTP calculation. In
.h
this example, interface GigabitEthernet 0/0/1 on S1 and S2 connect to a router and
g
can be configured as edge ports.
ni n
r
lea
[S1]interface GigabitEthernet 0/0/1
[S1-GigabitEthernet0/0/1]undo shutdown
[S1-GigabitEthernet0/0/1]stp edged-port enable
: //
t t p
:h
[S2]interface GigabitEthernet 0/0/1
s
[S2-GigabitEthernet0/0/1]undo shutdown
e
c
[S2-GigabitEthernet0/0/1]stp edged-port enable
u r
Step 5 Configure BPDUso protection.
R e
n g
Edge ports are directly connected to user terminal and will not receive BPDUs.
i pseudo BPDUs to attack the switching device. If the edge ports
n
Attackers may send
r the switching device configures the edge ports as non-edge
a
receive the BPDUs,
ports andetriggers a new spanning tree calculation. Network flapping then occurs.
e L
BPDU protection can be used to protect switching devices against malicious attacks.
or BPDU protection on both S1 and S2.
Configure
M[S1]stp bpdu-protection
[S2]stp bpdu-protection
Run the display stp brief command to view the port protection.
<S1>display stp brief
o
c S2
After the configuration is complete, interface Gigabit Ethernet 0/0/1 on S1 .and
shows as supporting BPDU protection. e i
aw
hu
Step 6 Configure Loop protection g .
i n
n the root port status and
On a network running RSTP, a switching device maintains a r
status of alternate ports by receiving BPDUs fromle
: / upstream device because of link
/thean upstream switching device. If
rn
0 GigabitEthernet0/0/1 DESI FORWARDING BPDU
a
0 GigabitEthernet0/0/9 ROOT FORWARDING NONE
0
L e
GigabitEthernet0/0/10 ALTE DISCARDING NONE
r e and G0/0/10 on S2 are now the root port and alternate port. Configure loop
o on these two ports.
G0/0/9
M
protection
[S2]interface GigabitEthernet 0/0/9
[S2-GigabitEthernet0/0/9]stp loop-protection
[S2-GigabitEthernet0/0/9]quit
[S2]interface GigabitEthernet 0/0/10
[S2-GigabitEthernet0/0/10]stp loop-protection
Since S1 is root, all the ports are designated ports and therefore do not need to
e n
configure loop protection. After completing the configuration, you may wish to set
/
m
S2 as the root, and configure loop protection on the root port and alternate port of
o
i.c
S1 using the same process as with S2.
Final Configuration w e
u a
<S1>display current-configuration
g.h
#
ni n
!Software Version V200R008C00SPC500
r
lea
sysname S1
#
: //
stp mode rstp
t t p
:h
stp bpdu-protection
#
interface GigabitEthernet0/0/1
e s
undo shutdown
r c
stp edged-port enable
s ou
#
Re
interface GigabitEthernet0/0/2
shutdown
i n g
n
#
ar
interface GigabitEthernet0/0/3
e
L
shutdown
#
e
or
interface GigabitEthernet0/0/13
M
shutdown
#
interface GigabitEthernet0/0/14
shutdown
#
user-interface con 0
user-interface vty 0 4
#
<S2>display current-configuration
#
!Software Version V200R008C00SPC500
sysname S2
#
stp mode rstp
stp bpdu-protection
e n
/
m
#
interface GigabitEthernet0/0/1
o
undo shutdown
stp edged-port enable
ei.c
#
aw
u
.h
interface GigabitEthernet0/0/2
g
shutdown
#
ni n
interface GigabitEthernet0/0/3
r
lea
shutdown
//
#
interface GigabitEthernet0/0/6
p :
shutdown
t t
#
s:h
interface GigabitEthernet0/0/7
shutdown
r c e
ou
#
es
interface GigabitEthernet0/0/9
stp loop-protection
R
#
i n g
n
interface GigabitEthernet0/0/10
ar
stp loop-protection
#
L e
e
user-interface con 0
or
user-interface vty 0 4
M
#
return
<S3>display current-configuration
#
!Software Version V100R006C05
sysname S3
#
g
#
!Software Version V100R006C05
ni n
sysname S4
r
lea
#
//
interface Ethernet0/0/14
shutdown
p :
#
t t
interface Ethernet0/0/1
s:h
shutdown
#
r c e
s ou
e
interface Ethernet0/0/6
shutdown
R
#
i n g
n
user-interface con 0
ar
user-interface vty 0 4
#
L e
e
return
or
M
Learning Objectives
e n
/
As a result of this lab section, you should achieve the following tasks:
o m
Configuration of a static route using an interface and an IP addressias . cthe
w e
next hop.
u a
. h
Verification of static route operation.
i n g
Implementation of the interconnection betweenrn a local and external network
l e a
using a default route.
: //
t tpon a router.
Configuration of a backup static route
: h
e s
Topology
r c
o u
e s
R
i n g
a rn
L e
r e
o
M
Assume that you are a network administrator of a company that contains a single
administrative domain and within the administrative domain, multiple networks
have been defined, for which currently no method of routing exists.
Since the network scale is small, with only a few networks, static routes and default
routes are to be used to implement interwork communication. The network
e n
addressing is to be applied as shown in Figure 4.1.
/
If a password is requested, and unless otherwise stated, please use the password:
o m
huawei
i . c
w e
Tasks a
. hu
Step 1 Perform basic system and IP address configuration.
i n g
r n
Configure the device names and IP addresses for R1,aR2, and R3.
/ l e
: /
tp
<Huawei>system-view
t
Enter system view, return user view with Ctrl+Z.
h
:
[Huawei]sysname R1
e
[R1]interface GigabitEthernet 0/0/0
s
r c
[R1-GigabitEthernet0/0/0]ip address 10.0.13.1 24
[R1-GigabitEthernet0/0/0]quit
o u
s
[R1]interface GigabitEthernet 0/0/1
e
R
[R1-GigabitEthernet0/0/1]ip address 10.0.12.1 24
i n g
[R1-GigabitEthernet0/0/1]quit
[R1]interface LoopBack 0
rn
[R1-LoopBack0]ip address 10.0.1.1 24
a
L e
r e
Runo the display current-configuration command to check the configuration.
M<R1>display ip interface brief
Interface IP Address/Mask Physical Protocol
......output omitted......
GigabitEthernet0/0/0 10.0.13.1/24 up up
GigabitEthernet0/0/1 10.0.12.1/24 up up
GigabitEthernet0/0/2 unassigned up down
LoopBack0 10.0.1.1/24 up up(s)
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R2
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet0/0/1]ip address 10.0.12.2 24
[R2-GigabitEthernet0/0/1]quit
[R2]interface GigabitEthernet0/0/2
e n
/
m
[R2-GigabitEthernet0/0/2]ip add 10.0.23.2 24
[R2-GigabitEthernet0/0/2]quit
o
[R2]interface LoopBack0
[R2-LoopBack0]ip address 10.0.2.2 24
ei.c
aw
u
<R2>display ip interface brief
g .h
Interface IP Address/Mask Physical
ni n
Protocol
......output omitted......
r
lea
GigabitEthernet0/0/0 unassigned up down
://
GigabitEthernet0/0/1 10.0.12.2/24 up up
tp
GigabitEthernet0/0/2 10.0.23.2/24 up up
LoopBack0 10.0.2.2/24
t up up(s)
......output omitted......
s :h
<Huawei>system-view
r c e
ou
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R3
es
R
[R3]interface GigabitEthernet 0/0/0
i n g
[R3-GigabitEthernet0/0/0]ip address 10.0.13.3 24
n
[R3-GigabitEthernet0/0/0]quit
ar
[R3]interface GigabitEthernet0/0/2
e
[R3-GigabitEthernet0/0/2]ip address 10.0.23.3 24
L
e
[R3-GigabitEthernet0/0/2]quit
or
[R3]interface LoopBack 0
M
[R3-LoopBack0]ip address 10.0.3.3 24
e n
Reply from 10.0.12.2: bytes=56 Sequence=3 ttl=255 time=30 ms
/
Reply from 10.0.12.2: bytes=56 Sequence=4 ttl=255 time=30 ms
o m
i.c
Reply from 10.0.12.2: bytes=56 Sequence=5 ttl=255 time=30 ms
g .h
n
0.00% packet loss
round-trip min/avg/max = 30/30/30 ms
ni
r
<R1>ping 10.0.13.3
// lea
:
PING 10.0.13.2: 56 data bytes, press CTRL_C to break
p
t t
Reply from 10.0.13.3: bytes=56 Sequence=1 ttl=255 time=6 ms
:h
Reply from 10.0.13.3: bytes=56 Sequence=2 ttl=255 time=2 ms
s
Reply from 10.0.13.3: bytes=56 Sequence=3 ttl=255 time=2 ms
e
c
Reply from 10.0.13.3: bytes=56 Sequence=4 ttl=255 time=2 ms
r
ou
Reply from 10.0.13.3: bytes=56 Sequence=5 ttl=255 time=2 ms
es
--- 10.0.13.3 ping statistics ---
R
g
5 packet(s) transmitted
i n
5 packet(s) received
n
ar
0.00% packet loss
e
round-trip min/avg/max = 2/2/6 ms
L
e ping command to test network connectivity from R2
r
Use the
o
M<R2>ping 10.0.23.3
PING 10.0.23.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.23.3: bytes=56 Sequence=1 ttl=255 time=31 ms
Reply from 10.0.23.3: bytes=56 Sequence=2 ttl=255 time=31 ms
Reply from 10.0.23.3: bytes=56 Sequence=3 ttl=255 time=41 ms
Reply from 10.0.23.3: bytes=56 Sequence=4 ttl=255 time=31 ms
Reply from 10.0.23.3: bytes=56 Sequence=5 ttl=255 time=41 ms
w e
a
<R2>ping 10.0.13.3
PING 10.0.13.3: 56 data bytes, press CTRL_C to break
u
Request time out
g.h
Request time out
ni n
r
Request time out
lea
Request time out
//
Request time out
p :
--- 10.0.13.3 ping statistics ---
t t
:h
5 packet(s) transmitted
0 packet(s) received
e s
100.00% packet loss
r c
<R2>ping 10.0.3.3
sou
Re
PING 10.0.3.3: 56 data bytes, press CTRL_C to break
Request time out
i
Request time out
n g
n
ar
Request time out
e
Request time out
L
e
Request time out
or
--- 10.0.3.3 ping statistics ---
M 5 packet(s) transmitted
0 packet(s) received
100.00% packet loss
If R2 wishes to communicate with the network segment 10.0.3.0, a route destined for
this network segment must be configured on R2, and routes destined for the R2
interface must be configured on R3.
Run the display ip routing-table command to view the routing table of R2. The
routing table does not contain the routes of the two networks.
<R2>display ip routing-table
Route Flags: R - relay, D - download to fib
e n
----------------------------------------------------------------------------
/
Routing Tables: Public
o m
i.c
Destinations : 13 Routes : 13
Destination/Mask
10.0.2.0/24
Proto
Direct 0
Pre Cost Flags NextHop
0 D 10.0.2.2
Interface
LoopBack0
w e
10.0.2.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
u a
10.0.2.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
g .h
n
10.0.12.0/24 Direct 0 0 D 10.0.12.2 GigabitEthernet0/0/1
10.0.12.2/32 Direct 0 0 D 127.0.0.1
ni
GigabitEthernet0/0/1
r
lea
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
//
10.0.23.0/24 Direct 0 0 D 10.0.23.2 GigabitEthernet0/0/2
10.0.23.2/32 Direct 0 0 D
:
127.0.0.1
p
GigabitEthernet0/0/2
10.0.23.255/32 Direct 0 0 D
t t
127.0.0.1 GigabitEthernet0/0/2
:h
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
es
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0
r c
0 D 127.0.0.1 InLoopBack0
ou
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
es
R
Step 3 Configure static routes on R2.
i n g
n
Configure a static route for destination networks 10.0.13.0/24 and 10.0.3.0/24, with
the next hop r
a set as the IP address 10.0.23.3 of R3, a preference value of 60 is the
e need not be set.
L
default and
e
o r
[R2]ip route-static 10.0.13.0 24 10.0.23.3
M
[R2]ip route-static 10.0.3.0 24 10.0.23.3
Note: In the ip route-static command, 24 indicates the subnet mask length, which
can also be expressed using the decimal format 255.255.255.0.
<R2>display ip routing-table
e n
/
Step 4 Configure backup static routes.
o m
e i.c
aw
The data exchanged between R2 and 10.0.13.3 and 10.0.3.3 is transmitted through
the link between R2 and R3. R2 fails to communicate with 10.0.13.3 and 10.0.3.3 if
u
the link between R2 and R3 is faulty.
g .h
i n
According to the topology, R2 can communicate with R3 through R1 if the link
n
r
between R2 and R3 fails. A backup static route can be configured to enable this
lea
redundancy. Backup static routes do not take effect in normal cases. If the link
/ /
between R2 and R3 fails, backup static routes are used to transfer data.
:
Amend th preferences for on the backup static
t p routes to ensure that the routes are
t example, the preference of the backup
h
used only when the primary link fails. In this
:
static route is set to 80.
e s
r c
[R1]ip route-static 10.0.3.0 24 10.0.13.3
o u
s
Re
[R2]ip route-static 10.0.13.0 255.255.255.0 10.0.12.1 preference 80
[R2]ip route-static 10.0.3.0 24 10.0.12.1 preference 80
i n g
rn
[R3]ip route-static 10.0.12.0 24 10.0.13.1
a
e the static routes.
L
Step 5 Test
e
o r
M
View the current static route configuration in the routing table of R2.
<R2>display ip routing-table
Route Flags: R - relay, D - download to fib
----------------------------------------------------------------------------
Routing Tables: Public
Destinations : 15 Routes : 15
Destination/Mask Proto Pre Cost Flags NextHop Interface
i n g
The routing table contains two static routes that were configured in step 3. The value
r n
of the Protocol field is Static, indicating a static route. The value of the Preference
lea
field is 60, indicating the default preference is used for the route.
: //
Test network connectivity to ensure the route between R2 and R3 exists.
<R2>ping 10.0.13.3
t t p
:h
PING 10.0.13.3: 56 data bytes, press CTRL_C to break
s
r c e
Reply from 10.0.13.3: bytes=56 Sequence=1 ttl=255 time=34 ms
Reply from 10.0.13.3: bytes=56 Sequence=2 ttl=255 time=34 ms
ou
Reply from 10.0.13.3: bytes=56 Sequence=3 ttl=255 time=34 ms
es
Reply from 10.0.13.3: bytes=56 Sequence=4 ttl=255 time=34 ms
R
Reply from 10.0.13.3: bytes=56 Sequence=5 ttl=255 time=34 ms
i n g
n
--- 10.0.13.3 ping statistics ---
ar
5 packet(s) transmitted
L e
5 packet(s) received
e
0.00% packet loss
or
round-trip min/avg/max = 34/34/34 ms
M
<R2>ping 10.0.3.3
PING 10.0.3.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=255 time=41 ms
Reply from 10.0.3.3: bytes=56 Sequence=2 ttl=255 time=41 ms
Reply from 10.0.3.3: bytes=56 Sequence=3 ttl=255 time=41 ms
Reply from 10.0.3.3: bytes=56 Sequence=4 ttl=255 time=41 ms
Reply from 10.0.3.3: bytes=56 Sequence=5 ttl=255 time=41 ms
The command output shows that the route is functioning normally. The tracert
command can also be run to view the path over which the data is transferred.
e n
/
<R2>tracert 10.0.13.3
o m
i.c
traceroute to 10.0.13.3(10.0.13.3), max hops: 30 ,packet length: 40,
press CTRL_C to break
1 10.0.23.3 40 ms 31 ms 30 ms
w e
u a
<R2>tracert 10.0.3.3
g .h
n
traceroute to 10.0.3.3(10.0.3.3), max hops: 30 ,packet length: 40,
press CTRL_C to break
ni
r
lea
1 10.0.23.3 40 ms 30 ms 30 ms
: //
t t p
The command output verifies that R2 directly sends data to R3.
s
Re
[R2]interface GigabitEthernet0/0/2
i n g
[R2-GigabitEthernet0/0/2]shutdown
[R2-GigabitEthernet0/0/2]quit
rn
a
edisabled.
Compare the routing tables with the previous routing tables before Gigabit Ethernet
L
0/0/2 was
e
o r
<R2>display ip routing-table
g .
Test connectivity between R2 and the destination addresses 10.0.13.3
on R2.
ni n
<R2>ping 10.0.3.3
ar
l e
//
PING 10.0.3.3: 56 data bytes, press CTRL_C to break
:
Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=255 time=3 ms
t tp
Reply from 10.0.3.3: bytes=56 Sequence=2 ttl=255 time=2 ms
h
Reply from 10.0.3.3: bytes=56 Sequence=3 ttl=255 time=2 ms
:
s
Reply from 10.0.3.3: bytes=56 Sequence=4 ttl=255 time=2 ms
e
c
Reply from 10.0.3.3: bytes=56 Sequence=5 ttl=255 time=2 ms
r
o u
s
--- 10.0.3.3 ping statistics ---
e
R
5 packet(s) transmitted
g
5 packet(s) received
i n
0.00% packet loss
rn
round-trip min/avg/max = 2/2/3 ms
a
L e
<R2>ping 10.0.13.3
r e
PING 10.0.13.3: 56 data bytes, press CTRL_C to break
The network is not disconnected when the link between R2 and R3 is shut down.
The tracert command can also be run to view through over which path the data is
being forwarded.
e n
<R2>tracert 10.0.13.3
/
traceroute to
m
10.0.13.3(10.0.13.3), max hops: 30 ,packet length: 40,press CTRL_C to break
o
i.c
1 10.0.12.1 40 ms 21 ms 21 ms
2 10.0.13.3 30 ms 21 ms 21 ms
w e
<R2>tracert 10.0.3.3
u a
traceroute to
.h
10.0.3.3(10.0.3.3), max hops: 30 ,packet length: 40,press CTRL_C to break
g
n
1 10.0.12.1 40 ms 21 ms 21 ms
2 10.0.13.3 30 ms 21 ms 21 ms
ni
r
The command output shows that the data sent by e R2areaches R3 via the 10.0.12.0
// l
and 10.0.13.0 networks connected to R1.
p :
t t
Step 7 Using default routes to implement
: h network connectivity.
e s
r c in step 6 on R2.
Enable the interface that was disabled
o u
s
[R2]interface GigabitEthernet 0/0/2
e
[R2-GigabitEthernet0/0/2]undo shutdown
R
i
Verify connectivityn g
to the network 10.0.23.0 from R1.
a rn
e
[R1]ping 10.0.23.3
L
PING 10.0.23.3: 56 data bytes, press CTRL_C to break
e
o r
Request time out
Request time out
<R1>display ip routing-table
Route Flags: R - relay, D - download to fib
----------------------------------------------------------------------------
Routing Tables: Public
e n
Destinations : 14 Routes : 14
/
Destination/Mask Proto Pre Cost Flags NextHop Interface
o m
10.0.1.0/24 Direct 0 0 D 10.0.1.1 LoopBack0
e i.c
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
aw
10.0.1.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
u
10.0.3.0/24 Static 60 0 RD 10.0.13.3
.h
GigabitEthernet0/0/0
g
n
10.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet0/0/1
10.0.12.1/32 Direct 0 0 D 127.0.0.1
ni
GigabitEthernet0/0/1
r
lea
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
//
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet0/0/0
10.0.13.1/32 Direct 0 0 D
:
127.0.0.1
p
GigabitEthernet0/0/0
10.0.13.255/32 Direct 0 0 D
t t
127.0.0.1 GigabitEthernet0/0/0
:h
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
es
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0
r c D 127.0.0.1 InLoopBack0
ou
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
es
A default route can be configured on R1 to implement network connectivity via a
next hop of 10.0.13.3. R
i n g
n
[R1]ip route-static 0.0.0.0 0.0.0.0 10.0.13.3
a r
L e
After the configuration is complete, test connectivity between R1 and 10.0.23.3.
e
or
<R1>ping 10.0.23.3
PING 10.0.23.3: 56 data bytes, press CTRL_C to break
The default route forwards traffic destined for 10.0.23.3 to the next hop of 10.0.13.3
on R3. R3 is directly connected to the 10.0.23.0 network.
e n
If the link between R1 and R3 fails, a backup default route can be used to
/
communicate with 10.0.23.3 and 10.0.3.3 via the 10.0.12.0 network.
o m
However, R1 is not directly connected to these networks and therefore acbackup
route (in both directions) must be configured to provide a forwarding path.e i.
aw
hu
[R1]ip route-static 0.0.0.0 0.0.0.0 10.0.12.2 preference 80
r c
----------------------------------------------------------------------------
Routing Tables: Public
o u
Destinations : 15
s Routes : 15
Destination/Mask
Re
Proto Pre Cost Flags NextHop Interface
0.0.0.0/0
10.0.1.0/24
i n g
Static 60
Direct 0
0
0
RD
D
10.0.13.3
10.0.1.1
GigabitEthernet0/0/0
LoopBack0
a rn
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
L e
10.0.1.255/32
10.0.3.0/24
Direct 0
Static 60
0
0
D
RD
127.0.0.1
10.0.13.3
LoopBack0
GigabitEthernet0/0/0
r e
10.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet0/0/1
M 10.0.12.255/32 Direct 0
10.0.13.0/24 Direct 0
0
0
D
D
127.0.0.1
10.0.13.1
GigabitEthernet0/0/1
GigabitEthernet0/0/0
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
Disable Gigabit Ethernet 0/0/0 on R1 and disable interface Gigabit Ethernet 0/0/0 on
R3 to simulate a link failure, and then view the routes of R1. Compare the current
routes with the routes before Gigabit Ethernet 0/0/0 was disabled.
[R1]interface GigabitEthernet0/0/0
[R1-GigabitEthernet0/0/0]shutdown
e n
/
[R1-GigabitEthernet0/0/0]quit
[R3]interface GigabitEthernet0/0/0
o m
[R3-GigabitEthernet0/0/0]shutdown
[R3-GigabitEthernet0/0/0]quit e i.c
aw
u
.h
<R1>display ip routing-table
Route Flags: R - relay, D - download to fib
i n g
-------------------------------------------------------------------------
Routing Tables: Public
r n
lea
Destinations : 11 Routes : 11
://
Destination/Mask Proto Pre Cost Flags NextHop Interface
tp
0.0.0.0/0 Static 80 0 RD 10.0.12.2 GigabitEthernet0/0/1
10.0.1.0/24 Direct 0 0 D
t
10.0.1.1 LoopBack0
10.0.1.1/32 Direct 0 0
s
D
:h127.0.0.1 LoopBack0
10.0.1.255/32
10.0.12.0/24
Direct 0
Direct 0
r
0
0
c e D
D
127.0.0.1
10.0.12.1
LoopBack0
GigabitEthernet0/0/1
ou
10.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.12.255/32 Direct 0
es 0 D 127.0.0.1 GigabitEthernet0/0/1
127.0.0.0/8
R
Direct 0 0 D 127.0.0.1 InLoopBack0
ing
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
rn
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
a
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
L e
r e
According to the preceding routing table, the value of 80 in the Preference column
o
indicates that the backup default route 0.0.0.0 is actively forwarding traffic to the
M
next hop of 10.0.23.3.
Test network connectivity on R1.
<R1>ping 10.0.23.3
PING 10.0.23.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.23.3: bytes=56 Sequence=1 ttl=254 time=76 ms
Reply from 10.0.23.3: bytes=56 Sequence=2 ttl=254 time=250 ms
e i.c
The IP packets are reaching R3 (10.0.23.3) via the next hop 10.0.12.2 of
awR2.
hu
Final Configuration
g .
ni n
<R1>dis current-configuration
ar
l e
//
[V200R007C00SPC600]
#
:
sysname R1
t tp
#
: h
interface GigabitEthernet0/0/0
e s
shutdown
r c
u
ip address 10.0.13.1 255.255.255.0
o
s
#
Re
interface GigabitEthernet0/0/1
g
ip address 10.0.12.1 255.255.255.0
#
i n
rn
interface LoopBack0
e a
ip address 10.0.1.1 255.255.255.0
#
e L
o r
ip route-static 0.0.0.0 0.0.0.0 10.0.13.3
ip route-static 0.0.0.0 0.0.0.0 10.0.12.2 preference 80
g
ip route-static 10.0.3.0 255.255.255.0 10.0.12.1 preference 80
ip route-static 10.0.13.0 255.255.255.0 10.0.23.3
ni n
r
ip route-static 10.0.13.0 255.255.255.0 10.0.12.1 preference 80
lea
#
//
user-interface con 0
authentication-mode password
p :
t t
set authentication password cipher %$%$1=cd%b%/O%Id-8X:by1N,+s}'4wD6TvO<I|/pd#
#44C@+s#,%$%$
s:h
user-interface vty 0 4
#
r c e
ou
return
es
R
<R3>display current-configuration
[V200R007C00SPC600]
i n g
n
#
ar
sysname R3
#
L e
e
interface GigabitEthernet0/0/0
or
shutdown
M
ip address 10.0.13.3 255.255.255.0
#
interface GigabitEthernet0/0/2
ip address 10.0.23.3 255.255.255.0
#
interface LoopBack0
ip address 10.0.3.3 255.255.255.0
#
o
e i.c
aw
u
g .h
ni n
r
//lea
p :
t t
s:h
r c e
s ou
Re
i n g
n
e ar
e L
or
M
Learning Objectives
As a result of this lab section, you should achieve the following tasks:
e n
/
o m
ei.c
aw
u
g .h
ni n
r
//lea
p :
t t
s :h
r c e
ou
Figure 4.2 Lab topology for RIPv1 and RIPv2
s
Re
Scenario
i n g
n are a network administrator in charge of managing a small
Assume that ryou
a
e domain consisting of three routers and five networks. Due to the
e L
administrative
limited requirement, RIP is to be used to support routing. RIPv1 is initially configured,
but ryou realize that RIPv2 has many advantages. After some consideration, you
o
M
transition the domain to support RIPv2.
If you are starting this section with a non-configured device begin here and then
move to step 3. For those continuing from previous labs, begin at step 2.
e n
/
<Huawei>system-view
m
Enter system view, return user view with Ctrl+Z.
o
i.c
[Huawei]sysname R1
[R1]interface GigabitEthernet 0/0/0
[R1-GigabitEthernet0/0/0]ip address 10.0.13.1 24
w e
[R1-GigabitEthernet0/0/0]quit
u a
.h
[R1]interface LoopBack 0
[R1-LoopBack0]ip address 10.0.1.1 24
i n g
<Huawei>system-view
r n
lea
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R2
: //
[R2]interface GigabitEthernet 0/0/1
t t p
:h
[R2-GigabitEthernet0/0/1]ip address 10.0.12.2 24
[R2-GigabitEthernet0/0/1]quit
[R2]interface LoopBack 0
e s
r
[R2-LoopBack0]ip address 10.0.2.2 24c
s ou
<Huawei>system-view
Re
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R3
i n g
n
[R3]interface LoopBack 0
ar
[R3-LoopBack0]ip address 10.0.3.3 24
e
L
Step 2e Clean up the previous configuration
or
MClean up previous static route configuration and disable all unused interfaces
[R1]interface GigabitEthernet0/0/1
[R1-GigabitEthernet0/0/1]shutdown
[R1-GigabitEthernet0/0/1]quit
g
[R3-GigabitEthernet0/0/2]shutdown
[R3-GigabitEthernet0/0/2]quit
ni n
[R3]undo ip route-static 10.0.12.0 255.255.255.0
r
//lea
p :
t t
:h
Step 3 Additional address configuration
e s
r c interfaces for R2 and R3.
Configure the following additional
o u
e s
R
[R2]interface GigabitEthernet 0/0/0
i n g
[R2-GigabitEthernet0/0/0]ip address 10.0.13.2 24
rn
[R3]interface GigabitEthernet0/0/1
a
e
[R3-GigabitEthernet0/0/1]ip address 10.0.12.3 24
L
r e
o
M
e n
/
--- 10.0.13.2 ping statistics ---
o m
i.c
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
w e
round-trip min/avg/max = 30/30/30 ms
u a
. h
i n g
Verify that R2 can successfully reach R3 over the 10.0.12.0 network.
<R2>ping 10.0.12.3
r n
PING 10.0.12.2: 56 data bytes, press CTRL_C to break
l e a
//
Reply from 10.0.12.3: bytes=56 Sequence=1 ttl=255 time=31 ms
:
tp
Reply from 10.0.12.3: bytes=56 Sequence=2 ttl=255 time=31 ms
t
Reply from 10.0.12.3: bytes=56 Sequence=3 ttl=255 time=41 ms
h
:
Reply from 10.0.12.3: bytes=56 Sequence=4 ttl=255 time=31 ms
s
r c e
Reply from 10.0.12.3: bytes=56 Sequence=5 ttl=255 time=41 ms
o u
--- 10.0.12.3 ping statistics ---
e
5 packet(s) transmitted
s
5 packet(s) received
R
0.00% packet loss
i n g
rn
round-trip min/avg/max = 31/35/41 ms
e a
e L
Step 4 Configure RIPv1.
r
o RIP on R1, and then advertise the 10.0.0.0 network segment.
Enable
M[R1]rip 1
[R1-rip-1]network 10.0.0.0
Enable RIP on R2, and then advertise the 10.0.0.0 network segment.
[R2]rip 1
[R2-rip-1]network 10.0.0.0
e n
View the routing tables of R1, R2, and R3. Make sure that these routers have learned
/
the RIP routes that are highlighted in gray in the following command output.
o m
<R1>display ip routing-table
Route Flags: R - relay, D - download to fib
e i.c
----------------------------------------------------------------------------
aw
Routing Tables: Public
u
Destinations : 13 Routes : 13
g .h
ni n
r
Destination/Mask Proto Pre Cost Flags NextHop Interface
lea
://
10.0.1.0/24 Direct 0 0 D 10.0.1.1 LoopBack0
tp
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.1.255/32 Direct 0 0 D
t
127.0.0.1 LoopBack0
:h
10.0.2.0/24 RIP 100 1 D 10.0.13.2 GigabitEthernet0/0/0
10.0.3.0/24 RIP 100 2
e s D 10.0.13.2 GigabitEthernet0/0/0
10.0.12.0/24 RIP 100
r c
1 D 10.0.13.2 GigabitEthernet0/0/0
ou
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet0/0/0
10.0.13.1/32 Direct 0
es 0 D 127.0.0.1 GigabitEthernet0/0/0
10.0.13.255/32 Direct 0
R 0 D 127.0.0.1 GigabitEthernet0/0/0
ing
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
n
ar
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
Le
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
r e
<R2>display ip routing-table
o
Route Flags: R - relay, D - download to fib
M
----------------------------------------------------------------------------
Routing Tables: Public
Destinations : 15 Routes : 15
ni n
r
----------------------------------------------------------------------------
lea
Routing Tables: Public
//
Destinations : 13 Routes : 13
p :
Destination/Mask Proto
t
Pre Cost Flags NextHopt Interface
s :h
10.0.1.0/24
10.0.2.0/24
RIP
RIP
100
100
r
2
1
c e D
D
10.0.12.2
10.0.12.2
GigabitEthernet0/0/1
GigabitEthernet0/0/1
ou
10.0.3.0/24 Direct 0 0 D 10.0.3.3 LoopBack0
10.0.3.3/32
e
Direct 0
s 0 D 127.0.0.1 LoopBack0
10.0.3.255/32
R
Direct 0 0 D 127.0.0.1 LoopBack0
ing
10.0.12.0/24 Direct 0 0 D 10.0.12.3 GigabitEthernet0/0/1
n
10.0.12.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
ar
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
Le
10.0.13.0/24 RIP 100 1 D 10.0.12.2 GigabitEthernet0/0/1
e
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
o r
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
M
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
o
s
JOB, ROUTE-PROCESSING, ERROR,
e
R
REPLAY-PROTECT, GR
g
<R1>terminal debugging
i n
Info: Current terminal debugging is on.
<R1>
a rn
e
Mar 29 2016 09:45:07.860.1+00:00 R1 RIP/7/DBG: 6: 12734: RIP 1: Receiving v1 response on
L
GigabitEthernet0/0/0 from 10.0.13.2 with 3 RTEs
e
o r
<R1>
Mar 29 2016 09:45:07.860.2+00:00 R1 RIP/7/DBG: 6: 12785: RIP 1: Receive response from 10.0.13.2
Mon GigabitEthernet0/0/0
<R1>
Mar 29 2016 09:45:07.860.3+00:00 R1 RIP/7/DBG: 6: 12796: Packet: Version 1, Cmd response, Length
64
<R1>
Mar 29 2016 09:45:07.860.4+00:00 R1 RIP/7/DBG: 6: 12845: Dest 10.0.2.0, Cost 1
<R1>
Mar 29 2016 09:45:07.860.5+00:00 R1 RIP/7/DBG: 6: 12845: Dest 10.0.3.0, Cost 2
Run the undo debugging rip <process-id> or undo debugging all command to
disable the debugging functions.
e n
<R1>undo debugging rip 1
/
o m
Individual parameters can be specified to control the debugging information viewed.
i . cupdate
For example, the debugging rip 1 event command allows for only periodical
w e
events sent or received by routers to be viewed. The question mark (?) can be added
a
hu
to the command to query other parameters.
<R1>debugging rip 1 event
g .
<R1>
ni n
r
Mar 29 2016 10:00:04.880.1+00:00 R1 RIP/7/DBG: 25: 5719: RIP 1: Periodic timer expired for
a
l e
interface GigabitEthernet0/0/0 (10.0.13.1) and its added to periodic update queue
<R1>
: //
tp
Mar 29 2016 10:00:04.890.1+00:00 R1 RIP/7/DBG: 25: 6048: RIP 1: Interface GigabitEthernet0/0/0
h t
(10.0.13.1) is deleted from the periodic update queue
s :
<R1>undo debugging all
r c e
Info: All possible debugging has been turned off
o u
es
Warning: If too many debugging functions are enabled, a large number of router
R
resources will be utilized that may result in system service failure. Therefore, the use
of commands (such
n g as debug all) for enabling debugging functions in batches
i with caution.
n
should be performed
r
e a
Step 6 Configure RIPv2.
L
ethe preceding configuration, you need to configure only version 2 in the RIP
r
o view.
After
M
sub
[R1]rip 1
[R1-rip-1]version 2
[R2]rip 1
[R2-rip-1]version 2
e n
Run the display ip routing-table command to view the routing tables of R1, R2, and
/
R3. Compare the routes that are highlighted with RIPv1 routes.
o m
<R1>display ip routing-table
Route Flags: R - relay, D - download to fib
e i.c
----------------------------------------------------------------------------
aw
Routing Tables: Public
u
Destinations : 13 Routes : 13
g .h
ni n
r
Destination/Mask Proto Pre Cost Flags NextHop Interface
lea
://
10.0.1.0/24 Direct 0 0 D 10.0.1.1 LoopBack0
tp
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.1.255/32 Direct 0 0 D
t
127.0.0.1 LoopBack0
:h
10.0.2.0/24 RIP 100 1 D 10.0.13.2 GigabitEthernet0/0/0
10.0.3.0/24 RIP 100 2
e s D 10.0.13.2 GigabitEthernet0/0/0
10.0.12.0/24 RIP 100 1
r c D 10.0.13.2 GigabitEthernet0/0/0
ou
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet0/0/0
10.0.13.1/32 Direct
es0 0 D 127.0.0.1 GigabitEthernet0/0/0
10.0.13.255/32 Direct
R 0 0 D 127.0.0.1 GigabitEthernet0/0/0
ing
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
n
ar
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
Le
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
r e
o
M
<R2>display ip routing-table
Route Flags: R - relay, D - download to fib
----------------------------------------------------------------------------
Routing Tables: Public
Destinations : 15 Routes : 15
g
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
ni n
[R3]display ip routing-table
r
lea
Route Flags: R - relay, D - download to fib
//
----------------------------------------------------------------------------
Routing Tables: Public
p :
Destinations : 13 Routes : 13
t t
s :h
Destination/Mask Proto Pre
r c e
Cost Flags NextHop Interface
ou
10.0.1.0/24 RIP 100 2 D 10.0.12.2 GigabitEthernet0/0/1
10.0.2.0/24 RIP
es100 1 D 10.0.12.2 GigabitEthernet0/0/1
10.0.3.0/24
R
Direct 0 0 D 10.0.3.3 LoopBack0
ing
10.0.3.3/32 Direct 0 0 D 127.0.0.1 LoopBack0
n
10.0.3.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
ar
10.0.12.0/24 Direct 0 0 D 10.0.12.3 GigabitEthernet0/0/1
Le
10.0.12.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
e
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
o r
10.0.13.0/24 RIP 100 1 D 10.0.12.2 GigabitEthernet0/0/1
M
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
i n g
n
Info: Current terminal debugging is on.
<R1>debugging rip 1 event
ar
l e
//
<R1>
:
Mar 29 2016 10:41:04.490.1+00:00 R1 RIP/7/DBG: 25: 5719: RIP 1: Periodic timer expired for
t tp
interface GigabitEthernet0/0/0 (10.0.13.1) and its added to periodic update queue
<R1>
: h
s
Mar 29 2016 10:41:04.500.1+00:00 R1 RIP/7/DBG: 25: 6048: RIP 1: Interface GigabitEthernet0/0/0
e
c
(10.0.13.1) is deleted from the periodic update queue
r
o u
s
<R1>undo debugging rip 1
Re
g
<R1>debugging rip 1 packet
<R1>
i n
rn
Mar 29 2016 10:43:07.770.1+00:00 R1 RIP/7/DBG: 6: 12776: RIP 1: Sending response on interface
e a
GigabitEthernet0/0/0 from 10.0.13.1 to 224.0.0.9
<R1>
e L
o
24 r
Mar 29 2016 10:43:07.770.2+00:00 R1 RIP/7/DBG: 6: 12796: Packet: Version 2, Cmd response, Length
M<R1>
Mar 29 2016 10:43:07.770.3+00:00 R1 RIP/7/DBG: 6: 12864: Dest 10.0.1.0/24, Nexthop 0.0.0.0,
Cost 1, Tag 0
When using RIPv1, a router sends network IDs and other route update information
to its neighbor routers without sending subnet masks. How do neighbor routers
process the route update information and generate the corresponding subnet
masks?
How are RIPv1 and RIPv2 compatible with each other?
e n
/
Final Configuration
o m
<R1>display current-configuration
e i.c
[V200R007C00SPC600]
aw
#
u
sysname R1
g .h
#
ni n
r
interface GigabitEthernet0/0/0
lea
ip address 10.0.13.1 255.255.255.0
//
#
interface GigabitEthernet0/0/1
p :
shutdown
t t
:h
ip address 10.0.12.1 255.255.255.0
#
e s
interface LoopBack0
r c
ou
ip address 10.0.1.1 255.255.255.0
#
es
rip 1
R
version 2
network 10.0.0.0
i n g
n
ar
#
e
user-interface con 0
L
e
authentication-mode password
or
set authentication password cipher %$%$+L'YR&IZt'4,)>-*#lH",}%K-oJ_M9+'lOU~bD (\WTqB}%N,%
M
$%$
user-interface vty 0 4
#
return
g
#
interface LoopBack0
ni n
ip address 10.0.2.2 255.255.255.0
r
lea
#
//
rip 1
version 2
p :
network 10.0.0.0
t t
#
s:h
user-interface con 0
authentication-mode password
r c e
ou
set authentication password cipher %$%$1=cd%b%/O%Id-8X:by1N,+s}'4wD6TvO<I|/pd# #44C@+s#,%
$%$
es
user-interface vty 0 4
R
#
i n g
n
return
e ar
e L
<R3>display current-configuration
or
[V200R007C00SPC600]
M
#
sysname R3
#
interface GigabitEthernet0/0/0
shutdown
ip address 10.0.13.3 255.255.255.0
#
interface GigabitEthernet0/0/1
g
set authentication password cipher %$%$ksXDMg7Ry6yUU:63:DQ),#/sQg"@*S\U#.s.bHW xQ,y%#/v,%
$%$
ni n
user-interface vty 0 4
r
lea
#
//
return
p :
t t
s:h
r c e
sou
Re
i n g
n
e ar
e L
or
M
Learning Objectives
As a result of this lab section, you should achieve the following tasks:
As the network administrator of a small company you are responsible for the
support of a RIPv2 based enterprise network. In order to better manage and
optimize the routing table, route aggregation is required.
Additionally, concerns over the insertion of rogue devices into the network that may
affect routing tables means that RIP authentication is required to protect the
e n
network.
/
o m
i.c
Tasks
w e
Step 1 Preparing the environment
u a
.h
g
ni n
If you are starting this section with a non-configured device begin here and then
move to step 2. For those continuing from previous labs, begin at step 2.
r
a for R1, R2 and R3 on the
l e
//
Configure the base system information and addressing
:
network.
t tp
: h
e s
c
<Huawei>system-view
u r
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R1
s o
R e
[R1]interface GigabitEthernet 0/0/0
[R1-GigabitEthernet0/0/0]ip address 10.0.13.1 24
n g
[R1-GigabitEthernet0/0/0]quit
i
rn
[R1]interface LoopBack 0
a
[R1-LoopBack0]ip address 10.0.1.1 24
e
e L
r
<Huawei>system-view
o
Enter system view, return user view with Ctrl+Z.
M[Huawei]sysname R2
[R2]interface GigabitEthernet 0/0/0
[R2-GigabitEthernet0/0/0]ip address 10.0.13.2 24
[R2-GigabitEthernet0/0/0]quit
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet0/0/1]ip address 10.0.12.2 24
[R2-GigabitEthernet0/0/1]quit
[R2]interface LoopBack 0
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R3
[R3]interface GigabitEthernet 0/0/1
[R3-GigabitEthernet0/0/1]ip address 10.0.12.3 24
[R3-GigabitEthernet0/0/1]quit
e n
/
m
[R3]interface LoopBack 0
[R3-LoopBack0]ip address 10.0.3.3 24
o
ei.c
After the IP addresses have been configured for the interfaces, test the network
connectivity.
aw
u
<R1>ping 10.0.13.2
g.h
n
PING 10.0.13.2: 56 data bytes, press CTRL_C to break
ni
Reply from 10.0.13.2: bytes=56 Sequence=1 ttl=255 time=30 ms
r
lea
Reply from 10.0.13.2: bytes=56 Sequence=2 ttl=255 time=30 ms
//
Reply from 10.0.13.2: bytes=56 Sequence=3 ttl=255 time=30 ms
:
Reply from 10.0.13.2: bytes=56 Sequence=4 ttl=255 time=30 ms
p
t t
Reply from 10.0.13.2: bytes=56 Sequence=5 ttl=255 time=30 ms
r c e
ou
5 packet(s) received
s
0.00% packet loss
e
round-trip min/avg/max = 30/30/30 ms
R
i
<R2>ping 10.0.12.3
n g
n
ar
PING 10.0.12.3: 56 data bytes, press CTRL_C to break
e
Reply from 10.0.12.3: bytes=56 Sequence=1 ttl=255 time=31 ms
L
Reply from 10.0.12.3: bytes=56 Sequence=2 ttl=255 time=31 ms
e
or
Reply from 10.0.12.3: bytes=56 Sequence=3 ttl=255 time=41 ms
Reply from 10.0.12.3: bytes=56 Sequence=4 ttl=255 time=31 ms
[R2]rip 1
[R2-rip-1]version 2
[R2-rip-1]network 10.0.0.0
e n
/
[R3]rip 1
o m
i.c
[R3-rip-1]version 2
[R3-rip-1]network 10.0.0.0
w e
Step 2 Configuration of additional loopback addresses u a
. h
i
Establish additional loopback interfaces to represent multiple n gnetworks on R3.
r n
[R3]interface LoopBack 2
l e a
//
[R3-LoopBack2]ip address 172.16.0.1 24
:
tp
[R3-LoopBack2]quit
[R3]interface LoopBack 3
ht
:
[R3-LoopBack3]ip address 172.16.1.1 24
[R3-LoopBack3]quit
e s
[R3]interface LoopBack 4
r c
u
[R3-LoopBack4]ip address 172.16.2.1 24
o
[R3-LoopBack4]quit
es
R
[R3]interface LoopBack 5
i n g
[R3-LoopBack5]ip address 172.16.3.1 24
View the routing table of R1 to verify the new networks are being advertized.
u
.h
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet0/0/0
g
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
10.0.13.255/32 Direct 0 0 D 127.0.0.1
i n
GigabitEthernet0/0/0
n
127.0.0.0/8 Direct 0 0 D 127.0.0.1
r
InLoopBack0
lea
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
://
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
tp
172.16.0.0/24 RIP 100 2 D 10.0.13.2 GigabitEthernet0/0/0
172.16.1.0/24 RIP 100 2 D
t
10.0.13.2 GigabitEthernet0/0/0
172.16.2.0/24 RIP 100 2
s
D
:h
10.0.13.2 GigabitEthernet0/0/0
172.16.3.0/24 RIP
255.255.255.255/32 Direct 0
100
r
2
c
0 e D
D
10.0.13.2
127.0.0.1
GigabitEthernet0/0/0
InLoopBack0
s ou
aggregated routes. Re
The information in grey shows that R1 has learned specific routes but not
i n g
Test network connectivity from R1 to the 172.16.0.0 network range.
n
e ar
<R1>ping 172.16.0.1
e L
PING 172.16.0.1: 56 data bytes, press CTRL_C to break
or
Reply from 172.16.0.1: bytes=56 Sequence=1 ttl=254 time=80 ms
Reply from 172.16.0.1: bytes=56 Sequence=2 ttl=254 time=79 ms
e n
[R2]interface GigabitEthernet0/0/0
/
[R2-GigabitEthernet0/0/0]rip summary-address 172.16.0.0 255.255.0.0
o m
View the routing table of R1 that should now include an aggregated route.i.c
w e
<R1>display ip routing-table
a
hu
Route Flags: R - relay, D - download to fib
g .
----------------------------------------------------------------------------
Routing Tables: Public
ni n
r
Destinations : 14 Routes : 14
l e a
//
Destination/Mask Proto Pre Cost Flags NextHop Interface
:
10.0.1.0/24 Direct 0 0 D
t tp 10.0.1.1 LoopBack0
10.0.1.1/32 Direct 0 0
: h
D 127.0.0.1 LoopBack0
10.0.1.255/32 Direct 0 0
e s D 127.0.0.1 LoopBack0
10.0.2.0/24 RIP 100
r c
1 D 10.0.13.2 GigabitEthernet0/0/0
10.0.3.0/24 RIP
o
100
u 2 D 10.0.13.2 GigabitEthernet0/0/0
10.0.12.0/24 RIP
e s100 1 D 10.0.13.2 GigabitEthernet0/0/0
10.0.13.0/24
R
Direct 0 0 D 10.0.13.1 GigabitEthernet0/0/0
10.0.13.1/32
i n g
Direct 0
10.0.13.255/32 Direct 0
0
0
D
D
127.0.0.1
127.0.0.1
GigabitEthernet0/0/0
GigabitEthernet0/0/0
a rn
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
L e
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
e
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
o r
172.16.0.0/16 RIP 100 2 D 10.0.13.2 GigabitEthernet0/0/0
M
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
The highlighted information shows the aggregated route. There is now no specific
route is listed in the routing table.
e n
/
Reply from 172.16.0.1: bytes=56 Sequence=4 ttl=254 time=60 ms
m
Reply from 172.16.0.1: bytes=56 Sequence=5 ttl=254 time=60 ms
o
--- 172.16.0.1 ping statistics ---
5 packet(s) transmitted
e i.c
5 packet(s) received
aw
u
.h
0.00% packet loss
g
round-trip min/avg/max = 59/63/80 ms
i n
n reduces the size of the
The preceding information shows that route aggregation
ar
l e
routing table without affecting communication to aggregated
/ networks.
: /
Step 5 Configure RIP authentication.tp
ht
s : between R1 and R2 and MD5 based
Configure plain text authentication
r
authentication between R2 and R3. c eThe authentication password in all cases should
be huawei.
o u
e s
[R1]interface GigabitEthernet0/0/0
R
g
[R1-GigabitEthernet0/0/0]rip authentication-mode simple huawei
i n
rn
[R2]interface GigabitEthernet0/0/0
e a
[R2-GigabitEthernet0/0/0]rip authentication-mode simple huawei
L
[R2-GigabitEthernet0/0/0]quit
e
o r
[R2]interface GigabitEthernet0/0/1
[R2-GigabitEthernet0/0/1]rip authentication-mode md5 usual huawei
M[R3]interface GigabitEthernet0/0/1
[R3-GigabitEthernet0/0/1]rip authentication-mode md5 usual huawei
e n
Destinations : 14 Routes : 14
/
o m
i.c
Destination/Mask Proto Pre Cost Flags NextHop Interface
g .h
n
10.0.2.0/24 RIP 100 1 D 10.0.13.2 GigabitEthernet0/0/0
10.0.3.0/24 RIP 100 2 D 10.0.13.2
ni
GigabitEthernet0/0/0
r
lea
10.0.12.0/24 RIP 100 1 D 10.0.13.2 GigabitEthernet0/0/0
//
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet0/0/0
10.0.13.1/32 Direct 0 0 D
:
127.0.0.1
p
GigabitEthernet0/0/0
10.0.13.255/32 Direct 0 0 D
t t
127.0.0.1 GigabitEthernet0/0/0
:h
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
es
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0
r
0
c D 127.0.0.1 InLoopBack0
ou
172.16.0.0/16 RIP 100 2 D 10.0.13.2 GigabitEthernet0/0/0
255.255.255.255/32 Direct 0
es 0 D 127.0.0.1 InLoopBack0
R
g
<R2>display ip routing-table
i n
Route Flags: R - relay, D - download to fib
n
ar
----------------------------------------------------------------------------
e
Routing Tables: Public
e L
Destinations : 19 Routes : 19
or
Destination/Mask Proto Pre Cost Flags NextHop Interface
e i.c
<R3>display ip routing-table
aw
u
.h
Route Flags: R - relay, D - download to fib
g
----------------------------------------------------------------------------
Routing Tables: Public
ni n
Destinations : 25 Routes : 25
r
lea
Destination/Mask Proto Pre Cost Flags NextHop Interface
: //
10.0.1.0/24
10.0.2.0/24
RIP
RIP
100 2
100 1
D
D
t t p
10.0.12.2
10.0.12.2
GigabitEthernet0/0/1
GigabitEthernet0/0/1
10.0.3.0/24 Direct 0 0
s
D
:h
10.0.3.3 LoopBack0
10.0.3.3/32
10.0.3.255/32
Direct
Direct
0
0
0
r
0
c e D
D
127.0.0.1
127.0.0.1
LoopBack0
LoopBack0
ou
10.0.12.0/24 Direct 0 0 D 10.0.12.3 GigabitEthernet0/0/1
10.0.12.3/32 Direct
es0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.12.255/32 Direct
R 0 0 D 127.0.0.1 GigabitEthernet0/0/1
ing
10.0.13.0/24 RIP 100 1 D 10.0.12.2 GigabitEthernet0/0/1
n
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
ar
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
Le
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
e
172.16.0.0/24 Direct 0 0 D 172.16.0.1 LoopBack2
o r
172.16.0.1/32 Direct 0 0 D 127.0.0.1 LoopBack2
M
172.16.0.255/32 Direct 0 0 D 127.0.0.1 LoopBack2
172.16.1.0/24 Direct 0 0 D 172.16.1.1 LoopBack3
172.16.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack3
172.16.1.255/32 Direct 0 0 D 127.0.0.1 LoopBack3
172.16.2.0/24 Direct 0 0 D 172.16.2.1 LoopBack4
172.16.2.1/32 Direct 0 0 D 127.0.0.1 LoopBack4
172.16.2.255/32 Direct 0 0 D 127.0.0.1 LoopBack4
172.16.3.0/24 Direct 0 0 D 172.16.3.1 LoopBack5
e n
[R2]interface GigabitEthernet0/0/0
/
[R2-GigabitEthernet0/0/0]rip authentication-mode simple huawei2
o m
View the routing table of R1.
e i.c
<R1>display ip routing-table
aw
Route Flags: R - relay, D - download to fib
u
g
----------------------------------------------------------------------------
.h
Routing Tables: Public
ni n
r
Destinations : 10 Routes : 10
lea
://
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.0/24 Direct 0 0 D
t tp
10.0.1.1 LoopBack0
:h
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.1.255/32 Direct 0 0
e s D 127.0.0.1 LoopBack0
10.0.13.0/24 Direct 0
r0
c D 10.0.13.1 GigabitEthernet0/0/0
ou
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
10.0.13.255/32 Direct 0
es 0 D 127.0.0.1 GigabitEthernet0/0/0
127.0.0.0/8
R
Direct 0 0 D 127.0.0.1 InLoopBack0
ing
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
n
ar
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
L e
Since R1 and R2 use different RIP authentication passwords, R1 will not receive any
re
advertised RIP routes from R2.
o
MRestore the authentication password on G0/0/0 of R2 to huawei.
[R2]interface GigabitEthernet0/0/0
[R2- GigabitEthernet0/0/0]rip authentication-mode simple huawei
e n
/
----------------------------------------------------------------------------
m
Routing Tables: Public
Destinations : 22 Routes : 22
o
Destination/Mask Proto Pre Cost Flags NextHop Interface e i.c
aw
u
.h
10.0.3.0/24 Direct 0 0 D 10.0.3.3 LoopBack0
g
10.0.3.3/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.3.255/32 Direct 0 0 D 127.0.0.1
i n
LoopBack0
n
10.0.12.0/24 Direct 0 0 D 10.0.12.3
r
GigabitEthernet0/0/1
lea
10.0.12.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
://
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
tp
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D
t
127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0
s
D
:h127.0.0.1 InLoopBack0
172.16.0.0/24
172.16.0.1/32
Direct
Direct
0
0
r
0
0
c e D
D
172.16.0.1
127.0.0.1
LoopBack2
LoopBack2
ou
172.16.0.255/32 Direct 0 0 D 127.0.0.1 LoopBack2
172.16.1.0/24 Direct
es 0 0 D 172.16.1.1 LoopBack3
172.16.1.1/32
R
Direct 0 0 D 127.0.0.1 LoopBack3
ing
172.16.1.255/32 Direct 0 0 D 127.0.0.1 LoopBack3
rn
172.16.2.0/24 Direct 0 0 D 172.16.2.1 LoopBack4
a
172.16.2.1/32 Direct 0 0 D 127.0.0.1 LoopBack4
e
eL
172.16.2.255/32 Direct 0 0 D 127.0.0.1 LoopBack4
172.16.3.0/24 Direct 0 0 D 172.16.3.1 LoopBack5
or
172.16.3.1/32 Direct 0 0 D 127.0.0.1 LoopBack5
M
172.16.3.255/32 Direct 0 0 D 127.0.0.1 LoopBack5
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
Since R2 and R3 use different RIP authentication modes, R3 cannot receive any
advertised RIP routes from R2.
Restore the authentication mode on G0/0/1 of R2 to MD5.
[R2]interface GigabitEthernet0/0/1
Verify that routes in routing tables of R1, R2, and R3 have been restored. Note that
RIP updates routes periodically, so may take a moment to be restored.
<R1>display ip routing-table
Route Flags: R - relay, D - download to fib
----------------------------------------------------------------------------
Routing Tables: Public
e n
Destinations : 14 Routes : 14
/
o m
i.c
Destination/Mask Proto Pre Cost Flags NextHop Interface
g .h
n
10.0.2.0/24 RIP 100 1 D 10.0.13.2 GigabitEthernet0/0/0
10.0.3.0/24 RIP 100 2 D 10.0.13.2
ni
GigabitEthernet0/0/0
r
lea
10.0.12.0/24 RIP 100 1 D 10.0.13.2 GigabitEthernet0/0/0
//
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet0/0/0
10.0.13.1/32 Direct 0 0 D
:
127.0.0.1
p
GigabitEthernet0/0/0
10.0.13.255/32 Direct 0 0 D
t t
127.0.0.1 GigabitEthernet0/0/0
:h
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
es
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0
r
0
c D 127.0.0.1 InLoopBack0
ou
172.16.0.0/16 RIP 100 2 D 10.0.13.2 GigabitEthernet0/0/0
s
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
Re
g
[R2]display ip routing-table
i n
Route Flags: R - relay, D - download to fib
n
ar
----------------------------------------------------------------------------
e
Routing Tables: Public
e L
Destinations : 19 Routes : 19
or
Destination/Mask Proto Pre Cost Flags NextHop Interface
e i.c
<R3>display ip routing-table
aw
u
.h
Route Flags: R - relay, D - download to fib
g
----------------------------------------------------------------------------
Routing Tables: Public
ni n
Destinations : 25 Routes : 25
r
lea
Destination/Mask Proto Pre Cost Flags NextHop Interface
: //
10.0.1.0/24
10.0.2.0/24
RIP
RIP
100 2
100 1
D
D
t t p
10.0.12.2
10.0.12.2
GigabitEthernet0/0/1
GigabitEthernet0/0/1
10.0.3.0/24 Direct 0 0
s
D
:h
10.0.3.3 LoopBack0
10.0.3.3/32
10.0.3.255/32
Direct
Direct
0
0
0
r
0
c e D
D
127.0.0.1
127.0.0.1
LoopBack0
LoopBack0
ou
10.0.12.0/24 Direct 0 0 D 10.0.12.3 GigabitEthernet0/0/1
10.0.12.3/32 Direct
es0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.12.255/32 Direct
R 0 0 D 127.0.0.1 GigabitEthernet0/0/1
ing
10.0.13.0/24 RIP 100 1 D 10.0.12.2 GigabitEthernet0/0/1
n
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
ar
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
Le
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
e
172.16.0.0/24 Direct 0 0 D 172.16.0.1 LoopBack2
o r
172.16.0.1/32 Direct 0 0 D 127.0.0.1 LoopBack2
M
172.16.0.255/32 Direct 0 0 D 127.0.0.1 LoopBack2
172.16.1.0/24 Direct 0 0 D 172.16.1.1 LoopBack3
172.16.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack3
172.16.1.255/32 Direct 0 0 D 127.0.0.1 LoopBack3
172.16.2.0/24 Direct 0 0 D 172.16.2.1 LoopBack4
172.16.2.1/32 Direct 0 0 D 127.0.0.1 LoopBack4
172.16.2.255/32 Direct 0 0 D 127.0.0.1 LoopBack4
172.16.3.0/24 Direct 0 0 D 172.16.3.1 LoopBack5
Final Configuration
<R1>display current-configuration
[V200R007C00SPC600]
e n
#
/
sysname R1
o m
i.c
#
interface GigabitEthernet0/0/0
ip address 10.0.13.1 255.255.255.0
w e
rip authentication-mode simple cipher %$%$S2AJ2_mJ)Hf++RSng6^NN|Xl%$%$
u a
#
g .h
n
interface LoopBack0
ip address 10.0.1.1 255.255.255.0
ni
r
lea
#
//
rip 1
version 2
p :
network 10.0.0.0
t t
:h
#
user-interface con 0
e s
authentication-mode password
r c
ou
set authentication password cipher %$%$+L'YR&IZt'4,)>-*#lH",}%K-oJ_M9+'lOU~bD (\WTqB}%N,%
s
$%$
user-interface vty 0 4
Re
g
#
return
n i n
e ar
<R2>display current-configuration
L
[V200R007C00SPC600]
e
or
#
sysname R2
M
#
interface GigabitEthernet0/0/0
ip address 10.0.13.2 255.255.255.0
rip authentication-mode simple cipher %$%$+Ob&JcQxU6mUJ(ZXLZY#OEXz%$%$
rip summary-address 172.16.0.0 255.255.0.0
#
interface GigabitEthernet0/0/1
ip address 10.0.12.2 255.255.255.0
user-interface vty 0 4
aw
u
.h
#
g
return
ni n
r
lea
<R3>display current-configuration
//
[V200R007C00SPC600]
#
p :
sysname R3
t t
#
s:h
interface GigabitEthernet0/0/1
r
ip address 10.0.12.3 255.255.255.0
c e
ou
rip authentication-mode md5 usual cipher %$%$_5VL+wN6FNe]rVKbh[E(O=E>%$%$
#
es
interface LoopBack0
R
i n g
ip address 10.0.3.3 255.255.255.0
n
#
ar
interface LoopBack2
e
ip address 172.16.0.1 255.255.255.0
L
e
#
or
interface LoopBack3
M
ip address 172.16.1.1 255.255.255.0
#
interface LoopBack4
ip address 172.16.2.1 255.255.255.0
#
interface LoopBack5
ip address 172.16.3.1 255.255.255.0
#
e i.c
aw
u
g .h
ni n
r
//lea
p :
t t
s:h
r c e
sou
Re
i n g
n
e ar
e L
or
M
Learning Objectives
As a result of this lab section, you should achieve the following tasks:
t tp
Topology : h
e s
r c
o u
es
R
i n g
a rn
L e
r e
o
M
e n
Tasks /
o m
Step 1 Prepare the environment e i.c
aw
If you are starting this section with a non-configured device, begin
hu here and then
g .
move to step 3. For those continuing from previous labs, begin at step 2.
i n
Establish the basic system configuration and addressingnfor the lab.
ar
/ l e
: /
tp
<Huawei>system-view
t
Enter system view, return user view with Ctrl+Z.
h
:
[Huawei]sysname R1
[R1]interface GigabitEthernet 0/0/1
e s
r c
[R1-GigabitEthernet 0/0/1]ip address 10.0.12.1 24
[R1-GigabitEthernet 0/0/1]quit
o u
s
[R1]interface GigabitEthernet 0/0/0
e
R
[R1-GigabitEthernet0/0/0]ip address 10.0.13.1 24
i n g
[R1-GigabitEthernet0/0/0]quit
[R1]interface LoopBack 0
rn
[R1-LoopBack0]ip address 10.0.1.1 24
a
L e
<Huawei>system-view
r e
Enter system view, return user view with Ctrl+Z.
o
[Huawei]sysname R2
e i.c
Step 2 Clean up the previous configuration. aw
u
g.h
i n
Enable the interfaces necessary for this lab and disable those not needed.
n
r
//lea
[R1]interface GigabitEthernet 0/0/1
p :
[R1-GigabitEthernet0/0/1]undo shutdown
t t
:h
[R1-GigabitEthernet0/0/1]quit
e s
r
[R2]interface GigabitEthernet 0/0/0
c
ou
[R2-GigabitEthernet0/0/0]undo rip summary-address 172.16.0.0 255.255.0.0
s
[R2-GigabitEthernet0/0/0]shutdown
e
R
i n g
[R3]interface GigabitEthernet 0/0/0
[R3-GigabitEthernet0/0/0]undo shutdown
n
ar
[R3-GigabitEthernet0/0/0]quit
L e
[R3]interface GigabitEthernet 0/0/1
[R3-GigabitEthernet0/0/1]shutdown
e
or
[R3-GigabitEthernet0/0/1]quit
[R3]undo interface LoopBack 3
M
Info: This operation may take a few seconds. Please wait for a moment...succeeded.
[R3]undo interface LoopBack 4
Info: This operation may take a few seconds. Please wait for a moment...succeeded.
[R3]undo interface LoopBack 5
Info: This operation may take a few seconds. Please wait for a moment...succeeded.
//
[R3]undo rip 1
p :
Warning: The RIP process will be deleted. Continue?[Y/N]y
t t
Step 3 Configure OSPF.
s:h
r e
c on logical interface loopback 0 for simplicity) as
u 1 (the default process), and specify network
Assign the value 10.0.1.1 (as used
o
s
the router ID. Use OSPF process
e
R
segments 10.0.1.0/24, 10.0.12.0/24, and 10.0.13.0/24 as part of OSPF area 0.
i n g
[R1]ospf 1 router-id 10.0.1.1
rn
[R1-ospf-1]area 0
a
[R1-ospf-1-area-0.0.0.0]network 10.0.1.0 0.0.0.255
e
L
[R1-ospf-1-area-0.0.0.0]network 10.0.13.0 0.0.0.255
e
r
[R1-ospf-1-area-0.0.0.0]network 10.0.12.0 0.0.0.255
o
Mthat all routers use the same OSPF process ID. The wildcard mask must be specified
Different process ID's will generate multiple link state databases, therefore ensure
…output omitted…
Mar 30 2016 09:41:39+00:00 R2 %%01OSPF/4/NBR_CHANGE_E(l)[5]:Neighbor changes event: neighbor status
changed. (ProcessId=1, NeighborAddress=10.0.12.1, NeighborEvent=LoadingDone,
e n
/
NeighborPreviousState=Loading, NeighborCurrentState=Full)
aw
hu
[R3]ospf 1 router-id 10.0.3.3
[R3-ospf-1]area 0
g .
n
[R3-ospf-1-area-0.0.0.0]network 10.0.3.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]network 10.0.13.0 0.0.0.255
ni
…output omitted…
ar
l e
//
Mar 30 2016 16:05:34+00:00 R3 %%01OSPF/4/NBR_CHANGE_E(l)[5]:Neighbor changes event: neighbor status
:
changed. (ProcessId=1, NeighborAddress=10.0.13.1, NeighborEvent=LoadingDone,
t tp
NeighborPreviousState=Loading, NeighborCurrentState=Full)
: h
e
Step 4 Verify the OSPF configuration.s
r c
After OSPF route convergenceuis complete, view routing tables of R1, R2, and R3.
s o
Re
<R1>display ip routing-table
i n g
Route Flags: R - relay, D - download to fib
----------------------------------------------------------------------------
rn
Routing Tables: Public
a
L e
Destinations : 15 Routes : 15
r e
o
Destination/Mask Proto Pre Cost Flags NextHop Interface
e n
/
m
<R2>display ip routing-table
Route Flags: R - relay, D - download to fib
o
----------------------------------------------------------------------------
Routing Tables: Public
e i.c
Destinations : 13 Routes : 13
aw
u
Destination/Mask Proto Pre Cost Flags NextHop
g .h
Interface
ni n
10.0.1.1/32 OSPF 10 1 D 10.0.12.1
r
GigabitEthernet0/0/1
lea
10.0.2.0/24 Direct 0 0 D 10.0.2.2 LoopBack0
://
10.0.2.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
tp
10.0.2.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.3.3/32 OSPF 10 2 D
t
10.0.12.1 GigabitEthernet0/0/1
10.0.12.0/24 Direct 0 0
s
D
:h10.0.12.2 GigabitEthernet0/0/1
10.0.12.2/32 Direct 0
10.0.12.255/32 Direct 0
0
r
0
c e D
D
127.0.0.1
127.0.0.1
GigabitEthernet0/0/1
GigabitEthernet0/0/1
ou
10.0.13.0/24 OSPF 10 2 D 10.0.12.1 GigabitEthernet0/0/1
127.0.0.0/8 Direct 0
es 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32
R
Direct 0 0 D 127.0.0.1 InLoopBack0
ing
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
rn
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
e a
<R3>display ip routing-table
e L
Route Flags: R - relay, D - download to fib
o r
----------------------------------------------------------------------------
M
Routing Tables: Public
Destinations : 16 Routes : 16
ni n
<R2>ping 10.0.1.1
ar
e
PING 10.0.1.1: 56 data bytes, press CTRL_C to break
// l
Reply from 10.0.1.1: bytes=56 Sequence=1 ttl=255 time=37 ms
:
tp
Reply from 10.0.1.1: bytes=56 Sequence=2 ttl=255 time=42 ms
t
Reply from 10.0.1.1: bytes=56 Sequence=3 ttl=255 time=42 ms
h
:
Reply from 10.0.1.1: bytes=56 Sequence=4 ttl=255 time=45 ms
s
r c e
Reply from 10.0.1.1: bytes=56 Sequence=5 ttl=255 time=42 ms
o u
--- 10.0.1.1 ping statistics ---
es
5 packet(s) transmitted
5 packet(s) received
R
0.00% packet loss
i n g
rn
round-trip min/avg/max = 37/41/45 ms
e a
L
<R2>ping 10.0.3.3
e
PING 10.0.3.3: 56 data bytes, press CTRL_C to break
o r
Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=254 time=37 ms
M
Reply from 10.0.3.3: bytes=56 Sequence=2 ttl=254 time=42 ms
Reply from 10.0.3.3: bytes=56 Sequence=3 ttl=254 time=42 ms
Reply from 10.0.3.3: bytes=56 Sequence=4 ttl=254 time=42 ms
Reply from 10.0.3.3: bytes=56 Sequence=5 ttl=254 time=42 ms
Run the display ospf peer command to view the OSPF neighbor status.
<R1>display ospf peer
e n
/
OSPF Process 1 with Router ID 10.0.1.1
m
Neighbors
o
Area 0.0.0.0 interface 10.0.12.1(GigabitEthernet0/0/1)'s neighbors
Router ID: 10.0.2.2 Address: 10.0.12.2
ei.c
State: Full Mode:Nbr is Master Priority: 1
aw
u
.h
DR: 10.0.12.1 BDR: 10.0.12.2 MTU: 0
g
Dead timer due in 32 sec
Retrans timer interval: 5
ni n
Neighbor is up for 00:47:59
r
lea
Authentication Sequence: [ 0 ]
: //
Neighbors
t t p
:h
Area 0.0.0.0 interface 10.0.13.1(GigabitEthernet0/0/0)'s neighbors
s
Router ID: 10.0.3.3
State: Full
r c e
Address: 10.0.13.3
Mode:Nbr is Master Priority: 1
ou
DR: 10.0.13.1 BDR: 10.0.13.3 MTU: 0
Dead timer due in 34 sec
es
Retrans timer interval: 5
R
i n g
Neighbor is up for 00:41:44
n
Authentication Sequence: [ 0 ]
a r
eIn the example given, the link 10.0.13.1 of R1 shows to be the DR. The DR
The display ospf peer command displays detailed information about any peering
L
e is non pre-emptive, meaning that the link of R3 will not take over the role of
neighbors.
r
ofrom R1 unless the OSPF process is reset.
election
MThe display ospf peer brief command can also be used to display a condensed
DR
g
OSPF Process 1 with Router ID 10.0.3.3
Peer Statistic Information
ni n
r
----------------------------------------------------------------------------
lea
Area Id Interface Neighbor id State
://
0.0.0.0 GigabitEthernet0/0/0 10.0.1.1 Full
tp
----------------------------------------------------------------------------
t
:h
Step 5 Change the OSPF hello interval and dead interval.
e s
r c
Run the display ospf interface GigabitEthernet 0/0/0 command on R1 to view the
ou
default OSPF hello interval and dead interval.
es
<R1>display ospf interface GigabitEthernet 0/0/0
R
i n g
OSPF Process 1 with Router ID 10.0.1.1
n
ar
Interfaces
L e
e
or
Interface: 10.0.13.1 (GigabitEthernet0/0/0)
Cost: 1 State: DR Type: Broadcast MTU: 1500
M
Priority: 1
Designated Router: 10.0.13.1
Backup Designated Router: 10.0.13.3
Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1
Run the ospf timer command to change the OSPF hello interval and dead interval
on GE0/0/0 of R1 to 15s and 60s respectively.
e n
/
m
<R1>display ospf interface GigabitEthernet 0/0/0
o
OSPF Process 1 with Router ID 10.0.1.1
Interfaces
ei.c
aw
u
Interface: 10.0.13.1 (GigabitEthernet0/0/0)
g .h
Cost: 1 State: DR Type: Broadcast MTU: 1500
ni n
Priority: 1
r
lea
Designated Router: 10.0.13.1
//
Backup Designated Router: 10.0.13.3
p :
Timers: Hello 15 , Dead 60 , Poll 120 , Retransmit 5 , Transmit Delay 1
t t
Check the OSPF neighbor status on R1. h
s :
<R1>display ospf peer brief
r c e
o u
s
OSPF Process 1 with Router ID 10.0.1.1
Re
Peer Statistic Information
g
----------------------------------------------------------------------------
Area Id
i n
Interface Neighbor id State
rn
0.0.0.0 GigabitEthernet0/0/1 10.0.2.2 Full
e a
----------------------------------------------------------------------------
e L
o r
The preceding
hello
information shows that R1 has only one neighbor, R2. Since the OSPF
intervals and dead intervals on R1 and R3 are different, R1 and R3 will fail to
Mestablish an OSPF neighbor relationship.
Run the ospf timer command to change the OSPF hello interval and dead interval
on GE0/0/0 of R3 to 15s and 60s respectively.
[R3]interface GigabitEthernet 0/0/0
[R3-GigabitEthernet0/0/0]ospf timer hello 15
[R3-GigabitEthernet0/0/0]ospf timer dead 60
…output omitted…
e n
/
m
Interface: 10.0.13.3 (GigabitEthernet0/0/0)
Cost: 1 State: DR Type: Broadcast MTU: 1500
o
Priority: 1
Designated Router: 10.0.13.3
ei.c
Backup Designated Router: 10.0.13.1
aw
u
.h
Timers: Hello 15 , Dead 60 , Poll 120 , Retransmit 5 , Transmit Delay 1
: //
Peer Statistic Information
t t p
----------------------------------------------------------------------------
Area Id Interface
s :h Neighbor id State
0.0.0.0
0.0.0.0
GigabitEthernet0/0/0
r c
GigabitEthernet0/0/1 e 10.0.3.3
10.0.2.2
Full
Full
ou
----------------------------------------------------------------------------
e s
R routes in OSPF.
Step 6 Advertise default
i n g
Configure OSPF
a rnto advertise default routes on R3.
L e
[R3]ip route-static 0.0.0.0 0.0.0.0 LoopBack 2
r e
[R3]ospf 1
o
[R3-ospf-1]default-route-advertise
M
View routing tables of R1 and R2. You can see that R1 and R2 have learned the
default routes advertised by R3.
<R1>display ip routing-table
Route Flags: R - relay, D - download to fib
----------------------------------------------------------------------------
Routing Tables: Public
u
.h
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
g
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1
i n
InLoopBack0
n
127.0.0.1/32 Direct 0 0 D 127.0.0.1
r
InLoopBack0
lea
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
://
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
t tp
<R2>display ip routing-table
s :h
r c e
Route Flags: R - relay, D - download to fib
----------------------------------------------------------------------------
ou
Routing Tables: Public
Destinations : 14
es Routes : 14
R
ing
Destination/Mask Proto Pre Cost Flags NextHop Interface
n
ar
0.0.0.0/0 O_ASE 150 1 D 10.0.12.1 GigabitEthernet0/0/1
Le
10.0.1.1/32 OSPF1 0 1 D 10.0.12.1 GigabitEthernet0/0/1
e
10.0.2.0/24 Direct 0 0 D 10.0.2.2 LoopBack0
o r
10.0.2.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
M
10.0.2.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.3.3/32 OSPF 10 2 D 10.0.12.1 GigabitEthernet0/0/1
10.0.12.0/24 Direct 0 0 D 10.0.12.2 GigabitEthernet0/0/1
10.0.12.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.13.0/24 OSPF 10 2 D 10.0.12.1 GigabitEthernet0/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
<R3>display ip routing-table
Route Flags: R - relay, D - download to fib
----------------------------------------------------------------------------
e n
/
m
Routing Tables: Public
Destinations : 17 Routes : 17
o
Destination/Mask Proto Pre Cost Flags NextHop Interface
e i.c
aw
u
.h
0.0.0.0/0 Static 60 0 D 172.16.0.1 LoopBack2
g
10.0.1.1/32 OSPF 10 1 D 10.0.13.1 GigabitEthernet0/0/0
10.0.2.2/32 OSPF 10 2 D 10.0.13.1
i n
GigabitEthernet0/0/0
n
10.0.3.0/24 Direct 0 0 D 10.0.3.3
r
LoopBack0
lea
10.0.3.3/32 Direct 0 0 D 127.0.0.1 LoopBack0
://
10.0.3.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
tp
10.0.12.0/24 OSPF 10 2 D 10.0.13.1 GigabitEthernet0/0/0
10.0.13.0/24 Direct 0 0 D
t
10.0.13.3 GigabitEthernet0/0/0
10.0.13.3/32 Direct 0 0
s
D
:h127.0.0.1 GigabitEthernet0/0/0
10.0.13.255/32 Direct
127.0.0.0/8 Direct
0
0
0
r
0
c e D
D
127.0.0.1
127.0.0.1
GigabitEthernet0/0/0
InLoopBack0
ou
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct
es
0 0 D 127.0.0.1 InLoopBack0
172.16.0.0/24 Direct
R 0 0 D 172.16.0.1 LoopBack2
ing
172.16.0.1/32 Direct 0 0 D 127.0.0.1 LoopBack2
n
172.16.0.255/32 Direct 0 0 D 127.0.0.1 LoopBack2
ar
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
L e
Run the ping command to test connectivity between R2 and Loopback2 at
e
or
172.16.0.1.
M
<R2>ping 172.16.0.1
PING 172.16.0.1: 56 data bytes, press CTRL_C to break
Reply from 172.16.0.1: bytes=56 Sequence=1 ttl=254 time=47 ms
Reply from 172.16.0.1: bytes=56 Sequence=2 ttl=254 time=37 ms
Reply from 172.16.0.1: bytes=56 Sequence=3 ttl=254 time=37 ms
Reply from 172.16.0.1: bytes=56 Sequence=4 ttl=254 time=37 ms
Reply from 172.16.0.1: bytes=56 Sequence=5 ttl=254 time=37 ms
e n
Run the display ospf peer command to view the DR and BDR of R1 and R3. /
o m
i.c
<R1>display ospf peer 10.0.3.3
t t p
:h
Neighbor is up for 00:17:40
s
Authentication Sequence: [ 0 ]
rn
[R1]interface GigabitEthernet 0/0/0
a
[R1-GigabitEthernet0/0/0]ospf dr-priority 200
e
e L
r
[R3]interface GigabitEthernet 0/0/0
o
[R3-GigabitEthernet0/0/0]ospf dr-priority 100
[R1]interface GigabitEthernet0/0/0
[R1-GigabitEthernet0/0/0]shutdown
[R1-GigabitEthernet0/0/0]undo shutdown
[R3-GigabitEthernet0/0/0]undo shutdown
e n
Run the display ospf peer command to view the DR and BDR of R1 and R3. /
o m
[R1]display ospf peer 10.0.3.3
i . c
OSPF Process 1 with Router ID 10.0.1.1
w e
a
hu
Neighbors
g .
n
Area 0.0.0.0 interface 10.0.13.1(GigabitEthernet0/0/0)'s neighbors
Router ID: 10.0.3.3 Address: 10.0.13.3
ni
State: Full Mode:Nbr is Master Priority: 100
ar
l e
//
DR: 10.0.13.1 BDR: 10.0.13.3 MTU: 0
Dead timer due in 52 sec
:
Retrans timer interval: 5
t tp
Neighbor is up for 00:00:25
: h
Authentication Sequence: [ 0 ]
e s
r c R1's priority is higher than R3's priority, so
u the BDR.
According to the preceding information,
o
s
R1 becomes DR and R3 becomes
e
Final ConfigurationR
i n g
a rn
<R1>display current-configuration
L e
[V200R007C00SPC600]
e
#
o r
sysname R1
M
#
interface GigabitEthernet0/0/0
ip address 10.0.13.1 255.255.255.0
ospf dr-priority 200
ospf timer hello 15
#
interface GigabitEthernet0/0/1
ip address 10.0.12.1 255.255.255.0
e i.c
set authentication password cipher %$%$+L'YR&IZt'4,)>-*#lH",}%K-oJ_M9+'lOU~bD (\WTqB}%N,%
$%$
aw
u
.h
user-interface vty 0 4
g
#
return
ni n
r
<R2>display current-configuration
//lea
[V200R007C00SPC600]
p :
#
t t
sysname R2
s:h
#
interface GigabitEthernet0/0/1
r c e
ou
ip address 10.0.12.2 255.255.255.0
#
es
interface LoopBack0
R
i n g
ip address 10.0.2.2 255.255.255.0
n
#
ar
ospf 1 router-id 10.0.2.2
e
area 0.0.0.0
L
e
network 10.0.2.0 0.0.0.255
or
network 10.0.12.0 0.0.0.255
M
#
user-interface con 0
authentication-mode password
set authentication password cipher %$%$1=cd%b%/O%Id-8X:by1N,+s}'4wD6TvO<I|/pd#
#44C@+s#,%$%$
user-interface vty 0 4
#
return
g
interface LoopBack0
ip address 10.0.3.3 255.255.255.0
ni n
#
r
lea
interface LoopBack2
//
ip address 172.16.0.1 255.255.255.0
#
p :
ospf 1 router-id 10.0.3.3
t t
default-route-advertise
s:h
area 0.0.0.0
network 10.0.3.0 0.0.0.255
r c e
ou
network 10.0.13.0 0.0.0.255
#
es
R
ip route-static 0.0.0.0 0.0.0.0 LoopBack2
#
i n g
n
user-interface con 0
ar
authentication-mode password
e
set authentication password cipher %$%$ksXDMg7Ry6yUU:63:DQ),#/sQg"@*S\U#.s.bHW xQ,y%#/v,%
L
e
$%$
or
user-interface vty 0 4
M
#
return
Learning Objectives
e n
/
As a result of this lab section, you should achieve the following tasks:
o m
Establishment of the FTP service.
e i.c
Configuration of FTP server parameters. aw
u
Successful file transfer from an FTP server.
g.h
ni n
r
lea
Topology
: //
t t p
s :h
r c e
s ou Figure 5.1 FTP topology
Re
Scenario
i n g
rn
a
e on the network. You need to implement the FTP service on a router
As a network administrator of a company, you have been tasked with implementing
L
FTP services
e to be an FTP server. The router should allow clients to successfully establish
r
assigned
o session to the FTP application and transfer files.
a TCP
M
If you are starting this section with a non-configured device, begin here and then
move to step 2. For those continuing from previous labs, begin at step 2.
e n
/
m
<Huawei>system-view
o
i.c
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R1
[R1]interface GigabitEthernet 0/0/1
w e
[R1-GigabitEthernet0/0/1]ip address 10.0.12.1 24
u a
<Huawei>system-view
g .h
Enter system view, return user view with Ctrl+Z.
ni n
[Huawei]sysname R2
r
lea
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet0/0/1]ip address 10.0.12.2 24
: //
t t
Verify that R1 can reach R2, and vice versa..
p
[R1]ping 10.0.12.2
s :h
r c e
PING 10.0.12.2: 56 data bytes, press CTRL_C to break
ou
Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=10 ms
s
Reply from 10.0.12.2: bytes=56 Sequence=2 ttl=255 time=1 ms
e
R
Reply from 10.0.12.2: bytes=56 Sequence=3 ttl=255 time=1 ms
g
Reply from 10.0.12.2: bytes=56 Sequence=4 ttl=255 time=10 ms
i n
Reply from 10.0.12.2: bytes=56 Sequence=5 ttl=255 time=1 ms
n
e ar
--- 10.0.12.2 ping statistics ---
L
5 packet(s) transmitted
e
or
5 packet(s) received
0.00% packet loss
The FTP service is disabled by default on the router. It must be enabled before FTP
can be used. Configure an FTP server using R1 with R2 as the client. The same steps
Configure user authorization for FTP users to access the server. Unauthorized users
will not be able to access the FTP server, reducing security risks.
e n
/
[R1]aaa
m
[R1-aaa]local-user huawei password cipher huawei123
Info: Add a new user.
o
[R1-aaa]local-user huawei service-type ftp
e i.c
w
Info: The cipher password has been changed to an irreversible-cipher password.
a
u
Warning: The user access modes include Telnet, FTP or HTTP, and so security risks exist.
g.h
Info: After you change the rights (including the password, access type, FTP directory, and
n
level) of a local user, the rights of users already online do not change. The change takes
effect to users who go online after the change.
ni
r
lea
[R1-aaa]local-user huawei privilege level 15
//
Info: After you change the rights (including the password, access type, FTP directory, and
:
level) of a local user, the rights of users already online do not change. The change takes
p
effect to users who go online after the change.
e
level) of a local user, the rights of users already online do not change. The change takes
c
effect to users who go online after the change.
r
[R1]display ftp-server
s ou
FTP server is running
Re
ing
Max user number 5
User count
n 0
e ar
Timeout value(in minute) 30
e L
Listening port 21
or
Acl number 0
M
FTP server's source address 0.0.0.0
ar
e
200 Port command okay.
150 Opening ASCII mode data connection for *.
// l
:
tp
drwxrwxrwx 1 noone nogroup 0 May 03 18:03 .
-rwxrwxrwx 1 noone
t
nogroup 114552448 Jan 19 2012 AR2220E-V200R006C10SPC300.cc
h
-rwxrwxrwx 1 noone nogroup
:
159858 May 03 17:59 mon_file.txt
s
-rwxrwxrwx
-rwxrwxrwx
1 noone
1 noone
nogroup
nogroup
r c e
304700 Mar 03 11:11 sacrule.dat
783 Mar 03 11:12 default_local.cer
-rwxrwxrwx 1 noone
o u
nogroup 0 Dec 20 2015 brdxpon_snmp_cfg.efs
-rwxrwxrwx 1 noone
es
nogroup 777 May 03 18:03 vrpcfg.zip
drwxrwxrwx 1 noone
R nogroup 0 Mar 10 11:14 update
drwxrwxrwx
i n g
1 noone nogroup 0 May 03 18:03 localuser
rn
drwxrwxrwx 1 noone nogroup 0 Mar 17 10:45 dhcp
a
-rwxrwxrwx 1 noone nogroup 460 May 03 18:03 private-data.txt
L e
-rwxrwxrwx 1 noone nogroup 126352896 Mar 10 11:09 AR2220E-V200R007C00SPC600.cc
e
drwxrwxrwx 1 noone nogroup 0 Mar 10 11:15 shelldir
o r
-rwxrwxrwx 1 noone nogroup 11606 May 03 18:00 mon_lpu_file.txt
M
drwxrwxrwx 1 noone nogroup 0 Mar 18 14:45 huawei
-rwxrwxrwx 1 noone nogroup 120 Mar 18 15:02 text.txt226 Transfer complete.
FTP: 836 byte(s) received in 0.976 second(s) 856.55byte(s)/sec.
[R2-ftp]binary
Retrieve a file from the FTP server. Note: If the vrpcfg.zip file is not present in the sd1:
e i.c
aw
After downloading the file from FTP server, use the bye command to
hu close the
connection g .
ni n
ar
e
[R2-ftp]bye
221 Server closing.
// l
:
<R2>dir
t tp
Directory of flash:/
: h
e s
Idx Attr Size(Byte) Date
r c Time(LMT) FileName
0 -rw-
o u
114,552,448 Jan 19 2012 15:32:52 AR2220E-V200R006C10SPC300.cc
1 -rw-
e s
270,176 Apr 30 2016 03:17:08 mon_file.txt
2 -rw-
R
304,700 Mar 03 2016 11:11:44 sacrule.dat
3 -rw-
rn
4 -rw- 0 Dec 20 2015 00:06:14 brdxpon_snmp_cfg.efs
a
5 -rw- 775 Apr 29 2016 17:51:48 vrpcfg.zip
6 drw-
L e - Mar 10 2016 11:28:46 update
e
7 drw- - Apr 23 2016 17:33:38 localuser
o r
8 drw- - Mar 21 2016 20:59:46 dhcp
M
9 -rw- 394 Apr 29 2016 17:51:50 private-data.txt
10 -rw- 126,352,896 Mar 10 2016 11:14:40 AR2220E-V200R007C00SPC600.cc
11 drw- - Mar 10 2016 11:29:20 shelldir
12 -rw- 23,950 Apr 27 2016 16:06:06 mon_lpu_file.txt
13 -rw- 120 Mar 24 2016 11:45:44 huawei.zip
14 -rw- 777 May 10 2016 14:23:43 vrpnew.zip
A file can be uploaded to the FTP server by using the command put, for which a new
file name can also be assigned.
After uploading the file, check for the presence of the file on FTP server.
<R1>dir
e n
Directory of flash:/
/
o m
i.c
Idx Attr Size(Byte) Date Time(LMT) FileName
0
1
-rw-
-rw-
286,620 Mar 14 2016 09:22:20
512,000 Mar 28 2016 14:39:16
sacrule.dat
mon_file.txt
w e
2 -rw- 1,738,816 Mar 17 2016 12:05:36 web.zip
u a
3 -rw- 48,128 Mar 10 2016 14:16:56
.h
ar2220E_v200r001sph001.pat
g
n
4 -rw- 120 Mar 28 2016 10:09:50 iascfg.zip
5 -rw- 699 Mar 28 2016 17:52:38 vrpcfg.zip
ni
r
lea
6 -rw- 93,871,872 Mar 14 2016 09:13:26 ar2220-V200R007C00SPC600.cc
//
7 -rw- 512,000 Mar 28 2016 14:40:20 mon_lpu_file.txt
8 -rw- 699 Mar 02 2016 15:44:16
:
vrpnew2.zip
p
t t
: h files on R1 and R2.
Remove the created vrpnew.zip and vrpnew2.zip
e s
<R1>delete flash:/vrpnew2.zip
r c
u
Delete flash:/vrpnew2.zip? (y/n)[n]:y
o
s
Info: Deleting file flash:/vrpnew2.zip...succeed.
e
R
g
<R2>delete flash:/vrpnew.zip
i n
Delete flash:/vrpnew.zip? (y/n)[n]:y
rn
Info: Deleting file flash:/vrpnew.zip...succeed.
a
e take extreme care when deleting the configuration files so to ensure
L
Note: Please
e entire flash:/ directory of R1 and R2 is not erased.
r
that the
o
MFinal Configuration
<R1>display current-configuration
[V200R007C00SPC600]
#
sysname R1
ftp server enable
g
interface GigabitEthernet0/0/1
ip address 10.0.12.1 255.255.255.0
ni n
#
r
lea
user-interface con 0
//
authentication-mode password
p :
set authentication password cipher %$%$+L'YR&IZt'4,)>-*#lH",}%K-oJ_M9+'lOU~bD (\WTqB}%N,%
$%$
t t
user-interface vty 0 4
s :h
#
return
r c e
s ou
e
<R2>display current-configuration
[V200R007C00SPC600]
R
#
i n g
n
sysname R2
ar
ftp server enable
e
set default ftp-directory flash:
L
e
#
or
aaa
M
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$=i~>Xp&aY+*2cEVcS-A23Uwe%$%$
local-user admin service-type http
local-user huawei password cipher %$%$<;qM3D/O;ZLqy/"&6wEESdg$%$%$
Learning Objectives
As a result of this lab section, you should achieve the following tasks:
or
MScenario
As the administrator of an enterprise you have been tasked with implementing
DHCP application services within the network. The gateway router in the company
network is to be configured as a DHCP server. IP addressing from an address pool
are to be offered by the gateway(s) (R1 and R3) to respective access layer devices.
If you are starting this section with a non-configured device, begin here and then
move to step 3. For those continuing from previous labs, begin at step 2.
e n
Establish the addressing for the lab and temporarily shut down the interfaces Gigabit
/
Ethernet 0/0/2 of R1 and Gigabit Ethernet 0/0/1 of R3.
o m
i.c
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R1
w e
[R1]interface GigabitEthernet 0/0/1
u a
[R1-GigabitEthernet0/0/1]ip address 10.0.12.1 24
g.h
n
[R1-GigabitEthernet0/0/1]quit
ni
r
lea
<Huawei>system-view
//
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R3
p :
[R3]interface GigabitEthernet 0/0/1
t t
:h
[R3-GigabitEthernet0/0/1]ip address 10.0.12.3 24
[R3-GigabitEthernet0/0/1]shutdown
e s
[R3-GigabitEthernet0/0/1]quit
r c
ou
[R3]interface GigabitEthernet 0/0/2
s
[R3-GigabitEthernet0/0/2]ip address 10.0.23.3 24
e
R
n
<Quidway>system-view
i g
n
Enter system view, return user view with Ctrl+Z.
ar
[Quidway]sysname S1
e
e L
or
<Quidway>system-view
Enter system view, return user view with Ctrl+Z.
M
[Quidway]sysname S2
e n
Step 3 Additional configuration /
o m
Disable the port interfaces between S1 and S2 as well as other interfaces to i . cprevent
w e
interference from other devices.
a
. hu
i n g
[S1]interface GigabitEthernet 0/0/9
r n
[S1-GigabitEthernet0/0/9]shutdown
l e a
//
[S1-GigabitEthernet0/0/9]quit
:
tp
[S1]interface GigabitEthernet 0/0/10
[S1-GigabitEthernet0/0/10]shutdown
ht
:
[S1-GigabitEthernet0/0/10]quit
e
[S1]interface GigabitEthernet 0/0/13
s
r c
[S1-GigabitEthernet0/0/13]shutdown
[S1-GigabitEthernet0/0/13]quit
o u
s
[S1]interface GigabitEthernet 0/0/14
e
R
[S1-GigabitEthernet0/0/14]shutdown
i n g
[S2]interface GigabitEthernet 0/0/9
rn
[S2-GigabitEthernet0/0/9]shutdown
a
L e
[S2-GigabitEthernet0/0/9]quit
[S2]interface GigabitEthernet 0/0/10
r e
[S2-GigabitEthernet0/0/10]shutdown
o
[S2-GigabitEthernet0/0/10]quit
Verify that Gigabit Ethernet interfaces 0/0/9, 0/0/10, 0/0/13 and 0/0/14, have been
e n
/
shut down on S1 and that Gigabit Ethernet interfaces 0/09, 0/0/10, 0/0/6 and 0/0/7
o m
i . c
have been shut down on S2.
w e
a
hu
<S1>display interface brief
…output omitted…
g .
Interface PHY Protocol InUti OutUti
ni ninErrors outErrors
GigabitEthernet0/0/1 up up 0.01%
r
0.01%
a
0 0
e
GigabitEthernet0/0/2 up up 0.01% 0.01% 0 0
GigabitEthernet0/0/3 down down
//
0% l 0% 0 0
:
tp
GigabitEthernet0/0/4 up up 0% 0.01% 0 0
GigabitEthernet0/0/5 up up
ht 0% 0.01% 0 0
GigabitEthernet0/0/6 down
s :
down 0% 0% 0 0
GigabitEthernet0/0/7
GigabitEthernet0/0/8
down
down
r c e down
down
0%
0%
0%
0%
0
0
0
0
GigabitEthernet0/0/9
o u
*down down 0% 0% 0 0
GigabitEthernet0/0/10
es
*down down 0% 0% 0 0
GigabitEthernet0/0/11
R down down 0% 0% 0 0
i n g
GigabitEthernet0/0/12 down down 0% 0% 0 0
rn
GigabitEthernet0/0/13 *down down 0% 0% 0 0
a
GigabitEthernet0/0/14 *down down 0% 0% 0 0
e
…output omitted…
L
r e
o
<S2>display interface brief
M
…output omit…
GigabitEthernet0/0/1 up up 0% 4.06% 0 0
GigabitEthernet0/0/2 up up 0% 4.06% 0 0
GigabitEthernet0/0/3 up up 0% 4.06% 0 0
GigabitEthernet0/0/4 up up 0% 20.40% 0 0
GigabitEthernet0/0/5 up up 0% 20.40% 0 0
GigabitEthernet0/0/6 *down down 0% 2.04% 0 0
GigabitEthernet0/0/7 *down down 2.03% 2.03% 0 0
e n
Verify that only interface Gigabit Ethernet 0/0/2 is disabled on R1 and that only
/
o m
i.c
interface Gigabit Ethernet 0/0/1 is disabled on R3.
w e
<R1>display ip interface brief
u a
.h
…output omitted…
g
GigabitEthernet0/0/1 10.0.12.1/24 up up
GigabitEthernet0/0/2 10.0.23.1/24 *down
ni n down
…output omitted…
r
<R3>display ip interface brief
// lea
…output omitted…
p :
GigabitEthernet0/0/1
t
10.0.12.3/24 t *down down
GigabitEthernet0/0/2
s :h
10.0.23.3/24 up up
…output omitted…
r c e
Step 4 Enable the DHCP o u
function.
e s
The DHCP service is not Renabled by default, enable the DHCP service on the
router(s).
i n g
rn
[R1]dhcp enable
a
L e
eCreate a global IP address pool
[R3]dhcp enable
o
Stepr5
M
Create an address pool named pool1 for R1 and pool2 for R3. Configure attributes
for pool1 and pool2, including address range, egress gateway, and IP address lease
period.
[R1]ip pool pool1
Info: It's successful to create an IP address pool.
[R1-ip-pool-pool1]network 10.0.12.0 mask 24
e i.c
Run the display ip pool name <name> command on the router to view
aw the
assigned IP address pool configuration parameters.
. hu
<R1>display ip pool name pool1
i n g
n
Pool-name : pool1
Pool-No : 0
ar
l e
//
Lease : 1 Days 12 Hours 0 Minutes
Domain-name : -
:
DNS-server0 : -
t tp
NBNS-server0 : -
: h
Netbios-type : -
e s
Position : Local
r c Status : Unlocked
Gateway-0
u
: 10.0.12.1
o
s
Network : 10.0.12.0
Mask
e
: 255.255.255.0
R
g
VPN instance : --
i n
rn
---------------------------------------------------------------------------- Start
L
----------------------------------------------------------------------------
e
o r
10.0.12.1 10.0.12.254 253 0 253(0) 0
----------------------------------------------------------------------------
0
M
Configure the default management interface for S1 to request an IP address from
the DHCP server (R1). Perform the same steps on S2 for R3.
[S1]dhcp enable
w e
a
hu
and for S2, from the DHCP pool named pool2 on R3.
g .
ni n
<R1>display ip pool name pool1
ar
e
Pool-name : pool1
Pool-No : 0
// l
:
tp
Lease : 1 Days 12 Hours 0 Minutes
Domain-name : -
ht
DNS-server0 : -
s :
NBNS-server0
Netbios-type
: -
: -
r c e
Position : Local
o u Status : Unlocked
Gateway-0
es
: 10.0.12.1
Network
R
: 10.0.12.0
Mask
g
: 255.255.255.0
i n
rn
VPN instance : --
e a
----------------------------------------------------------------------------
e L
Start End Total Used Idle(Expired) Conflict Disable
o r
----------------------------------------------------------------------------
M
10.0.12.1 10.0.12.254 253 1 252(0) 0 0
----------------------------------------------------------------------------
hu
Ensure that global pool configuration has been completed for g .
both R1 and R3
before continuing!
n i n
ar
Step 6 Create an interface based IP addressepool
/: /l
p For R3 disable interface Gigabit
Disable the interface Gigabit Ethernet 0/0/1tR1.
t
Ethernet 0/0/2.
: h
e s
c
[R1]interface GigabitEthernet 0/0/1
u r
[R1-GigabitEthernet0/0/1]shutdown
s o
R e
[R3]interface GigabitEthernet 0/0/2
[R3-GigabitEthernet0/0/2]shutdown
i n g
a
Ethernet 0/0/2rnof R1 to obtain IP addresses. Perform the same operation for Gigabit
Configure an interface address pool to allow the clients connected via Gigabit
Isolate addresses from the pool GigabitEthernet0/0/2 for R1, and the pool
GigabitEthernet0/0/1 for R3, for DNS services. Additionally, set the IP address lease
e n
/
Run the display ip pool interface command on the router to view the configured
o m
parameters of the interface address pool. For R3 the interface is Gigabit Ethernet
i . c
0/0/1.
w e
a
hu
<R1>display ip pool interface GigabitEthernet0/0/2
Pool-name : GigabitEthernet0/0/2
g .
Pool-No : 1
ni n
Lease : 1 Days 12 Hours 0 Minutes
ar
e
Domain-name : -
DNS-server0 : 10.0.23.254
// l
:
tp
NBNS-server0 : -
Netbios-type : -
ht
Position : Interface
:
Status
s
: Unlocked
Gateway-0
Network
: 10.0.23.1
: 10.0.23.0
r c e
Mask
o u
: 255.255.255.0
VPN instance : --
e s
R
----------------------------------------------------------------------------
Start
rn
----------------------------------------------------------------------------
a
10.0.23.1 10.0.23.254 253 0 252(0) 0 1
L e
----------------------------------------------------------------------------
r ethe existing Vlanif1 address from S2 to allow for dynamic allocation of a new
o
Flush
MIP address from the interface GigabitEthernet0/0/2 pool.
[S2]interface Vlanif 1
[S2-Vlanif1]shutdown
[S2-Vlanif1]undo shutdown
e n
Lease : 1 Days 12 Hours 0 Minutes
/
Domain-name : -
o m
i.c
DNS-server0 : 10.0.23.254
NBNS-server0
Netbios-type
: -
: -
w e
Position : Interface Status : Unlocked
u a
Gateway-0 : 10.0.23.1
g .h
n
Network : 10.0.23.0
Mask : 255.255.255.0
ni
r
lea
VPN instance : --
//
----------------------------------------------------------------------------
Start End
:
Total Used Idle(Expired) Conflict Disable
p
t t
----------------------------------------------------------------------------
:h
10.0.23.1 10.0.23.254 253 1 251(0) 0 1
s
----------------------------------------------------------------------------
e
<S2>display ip interface brief
r c
ou
…output omitted…
s
Interface IP Address/Mask Physical Protocol
MEth0/0/1
Re unassigned down down
g
NULL0 unassigned up up(s)
Vlanif1
n i n 10.0.23.253/24 up up
a r
L e
The interface Vlanif1 shows to have been allocated an address from the
e
GigabitEthernet0/0/2 address pool of R1.
r the existing Vlanif1 address from S1 to allow for dynamic allocation of a new
o
Flush
MIP address from the interface GigabitEther0/0/1 pool.
[S1]interface Vlanif 1
[S1-Vlanif1]shutdown
[S1-Vlanif1]undo shutdown
Enable interface Gigabit Ethernet 0/0/1 to allow the DHCP server to become active
Verify that the new IP address as been allocated from the interface pool.
e n
<R3>display ip pool interface GigabitEthernet0/0/1
/
Pool-name : GigabitEthernet0/0/1
o m
i.c
Pool-No : 1
Lease
Domain-name
: 1 Days 12 Hours 0 Minutes
: -
w e
DNS-server0 : 10.0.12.254
u a
NBNS-server0 : -
g .h
n
Netbios-type : -
Position : Interface Status : Unlocked
ni
r
lea
Gateway-0 : 10.0.12.3
//
Network : 10.0.12.0
Mask : 255.255.255.0
p :
VPN instance : --
t t
:h
----------------------------------------------------------------------------
Start End
s
Total Used Idle(Expired) Conflict Disable
e
c
----------------------------------------------------------------------------
r
ou
10.0.12.1 10.0.12.254 253 1 251(0) 0 1
s
----------------------------------------------------------------------------
e
R
<S1>display ip interface brief
g
…output omitted…
Interface
ar
MEth0/0/1 unassigned down down
e
NULL0 unassigned up up(s)
Vlanif1
e L 10.0.12.253/24 up up
or
It should also be noted that a default static route pointing to the DHCP server is
M
automatically generated by the switch, as seen in the final configuration below.
Final Configuration
[R1]display current-configuration
[V200R007C00SPC600]
#
g
ip address 10.0.23.1 255.255.255.0
dhcp select interface
ni n
dhcp server excluded-ip-address 10.0.23.254
r
lea
dhcp server lease day 1 hour 12 minute 0
//
dhcp server dns-list 10.0.23.254
#
p :
user-interface con 0
t t
authentication-mode password
s:h
$user-interface vty 0 4
r c e
set authentication password cipher %$%$+L'YR&IZt'4,)>-*#lH",}%K-oJ_M9+'lOU~bD(\WTqB}%N,%$%
ou
#
return
es
R
i n g
[R3]dis current-configuration
n
[V200R007C00SPC600]
ar
#
e
sysname R3
L
e
#
or
dhcp enable
M
#
ip pool pool2
gateway-list 10.0.23.3
network 10.0.23.0 mask 255.255.255.0
lease day 1 hour 12 minute 0
#
interface GigabitEthernet0/0/1
ip address 10.0.12.3 255.255.255.0
e i.c
set authentication password cipher %$%$ksXDMg7Ry6yUU:63:DQ),#/sQg"@*S\U#.s.bHWxQ,y%#/v,%$%
$
aw
u
.h
user-interface vty 0 4
g
#
return
ni n
r
lea
<S1>dis current-configuration
//
#
!Software Version V200R008C00SPC500
p :
sysname S1
t t
#
s:h
dhcp enable
#
r c e
ou
interface Vlanif1
ip address dhcp-alloc
es
#
R
i n g
ip route-static 0.0.0.0 0.0.0.0 10.0.12.3
n
#
ar
user-interface con 0
e
user-interface vty 0 4
L
e
#
or
return
M
<S2>display current-configuration
#
!Software Version V200R008C00SPC500
sysname S2
#
dhcp enable
#
o m
If you have the HCNA/HCNP certificate:You can access Huawei Career Certification and Basic Technology e-Learning
courses.
e i .c
If you have the HCIE certificate: You can access all the e-Learning courses which marked for HCIE Certification Users.
aw
Methods to get the HCIE e-Learning privilege : Please associate HCIE certificate information with your Huawei account, and
hu
arn
Content: Huawei product training material and Huawei career certification training material.
//le
Method:Logon http://learning.huawei.com/en and enter Huawei Training/Classroom Training ,then you can download
training material in the specific training introduction page.
p :
3、 Priority to participate in Huawei Online Open Class (LVC)
t t
s :h
The Huawei career certification training and product training covering all ICT technical domains like R&S, UC&C, Security,
4、Learning Tools: rc e
Storage and so on, which are conducted by Huawei professional instructors.
u
s o
eNSP :Simulate single Router&Switch device and large network.
R e
WLAN Planner :Network planning tools for WLAN AP products.
n g
In addition, Huawei has built up Huawei Technical Forum which allows candidates to discuss technical issues with Huawei experts ,
ni
share exam experiences with others or be acquainted with Huawei Products.
a r
Statement:
L e
r e
This material is for personal use only, and can not be used by any individual or organization for any commercial purposes.
o
M
HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential 1