Introduction To Common VRP vs. IOS Commands: Huawei3Com
Introduction To Common VRP vs. IOS Commands: Huawei3Com
Introduction To Common VRP vs. IOS Commands: Huawei3Com
Huawei3Com
Topics
• Basic Commands
• Routing
• Switching
• Network Management
• Security Management
Configuring the System Name
• Purpose
User name is the name of equipment for users to use
the equipment more conveniently.
• Configuration Commands
VRP sysname systemname
IOS hostname systemname
• Purpose
Introduce the configurations for entering the system mode and
the configuration mode.
• Configuration Commands
• VRP system view Enter the system mode and the
configuration mode
• IOS enable Enter the system mode
config terminal Enter the configuration mode
• Purpose
Interface description is to specify some attributes of
the interface (for example, what the interface is, and
what equipment is connected at the peer end) for
users to understand the interface better.
• Configuration Commands
VRP has the same interface configuration commands
as IOS. Presented below are the interface
configuration commands of VRP, for example.
interface serial 0
description frame-relay link to huawei
• Purpose
Define a network-wide unique identifier for the
interface .
• Configuration Commands
VRP has the same IP address configuration
commands as IOS. Presented below are IP
address configuration commands of VRP, for
example.
interface ethernet 0
ip address 168.10.2.1 255.255.255.0
• Purpose
Select a different encapsulation mode for a different
network architecture.
• Configuration Commands
The common link encapsulation modes of VRP are
FRAME-RELAY, HDLC, and PPP.
VRP interface serial 0
link-protocal frame-relay/hdlc/ppp
IOS interface serial 0
encapsulation frame-relay/hdlc/ppp
• Purpose
Make users understand the equipment information better and facilitate
the equipment configuration.
• Configuration Commands
VRP
Display the version: display version
Display the configuration information
of the current view: display
this
Display the current configuration information: display current
Display the NVRAM configuration: display saved-config
Display information of an interface: display interface XX
Display the routing information: display ip routing
Display the module configuration in any status: display current config
xx (mode)
• Purpose
View all data packets of the router more carefully,
which is helpful in uncovering the network problems.
• Common Debugging Commands
VRP debugging ip packet
debugging ospf [process-id] packet
debugging fr lmi
undo debugging all
• VRP
Ctrl+O undo debugging all
Ctrl+L display ip routing-table
Ctrl+G display current-configuration
Ctrl+A Move to the beginning of command line
Ctrl+E Move to the end of command line
Ctrl+F Move forward by a character
Ctrl+B Move backward by a character
Ctrl+P (upward arrow) Re-use the previous command
Ctrl+N (downward arrow) Re-use the next command
• IOS
Ctrl+Shift+6+X Stop the current operation
Ctrl+Z Return to the privileged mode
• Purpose
The loopback interface is virtual, and VRP can use it to simulate
the actual interface because a virtual interface is not closed due
to various factors like a physical interface.
• Configuration Commands
A loopback interface has the same configuration commands as
other interfaces. Since it is not connected to any other physical
interface, it uses a 32-bit mask to save addresses.
interface loopback 0
ip address 1.1.1.1 255.255.255.255
• Purpose
ip unnumbered can be used to save the space of network
addresses or subnet addresses, but the port status (up or not)
cannot be known with the ping command.
• Configuration Commands
VRP has the same configuration commands has IOS. Described
below is how to configure VRP.
Interface serial 1/0
Ip unnumbered ethernet 0/1
• Purpose
Domain Name Server (DNS) makes destination names
correspond to IP addresses, so that users only need to
know the destination name.
• Configuration Commands
VRP Configure the domain name correspondence:
ip host host-name ip-add
Cancel the domain name correspondence:
undo ip host host-name ip-address
IOS Configure: The same as VRP
Cancel: no ip host host-name ip-address
• IOS no ip domain-lookup
To avoid the case where a router regards the wrongly
entered command as a host name, and thus sends a
request to domain-server for the corresponding IP
address or sends a broadcast (255.255.255.255) if
there is no domain-server.
• Purpose
Cisco Discovery Protocol (CDP) is a private protocol
of Cisco. Cisco equipment complies with CDP when
collecting the information of other adjacent Cisco
equipment. This command is used in the interface
mode.
• Configuration Commands
Since CDP is a private protocol of Cisco, VRP does
not have the relevant commands.
IOS interface serial 0
cdp enable
• Purpose
Change the place where the router’s system software
is obtained.
• Configuration Commands
IOS boot system flash
boot system tftp: //1.2.3.4/c2600-121-5.T4
boot system rom
• Purpose
Register configuration is used to change the route
start process.
• Configuration Commands
First introduced are functions of major registers.
0x2102 Industrial default value
0x2142 Start from flash without using the
configuration file in NVRAM (used for password
recovery)
Configuration config-register 0x2102
config-register 0x2142
• Basic Commands
• Routing
• Switching
• Network Management
• Security Management
VRP configuration
1.1.1.1/24 commands: (router1)
3.1.1.2/24
rip
Router4 net 1.0.0.0
3.1.1.1/24 net 2.0.0.0
1.1.1.2/24
Other routers may be
configured similarly.
Router1 Router3 IOS configuration
commands: (router1)
router rip
2.1.1.1/24 3.1.1.2/24 net 1.0.0.0
Router2 net 2.0.0.0
3.1.1.1/24 Other routers may be
2.1.1.2/24
configured similarly.
IOS configuration
2.1.1.1/24 3.1.1.2/24 commands: (router1)
Router2 router ospf 1
3.1.1.1/24
2.1.1.2/24 network 1.1.1.2 0.0.0.0 area 0
Area 1 network 2.1.1.1 0.0.0.0 area 1
Other routers may be
configured similarly.
A Good Network Nearby
ISIS
RT2: 49.0001.0000.0000.0002.00
1.1.1.1/24
3.1.1.2/24
Router2
3.1.1.1/24
1.1.1.2/24
Router1 Router3
RT1: 49.0001.0000.0000.0001.00 RT3: 49.0001.0000.0000.0003.00
Area 49.0001
VRP configuration
1.1.1.1/24 commands: (router1)
3.1.1.2/24 bgp 100
group 1 external
Router2
3.1.1.1/24 peer 1.1.1.1 group 1
1.1.1.2/24
AS200 as-number 200
Other routers may be
configured similarly.
Router1 Router3
Router2
3.1.1.1/24
1.1.1.2/24
AS200
Router1 Router3
4.1.1.2/24 AS300
AS100
4.1.1.1/24
Router4
Loopback0: 10.1.1.1/8
• Introduction
When advertising and receiving the routing
information, a router may carry out some policies to
filter the routing information, for example, only receive
or advertise the routing information that meets the
given conditions.
• Network Requirement
When the OSPF on a router redistributes the routing information of RIP, it filters
routes by quoting a routing policy. The routing policy comprises two nodes, for
example, 192.1.0.0/24 and 128.2.0.0/16, whose routing information is advertised by
OSPF under different routing costs.
• Topology
128.1.0.1/16
192.1.0.0/24
128.1.0.0/16
128.2.0.0/16
Regional network
Campus network
• VRP Configuration
• Define an address prefix list
[Router]ip ip-prefix p1 permit 192.1.1.0/24
[Router]ip ip-prefix p1 permit 128.2.0.0/16
• Configure a routing policy
[Router]route-policy r1 permit 10
[Router-route-policy]if-match ip address ip-prefix p1
[Router-route-policy]apply cost 20
[Router-route-policy]route-policy r1 permit 20
[Router-route-policy]if-match ip address ip-prefix p2
[Router-route-policy]apply cost 30
• VRP Configuration
• Configure the OSPF
[Router]ospf 1
[Router-ospf-1]import-route rip route-policy r1
• IOS Configuration
ip prefix-list p1 permit 192.1.1.0/24
ip prefix-list p2 permit 128.2.0.0/16
route-map r1 permit 10
match ip prefix-list p1
set cost 20
route-map r1 permit 20
match ip prefix-list p2
set cost 30
router ospf 1
redistribute rip route-map r1
• Basic Commands
• Routing
• Switching
• Network Management
• Security Management
• Create a VLAN
vlan 100 (1-4094)
• Delete a VLAN
undo vlan 100 (1-4094)
• Add a port in VLAN
port Ethernet 2/0/1
• Delete a port from a VLAN
undo port Ethernet 2/0/1
• Create a VLAN
vlan 100 (1-4094)
• Delete a VLAN
no vlan 100 (1-4094)
• Add a port to a VLAN
switchport access vlan 100
• Delete a port from a VLAN
no switchport access vlan
• Show a VLAN
show vlan
• Basic Commands
• Routing
• Switching
• Network Management
• Security Management
• Introduction
Simple Network Management Protocol (SNMP), a broadly
applied industrial standard, is the computer network
management protocol that used the most extensively at present.
• Structure
SNMP is structurally divided into Network Management Station
(NMS) and AGENT. NMS is the client workstation and AGENT is
the server software that runs on the network equipment.
• SNMP Version
SNMP has three versions now: SNMP v3/v2c/v1. SNMP v3 is
compatible with v1 and v2c.
Snmp agent
Router
129.102.149.23
129.102.149.1
• Config termimal
• Snmp-server community public ro
• Snmp-server community private rw
• Snmp-server contact Mr.wang-tel 3306
• Snmp-server location telephone 3rd floor
• Snmp-server enable traps
• Snmp-server target-host trap address udp-domain
129.102.149.23 udp-port 5000 params securityname public
• Basic Commands
• Routing
• Switching
• Network Management
• Security Management
• Key points
• Determine the level of authority
• Determine the authorization policy
Generic or per user
AAA via TACACS+ or RADIUS
Local authentication
• VRP Configuration
local-user huawei password simple linbin Create
a user
local-user huawei level 3 Set the authorization level
• Application Command
command-privilege level 3 view serial display
interface
• IOS Configuration
username huawei privilege 5 password huawei
peivilege config level 5 interface Define a
configuration object
privilege interface level 5 shutdown Define a
configuration command
privilege exec level 5 show ip route Define an
executable command
• Purpose
Ensure that the equipment that is logged on to via vty
and console is not used by any other unauthorized
person after the user leaves.
• VRP Configuration
Idle-timeout minite second
• IOS Configuration
exec-timeout minite second
• Overview
To filter data packets,a router shall be configured with
rules to decide which data packets will be let
through.These rules are defined in an Access Control
List (ACL).
• Classification
Basic acl
Advanced acl
Interface-based acl
MAC-based acl
• VRP configuration
• Create a basic ACL in the system view
acl {number number/name name basic} [match-
order {config/auto}]
• Create the ACL rules in the basic ACL view
rule [rule-id] {permit/deny} [source sour-add sour-
wildcast/any] [time-range time-name] [logging]
[fragment] [vpn-instance vpn-instance-name]
• VRP instance
acl number 2000 match-order config
rule 1 permit source 20.1.1.0 0.0.0.255
• IOS instance
access-list 2 permit 20.1.1.0 0.0.0.255