2023年12月6日发(作者:寸雅辰)
华
为交换机命令手册
PCA login: root ;使用root用户
password: linux ;口令是linux
shutdown -h now ;关机
init 0 ;关机
logout
login
ifconfig ;显示IP地址
ifconfig eth0
ifconfig eht0
route add gw
route del gw
route add default gw
route del default gw
route ;显示网关
ping
telnet
----------------------------------------
交换机命令
~~~~~~~~~~ Quidwaysuper password 修改特权用户密码
Quidwaysysname 交换机命名
Quidwayinterface ethernet 0/1 进入接口视图
Quidwayinterface vlan x 进入接口视图
Quidway-Vlan-interfacexip address
Quidwayip route-static 静态路由=网关
Quidwayuser-interface vty 0 4
S3026-ui-vty0-4authentication-mode password
S3026-ui-vty0-4set authentication-mode password simple 222
S3026-ui-vty0-4user privilege level 3
Quidway-Ethernet0/1duplex {half|full|auto} 配置端口双工工作状态
Quidway-Ethernet0/1speed {10|100|auto} 配置端口工作速率
Quidway-Ethernet0/1flow-control 配置端口流控
Quidway-Ethernet0/1mdi {across|auto|normal} 配置端口MDI/MDIX状态平接或扭接
Quidway-Ethernet0/1port link-type {trunk|access|hybrid} 设置接口工作模式
Quidway-Ethernet0/1shutdown 关闭/重起接口
Quidway-Ethernet0/2quit 退出系统视图
Quidwayvlan 3 创建/删除一个VLAN/进入VLAN模式
Quidway-vlan3port ethernet 0/1 to ethernet 0/4 在当前VLAN增加/删除以太网接口
Quidway-Ethernet0/2port access vlan 3 将当前接口加入到指定VLAN
Quidway-Ethernet0/2port trunk permit vlan {ID|All} 设trunk允许的VLAN
Quidway-Ethernet0/2port trunk pvid vlan 3 设置trunk端口的PVID
Quidwaymonitor-port
Quidwayport mirror
Quidwayport mirror int_list observing-port int_type int_num 指定镜像和被镜像
Quidwaydescription string 指定VLAN描述字符
Quidwaydescription 删除VLAN描述字符
Quidwaydisplay vlan vlan_id 查看VLAN设置
Quidwaystp {enable|disable} 开启/关闭生成树,默认关闭
Quidwaystp priority 4096 设置交换机的优先级
Quidwaystp root {primary|secondary} 设置交换机为根或根的备份 Quidway-Ethernet0/1stp cost 200 设置交换机端口的花费
SwitchA-vlanxisolate-user-vlan enable 设置主vlan
SwitchAIsolate-user-vlan 设置主vlan包括的子vlan
Quidway-Ethernet0/2port hybrid pvid vlan
Quidway-Ethernet0/2port hybrid pvid 删除vlan的pvid
Quidway-Ethernet0/2port hybrid vlan vlan_id_list untagged 设置无标识的vlan
如果包的vlan id与PVId一致,则去掉vlan信息. 默认PVID=1.
所以设置PVID为所属vlan id, 设置可以互通的vlan为untagged.
----------------------------------------
路由器命令
~~~~~~~~~~
Quidwaydisplay version 显示版本信息
Quidwaydisplay current-configuration 显示当前配置
Quidwaydisplay interfaces 显示接口信息
Quidwaydisplay ip route 显示路由信息
Quidwaysysname aabbcc 更改主机名
Quidwaysuper passwrod 123456 设置口令 Quidwayinterface serial0 进入接口
Quidway-serial0ip address
Quidway-serial0undo shutdown 激活端口
Quidwaylink-protocol hdlc 绑定hdlc协议
Quidwayuser-interface vty 0 4
Quidway-ui-vty0-4authentication-mode password
Quidway-ui-vty0-4set authentication-mode password simple 222
Quidway-ui-vty0-4user privilege level 3
Quidway-ui-vty0-4quit
Quidwaydebugging hdlc all serial0 显示所有信息
Quidwaydebugging hdlc event serial0 调试事件信息
Quidwaydebugging hdlc packet serial0 显示包的信息
静态路由:
Quidwayip route-static
number|nexthop}valuereject|blackhole
例如:
Quidwayip route-static 16
Quidwayip route-static
Quidwayip route-static 16 Serial 2
Quidwayip route-static
动态路由:
Quidwayrip
Quidwayrip work
Quidwayrip input
Quidwayrip output
Quidway-ripnetwork ;可以all
Quidway-ripnetwork
Quidway-rippeer ip-address
Quidway-ripsummary
Quidwayrip version 1
Quidwayrip version 2 multicast
Quidway-Ethernet0rip split-horizon ;水平分隔
Quidwayrouter id 配置路由器的ID
Quidwayospf enable 启动OSPF协议
Quidway-ospfimport-route direct 引入直联路由
Quidway-Serial0ospf enable area
标准访问列表命令格式如下: acl
rule normal|special{permit|deny} source source-addr
source-wildcard|any
例:
Quidwayacl 10
Quidway-acl-10rule normal permit source
Quidway-acl-10rule normal deny source any
扩展访问控制列表配置命令
配置TCP/UDP协议的扩展访问列表:
rule {normal|special}{permit|deny}{tcp|udp}source
wild>|any}destination
operate
配置ICMP协议的扩展访问列表:
rule {normal|special}{permit|deny}icmp source
wild>|anydestination {
icmp-code logging
扩展访问控制列表操作符的含义
{ { greater-than portnumber 大于 less-than portnumber 小于 not-equal portnumber 不等 range portnumber1 portnumber2 区间 扩展访问控制列表举例 Quidwayacl 101 Quidway-acl-101rule deny souce any destination any Quidway-acl-101rule permit icmp source any destination any icmp-type echo Quidway-acl-101rule permit icmp source any destination any icmp-type echo-reply Quidwayacl 102 Quidway-acl-102rule permit ip source destination Quidway-acl-102rule deny ip source any destination any Quidwayacl 103 Quidway-acl-103rule permit tcp source any destination destination-port equal ftp Quidway-acl-103rule permit tcp source any destination destination-port equal Quidwayfirewall enable Quidwayfirewall default permit|deny Quidwayint e0 Quidway-Ethernet0firewall packet-filter 101 inbound|outbound 地址转换配置举例 Quidwayfirewall enable Quidwayfirewall default permit Quidwayacl 101 Quidway-acl-101rule deny ip source any destination any Quidway-acl-101rule permit ip source 0 destination any Quidway-acl-101rule permit ip source 0 destination any Quidway-acl-101rule permit ip source 0 destination any Quidway-acl-101rule permit ip source 0 destination any Quidwayacl 102 Quidway-acl-102rule permit tcp source 0 destination 0 Quidway-acl-102rule permit tcp source any destination destination-port great-than 0 1024 Quidway-Ethernet0firewall packet-filter 101 inbound Quidway-Serial0firewall packet-filter 102 inbound Quidwaynat address-group pool1 Quidwayacl 1 Quidway-acl-1rule permit source Quidway-acl-1rule deny source any Quidway-acl-1int serial 0 Quidway-Serial0nat outbound 1 address-group pool1 Quidway-Serial0nat server global inside ftp tcp Quidway-Serial0nat server global inside tcp Quidway-Serial0nat server global 8080 inside tcp Quidway-Serial0nat server global inside smtp udp PPP验证: 主验方:pap|chap Quidwaylocal-user u2 password {simple|cipher} aaa Quidwayinterface serial 0 Quidway-serial0ppp authentication-mode {pap|chap} Quidway-serial0ppp chap user u1 //pap时,不用此句 pap被验方: Quidwayinterface serial 0 Quidway-serial0ppp pap local-user u2 password {simple|cipher} aaa chap被验方: Quidwayinterface serial 0 Quidway-serial0ppp chap user u1 Quidway-serial0local-user u2 password {simple|cipher} aaa 2023年12月6日发(作者:寸雅辰) 华 为交换机命令手册 PCA login: root ;使用root用户 password: linux ;口令是linux shutdown -h now ;关机 init 0 ;关机 logout login ifconfig ;显示IP地址 ifconfig eth0 ifconfig eht0 route add gw route del gw route add default gw route del default gw route ;显示网关 ping telnet ---------------------------------------- 交换机命令 ~~~~~~~~~~ Quidwaysuper password 修改特权用户密码 Quidwaysysname 交换机命名 Quidwayinterface ethernet 0/1 进入接口视图 Quidwayinterface vlan x 进入接口视图 Quidway-Vlan-interfacexip address Quidwayip route-static 静态路由=网关 Quidwayuser-interface vty 0 4 S3026-ui-vty0-4authentication-mode password S3026-ui-vty0-4set authentication-mode password simple 222 S3026-ui-vty0-4user privilege level 3 Quidway-Ethernet0/1duplex {half|full|auto} 配置端口双工工作状态 Quidway-Ethernet0/1speed {10|100|auto} 配置端口工作速率 Quidway-Ethernet0/1flow-control 配置端口流控 Quidway-Ethernet0/1mdi {across|auto|normal} 配置端口MDI/MDIX状态平接或扭接 Quidway-Ethernet0/1port link-type {trunk|access|hybrid} 设置接口工作模式 Quidway-Ethernet0/1shutdown 关闭/重起接口 Quidway-Ethernet0/2quit 退出系统视图 Quidwayvlan 3 创建/删除一个VLAN/进入VLAN模式 Quidway-vlan3port ethernet 0/1 to ethernet 0/4 在当前VLAN增加/删除以太网接口 Quidway-Ethernet0/2port access vlan 3 将当前接口加入到指定VLAN Quidway-Ethernet0/2port trunk permit vlan {ID|All} 设trunk允许的VLAN Quidway-Ethernet0/2port trunk pvid vlan 3 设置trunk端口的PVID Quidwaymonitor-port Quidwayport mirror Quidwayport mirror int_list observing-port int_type int_num 指定镜像和被镜像 Quidwaydescription string 指定VLAN描述字符 Quidwaydescription 删除VLAN描述字符 Quidwaydisplay vlan vlan_id 查看VLAN设置 Quidwaystp {enable|disable} 开启/关闭生成树,默认关闭 Quidwaystp priority 4096 设置交换机的优先级 Quidwaystp root {primary|secondary} 设置交换机为根或根的备份 Quidway-Ethernet0/1stp cost 200 设置交换机端口的花费 SwitchA-vlanxisolate-user-vlan enable 设置主vlan SwitchAIsolate-user-vlan Quidway-Ethernet0/2port hybrid pvid vlan Quidway-Ethernet0/2port hybrid pvid 删除vlan的pvid Quidway-Ethernet0/2port hybrid vlan vlan_id_list untagged 设置无标识的vlan 如果包的vlan id与PVId一致,则去掉vlan信息. 默认PVID=1. 所以设置PVID为所属vlan id, 设置可以互通的vlan为untagged. ---------------------------------------- 路由器命令 ~~~~~~~~~~ Quidwaydisplay version 显示版本信息 Quidwaydisplay current-configuration 显示当前配置 Quidwaydisplay interfaces 显示接口信息 Quidwaydisplay ip route 显示路由信息 Quidwaysysname aabbcc 更改主机名 Quidwaysuper passwrod 123456 设置口令 Quidwayinterface serial0 进入接口 Quidway-serial0ip address Quidway-serial0undo shutdown 激活端口 Quidwaylink-protocol hdlc 绑定hdlc协议 Quidwayuser-interface vty 0 4 Quidway-ui-vty0-4authentication-mode password Quidway-ui-vty0-4set authentication-mode password simple 222 Quidway-ui-vty0-4user privilege level 3 Quidway-ui-vty0-4quit Quidwaydebugging hdlc all serial0 显示所有信息 Quidwaydebugging hdlc event serial0 调试事件信息 Quidwaydebugging hdlc packet serial0 显示包的信息 静态路由: Quidwayip route-static number|nexthop}valuereject|blackhole 例如: Quidwayip route-static 16 Quidwayip route-static Quidwayip route-static 16 Serial 2 Quidwayip route-static 动态路由: Quidwayrip Quidwayrip work Quidwayrip input Quidwayrip output Quidway-ripnetwork ;可以all Quidway-ripnetwork Quidway-rippeer ip-address Quidway-ripsummary Quidwayrip version 1 Quidwayrip version 2 multicast Quidway-Ethernet0rip split-horizon ;水平分隔 Quidwayrouter id 配置路由器的ID Quidwayospf enable 启动OSPF协议 Quidway-ospfimport-route direct 引入直联路由 Quidway-Serial0ospf enable area 标准访问列表命令格式如下: acl rule normal|special{permit|deny} source source-addr source-wildcard|any 例: Quidwayacl 10 Quidway-acl-10rule normal permit source Quidway-acl-10rule normal deny source any 扩展访问控制列表配置命令 配置TCP/UDP协议的扩展访问列表: rule {normal|special}{permit|deny}{tcp|udp}source wild>|any}destination operate 配置ICMP协议的扩展访问列表: rule {normal|special}{permit|deny}icmp source wild>|anydestination { icmp-code logging 扩展访问控制列表操作符的含义 { { greater-than portnumber 大于 less-than portnumber 小于 not-equal portnumber 不等 range portnumber1 portnumber2 区间 扩展访问控制列表举例 Quidwayacl 101 Quidway-acl-101rule deny souce any destination any Quidway-acl-101rule permit icmp source any destination any icmp-type echo Quidway-acl-101rule permit icmp source any destination any icmp-type echo-reply Quidwayacl 102 Quidway-acl-102rule permit ip source destination Quidway-acl-102rule deny ip source any destination any Quidwayacl 103 Quidway-acl-103rule permit tcp source any destination destination-port equal ftp Quidway-acl-103rule permit tcp source any destination destination-port equal Quidwayfirewall enable Quidwayfirewall default permit|deny Quidwayint e0 Quidway-Ethernet0firewall packet-filter 101 inbound|outbound 地址转换配置举例 Quidwayfirewall enable Quidwayfirewall default permit Quidwayacl 101 Quidway-acl-101rule deny ip source any destination any Quidway-acl-101rule permit ip source 0 destination any Quidway-acl-101rule permit ip source 0 destination any Quidway-acl-101rule permit ip source 0 destination any Quidway-acl-101rule permit ip source 0 destination any Quidwayacl 102 Quidway-acl-102rule permit tcp source 0 destination 0 Quidway-acl-102rule permit tcp source any destination destination-port great-than 0 1024 Quidway-Ethernet0firewall packet-filter 101 inbound Quidway-Serial0firewall packet-filter 102 inbound Quidwaynat address-group pool1 Quidwayacl 1 Quidway-acl-1rule permit source Quidway-acl-1rule deny source any Quidway-acl-1int serial 0 Quidway-Serial0nat outbound 1 address-group pool1 Quidway-Serial0nat server global inside ftp tcp Quidway-Serial0nat server global inside tcp Quidway-Serial0nat server global 8080 inside tcp Quidway-Serial0nat server global inside smtp udp PPP验证: 主验方:pap|chap Quidwaylocal-user u2 password {simple|cipher} aaa Quidwayinterface serial 0 Quidway-serial0ppp authentication-mode {pap|chap} Quidway-serial0ppp chap user u1 //pap时,不用此句 pap被验方: Quidwayinterface serial 0 Quidway-serial0ppp pap local-user u2 password {simple|cipher} aaa chap被验方: Quidwayinterface serial 0 Quidway-serial0ppp chap user u1 Quidway-serial0local-user u2 password {simple|cipher} aaa 设置主vlan包括的子vlan