Common H3C Switch configuration commands

1. system-view enters the system view mode.
 
2. sysname: Device Name
 
3. display current-configuration current configuration
 
4. language-mode Chinese | switch between English and Chinese
 
5. Enter the Ethernet port view through interface Ethernet 1/0/1
 
6. port link-type Access | Trunk | Hybrid sets the port Access mode
 
7. Enable the Ethernet port through undo shutdown
 
8. shutdown the Ethernet port
 
9. quit exits the current view mode.
 
10. Create vlan 10 on VLAN 10 and enter the VLAN 10 view mode.
 
11. port access vlan 10 Add the current port to vlan 10 in port Mode
 
12. port E1/0/2 to E1/0/5 Add the specified port to the current VLAN in vlan Mode
 
13. port trunk permit vlan all allows all VLANs to pass through
 
H3C Router
 
1. system-view enters the system view mode.
 
2. sysname R1 is the device named R1
 
3. display ip routing-table to display the current route table
 
4. language-mode Chinese | switch between English and Chinese
 
5. Enter the Ethernet port view through interface Ethernet 0/0
 
6. ip address 192.168.1.1 255.255.255.0 configure the ip address and subnet mask
 
7. Enable the Ethernet port through undo shutdown
 
8. shutdown the Ethernet port
 
9. quit exits the current view mode.
 
10. ip route-static 192.168.2.0 255.255.255.0 192.168.12.2 description To. R2 configure static routes
 
11. ip route-static 0.0.0.0 0.0.0.0 192.168.12.2 description To. R2 configure the default route
 
H3C S3100 Switch
 
H3C S3600 Switch
 
H3C MSR 20-20 Router
######################################## ######################################## ##########
 
1. Adjust the font size of the Super Terminal;
 
2. Capture the Super Terminal command line for future check;
 
3. language-mode Chinese | switch between English and Chinese;
 
4. Copy the command to the Super Terminal command line and paste it to the host;
 
5. Switch clearing configuration: <H3C> reset save; <H3C> reboot;
 
6. When configuring vrouters and vswitches, the power cannot be switched off. Before Connectivity testing, you must
 
Check network connectivity and do not make the lowest-level errors.
 
7. 192.168.1.1/24 is equivalent to 192.168.1.1 255.255.255.0. When configuring vswitches and vrouters, 192.168.1.1 255.255.255.0 can be written as follows:
 
192.168.1.1 24
 
8. device naming rules: Place Name-device name-serial number example: PingGu-R-S3600
 
######################################## ######################################## #################################
 
H3C basic port binding configuration for Huawei Switches
 
1. Port MAC
 
A) AM command
 
Use the special AM User-bind command to bind the MAC address and port. For example:
 
[SwitchA] am user-bind mac-address 00e0-fc22-f8d3 interface Ethernet 0/1
 
Configuration Description: because port parameters are used, the port is used as a reference object. In this case, port E0/1 only allows access to PC1, however, PCs that use other unbound MAC addresses cannot access the Internet. However
 
Is that PC1 can use this MAC address to access the Internet on other ports.
 
B) mac-address command
 
Use the mac-address static command to bind the MAC address to the port. For example:
 
[SwitchA] mac-address static 00e0-fc22-f8d3 interface Ethernet 0/1 vlan 1
 
[SwitchA] mac-address max-mac-count 0
 
Configuration Description: Because the port learning function is used, after the mac address is statically bound, you need to set the mac learning number of the port to 0 so that the mac address of other PCs cannot be learned after the port is connected to the port.
 
2. IP MAC
 
A) AM command
 
Use the special AM User-bind command to bind the IP address to the MAC address. For example:
 
[SwitchA] am user-bind ip-address 10.1.1.2 mac-address 00e0-fc22-f8d3
 
Configuration Description: The above configuration completes the global binding of the IP address of the PC and the MAC address, that is, the PC machine that is different from the bound IP address or MAC address cannot access the Internet on any port.
 
Supported models: S3026E/EF/C/G/T, S3026C-PWR, E026/E026T, S3050C, E050, S3526E/C/EF, S5012T/G, S5024G
 
B) arp command
 
Use the special arp static command to bind the IP address to the MAC address. For example:
 
[SwitchA] arp static 10.1.1.2 00e0-fc22-f8d3
 
Configuration Description: The above configuration completes the global binding of the IP address of the PC and the MAC address.
 
3. Port IP MAC
 
Use the special AM User-bind command to bind IP addresses, MAC addresses, and ports. For example:
 
[SwitchA] am user-bind ip-address 10.1.1.2 mac-address 00e0-fc22-f8d3 interface Ethernet 0/1
 
Configuration Description: You can bind the IP address and MAC address of PC1 to port E0/1. Because port parameters are used, the port is used as a reference object, that is, port E0/1 only allows
 
Xu PC1 is connected to the Internet, while PCs that use other unbound IP addresses and MAC addresses cannot access the Internet. However, PC1 can use this IP address and MAC address to access the Internet on other ports.
 
######################################## ######################################## ###############
 
[S2016-E1-Ethernet0/1] mac-address max-mac-count 0;
 
Go to the port and run the mac max-mac-count 0 command (the number of mac learning attempts on the port is set to 0)
 
[S2016-E1] mac static 0000-9999-8888 int e0/1 vlan 10;
 
Bind ipv-9999-8888 to the e0/1 port. Only the pc bound to the mac can access the Internet through this port, and E0/1 belongs to vlan 10.
 
In this case, OK, but the order of the above two commands cannot be reversed, unless the port is not connected to the pc
 
######################################## ######################################## ########
 
Dis vlan display vlan
 
Name text specifies the name of the current vlan
 
Undo name canceled
 
[H3c] vlan 2
 
[H3c-vlan2] name test vlan
 
Dis users Display User
 
Dis startup displays the startup configuration file information
 
Dis user-interface displays information about the user interface
 
Dis web users displays information about web users.
 
Header login configuration login verification is to display information
 
Header shell
 
Undo header
 
Lock current user interface
 
Acl Access Control List acl number inbound/outbound
 
[H3c] user-interface vty 0 4
 
[H3c-vty0-4] acl 2000 inbound
 
Shutdown: Disable vlan interfaces
 
Enable vlan Interface for undo shutdown
 
Disable vlan1 Interface
 
[H3c] interface vlan-interface 1
 
[H3c-vlan-interface] shutdown
 
Vlan-id defines vlan
 
Undo valn vlan-id
 
Display ip routing-table
 
Display ip routing-table protocol static
 
Display ip routing-table statistics
 
Display ip routing-table verbose view all details of the route table
 
Interface vlan-id enters valn
 
Management-vlan-id defines management vlan numbers
 
Reset ip routing-table statistics protocol all clears route information of all routing protocols.
 
Display garp statistics interface GigabitEthernet 1/0/1 display garp statistics on the Ethernet port
 
Display voice vlan status view voice vlan status
 
[H3c-GigabitEthernet1/0/1] broadcast-suppression 20 the maximum broadcast traffic allowed to accept is 20% of the port's transmission capability. Excess part is discarded.
 
[H3c-GigabitEthernet1/0/1] broadcast-suppression pps 1000 the maximum number of broadcast packets allowed per second is 1000 of the transmission capacity 20%. Excess part is discarded.
 
Display interface GigabitEthernet1/0/1 view port information
 
Display brief interface GigabitEthernet1/0/1 view brief port configuration information
 
Display loopback-detection is used to test whether the loop test is enabled.
 
Display transceiver-information interface GigabitEthernet1/0/42 display optical port information
 
Duplex auto/full/half
 
[H3c] interface GigabitEthernet1/0/1
 
[H3c-GigabitEthernet1/0/1] duplux auto set port duplex property to self-Negotiation
 
Port link-type access/hybrid/trunk is access by default
 
Port trunk permit vlan all add the trunk to all VLANs
 
Reset counters interface GigabitEthernet1/0/1 clear port statistics
 
Speed auto 10/100/1000
 
Display port-security view port security configuration information
 
Am user-bind mac-addr 00e0-fc00-5101 ip-addr 10.153.1.2 interface GigabitEthernet1/0/1 port ip binding
 
Display arp
 
Display am user-bind: display port binding configuration information
 
Display mac-address: displays the mac address learned by the vswitch.
 
Display stp displays Spanning Tree status and statistics
 
[H3c-GigabitEthernet1/0/1] stp instance 0 cost 200 set build tree instance 0 path overhead to 200
 
Stp cost sets the path overhead of the current port on the specified Spanning Tree instance. Instance-id is 0-16 0 table cist value range: 1-200000
 
<H3c> display system-guard ip-record: displays attack protection records.
 
System-guard enable system Attack prevention
 
Display icmp statistics icmp traffic statistics
 
Display ip socket
 
Display ip statistics
 
Display acl all
 
Acl number acl-number match-order auto/config
 
Acl-number (2000-2999 is the basic acl 3000-3999 is the number reserved by the Administrator for the advanced acl)
 
Rule deny/permit protocal
 
Access Control
 
[H3c] acl number 3000
 
[H3c-acl-adv-3000] rule permit tcp source 129.0.0 0.0.255.255 destination 202.38.160.0 0.0.255.255 destination-port eq 80 (
 
Define advanced acl 3000 to allow hosts in the 129.0.0/16 CIDR block to access port 80 from hosts in the 202.38.160/24 CIDR Block)
 
Rule permit source 211.100.255.0 0.20.0000255
 
Rule deny cos 3 souce 00de-bbef-adse ffff-fff dest 0011-4301-9912 ffff-ffff
 
(Prohibit the passing of a packet whose mac address 00de-bbef-adse is sent to the mac address 0011-00001-9912 and whose 802.1p priority is 3)
 
Display qos-interface GigabitEthernet1/0/1 traffic-limit view traffic on the port
 
Port Speed Limit
 
Line-rate inbound/outbound target-rate
 
Inbound: speed limit on received packets on the port
 
Outbound: limits the speed of packets sent on the port.
 
Target-rate: limits the packet speed. The inbound range of 1-1000000 outbound ranges from 20 to 1000000 in kbps.
 
Undo line-rate cancel speed limit.
 
[H3c] interface GigabitEthernet1/0/1
 
[H3c-GigabitEthernet1/0/1] line-rate outbound 128 limit outgoing rate is 128 kbps
 
Display arp | include 77
 
Display arp count: number of records in the arp table
 
Display ndp displays the detailed configuration information of the switch port.
 
Display ntdp device-list verbose collect device details
 
Display lock
 
Display users
 
Display cpu
 
Display memory
 
Display fan
 
Display device
 
Display power