华为100G交换机的使用
VLAN原理
VLAN(Virtual Local Area Network,虚拟局域网)是一种通过网络交换技术将局域网内的设备逻辑地而不是物理地分组的方法。使用VLAN可以将一个物理的局域网(LAN)划分成多个逻辑上的LAN(即VLAN),这些VLAN可以跨越多个物理位置或设备,但它们在网络层面上像是完全独立的LAN。
VLAN的主要优点包括:
- 隔离性:不同的VLAN之间的通信默认是被隔离的,这有助于减少广播域,提高网络安全。
- 灵活性:不需要改变网络的物理配置即可根据需要创建或调整VLAN,使网络设计更加灵活。
- 性能提升:通过限制广播域的大小,可以减少不必要的网络流量,从而提高网络性能。
- 安全性增强:不同VLAN之间的数据传输可以通过路由器进行控制,增加了额外的安全层。
- 易于管理:可以基于端口、MAC地址、IP地址等标准来定义VLAN成员,简化了网络管理。
开机流程
需要准备一根RJ45转串口转USB的线连接交换机上的Console口
给交换机插上电源后自动开启,然后用电脑连接串口对交换机进行配置
开机信息
开机需要时间挺长的,请耐心等待
Check APPDB .................................................. DONE
Set next bootfile ............................................ DONE
Load system software ......................................... DONE
Create file system ........................................... DONE
Crypto algorithm self-check successful.
Now starting ........
Initializing stack ........................................... DONE
Stack member ID .............................................. 1
Stack domain ID .............................................. INVALID
Stack priority ............................................... 100
Default MAC .................................................. 10-a4-da-d5-40-60
Competing with other devices in the stack .................... DONE
Stack role ................................................... MASTER
Info: System is initializing, please wait.............
Now starting Zero Touch Provisioning...
Press CTRL+C to abort Zero Touch Provisioning in 10 seconds...[Warning] The ops script is reading your input,please pay attention to your privacy information!
Isolating all service ports...
USB discovery phase started...
Press CTRL+C to abort Zero Touch Provisioning in 10 seconds...[Warning] The ops script is reading your input,please pay attention to your privacy information!
USB discovery phase failed
[Warning] The ops script is reading your input,please pay attention to your privacy information!
ZTP DHCP discovery phase started...
Press CTRL+C to abort Zero Touch Provisioning in 10 seconds...
Starting DHCP client on MEth interface
Stopping DHCP client on MEth interface
Current DHCP status : discover
Starting DHCP client on 100GE interface
Stopping DHCP client on 100GE interface
Current DHCP status : discover
Starting DHCP client on 10GE interface
Stopping DHCP client on 10GE interface
Current DHCP status : discover
Error: Failed to allocate IP address
ZTP DHCP discovery phase failed
USB discovery phase started...
Press CTRL+C to abort Zero Touch Provisioning in 10 seconds...[Warning] The ops script is reading your input,please pay attention to your privacy information!
USB discovery phase failed
ZTP DHCP discovery phase started...
Press CTRL+C to abort Zero Touch Provisioning in 180 seconds...[Warning] The ops script is reading your input,please pay attention to your privacy information!
[Warning] The ops script is reading your input,please pay attention to your privacy information!
Press CTRL+C to abort Zero Touch Provisioning in 170 seconds...
有个用ZTP自动初始化的过程,但是要交换机联网,目前这个交换机没有联网,所以直接按CTRL+C跳过就可以
登录进去后是这样的,可以输入命令
<HUAWEI>
首先输入这个命令查看接口
display interface brief
可以看到100G光口有6个,10G光口有48个,中间我省略了一些10G光口的显示,可以通过这些光口的名字来配置VLAN
<HUAWEI>display interface brief
PHY: Physical
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
(b): BFD down
(e): ETHOAM down
(d): Dampening Suppressed
(p): port alarm down
(dl): DLDP down
(c): CFM down
(sd): STP instance discarding
(ed): error down
InUti/OutUti: input utility rate/output utility rate
Interface PHY Protocol InUti OutUti inErrors outErrors
100GE1/0/1 down down 0% 0% 0 0
100GE1/0/2 down down 0% 0% 0 0
100GE1/0/3 down down 0% 0% 0 0
100GE1/0/4 down down 0% 0% 0 0
100GE1/0/5 down down 0% 0% 0 0
100GE1/0/6 down down 0% 0% 0 0
10GE1/0/1 down down 0% 0% 0 0
10GE1/0/2 down down 0% 0% 0 0
10GE1/0/3 down down 0% 0% 0 0
10GE1/0/4 down down 0% 0% 0 0
10GE1/0/5 down down 0% 0% 0 0
10GE1/0/6 down down 0% 0% 0 0
10GE1/0/7 down down 0% 0% 0 0
10GE1/0/8 down down 0% 0% 0 0
10GE1/0/9 down down 0% 0% 0 0
10GE1/0/10 down down 0% 0% 0 0
10GE1/0/11 down down 0% 0% 0 0
10GE1/0/12 down down 0% 0% 0 0
...
10GE1/0/43 down down 0% 0% 0 0
10GE1/0/44 down down 0% 0% 0 0
10GE1/0/45 down down 0% 0% 0 0
10GE1/0/46 down down 0% 0% 0 0
10GE1/0/47 down down 0% 0% 0 0
10GE1/0/48 down down 0% 0% 0 0
MEth0/0/0 down down 0% 0% 0 0
NULL0 up up(s) 0% 0% 0 0
二层转发(两个接口在同一个 VLAN)
比如我要实现数据从10GE1/0/1输入交换机,从100GE1/0/1输出交换机,按如下配置,配置好后要 commit
<HUAWEI> system-view
[HUAWEI] vlan 10
[HUAWEI-vlan10] quit
# 配置 10G 光口为 Access 模式,加入 VLAN 10
[HUAWEI] interface 10GE1/0/1
[HUAWEI-10GE1/0/1] port link-type access
[HUAWEI-10GE1/0/1] port default vlan 10
[HUAWEI-10GE1/0/1] undo shutdown
[HUAWEI-10GE1/0/1] quit
# 配置 100G 光口为 Access 模式,允许 VLAN 10 通过
[HUAWEI] interface 100GE1/0/1
[HUAWEI-100GE1/0/1] port link-type access
[HUAWEI-100GE1/0/1] port trunk allow-pass vlan 10
[HUAWEI-100GE1/0/1] undo shutdown
[HUAWEI-100GE1/0/1] quit
注意,这里我描述我的需求,AI给出的回复是将 100G 光口配置为Trunk模式,我当时照做了,结果导致后面出问题了!经过很长时间排查才发现是这里的问题,100GE光口也应该配置为Access模式
配置好后输入display vlan 10检查一下,看到确实两个光口都加入vlan 10了,只是现在还没插上线缆,会显示Down
[~HUAWEI]display vlan 10
--------------------------------------------------------------------------------
U: Up; D: Down; TG: Tagged; UT: Untagged;
MP: Vlan-mapping; ST: Vlan-stacking;
#: ProtocolTransparent-vlan; *: Management-vlan;
MAC-LRN: MAC-address learning; STAT: Statistic;
BC: Broadcast; MC: Multicast; UC: Unknown-unicast;
FWD: Forward; DSD: Discard;
--------------------------------------------------------------------------------
VID Ports
--------------------------------------------------------------------------------
10 UT:10GE1/0/1(D)
TG:100GE1/0/1(D)
VID Type Status Property MAC-LRN STAT BC MC UC Description
--------------------------------------------------------------------------------
10 common enable default enable disable FWD FWD FWD VLAN 0010
配置好后记得输入save保存配置
save
然后配置好后建议重启然后再观察配置是否写入
重启 reboot
本文章使用limfx的vscode插件快速发布