Configuration Guide - Basic Configuration(V100R006C00_01)

8/10/2019 Configuration Guide - Basic Configuration(V100R006C00_01)

1/237

Quidway S5700 Series Ethernet Switches

V100R006C00

Configuration Guide - BasicConfiguration

Issue 01

Date 2011-07-15

HUAWEI TECHNOLOGIES CO., LTD.


2/237

Copyright Huawei Technologies Co., Ltd. 2011. All rights reserved.

No part of this document may be reproduced or transmitted in any form or by any means without prior writtenconsent of Huawei Technologies Co., Ltd. Trademarks and Permissions

and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders. Notice

The purchased products, services and features are stipulated by the contract made between Huawei and thecustomer. All or part of the products, services and features described in this document may not be within the

purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,and recommendations in this document are provided "AS IS" without warranties, guarantees or representationsof any kind, either express or implied.

The information in this document is subject to change without notice. Every effort has been made in thepreparation of this document to ensure accuracy of the contents, but all statements, information, andrecommendations in this document do not constitute the warranty of any kind, express or implied.

Huawei Technologies Co., Ltd. Address: Huawei Industrial Base

Bantian, LonggangShenzhen 518129People's Republic of China

Website: http://www.huawei.com

Email: [email protected]

Issue 01 (2011-07-15) Huawei Proprietary and ConfidentialCopyright Huawei Technologies Co., Ltd.

i
http://www.huawei.com/


3/237

About This Document

Intended AudienceThis document provides the basic concepts, basic configuration procedures, and configurationexamples supported by the S5700.

This document is intended for:

l Data configuration engineersl Commissioning engineersl Network monitoring engineersl System maintenance engineers

Symbol ConventionsThe symbols that may be found in this document are defined as follows.

Symbol Description

DANGER

Indicates a hazard with a high level of risk, which if notavoided, will result in death or serious injury.

WARNING

Indicates a hazard with a medium or low level of risk, whichif not avoided, could result in minor or moderate injury.

CAUTION

Indicates a potentially hazardous situation, which if notavoided, could result in equipment damage, data loss,

performance degradation, or unexpected results.

TIP Indicates a tip that may help you solve a problem or savetime.

NOTE Provides additional information to emphasize or supplementimportant points of the main text.

Quidway S5700 Series Ethernet SwitchesConfiguration Guide - Basic Configuration About This Document


ii


4/237

Command ConventionsThe command conventions that may be found in this document are defined as follows.

Convention DescriptionBoldface The keywords of a command line are in boldface .

Italic Command arguments are in italics .

[ ] Items (keywords or arguments) in brackets [ ] are optional.

{ x | y | ... } Optional items are grouped in braces and separated byvertical bars. One item is selected.

[ x | y | ... ] Optional items are grouped in brackets and separated byvertical bars. One item is selected or no item is selected.

{ x | y | ... } * Optional items are grouped in braces and separated byvertical bars. A minimum of one item or a maximum of allitems can be selected.

[ x | y | ... ] * Optional items are grouped in brackets and separated byvertical bars. Several items or no item can be selected.

& The parameter before the & sign can be repeated 1 to n times.

# A line starting with the # sign is comments.

Change HistoryUpdates between document issues are cumulative. Therefore, the latest document issue containsall updates made in previous issues.

Changes in Issue 01 (2011-07-15)Initial commercial release.

Quidway S5700 Series Ethernet SwitchesConfiguration Guide - Basic Configuration About This Document


iii


5/237

Contents

About This Doc ument.....................................................................................................................ii

1 Logging In to Sw itch.....................................................................................................................11.1 Introduction... .....................................................................................................................................................2

1.1.1 Login T hrough the Console.......................................................................................................................21.1.2 Logi n Through Telnet................................................................................................................................2

1.2 Logging In to the Device Through the Console Port..........................................................................................2

1.2.1 Establis hing the Configuration Task.........................................................................................................3

1.2.2 Establis hing the Physical Connection........................................................................................................3

1.2.3 Conf iguring Terminals..............................................................................................................................4

1.2.4 Logging In to the Device...........................................................................................................................4

1.3 Logging In to Device Through Telnet................................................................................................................4

1.3.1 Establis hing the Configuration Task.........................................................................................................5

1.3.2 Esta blishing the Physical Connection........................................................................................................5

1.3.3 Configu ring Login User Parameters..........................................................................................................6

1.3.4 Logging In from the Telnet Client.............................................................................................................6

1.4 Configuration Examples.....................................................................................................................................6

1.4.1 Example for Logging In Through the Console Port..................................................................................6

1.4.2 Exa mple for Logging In Through Telnet..................................................................................................9

2 CLI Overview..... ..........................................................................................................................112.1 CLI Introduct ion...............................................................................................................................................12

2.1.1 Comma nd Line Interface.........................................................................................................................12

2.1.2 Comma nd Levels.....................................................................................................................................12

2.1.3 Com mand Views.....................................................................................................................................13

2.2 Online Help... ....................................................................................................................................................15

2.2.1 Full Hel p..................................................................................................................................................15

2.2.2 Parti al Help..............................................................................................................................................16

2.2.3 Error Messages of the Command Line Interface.....................................................................................16

2.3 Fe atures of Command Line Interface...............................................................................................................17

2.3.1 Editing.....................................................................................................................................................17

2.3.2 Displaying................................................................................................................................................18

2.3.3 Regular Expressions................................................................................................................................18

2.3.4 History Commands..................................................................................................................................22

Quidway S5700 Series Ethernet SwitchesConfiguration Guide - Basic Configuration Contents


iv


6/237

2.4 Shortcut Keys...................................................................................................................................................22

2.4.1 System Shortcut Keys..............................................................................................................................22

2.5 Configuration Examples...................................................................................................................................23

2.5.1 Example for Using the Tab Key..............................................................................................................24

3 How to Use Interfaces.................................................................................................................253.1 Introduction t o Interfaces..................................................................................................................................26

3.2 Setting Ba sic Parameters of an Interface..........................................................................................................28

3.2.1 Establishing the Configuration Task.......................................................................................................29

3.2.2 Entering the Interface View.....................................................................................................................29

3.2.3 Viewing All the Commands in the Interface View.................................................................................30

3.2.4 Configu ring the Description for an Interface...........................................................................................30

3.2.5 Start ing and Shutting Down an Interface................................................................................................30

3.2.6 Further Configuration an Interface..........................................................................................................31

3.2.7 Checkin g the Configuration.....................................................................................................................32

3.3 Configuring t he Loopback Interface.................................................................................................................32

3.3.1 Establis hing the Configuration Task.......................................................................................................32

3.3.2 Conf iguring IPv4 Parameters of the Loopback Interface........................................................................33


3.4 Maintaining t he Interface..................................................................................................................................34

3.4.1 Clearing Statistics Information on the Interface......................................................................................34

3.4.2 Debuggi ng the Interface..........................................................................................................................34

4 Basic Configurat ion.....................................................................................................................354.1 Basic Con figuration Introduction.....................................................................................................................36

4.2 Configuri ng the Basic System Environment....................................................................................................36


4.2.2 Configu ring the Equipment Name...........................................................................................................37

4.2.3 Setting t he System Clock.........................................................................................................................37

4.2.4 Conf iguring a Header..............................................................................................................................38

4.2.5 Configu ring Command Levels................................................................................................................39

4.3 Configuring B asic User Environment..............................................................................................................40


4.3.2 Conf iguring the Password for Switching User Levels............................................................................40

4.3.3 Switchin g User Levels.............................................................................................................................41

4.3.4 Locking User Interfaces...........................................................................................................................42

4.4 Displaying Sy stem Status Messages.................................................................................................................42

4.4.1 Displayi ng System Configuration...........................................................................................................42

4.4.2 Displayi ng System Status........................................................................................................................43

4.4.3 Collecti ng System Diagnostic Information.............................................................................................43

5 User Manageme nt........................................................................................................................445.1 User Man agement Introduction........................................................................................................................45

5.1.1 User Interface..........................................................................................................................................45



v


7/237

5.1.2 User Authentication.................................................................................................................................46

5.2 Logging In to the S5700 Through the Console Port.........................................................................................48


5.2.2 Logging In to the S5700 Through the Console Interface........................................................................49

5.3 Configuring Console User Interface.................................................................................................................52


5.3.2 Conf iguring Console Interface Attributes...............................................................................................53

5.3.3 Setting Console Terminal Attributes.......................................................................................................54

5.3.4 Configu ring User Priority........................................................................................................................55

5.3.5 Configu ring User Authentication............................................................................................................56

5.3.6 Chec king the Configuration.....................................................................................................................57

5.4 Configuri ng VTY User Interface......................................................................................................................57


5.4.2 Configuring Maximum VTY User Interfaces.........................................................................................585.4.3 (Optional)Configuring Limits for Incoming Calls and Outgoing Calls..................................................59

5.4.4 Configuring VTY Terminal Attributes....................................................................................................59

5.4.5 Configuring User Authentication............................................................................................................60

5.4.6 Checking the Configuration.....................................................................................................................62

5.5 Managing User Interfaces.................................................................................................................................62


5.5.2 Sending Messages to Other User Interfaces............................................................................................63

5.5.3 Clearing Online User...............................................................................................................................63

5.5.4 Checking the Configuration.....................................................................................................................645.6 Configuring User Management........................................................................................................................64


5.6.2 Configuring Authentication Mode...........................................................................................................65

5.6.3 Configuring Authentication Password.....................................................................................................65

5.6.4 Setting Username and Password for AAA Local Authentication...........................................................66

5.6.5 Configuring Non-Authentication.............................................................................................................66

5.6.6 Configuring User Priority........................................................................................................................67


5.7 Configuration Examples...................................................................................................................................68

5.7.1 Example for Configuring Logging In to the Switch Through Password.................................................68

5.7.2 Example for Logging In to the Device Through AAA............................................................................69

6 File System Man agement...........................................................................................................716.1 Overview of the File System............................................................................................................................72

6.2 Managing a S torage Device..............................................................................................................................72


6.2.2 Restorin g Storage Devices with File System Troubles...........................................................................73

6.2.3 (Optiona l) Formatting a Storage Device.................................................................................................73

6.3 Managing the Directory....................................................................................................................................73




vi


8/237

6.3.2 Viewing the Current Directory................................................................................................................74

6.3.3 Switching a Directory..............................................................................................................................74

6.3.4 Displaying a Directory or File.................................................................................................................75

6.3.5 Creating a Directory................................................................................................................................75

6.3.6 Deleting a Directory................................................................................................................................75

6.4 Managing Files.................................................................................................................................................76


6.4.2 Displayi ng Contents of Files...................................................................................................................77

6.4.3 Copying Files...........................................................................................................................................77

6.4.4 Moving Files............................................................................................................................................77

6.4.5 Renami ng Files........................................................................................................................................78

6.4.6 Compre ssing Files...................................................................................................................................78

6.4.7 Deleting Files...........................................................................................................................................78

6.4.8 Dele ting Files in the Recycle Bin............................................................................................................796.4.9 Undeleti ng Files.......................................................................................................................................79

6.4.10 Runnin g Files in Batch..........................................................................................................................80

6.4.11 Co nfiguring Prompt Modes...................................................................................................................80

7 Manage ment of Configuration Files........................................................................................827.1 Management of Configuration Files Introduction............................................................................................83

7.1.1 Configu ration Files..................................................................................................................................83

7.1.2 Configu ration Files and Current Configurations.....................................................................................83

7.2 Managing Co nfiguration Files..........................................................................................................................84

7.2.1 Establis hing the Configuration Task.......................................................................................................847.2.2 Configu ring System Software for a switch to Load for the Next Startup...............................................84

7.2.3 Configu ring the Configuration File for Switch to Load for the Next Startup.........................................85

7.2.4 Savi ng Configuration File.......................................................................................................................85

7.2.5 Clearing a Configuration File..................................................................................................................86

7.2.6 Compar ing Configuration Files...............................................................................................................86

7.2.7 Chec king the Configuration.....................................................................................................................87

8 FTP and TFTP...............................................................................................................................898.1 FTP and TFT P Introduction.............................................................................................................................90

8.1.1 FTP...... ....................................................................................................................................................908.1.2 TFTP.... ....................................................................................................................................................90

8.2 Configuring t he Switch to be the FTP Server...................................................................................................90


8.2.2 (Optiona l) Specifying a Port Number for the FTP Server.......................................................................91

8.2.3 Enablin g the FTP Server..........................................................................................................................92

8.2.4 (Optiona l) Configuring the Timeout Period............................................................................................92

8.2.5 Configu ring the Local Username and the Password...............................................................................93

8.2.6 Configu ring the Service Type and Authorization Information................................................................93


8.3 Configuri ng FTP ACL......................................................................................................................................94



vii


9/237


8.3.2 Enabling the FTP Server..........................................................................................................................95

8.3.3 Configuring a Basic ACL........................................................................................................................95

8.3.4 Configuring the Basic FTP ACL.............................................................................................................96


8.4 Configuri ng the Switch to Be the FTP Client...................................................................................................97


8.4.2 Logging In to the FTP Server..................................................................................................................98

8.4.3 Configu ring Data Type and Transmission Mode for the File.................................................................99

8.4.4 (Optiona l) Viewing Online Help of the FTP Command.........................................................................99

8.4.5 Uploadi ng or Downloading Files..........................................................................................................100

8.4.6 Managin g Directories............................................................................................................................100

8.4.7 Man aging Files......................................................................................................................................101

8.4.8 (Optiona l) Changing Login Users.........................................................................................................1018.4.9 Disconn ecting from the FTP Server......................................................................................................102

8.5 Configuring t he Switch to Be the TFTP Client..............................................................................................102

8.5.1 Esta blishing the Configuration Task................................................................................... ..................103

8.5.2 (Optional) Configuring a Source IP Address for a TFTP Client...........................................................103

8.5.3 Downloading Files Through TFTP........................................................................................................104

8.5.4 Uploading Files Through TFTP............................................................................................................104

8.6 Limiting the Access to the TFTP Server........................................................................................................105

8.6.1 Establishing the Configuration Task.....................................................................................................105

8.6.2 Configuring the Basic ACL...................................................................................................................1058.6.3 Configuring the Basic TFTP ACL.........................................................................................................106

8.7 Configuration Examples.................................................................................................................................106

8.7.1 Example for Configuring the FTP Server..............................................................................................106

8.7.2 Example for Configuring an ACL of the FTP Server...........................................................................109

8.7.3 Example for Configuring the FTP Client..............................................................................................110

8.7.4 Example for Configuring the TFTP Client............................................................................................113

9 Telnet and SSH.. ........................................................................................................................1159.1 Telnet and SS H Introduction..........................................................................................................................116

9.1.1 Over view of User Login........................................................................................................................1169.1.2 Telnet T erminal Services.......................................................................................................................116

9.1.3 SSH Ter minal Services..........................................................................................................................117

9.2 Configuring T elnet Terminal Services...........................................................................................................118

9.2.1 Establis hing the Configuration Task.....................................................................................................118

9.2.2 Enablin g the Telnet Service...................................................................................................................119

9.2.3 Establis hing a Telnet Connection..........................................................................................................120

9.2.4 (Optiona l) Configuring a Telnet Server Port Number...........................................................................121

9.2.5 (Optiona l) Scheduled Telnet Disconnection..........................................................................................121

9.2.6 Checkin g the Configuration...................................................................................................................122

9.3 Configuri ng SSH Users..................................................................................................................................122



viii


10/237

9.3.1 Establishing the Configuration Task.....................................................................................................122

9.3.2 Creating SSH User.................................................................................................................................123

9.3.3 Configuring SSH for the VTY User Interface.......................................................................................124

9.3.4 Generating a Local RSA Key Pair.........................................................................................................124

9.3.5 Configuring the Authentication Mode for SSH Users...........................................................................125

9.3.6 (Optiona l) Configuring the Basic Authentication Information for SSH Users.....................................126

9.3.7 (Optiona l) Authorizing SSH Users Through the Command Line.........................................................127

9.3.8 Conf iguring the Service Type of SSH Users.........................................................................................128

9.3.9 (Optiona l) Configuring the Authorized Directory of the SFTP Service for SSH Users.......................128

9.3.10 Checki ng the Configuration.................................................................................................................129

9.4 Configuring t he SSH Server Function............................................................................................................129


9.4.2 Enab ling the STelnet Service................................................................................................................130

9.4.3 Enablin g the SFTP Service....................................................................................................................1309.4.4 Enablin g SCP Services..........................................................................................................................131

9.4.5 (Optiona l) Enabling the Earlier Version - Compatible Function...........................................................131

9.4.6 (Optiona l) Configuring the Number of the Port Monitored by the SSH Server....................................132

9.4.7 (Optiona l) Configuring the Interval for Updating the Key Pair on the SSH Server..............................132


9.5 Configuring t he STelnet Client Function.......................................................................................................133


9.5.2 Enab ling the First-Time Authentication on the SSH Client..................................................................134

9.5.3 (Optiona l) Assigning an RSA Public Key to the SSH Server...............................................................1359.5.4 Enablin g the STelnet Client...................................................................................................................136


9.6 Configuring t he SFTP Client Function...........................................................................................................138


9.6.2 Conf iguring the First-Time Authentication on the SSH Client.............................................................139

9.6.3 (Optiona l) Assigning an RSA Public Key to the SSH Server...............................................................139

9.6.4 Enablin g the SFTP Client......................................................................................................................140

9.6.5 (Optiona l) Managing the Directory.......................................................................................................141

9.6.6 (Optiona l) Managing the File................................................................................................................142

9.6.7 (Optiona l) Displaying the SFTP Client Command Help.......................................................................144


9.7 Configuring t he SCP Client............................................................................................................................145


9.7.2 (Opt ional) Configuring a Source IP Address for the SCP Client..........................................................146

9.7.3 Copying Files.........................................................................................................................................146


9.8 Configuration Examples.................................................................................................................................147

9.8.1 Example for Configuring the Telnet Terminal Service.........................................................................147

9.8.2 Example for Configuring the PC as the STelnet Client to Connect to the SSH Server........................150



ix


11/237

9.8.3 Example for Configuring the Switch as the STelnet Client to Connect to the SSH Server .................153

9.8.4 Example for Connecting the SFTP Clinet and the SSH Server.............................................................159

9.8.5 Example for Configuring the SSH Server to Support the Access from Another Port...........................165

9.8.6 Example for Authenticating SSH Through RADIUS............................................................................172

9.8.7 Example for Configuring the SCP Client..............................................................................................177

10 Web System Co nfiguration...................................................................................................18010.1 Overview of Web System.............................................................................................................................181

10.2 Starting Web System....................................................................................................................................181

10.2.1 Lo gging In to the S5700 Through the Console Interface....................................................................181

10.2.2 Setting the Management IP Address of the S5700..............................................................................185

10.2.3 Upload ing Web Page Files..................................................................................................................186

10.2.4 Loadin g a Web Page File.....................................................................................................................187

10.2.5 Creatin g a Web Account......................................................................................................................187

10.2.6 Loggin g In to the Web System............................................................................................................188

11 SSL Configurat ion...................................................................................................................19011.1 SSL............. ..................................................................................................................................................191

11.2 SSL Feat ures Supported by the S5700.........................................................................................................192

11.3 Configuring Login to an FTPS Server from a User Terminal......................................................................193

11.3.1 Establi shing the Configuration Task...................................................................................................193

11.3.2 Config uring an SSL Policy and Loading a Digital Certificate............................................................194

11.3.3 Enabli ng the FTPS Function................................................................................................................195

11.3.4 Access ing an FTPS Server..................................................................................................................196

11.3.5 Ch ecking the Configuration.................................................................................................................196

11.4 Configuring Login to an FTPS Server from an FTPS Client.......................................................................197

11.4.1 Establi shing the Configuration Task...................................................................................................197

11.4.2 Config uring the FTPS Client...............................................................................................................198

11.4.3 Config uring the FTPS Server..............................................................................................................200

11.4.4 Access ing an FTPS Server..................................................................................................................201

11.4.5 Ch ecking the Configuration.................................................................................................................203

11.5 Configur ing Secure Web Network Management.........................................................................................204

11.5.1 Est ablishing the Configuration Task...................................................................................................205

11.5.2 Configuring an SSL Policy and Loading a Digital Certificate............................................................206

11.5.3 Loadin g a Web Page File.....................................................................................................................207

11.5.4 Enabli ng the HTTPS Function............................................................................................................207

11.5.5 Creatin g a Web Account......................................................................................................................208

11.5.6 Loggin g In to the Web System............................................................................................................209

11.5.7 Checki ng the Configuration.................................................................................................................209

11.6 Configuratio n Examples...............................................................................................................................210

11.6.1 Exa mple for Configuring Login to an FTPS Server from a User Terminal........................................210

11.6.2 Exa mple for Configuring Login to an FTPS Server from an FTPS Client.........................................214

11.6.3 Example for Configuring Secure Web Network Management............................................................222



x


12/237

1 Logging In to SwitchAbout This Chapter

Before configuring switches, you need to log in to the switch.

1.1 IntroductionYou can log in to switches through console port or Telnet.

1.2 Logging I n to the Device Through the Console PortThis section d escribes how to connect a terminal to a switch through the console port to establishthe configura tion environment.

1.3 Logging In to Device Through TelnetThis section describes how to connect a terminal to a switch through Telnet to establish theconfiguration environment.

1.4 Configuration ExamplesThis section p rovides examples for configuring users to log in to the switch through the console

port or Telne t together with the configuration flowchart. The configuration examples explainnetworking r equirements, configuration notes, and configuration roa dmap.

Quidway S5700 Series Ethernet SwitchesConfiguration Guide - Basic Configuration 1 Logging In to Switch


1


13/237

1.1 Introduction

You can log in to switches through console port or Telnet.

1.1.1 Login Through the ConsoleWhen a switch is powered on for the first time or a switch needs to be locally configured, youcan log in to the switch through the console port.

In the following cases, a switch can be configured only through the console port:

l The switch is powered on for the first time.l The subscriber cannot login through Telnet.

1.1.2 Login Through TelnetIf you know the IP address of a switch, you can log in to the switch through Telnet to performlocal or remote configurations.

YYou need to pre-configure the IP addresses of interfaces, the user account, the authenticationmode, and the incoming and outgoing call restriction through the console interface on theswitch. Also, ensure that directly-connected or reachable switch exist between terminals and theswitch.

The destination switch authenticates the user based on the configured parameters in three modes:

l Password authentication: indicates that the login user should enter the correct password.l AAA local authentication: indicates that the login user should enter the correct user name

and password.l None authentication: indicates that the login user need not enter the user name or password.

If the login succeeds, a command line prompt such as appears on the Telnet clientinterface.

Enter a command to check the running status of the switch or to configure the switch.

Enter "?" for help.

NOTE

Do not modify the IP address of the switch when you configure the switch through Telnet because themodification may terminate Telnet connection. Otherwise, set up the connection again after entering a newIP address.

1.2 Logging In to the Device Through the Console PortThis section describes how to connect a terminal to a switch through the console port to establishthe configuration environment.



2


14/237

1.2.1 Establishing the Configuration TaskBefore configuring login to the switch through the console port, familiarize yourself with theapplicable environment, complete the pre-configuration tasks, and obtain the required data. This

can help you complete the configuration task quickly and accurately.

Applicable Environment

If you log in to the switch for the first time or perform the local configuration, you need to login to the switch through the console port.

NOTE

If you cannot log in to the switch through the telnet, you need to log in to the switch through the console port.

Pre-configuration Tasks

Before configuring login to the switch through the console port, complete the following tasks:

l Preparing the PC/terminal (including serial port and RS-232 cable)l Installing terminal emulation program on the PC (such as Windows XP HyperTerminal)

Data Preparation

To login the switch through the console port, you need the following data.

NOTE

If the AAA authentication mode is configured for users to log in to the switch through the console interface,the correct user name and password must be entered for a successful login.

No. Data

1 Terminal communication parametersl Baud ratel Data bitl Parityl Stop bitl Flow-control mode

2 (Optional) User name and password to be entered for a successful login in AAAauthentication mode

1.2.2 Establishing the Physical ConnectionThis part describes how to physically connect a terminal to a switch before login to the switchthrough the console port.

Context

Do as follows on the switch:



3


15/237

Procedure

Step 1 Connect the COM port on the PC and the console port on the switch by a cable.

Step 2 Power on all devices to perform a self-check.

----End

1.2.3 Configuring TerminalsThis part describes how to configure the terminal before login to the switch through the console

port.

Context

Do as follows on the PC:

Procedure

Step 1 Run the terminal emulation program on the PC, setting the communication parameters asfollows:l Baud rate: 9600 bpsl Data bit: 8l Stop bit: 1l Parity: nonel Flow control: none

----End

1.2.4 Logging In to the DeviceThis part describes how to log in to the switch through the console port.

Context


Procedure

Step 1 Press Enter until a command line prompt such as appears. Now the user view isdisplayed for you to configure the switch.

NOTE

If the AAA or Password authentication mode is configured for users to log in to the switch through theconsole interface, the correct user name and password must be entered for a successful login.

----End

1.3 Logging In to Device Through Telnet

This section describes how to connect a terminal to a switch through Telnet to establish theconfiguration environment.



4


16/237

1.3.1 Establishing the Configuration TaskBefore configuring login to the switch through Telnet, familiarize yourself with the applicable

environment, complete the pre-configuration tasks, and obtain the required data. This can helpyou complete the configuration task quickly and accurately.

Applicable Environment

If you know the IP address of the switch, you can log in to the switch through Telnet for localor remote configuration.

Pre-configuration Tasks

Before configuring the switch through Telnet, complete the following tasks:

l Powering on devices and performing a self-check l Preparing the PC (including the serial port and Ethernet crossover/direct cable)

Data Preparation

To log in to the switch through Telnet, you need the following data.

No. Data

1 IP address of the PC

2 IP address of the Ethernet interface on the switch3 User information accessed through Telnet:

l User namel Passwordl Authentication mode

1.3.2 Establishing the Physical ConnectionThis part describes how to physically connect a terminal to a switch before login to the switchthrough Telnet.

PrerequisiteEstablishing the Physical Connection are complete.

Procedure

Step 1 Connect the switch and the PC directly or connect the switch and the PC to the network throughcables.

----End



5


17/237

1.3.3 Configuring Login User ParametersThis part describes how to configure user parameters for login to the switch through Telnet.

ContextDo as follows on the switch:

Procedure

Step 1 Configure the authentication mode of login users.

Step 2 Configure the authority limitation of login user.

For details, see 5.4 Configuring VTY User Interface and 5.6 Configuring UserManagement .

----End

1.3.4 Logging In from the Telnet ClientThis part describes how to log in to the switch through Telnet.

Context


Procedure

Step 1 Run the Telnet program on the PC that functions as a client, and enter the IP address of theinterface on the destination switch that provides the Telnet service.

Step 2 Enter the user name and password in the login window. After authentication, a command line prompt such as appears. Now enter the configuration environment in the user view.

----End

1.4 Configuration ExamplesThis section provides examples for configuring users to log in to the switch through the console

port or Telnet together with the configuration flowchart. The configuration examples explainnetworking r equirements, c onfiguration notes, and configuration roadmap.

1.4.1 Example for Logging In Through the Console PortIn this example, you can configure the PC so as to log in to the switch through the console port.

Networking Requirements

Initialize the configuration of the switch when the switch is powered on for the first time.



6


18/237

Figure 1-1 Networking diagram of logging in through the console port

SwitchPC

Configuration Roadmap

The configuration roadmap is as follows:

1. Connect the PC and the switch through the console port.

2. Configure the login on the PC end.

3. Log in to the switch.

Data Preparation

To complete the configuration, you need the terminal communication parameters (including baud rate, data bit, parity, stop bit, and flow control).

Procedure

Step 1 Connect the serial port of the PC (or terminal) to the console port of the switch through a standardRS-232 cable. The local configuration environment is established.

Step 2 Run the terminal emulation program on the PC. Set the terminal communication parameters to be 9600 bps, data bit to be 8, stop bit to be 1. Specify no parity and no flow control as shownfrom Figure 1-2 to Figure 1-4 .

Figure 1-2 New connection



7


19/237

Figure 1-3 Setting the port

Figure 1-4 Setting the port communication parameters



8


20/237

Step 3 Power on the switch to perform a self-check and the system performs automatic configuration.When the self-check ends, you are prompted to press Enter until a command line prompt suchas appears.

Enter the command to check the running status of the switch or configure the switch.

Enter "?" for help.

----End

1.4.2 Example for Logging In Through TelnetIn this example, you can configure user parameters so as to log in to the switch from the PC or other terminals through Telnet.

Networking Requirements

You can log in to the switch on other network segments through the PC or other terminals to perform remote maintenance.

Figure 1-5 Establishing the configuration environment through WAN

IPNetwork

Switch TargetSwitch

PC

Configuration Roadmap

The configuration roadmap is as follows:

1. Establish the physical connection.

2. Configure user login parameters.

3. Log in to the switch from the client side.

Data Preparation

To complete the configuration, you need the following data

l IP address of the PCl IP address of the Ethernet interface on the switchl User information accessed through Telnet (including the user name, password, and

authentication mode)

Procedure

Step 1 Connect the PC and the switch to the network.



9


21/237

Step 2 Configure login user parameters on the target switch.

# Configure the login address

system-view[Quidway] vlan 10[Quidway-vlan10] quit[Quidway] interface gigabitethernet 0/0/1[Quidway-GigabitEthernet0/0/1] port link-type hybrid [Quidway-GigabitEthernet0/0/1] port hybrid pvid vlan 10[Quidway-GigabitEthernet0/0/1] port untagged vlan 10[Quidway-GigabitEthernet0/0/1] quit[Quidway] interface vlanif 10[Quidway-vlanif10] ip address 202.38.160.92 255.255.0.0[Quidway-vlanif10] quit

# Configure login authentication mode

[Quidway] aaa[Quidway-aaa] local-user huawei password cipher hello[Quidway-aaa] local-user huawei service-type telnet

[Quidway-aaa] local-user huawei level 3[Quidway-aaa] quit[Quidway] user-interface vty 0 4[Quidway-ui-vty0-14] authentication-mode aaa

Step 3 Configure the client login.

Run the Telnet on the PC, as shown in Figure 1-6 .

Figure 1-6 Running the Telnet program on the PC

Click OK .

Enter the user name and password in the login window. After authentication, a command line prompt such as appears. Now enter the configuration environment in the user view.

NOTE

Before logging in to the switch, ensure that the PC and switch can ping each other.

----End



10


22/237

2 CLI OverviewAbout This Chapter

Users operate devices, that is, configure the device and perform routine maintenance, by enteringcommand lines.

2.1 CLI Intro ductionThe comman d line interface (CLI) is the c ommon tool for running commands.

2.2 Online H elpWhen you en ter command lines or configure services, online help offers real-time help inaddition to th e configuration guide.

2.3 Features of Command Line InterfaceYou can edit command lines, display command lines, use the regular expression for commandlines, and inv oke historical commands.

2.4 Shortcut KeysUsing the sys tem shortcut key s makes it easier to enter commands.

2.5 Configur ation ExamplesThis section provides several exam ples for using command lines.

Quidway S5700 Series Ethernet SwitchesConfiguration Guide - Basic Configuration 2 CLI Overview


11


23/237

2.1 CLI IntroductionThe command line interface (CLI) is the common tool for running commands.

2.1.1 Command Line InterfaceYou can configure and manage a switch by using the CLI commands.

When a prompt appears, you enter the command line interface (CLI) and interact with switchthrough CLI.

The system provides a series of configuration commands. You can configure and manage theswitch by entering commands on CLI.

The characteristics of CLI are as follows:

l Local configuration through console port.l Local or remote configuration through Telnet or Secure Shell (SSH).l A user interface view for specific configuration management.l Hierarchical command protection for users of different levels, that is, running the

commands of the corresponding level.l None authentication, password authentication and Authentication, Authorization and

Accounting (AAA) to prevent the unauthorized user from accessing the switch.l Entering "?" for online help at any time.l Network testing commands such as tracert and ping for rapidly diagnosing a network.l Abundant debugging information to help in diagnosing the network.l The telnet command for directly logging in to and manage other switch.l FTP service for file uploading and downloading.l Running a history command, like DosKey.l A command line interpreter provides intelligent command resolution methods such as key

word fuzzy match and context conjunction. These methods make it easy for users to enter their commands.

NOTE

l The system supports the command with up to 512 characters. The command can be incomplete.

l The system saves the incomplete command to the configuration files in the complete form; therefore,the command may have more than 512 characters. When the system is restarted, however, theincomplete command cannot be restored. Therefore, pay attention to the length of the incompletecommand.

2.1.2 Command LevelsThe system adopts a hierarchical protection mode that has 16 command levels.

The default command levels are as follows:

l Level 0-Visit level: Commands of this level include commands of network diagnosis tool

(such as ping and tracert) and commands that start from the local device and visit externaldevice (such as Telnet client side).



12


24/237

l Level 1-Monitoring level: Commands of this level, including the display commands, areused for system maintenance and fault diagnosis.

l Level 2-Configuration level: Commands of this level are service configuration commandsthat provide direct network service to the user, including routing and network layer

commands.l Level 3-Management level: Commands of this level are commands that influence the basic

operation of the system and provide support to the service. They include file systemcommands, FTP commands, TFTP commands, XModem downloading commands,configuration file switching commands, power supply control commands, backup boardcontrol commands, user management commands, level setting commands, system internal

parameter setting commands, and debugging commands that are used for fault diagnosis.

CAUTION

Not all display commands are of the monitoring level. For example, the display current-configuration and display saved-configuration commands are of the management level. For the level of a command, see the Quidway S5700 Series Command Reference .

To implement efficient management, you can increase the command levels to 0-15. For theincrease in the command levels, refer to Chapter 4 "Basic Configuration" ConfiguringCommand Levels in the Quidway S5700 Series Configuration Guide - Basic Configurations .

NOTE

l The default command level may be higher than the command level defined according to the command

rules in applica tion.l Login users have the same 16 levels as the command levels. The login users can use only the command

of the levels that are equal to or lower than their own levels. For details of login user levels, refer toUser Management .

2.1.3 Command ViewsThe comman d line interface has different command views. All the commands must register inone or more command views. You can run a command only when you enter the corresp ondingcommand view.

Basic Concepts of Command Views# Establish connection with the switch. If the switch adopts the default configuration, you canenter the user view with the prompt of .

# Type system-view , and you can enter the system view.

system-view[Quidway]

# Type aaa in the system view, and you can enter the AAA view.

[Quidway] aaa[Quidway-aaa]



13


25/237

NOTE

The prompt indicates the default switch name. The prompt indicates the user view and the prompt [] indicates other views.

Some commands that are implemented in the system view can also be implemented in the other views; however, the functions that can be implemented are command view-specific.

Common Views

The S5700 provides various command line views. For the methods of entering the commandline views except the following views, see the Quidway S5700 Command Reference .

l User View

Item Description

Function Displays the running status and statistics of the S5700.

Entry command Enters the user view after the connection is set up.

Prompt uponentry

Quit command quit

Prompt uponquit

None.

l System View

Item Description

Function Sets the system parameters of the S5700, and enters other functionviews from this view.

Entry command system-view

Prompt uponentry

[Quidway]

Quit command [Quidway] quit

Prompt uponquit

l Ethernet Interface View

GE interface view

Item Description

Function Configures related parameters about the GE interfaces of theS5700 and manages the GE interfaces.

Entrycommand

[Quidway] interface GigabitEthernet X/Y/Z



14


26/237

Item Description

Prompt uponentry

[Quidway-GigabitEthernet X/Y/Z ]

Quit command [Quidway-GigabitEthernet X/Y/Z ] quit

Prompt uponquit

[Quidway]

NOTE

X/Y/Z indicates the number of a GE interface that needs to be configured. It is in the format of slot number/sub card number/interface sequence number.

If an LPU provides GE interfaces and 10GE interfaces, the difference lies in the subcard wherethe 10GE interfaces reside. Generally, the sequence number of a 10GE interface is 1. If an LPU

provides only 10GE interfaces, the method of entering the 10GE interface view is the same asthe method of entering the GE interface view.

2.2 Online HelpWhen you enter command lines or configure services, online help offers real-time help inaddition to the configuration guide.

ContextThe command line of S5700 provides three types of online help:

l Full helpl Partial helpl Error Messages of the Command Line Interface

2.2.1 Full HelpWhen you enter a command line, you can view the description of keywords or parameters in thecommand line through the Full Help.

You can obtain full help from a command view in the following methods:

l

In a command view, enter ? to obtain all the commands in this command view anddescriptions of the commands. ?

l Enter a command and a ? separated by a space. If a keyword is in place of the ? , all keywordsand their descriptions are listed. Here is an example.[Quidway-ui-vty0] authentication-mode ? aaa AAA authentication none Login without checking password Authentication through the password of a user terminal interface[Quidway-ui-vty0] authentication-mode aaa ?[Quidway-ui-vty0] authentication-mode aaa

aaa, none and password are keywords. AAA authentication, Login without checking and

Authentication through the password of a user terminal interface are the descriptions of thetwo keywords.



15


27/237

indicates that no key word or parameter is in this position and you can press Enter torepeat the command in the next command line.

l Enter a command and a ? separated by a space. If a parameter is in place of the ? , all parameters and their descriptions are listed. Here is an example.

system-view[Quidway] sysname ?TEXT Host name(1 to 246 characters)

TEXT is a parameter and Host name (1 to 246 characters) is the description.

2.2.2 Partial HelpWhen you enter a command line, you can obtain prompts on the keywords or parameters at the

beginning of the string through the Partial Help.

Context

You can obtain the partial help of the command line in the following ways.

Procedurel Enter a character string with a "?" closely following it to display all commands that begin

with this character string. d? debugging delete dir display

l Enter a command and a character string with "?" closely following it to display all the keywords that begin with this character string. display b? bfd bgp bootrom bpdu bpdu-tunnel buffer

l Enter the first several letters of a key word in the command and then press Tab to displaythe complete key word on the condition that the letters uniquely identify the key word.Otherwise, if you continue to press Tab , different key words are displayed. You can selectthe needed key word.

----End

2.2.3 Error Messages of the Command Line Interface

If an entered command passes the syntax check, the system executes it. Otherwise, the system prompts an error message.

All the commands entered by the user are run correctly, if the grammar check has been passed.Otherwise, error messages are reported to the user. See Table 2-1 for the common error messages.

Table 2-1 Common error messages of the command line

Error messages Cause of the error

Unrecognized command The command cannot be found

The key word cannot be found



16


28/237


29/237

Key Function

Tab Press Tab after typing the incomplete key word and the systemruns the partial help:

l If the matching key word is unique, the system replaces thetyped one with the complete key word and displays it in a newline with the cursor a space behind.

l If there are several matches or no match at all, the systemdisplays the prefix first. Then you can press Tab to view thematching key word one by one. In this case, the cursor closelyfollows the end of the word and you can type a space to enter the next word.

l If a wrong key word is entered, press Tab and the word isdisplayed in a new line.

2.3.2 Displaying All command lines have the same displaying feature. You can construct the displaying mode asrequired.

You can control the display of information on CLI as follows:

l Display prompt and help information in both Chinese and English.l When the information displayed exceeds a full screen, it provides the pause function. In

this case, the user has three choices as shown in Table 2-3 .

Table 2-3 Keys for displaying

Key Function

Ctrl_C Stops the display and running of the command.NOTE

You can also press any of the keys except the spacebar and Enter keyto stop the display and running of the command.

Space Continues to display the information on the next screen.

Enter Continues to display the information on the next line.

2.3.3 Regular ExpressionsThe regular expression is a mode matching tool. You can construct the matching mode basedon certain rules, and then match the mode with the target object.

The regular expression is an expression that describes a set of strings. It consists of commoncharacters (such as letters from "a" to "z") and particular characters (also named metacharacters).The regular expression is a template according to which you can search for the required string.

A regular expression can provide the following functions:



18


30/237

l Searching for and obtaining a sub-string that matches a rule in the string.l Substituting a string according to a certain matching rule.

Formal Language Theory of the Regular Expression

The regular expression consists of common characters and particular characters.

l Common characters

Common characters are used to match themselves in a string, including all upper-case andlower-case letters, digits, punctuations, and special symbols. For example, a matches theletter "a" in "abc", 202 matches the digit "202" in "202.113.25.155", and @ matches thesymbol "@" in "[email protected]".

l Particular characters

Particular characters are used together with common characters to match the complex or particular string combination. Table 2-4 describes particular characters and their syntax.

Table 2-4 Description of particular characters

Particularcharacter

Syntax Example

\ Defines an escape character, whichis used to mark the next character (common or particular) as thecommon character.

\* matches "*".

^ Matches the starting position of thestring.

^10 matches "10.10.10.1" instead of "20.10.10.1".

$ Matches the ending position of thestring.

1$ matches "10.10.10.1" instead of "10.10.10.2".

* Matches the preceding element zeroor more times.

10* matches "1", "10", "100", and"1000".

(10)* matches "null", "10", "1010",and "101010".

+ Matches the preceding element one

or more times

10+ matches "10", "100", and

"1000".(10)+ matches "10", "1010", and"101010".

? Matches the preceding element zeroor one time.

10? matches "1" and "10".

(10)? matches "null" and "10".

. Matches any single character. 0.0 matches "0x0" and "020".

.oo matches "book", "look", and"tool".



19


31/237

Particularcharacter

Syntax Example

() Defines a subexpression, which can be null. Both the expression and thesubexpression should be matched.

100(200)+ matches "100200" and"100200200".

x|y Matches x or y. 100|200 matches "100" or "200".

1(2|3)4 matches "124" or "134",instead of "1234", "14", "1224", and"1334".

[xyz] Matches any single character in theregular expression.

[123] matches the character 2 in"255".

[^xyz] Matches any character that is notcontained within the brackets.

[^123] matches any character exceptfor "1", "2", and "3".

[a-z] Matches any character within thespecified range.

[0-9] matches any character rangingfrom 0 to 9.

[^a-z] Matches any character beyond thespecified range.

[^0-9] matches all non-numericcharacters.

_ Matches a comma "," left brace "{",right brace "}", left parenthesis "(",and right parenthesis ")".

Matches the starting position of theinput string.

Matches the ending position of theinput string.

Matches a space.

_2008_ matches "2008", "space2008 space", "space 2008", "2008space", ",2008,", "{2008}","(2008)", "{2008", and "(2008}".

NOTE

Unless otherwise specified, all characters in the preceding table are displayed on the screen.

l

Degeneration of particular charactersCertain particular characters, when being placed at the following positions in the regular expression, degenerate to common characters.

The particular characters following "\" is transferred to match particular charactersthemselves.

The particular characters "*", "+", and "?" placed at the starting position of the regular expression. For example, +45 matches "+45" and abc(*def) matches "abc*def".

The particular character "^" placed at any position except for the start of the regular expression. For example, abc^ matches "abc^".

The particular character "$" placed at any position except for the end of the regular

expression. For example, 12$2 matches "12$2".



20


32/237

The right bracket such as ")" or "]" being not paired with its corresponding left bracket"(" or "[". For example, abc) matches "abc)" and 0-9] matches "0-9]".

NOTE

Unless otherwise specified, degeneration rules are applicable when preceding regular expressionsserve as subexpressions within parentheses.

l Combination of common and particular characters

In actual application, a regular expression combines multiple common and particular characters to match certain strings.

Specifying a Filtering Mode in Command

CAUTION

The Quidway S5700 Series uses a regular expression to implement the filtering function of the pipe character. A display command supports the pipe character only when there is excessiveoutput information.

When the output information is queried according to the filtering conditions, the first line of thecommand output starts with the information containing the regular expression.

The command can carry the parameter | count to display the number of matching entries. The parameter | count can be used together with other parameters.

For the commands supporting regular expressions, the three filtering methods are as follows:

l | begin regular-expression : displays the information that begins with the line that matchesregular expression .

l | exclude regular-expression : displays the information that excludes the lines that matchregular expression .

l | include regular-expression : displays the information that includes the lines that matchregular expression .

NOTE

The value of regular-expression is a string of 1 to 255 characters.

Specify a Filtering Mode when Information is Displayed

When a lot of information is displayed, you can specify a filtering mode in the prompt "---- More----".

l /regular-expression : displays the information that begins with the line that matches regular expression .

l -regular-expression : displays the information that excludes lines that match regular expression .

l +regular-expression : displays the information that includes lines that match regular expression .



21


33/237

2.3.4 History CommandsThe command line interface provides a function similar to DosKey, which can automaticallysave historical commands. You can invoke the historical commands saved on the command line

interface at any time and run them again.

By default, the system saves 10 history commands at most for each user. The operations are asshown in Table 2-5 .

Table 2-5 Access the history commands

Action Key or Command Result

Display thehistorycommands.

display history-command

Display the history commands entered by users.

Access the lasthistorycommand.

Up cursor key or Ctrl_P

Display the last history command if there is anearlier history command. Otherwise, a bell isgenerated.

Access the nexthistorycommand.

Down cursor key or Ctrl_N

Display the next history command if there is a later history command. Otherwise, the command iscleared and a bell is generated.

NOTE

On the HyperTerminal of Windows 9X, cursor key is invalid as the HyperTerminals of Windows 9Xdefine the keys differently. In this case, you can replace the cursor key with Ctrl_P .

When you use the history commands, note the following:

l The saved history commands are the same as that those entered by users. For example, if the user enters an incomplete command, the saved command also is incomplete.

l If the user runs the same command several times, the earliest command is saved. If thecommand is entered in different forms, they are considered as different commands.

For example, if the display ip routing-table command is run several times, only one historycommand is saved. If the disp ip routing command and the display ip routing-tablecommand are run, tw

Documents

Configuration Guide - Basic Configuration(V100R006C00_01)