华为 S5700 交换机配置示例
一、基本配置
<!-- 创建VLAN -->
<Huawei> system-view
[Huawei] sysname S5700-SW1
[S5700-SW1] vlan 10
[S5700-SW1-vlan10] description SERVER_VLAN
[S5700-SW1-vlan10] quit
[S5700-SW1] vlan 20
[S5700-SW1-vlan20] description USER_VLAN
[S5700-SW1-vlan20] quit
<!-- 配置管理IP -->
[S5700-SW1] interface Vlanif 1
[S5700-SW1-Vlanif1] ip address 192.168.1.253 255.255.255.0
[S5700-SW1-Vlanif1] undo shutdown
[S5700-SW1-Vlanif1] quit
二、端口配置
<!-- 批量配置Access端口 -->
[S5700-SW1] interface GigabitEthernet 0/0/1
[S5700-SW1-GigabitEthernet0/0/1] port link-type access
[S5700-SW1-GigabitEthernet0/0/1] port default vlan 10
[S5700-SW1-GigabitEthernet0/0/1] port isolation protect
[S5700-SW1-GigabitEthernet0/0/1] stp edgedport enable
[S5700-SW1-GigabitEthernet0/0/1] undo shutdown
[S5700-SW1-GigabitEthernet0/0/1] quit
<!-- 配置Trunk端口 -->
[S5700-SW1] interface GigabitEthernet 0/0/24
[S5700-SW1-GigabitEthernet0/0/24] port link-type trunk
[S5700-SW1-GigabitEthernet0/0/24] port trunk allow-pass vlan 10 20 100
[S5700-SW1-GigabitEthernet0/0/24] undo shutdown
[S5700-SW1-GigabitEthernet0/0/24] quit
三、链路聚合
<!-- 创建聚合组 -->
[S5700-SW1] interface eth-trunk 1
[S5700-SW1-Eth-Trunk1] trunkport GigabitEthernet 0/0/21 to 0/0/22
[S5700-SW1-Eth-Trunk1] port link-type trunk
[S5700-SW1-Eth-Trunk1] port trunk allow-pass vlan 10 20
[S5700-SW1-Eth-Trunk1] load-balance src-dst-mac
[S5700-SW1-Eth-Trunk1] undo shutdown
[S5700-SW1-Eth-Trunk1] quit
四、STP配置
[S5700-SW1] stp enable
[S5700-SW1] stp mode rstp
[S5700-SW1] stp priority 4096
[S5700-SW1] stp edged-port default
[S5700-SW1] interface GigabitEthernet 0/0/1
[S5700-SW1-GigabitEthernet0/0/1] stp edged-port enable
[S5700-SW1-GigabitEthernet0/0/1] quit
五、VRRP备份组
[S5700-SW1] interface Vlanif 10
[S5700-SW1-Vlanif10] ip address 192.168.10.252 255.255.255.0
[S5700-SW1-Vlanif10] vrrp vrid 10 virtual-ip 192.168.10.254
[S5700-SW1-Vlanif10] vrrp vrid 10 priority 150
[S5700-SW1-Vlanif10] vrrp vrid 10 preempt-mode timer delay 5
[S5700-SW1-Vlanif10] vrrp vrid 10 track interface GigabitEthernet 0/0/1 reduced 30
[S5700-SW1-Vlanif10] quit
六、保存配置
<!-- 保存配置 -->
[S5700-SW1] return
<Huawei> save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]Y
配置要点总结
- VLAN规划:根据业务类型合理划分VLAN
- 端口安全:启用端口隔离和STP边缘端口
- 链路聚合:增加带宽和提高可靠性
- VRRP:实现网关备份,保证网络冗余
七、配置命令详解
1. VLAN配置命令解释
| 命令 |
解释 |
system-view |
进入系统视图模式,用于配置全局参数 |
sysname S5700-SW1 |
设置交换机名称为 S5700-SW1,便于识别 |
vlan 10 |
创建并进入VLAN 10配置视图 |
description SERVER_VLAN |
给VLAN添加描述信息,说明用途 |
2. 端口配置命令解释
| 命令 |
解释 |
port link-type access |
将端口设置为Access模式,用于连接终端设备 |
port default vlan 10 |
将端口加入VLAN 10 |
port link-type trunk |
将端口设置为Trunk模式,用于交换机级联 |
port trunk allow-pass vlan 10 20 |
允许VLAN 10和20的数据通过Trunk端口 |
3. STP与VRRP命令解释
| 命令 |
解释 |
stp mode rstp |
启用RSTP快速生成树协议,加快收敛速度 |
stp priority 4096 |
设置交换机优先级,优先级越低越可能成为根桥 |
vrrp vrid 10 virtual-ip 192.168.10.254 |
创建VRRP组10,虚拟IP为192.168.10.254 |
vrrp vrid 10 priority 150 |
设置VRRP优先级为150,优先级高者成为主设备 |
4. 配置要点总结
配置顺序建议:
- 先配置设备名称和管理IP
- 创建VLAN并划分端口
- 配置Trunk端口用于级联
- 配置STP防止环路
- 配置VRRP实现网关冗余
- 保存配置