Beruflich Dokumente
Kultur Dokumente
display current-configuration
PING EXTENDIDO
<mintel2-lab-piloto2uio>ping -a 201.218.38.198 10.21.143.76
PING 10.21.143.76: 56 data bytes, press CTRL_C to break
MSR 900
10 Mb Full-duplex (encryptacion baja a 8 Mb)
2 WAN y 4 lan, 2puertos LAN se pueden hacer WAN
no requiere licencia.
Quit
bytes DRAM
wr (write)
= erase startup-
reload
como un tftp
<H3C> system-view
[H3C] sysname PRUEBA
-----> [PRUEBA]
= configuration terminal
= hostname PRUEBA
Ej:
setear hora
Ej:
Clocktime zone
timeout
deshabilita copyright
enable secret
banner motd
[H3C] flow-interval 30
interfases
clear arp
Setear ip en interfase
ip address ip_address { mask mask_length } [ sub ]
Creacion de Vlan
Habilitacion de SSH
<H3C> system-view
[H3C] Ssh server enable
habilitar ssh
[MSR900-ui-vty0-4] quit
[H3C] local-user client1
[H3C-luser-client1] password simple clave
[H3C-luser-client1] service-type ssh level 3
[H3C-luser-client1] quit
[H3C] Public-key local create rsa
bytes)
Userlevel
3
1
To disconnect a user:
<H3C>free user-interface vty #
Are you sure you want free user-interface vty1 [Y/N]
DHCP
activo DHCP
defino pool
defino gateway
defino DNS
defino domain
tiempo de alquiler de ip
[Router]Interface vlan 1
NAT ESTATICO
=============
naturemask-arp
nat static ip-interna ip-externa
[h3c] int interfase
[H3C] ip address de interfase
nat outbound static
habilita NAT
NAT DINAMICO
============
naturemask-arp enable
nat address-group NAME primera-ip ultima-ip
crear primero el acl.
interfase
nat outbound ACL address-group NAME
ACL = access-list
Display nat session
NAT ENTRANTE
revisar
nat server 1 protocol tcp global current-interface 8080 inside 192.168.0.2 8080
display nat server
TUNEL
gre
ipv4-ipv4
dvpn
interface tunnel 0
source ip-origen
destination ip-destino
ip addres (de interfase tunel)
tcp mss 1432
tunnel-protocol [ gre/ ipv4-ipv4 ]
Policy-based-route
Creacion de FILTRO
Definicin de la poltica
Aplicacin de la poltica
display policy-based-route
OSPF
25 areas maximas
5 areas por ruteador
eleccion de DR
1- DR priority
2- Router-ID
3- Loop interfases mas alta
4- ip de interfases fisicas mas alta
costo =1Gb/BW=
ECMP
Route-map
10e8
ospf dr-priority
router id valor-ip
ospf process_id
area area-id
network red mask-wildcard
display ospf routing table
BGP
www.bgp.he.net pagina para ayudarnos con BGP.
AS_path: mas corto mejor
MED: mas bajo mejor
bgp AS
router-id IP R-ID
loopback)
undo synchronization
peer IP-PEER as-number AS-PEER
peer IP-PEER connect-interface LoopBack0
peer IP-PEER description NAME
peer IP-PEER preferred-value 1000
network RED MASK
#
display ip routing-table
display bgp routing-table
display bgp peer
QoS
clasificador+ comportamiento = politica
acl + operador (and / or)
trafficc classifier class 1 operatod and
if-match acl 3100
if match acl 3101
2Mbps
rojo (fuera de los 2Mbps)
traffic behavior nombre
gts cir 700
VRRP
Admin Status : Up
Config Pri
: 100
Preempt Mode : Yes
Auth Type
: None
Virtual IP
: 10.2.0.3
Master IP
: 10.2.0.1
State
: Backup
Running Pri : 100
Delay Time : 0
<ip del master
[H3C]display vrrp
IPv4 Standby Information:
Run Mode
: Standard
Run Method
: Virtual MAC
Total number of virtual routers : 1
Interface
VRID State
Run
Adver Auth
Virtual
Pri
Timer Type
IP
--------------------------------------------------------------------Vlan1
1
Backup
100
1
None
10.2.0.3
[H3C]
NQA
====
LSA
admin = local-user
mirrroring
mirroring
mirroring-group 1
mirroring-port e0/1
monitor-port e0/0
mirrroring-group 1 mirroring port interfase both para emparejar
no se puede hacer entre un port mirroring route y un bridge port (capa 2 con capa 2 y 3
con 3)
RMON
SFLOW
sflow agent la direccion delrouter
sflow counter interval
NQA'
password recovery
6 es equivalente a
2142
ipv6
[H3C] ipv6
ipv6 address 3001::1 64
activar ipv6
.cfg)
NO BORRAR EL
ip route-static 192.168.2.0 24 tu 1
ospf v3
(ipv6)
ip deinterfase en ipv6
[H3C] ospfv3 1
router-id 1.1.1.1
int e0/0
ospfv3 1 area 0
display ospfv3 peer
display ospfv3 routing-table
vlans
======
vlan 2
int e0/2
port link-type trunk (troncaliza puerto)
port trunk permit vlan all
dis dhcp ser ip-in-use all para mostrar las dadas por dhcp
=== ====
==== ===
Deshabilitar telnet
undo telnet server enable
Habilitar ssh
public-key local create rsa
ssh server enable
local-user bancos
service-type ssh
undo service-type telnet
undo service-type web
Cerrar el acceso por la linea auxiliar.
[HP]user-interface tty 13
[HP-ui-tty13]set authentication password cipher CLAVE
Cerrar el acceso por consola
[HP]user-interface con 0
[HP-ui-console0]set authentication password cipher CLAVE
Proxy ARP viene deshabilitado por default.
En la plantilla esta configurado qos en la interfaz WAN. Esto se hara para los enlaces de
radio. Caso contrario eliminar de la configuracin.
#
traffic classifier BW operator and
if-match any
#
traffic behavior beh_BW
car cir 128 cbs 1000 ebs 0 green pass red discard
#
qos policy pol_BW
classifier BW behavior beh_BW
qos policy BW
#
#
interface Ethernet0/0
port link-mode route
description WAN
qos apply policy pol_BW inbound
qos apply policy pol_BW outbound
#
======================================================
=========
### ENCAPSULACION DOT1Q
#####################################
interface Ethernet0/0.477
vlan-type dot1q vid 477
ip address 10.11.92.18 255.255.255.248