Showing posts with label S2700. Show all posts
Showing posts with label S2700. Show all posts

Wednesday, March 23, 2016

Basic Configuration on the Device at First Login for Huawei Switches

Huawei Switches Basic Configuration:  How to first login the device on console port or mini USB port.
Here, we will describe how to configure the time and date, device name, management IP address, and the user level and authentication mode for Telnet users at first login through the console port or mini USB port. This configuration apply to all the Huawei switches, such as the popular switch: Huawei S5700,S3700S2700

Procedure


1 Set the time and date on the device.

Run:
system-view
The system view is displayed.

Run:
clock timezone time-zone-name { add | minus } offset
The time zone is set.

By default, the system uses the Coordinated Universal Time (UTC) time zone.
add: adds the specified time zone offset to the UTC. That is, the sum of the default UTC time zone and offset equals the time zone specified by time-zone-name.
minus: subtracts the specified time zone offset from the UTC. That is, the remainder obtained by subtracting offset from the default UTC time zone equals the time zone specified by time-zone-name.

Run:
quit
Return to the system view.

Run:
clock datetime HH:MM:SS YYYY-MM-DD
The current time and date are set.
If the time zone is not set, the time set using this command is considered as the UTC time. Before setting the current time, you are advised to confirm the current zone and set the correct time zone offset.

Run:
system-view
The system view is displayed.

Run:
clock daylight-saving-time time-zone-name one-year start-time start-date end-time end-date offset
Or clock daylight-saving-time time-zone-name repeating start-time { { first | second | third | fourth | last } weekday month | start-date1 } end-time { { first | second | third | fourth | last } weekday month | end-date1 } offset [ start-year [ end-year ] ]
Daylight saving time (DST) is set.
By default, DST is not configured.

NOTE:
If you configure periodic DST, the combination of the DST start time and end time can be any of the following: date+date, day of the week+day of the week, date+day of the week, and day of the week+date.
When DST is used, you can run the clock timezone time-zone-name { add | minus } offset command to set the time zone. The time zone in the output of the display clock command is, however, the name of the DST time zone. When DST ends, the system displays the original time zone.

2, Set the device name and management IP address.

Run:
sysname host-name
The device name is set.
By default, the device name is HUAWEI.
When the network management tool needs to obtain the network element (NE) name of a device, you can run the sys-netid command to set an NE name for the device.

Run:
interface interface-type interface-number
The interface view is displayed.
In addition to the management interface on the device, you can also assign the management IP address to Layer 3 interfaces such as VLANIF interfaces on the device.

Run:
ip address ip-address { mask | mask-length }
The management IP address is assigned.
NOTE:
The management IP address is used to maintain and manage the device. Configure the IP address and routes based on the network plan to ensure that the routes between the terminal and device are reachable.

3 Set the user level and authentication mode for Telnet users.

Run:
telnet [ ipv6 ] server enable
The Telnet server is enabled.
By default, the Telnet server is disabled.

Run:
user-interface vty first-ui-number [ last-ui-number ]
The VTY user interface view is displayed.

Run:
protocol inbound { all | telnet }
he VTY user interface is configured to support the Telnet protocol.
By default, a VTY user interface supports the SSH protocol.

Run:
user privilege level level
The Telnet user level is set.
By default, users who log in through the VTY user interface can access commands at level 0.

Run:
authentication-mode aaa
The authentication mode for Telnet users is set to AAA authentication.
By default, no authentication mode is configured for the VTY user interface.
NOTE:
The system provides three authentication modes: AAA authentication, password authentication, and non-authentication modes. AAA authentication requires both the user name and password, and is therefore more secure than password authentication. Non-authentication mode is not recommended because it cannot ensure system security. This section describes how to configure AAA authentication..

Run:
aaa
The AAA view is displayed.

Run:
local-user user-name password irreversible-cipher password
The user name and password for login through Telnet are configured.
The value of password can be a plain-text string of 8 to 128 characters or a cipher-text string of 68 characters.
A too simple password may cause a potential security risk. To enhance the security strength, the password entered in plain text must contain at least two of the following: uppercase letters, lowercase letters, digits, and special characters. In addition, the password cannot be the same as the user name or the mirror user name.

Run:
local-user user-name service-type telnet
The login mode is set to Telnet.

4, Save the configuration.

After basic configuration is complete, you are advised to save the configuration. If the configuration is lost, the connection and configuration for the first login must be performed again.

Run:
return
Return to the user view.

Run:
save
The configuration is saved.
Telephone: 852-30623083
           Supports@Thunder-link.com            

Posted by at No comments:
Labels: , , , , , , , , , ,

Tuesday, March 15, 2016

The Function of Huawei S2700EI Series Switches

The Huawei S2700EI series switch is next-generation energy-saving 100M Ethernet intelligent switches - is deployed at the access layer of a campus network to provide high performance, multi-service, and highly reliable enterprise network.
Huawei S2700EI Series Switches Characteristics:
PoE
The S2700EI PWR provides improved PoE solutions. You can configure whether and when a PoE port supplies power. The S2700EI PWR can use PoE power supplies with different power levels to provide -48V DC power for powered devices (PDs), such as IP phones, WLAN APs, and Bluetooth APs. As the power sourcing equipment (PSE), the S2700EI PWR complies with IEEE 802.3af and 802.3at (PoE+) and can supply power to non-standard PDs. PoE ports can work in power-saving mode. Each 802.3at-enabled interface can provide 30 W power, so the S2700EI can connect to high-power terminals.
Various Reliability Mechanisms
The S2700EI supports iStack, which virtualizes multiple switches into one logical switch. iStack improves the switching capacity and enhances reliability and scalability. The stacked switches are managed using a single IP address, which greatly reduces system operation and maintenance costs.
Besides STP, RSTP, and MSTP, the S2700EI also supports enhanced Ethernet reliability technologies such as Smart Link and RRPP, which implement millisecond-level protection switching and ensure network reliability.
The S2700EI supports the Smart Ethernet Protection (SEP) protocol, which is a ring network protocol applied to the link layer of an Ethernet network. SEP provides fast switchover within several milliseconds without interrupting services. SEP features simplicity, high reliability, high switchover performance, convenient maintenance, and flexible topology and enables users to manage and plan networks conveniently.
The S2700EI supports G.8032, also called Ethernet Ring Protection Switch (ERPS). ERPS is based on traditional Ethernet MAC and bridging functions. It uses the mature Ethernet OAM and Ring Automatic Protection Switching (Ring APS or R-APS) technologies to implement fast protection switching on Ethernet. ERPS supports multiple services and provides flexible networking, reducing the OPEX and CAPEX.
Flexible Service Control
The S2700EI supports various ACLs. ACL rules can be applied to VLANs to flexibly control traffic on interfaces and schedule resources in VLANs.
The S2700EI supports VLAN assignment based on interfaces, MAC addresses, protocols, and IP subnets. It applies to networks where users move frequently and networks demanding high security.
The S2700EI supports GVRP, which dynamically distributes, registers, and propagates VLAN attributes to reduce the manual configuration workloads of network administrators and ensure correct VLAN configuration. In addition, the S2700EI supports SSHv2, HWTACACS, RMON, interface-based traffic statistics, and NQA to help in network planning and upgrading.
Various Security Measures
The S2700EI supports DHCP snooping, which generates user binding entries based on MAC addresses, IP addresses, IP address leases, VLAN IDs, and interface numbers of users. The DHCP snooping function protects networks against common attacks such as bogus IP packet attacks, man-in-the-middle attacks, and bogus DHCP server attacks.
The S2700EI can limit the number of MAC addresses learned on an interface to prevent packet flooding that occurs when an attacker frequently changes source MAC addresses.
The S2700EI supports strict ARP learning. This feature prevents ARP spoofing attackers from exhausting ARP entries so that users can connect to the Internet normally. It provides IP source check to prevent DoS attacks caused by IP address spoofing.
The S2700EI supports centralized MAC address authentication and 802.1x authentication. It authenticates users based on static or dynamic user binding information such as the user name, IP address, MAC address, VLAN ID, and interface number. VLANs and ACLs can be applied to users dynamically.
Comprehensive QoS Policies
The S2700EI supports complex traffic classification based on VLAN IDs, MAC addresses, IP protocols, source addresses, destination addresses, priorities, or TCP or UDP port numbers of packets. By limiting the traffic rate based on flows, the S2700EI implements line-speed forwarding on each interface to ensure high quality of the voice, video, and data services. Each interface supports eight queues and multiple queue scheduling algorithms such as WRR, SP, and WRR+SP.
Powerful Surge Protection Capability
The S2700 adopts a Huawei patented surge protection technique to prevent lightning induced overvoltage. All interfaces of the S2700 have a surge protection capability of 6 kV. The Huawei patented surge protection technique greatly reduces the possibility of lightning damages on the equipment even in atrocious environments or in scenarios where grounding cannot be implemented.
The most popular Huawei S2700EI switch as below:
Telephone: 852-30623083
           Supports@Thunder-link.com            
Posted by at No comments:
Labels: , , , , , , , ,

Monday, March 14, 2016

Configuring an SNMP Query Test Instance on Huawei Switch

How to Configure an SNMP Query Test Instance on Huawei Switch
Context
Before configuring an SNMP query test instance, configure an SNMP agent and ensue reachable routes between the NQA client and the SNMP agent.
You can obtain the statistics about communication between the NQA client and the SNMP agent.
Perform the following steps on the NQA client.
The configuration overview:
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
nqa test-instance admin-name test-name
An NQA test instance is created, and the NQA view is displayed.
Step 3 Run:
test-type snmp
The test type is set to SNMP.
Step 4 Run:
destination-address ipv4 ipv4-address
The destination IP address (IP address of the SNMP agent) is configured.
The SNMP function must be enabled on the destination host, otherwise, the NQA client cannot receive response packets.
Step 5 (Optional) Run the following commands as required to configure parameters for the SNMP test.
 Run:
description string
A description is configured for the test instance.
 Run:
frequency interval
The test period is set for the NQA test instance.
 Run:
timeout time
The timeout period of a probe is set for the NQA test instance.
 Run:
source-address ipv4 ipv4-address
The source IP address is configured.
 Run:
source-port port-number
The source port number is configured.
 Run:
ttl number
The TTL value in the NQA test packet is set.
 Run:
sendpacket passroute
The NQA test instance is configured to send packets without searching the routing table.
 Run:
probe-count number
The number of probes in a test is set.
 Run:
tos value
Type of Service (ToS) is set for the test packet.
 Run:
fail-percent percent
The failure percentage is set for the NQA test instance.
 Run:
interval seconds interval
The interval at which test packets are sent is configured.
 Run:
vpn-instance vpn-instance-name
The VPN instance name is configured.
 Run:
records history number
The maximum number of historical records is set for the NQA test instance.
 Run:
records result number
The maximum number of result records is set for the NQA test instance.
 Run:
agetime hh:mm:ss
The aging time is set for the NQA test instance.
—-End
Note: this configuration also works for the Huawei s2700Quidway S5700, s6700, Huawei S3700.
Telephone: 852-30623083
           Supports@Thunder-link.com            
Posted by at No comments:
Labels: , , , , , , , , , , , ,

Monday, February 22, 2016

The difference between the Huawei S2750EI and S2700EI

Q: What is the difference between S2750 EI and S2700 EI?
A: Please refer to below list:
FeaturesS2750 EIS2700 EI
MAC16K8K
Uplink ports4GE Optical + 2GE Combo2GE Optical + 2GE Combo
iStackNight units iStackNot support
sFlowSupportNot support
SmartlinkSupportNot support
SEP/G.8032SupportNot support
802.1XMax 802.1x users per port: 64; Max 802.1x users per switch: 1024Max 802.1x users per port: 8; Max 802.1x users per switch: 256
Cach1M384K
Flash200M16M

Huawei Quidway S2700 series Fast Ethernet enterprise switch is highly scalable and energy-efficient, work as 100 Mbit/s access switches. Huawei S2700 meets the demand for multi-service provisioning and access on Ethernet networks. It is easy to install and maintain and can be used in a variety of enterprise network scenarios. With S2700 flexible VLAN deployment, comprehensive security and QoS policies, and energy-saving technologies, the S2700 helps enterprise customers build next-generation IT networks. Thunder-link.com keeps many S2700 switches in stock and can ship to worldwide.

The more information about the Quidway switch, you can visit: www.Thunder-link.com, a world leading Huawei networking products distributor, it always devotes to satisfying clients’ needs, is a platform for us to learn and share knowledge!

More related:

NE Configuration Loss Due to Disabling of the Automatic and Periodic Database Backup Functions on MSTP Products

Posted by at No comments:
Labels: , , , , , , , ,
Subscribe to: Posts (Atom)