网络服务与应用
FTP协议
FTP类型
FTP(File Transfer Protocol,文件传输协议)TCP协议
TFTP(Trivial File Transfer Protocol,简单文件传输协议)UDP协议
C/S架构(即服务器端与客户端模型)
针对传输的文件类型不同,FTP可以采用不同的传输模式:
ASCII模式:传输文本文件(TXT、LOG、CFG )时会对文本内容进行编码方式转换,提高传输效率。当传输网络设备的配置文件、日志文件时推荐使用该模式。
Binary(二进制)模式:非文本文件(cc、BIN、EXE、PNG),如图片、可执行程序等,以二进制直接传输原始文件内容。当传输网络设备的版本文件时推荐使用该模式。
FTP工作方式
FTP存在两种工作方式:主动模式(PORT)和被动模式(PASV)。
配置命令介绍 - 设备作为服务器端
TFTP协议
TFTP传输示例
配置命令介绍 - 设备作为客户端
Telnet协议
配置命令介绍
DHCP协议
DHCP工作原理
DHCP租期更新
如果在50%租期时客户端未得到原服务器端的回应,则客户端在87.5%租期时会广播发送DHCP Request,任意一台DHCP服务器端都可回应,该过程称为重绑定。
配置命令介绍
接口地址池
全局地址池
实验
DHCP接口地址池配置
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]dhcp enable
Info: The operation may take a few seconds. Please wait for a moment.done.
[Huawei]int g0/0/0
[Huawei-GigabitEthernet0/0/0]ip add 172.16.0.254 24
[Huawei-GigabitEthernet0/0/0]dhcp select interface
[Huawei-GigabitEthernet0/0/0]dhcp server dns-list 8.8.8.8 114.114.114.114
[Huawei-GigabitEthernet0/0/0]dhcp server excluded-ip-address 172.16.0.253
[Huawei-GigabitEthernet0/0/0]dhcp server lease day 3
DHCP全局地址池配置
[Huawei]ip pool huawei
Info: It's successful to create an IP address pool.
[Huawei-ip-pool-huawei]network 192.168.1.0 mask 24
[Huawei-ip-pool-huawei]gateway-list 192.168.1.254
[Huawei-ip-pool-huawei]dns-list 8.8.8.8 114.114.114.114
[Huawei-ip-pool-huawei]lease day 3
[Huawei-ip-pool-huawei]int g0/0/1
[Huawei-GigabitEthernet0/0/1]ip address 192.168.1.254 24
[Huawei-GigabitEthernet0/0/1]dhcp select global
HTTP协议
HTTP(Hypertext Transfer Protocol,超文本传输协议):客户端浏览器或其他程序与Web服务器之间的应用层通信协议。
HTTP是典型的C/S构架应用,作为应用层协议使用TCP进行传输。
DNS协议
负责将域名解析到IP地址的协议为DNS(Domain Name System,域名解析系统)。
DNS查询方式
NTP协议
网络时间协议NTP(Network Time Protocol)是TCP/IP协议族里面的一个应用层协议。NTP用于在一系列分布式时间服务器与客户端之间同步时钟。NTP的实现基于IP和UDP。NTP报文通过UDP传输,端口号是123。
NTP网络结构
WLAN概述
基本的WLAN组网架构
敏捷分布式AP架构
有线侧组网概念:CAPWAP协议
AC通过CAPWAP隧道来实现对AP的集中管理和控制。
CAPWAP隧道:①控制数据传输;②用户数据传输。
有线侧组网概念:AC连接方式
无线侧组网概念:无线电磁波
无线侧组网概念:BSS/SSID/BSSID
BSS:无线信号的覆盖范围
BSSID:发出BSS这个覆盖范围信号的设备,用AP的MAC地址标识
SSID:无线信号名字
无线侧组网概念:VAP
无线侧组网概念:ESS
WLAN工作流程概述
AP上线
AP获取IP地址
AP获取IP地址:DHCP方式
CAPWAP隧道建立
AP动态发现AC
建立CAPWAP隧道
AP接入控制
AP的版本升级
CAPWAP隧道维持
AP上线总结
WLAN业务配置下发
配置射频
配置VAP
STA接入
WLAN业务数据转发
数据转发方式
WLAN工作原理
AP上线
-
AP获取IP地址;
静态/DHCP
DHCP服务器:服务器/核心交换机/路由器/AC
保证ap--DHCP server网络能通
配置:①配置DHCP服务器(接口地址池/全局地址池);
②配置AP---DHCP server中间网络能通,保证ap能够获取到地址
注意:ap--交换机的接口,一定要保证端口pvid是管理vlan的vlan id
-
AP发现AC并与之建立CAPWAP隧道;
在AC上需要指明,哪个接口和ap建立capwap隧道
[AC2]capwap source ?
interface Interface
ip-address IP address
[AC2]capwap source interface Vlanif 10
或者
[AC2]capwap source ip-address 10.1.10.254
-
AP接入控制;
三种认证方式:不认证/MAC认证/SN认证
①配置国家码
[AC2]wlan
[AC2-wlan-view] regulatory-domain-profile name **
[AC2-wlan-regulate-domain-default]country-code CN
②ap-group组
[AC2-wlan-view]ap-group name anyang
[AC2-wlan-ap-group-anyang]regulatory-domain-profile **
Warning: Modifying the country code will clear channel, power and antenna gain configurations of the radio and reset the AP. Continue?[Y/N]:y
[AC2-wlan-ap-group-anyang]
③ap认证
[AC2-wlan-view]ap auth-mode ?
mac-auth MAC authenticated mode, default authenticated mode
no-auth No authenticated mode
sn-auth SN authenticated mode
[AC2-wlan-view]ap auth-mode mac-auth
[AC2-wlan-view] ap-id 0 ap-mac 00e0-fccb-4d80 设置ap的MAC地址
[AC2-wlan-ap-0]ap-name AP1 更改AP名字
[AC2-wlan-ap-0]ap-group anyang
-
AP版本升级;
选做
-
CAPWAP隧道维持。
自动维护
配置下发
SSID:
[AC2-wlan-view]ssid-profile name stu
[AC2-wlan-ssid-prof-stu]ssid stu
安全模板:
[AC2-wlan-view]security-profile name sec
[AC2-wlan-sec-prof-sec]security wpa-wpa2 psk pass-phrase Test$910 aes
VAP模板:
[AC2-wlan-view]vap-profile na stu
[AC2-wlan-vap-prof-stu]ssid-profile stu
[AC2-wlan-vap-prof-stu]security-profile sec
[AC2-wlan-vap-prof-stu]service-vlan vlan-id 20
[AC2-wlan-vap-prof-stu]forward-mode ?
direct-forward Direct forward 默认就是直接转发
tunnel Tunnel
[AC2-wlan-vap-prof-stu]forward-mode direct-forward
ap-group中绑定vap模板:
[AC2-wlan-view]ap-group na anyang
[AC2-wlan-ap-group-anyang]vap-profile stu wlan 1 radio ?
INTEGER<0-2> Radio ID
all All
[AC2-wlan-ap-group-anyang]vap-profile stu wlan 1 radio all
Info: This operation may take a few seconds, please wait...done.
终端接入
配置命令
配置AP上线
配置射频
配置VAP
实验
直挂式二层组网
LSW1配置
Huawei>
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]un in en
Info: Information center is disabled.
[Huawei]sys LSW1
[LSW1]vlan 10
Info: This operation may take a few seconds. Please wait for a moment...done.
[LSW1]int g0/0/2
[LSW1-GigabitEthernet0/0/2]po li tr
[LSW1-GigabitEthernet0/0/2]po tr al vlan 10
[LSW1-GigabitEthernet0/0/2]po tr pvid vlan 10
[LSW1-GigabitEthernet0/0/2]int g0/0/1
[LSW1-GigabitEthernet0/0/1]po li tr
[LSW1-GigabitEthernet0/0/1]po tr al vlan 10
[LSW1-GigabitEthernet0/0/1]q
LSW2配置
<Huawei>
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys LSW2
[LSW2]un in en
Info: Information center is disabled.
[LSW2]vlan 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[LSW2]int g0/0/2
[LSW2-GigabitEthernet0/0/2]po li tr
[LSW2-GigabitEthernet0/0/2]po tr al vl 20
[LSW2-GigabitEthernet0/0/2]q
[LSW2]int vlanif 20
[LSW2-Vlanif20]ip add 10.23.20.2 24
AC配置
<AC6605>sys
Enter system view, return user view with Ctrl+Z.
[AC6605]sys AC1
[AC1]vlan b 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[AC1]int g0/0/1
[AC1-GigabitEthernet0/0/1]port li tr
[AC1-GigabitEthernet0/0/1]po tr al vl 10
[AC1-GigabitEthernet0/0/1]int g0/0/2
[AC1-GigabitEthernet0/0/2]port li tr
[AC1-GigabitEthernet0/0/2]po tr al vl 20
[AC1-GigabitEthernet0/0/2]q
[AC1]dhcp enable
Info: The operation may take a few seconds. Please wait for a moment.done.
[AC1]int vlan10
[AC1-Vlanif10]ip add 10.23.10.1 24
[AC1-Vlanif10]dhcp select interface
[AC1-Vlanif10]int vlanif 20
[AC1-Vlanif20]ip add 10.23.20.1 24
[AC1-Vlanif20]dhcp select interface
[AC1-Vlanif20]dhcp server excluded-ip-address 10.23.20.2
[AC1-Vlanif20]q
[AC1]ip route-static 0.0.0.0 0 10.23.20.2
[AC1]wlan
[AC1-wlan-view]ap-group name huawei
Info: This operation may take a few seconds. Please wait for a moment.done.
[AC1-wlan-ap-group-huawei]q
[AC1-wlan-view]regulatory-domain-profile name default
[AC1-wlan-regulate-domain-default]country-code cn
Info: The current country code is same with the input country code.
[AC1-wlan-regulate-domain-default]q
[AC1-wlan-view]ap-group name huawei
[AC1-wlan-ap-group-huawei]regulatory-domain-profile default
Warning: Modifying the country code will clear channel, power and antenna gain c
onfigurations of the radio and reset the AP. Continue?[Y/N]:y
[AC1-wlan-ap-group-huawei]q
[AC1-wlan-view]q
[AC1]capwap source interface vlanif 10
[AC1]wlan
[AC1-wlan-view]ap auth-mode mac-auth
[AC1-wlan-view]ap-id 0 ap-mac 00e0-fc4e-1450
[AC1-wlan-ap-0]ap-name AP1
[AC1-wlan-ap-0]ap-group huawei
Warning: This operation may cause AP reset. If the country code changes, it will
clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y
Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC1-wlan-ap-0]q
[AC1-wlan-view]dis ap all
Info: This operation may take a few seconds. Please wait for a moment.done.
Total AP information:
fault: fault [1]
ID MAC Name Group IP Type State STA Uptime
0 00e0-fc4e-1450 AP1 huawei - AP3030DN fault 0 -
Total: 1
[AC1-wlan-view]security-profile name ayit
[AC1-wlan-sec-prof-ayit]security wpa-wpa2 psk pass-phrase huawei@123 aes
[AC1-wlan-sec-prof-ayit]q
[AC1-wlan-view]ssid-profile name ayit
[AC1-wlan-ssid-prof-ayit]ssid ayit
Info: This operation may take a few seconds, please wait.done.
[AC1-wlan-ssid-prof-ayit]q
[AC1-wlan-view]vap-profile name ayit
[AC1-wlan-vap-prof-ayit]forward-mode tunnel
Info: This operation may take a few seconds, please wait.done.
[AC1-wlan-vap-prof-ayit]service-vlan vlan-id 20
Info: This operation may take a few seconds, please wait.done.
[AC1-wlan-vap-prof-ayit]security-profile ayit
Info: This operation may take a few seconds, please wait.done.
[AC1-wlan-vap-prof-ayit]q
[AC1-wlan-view]ap-group name huawei
[AC1-wlan-ap-group-huawei]vap-profile ayit wlan 1 radio 0
Info: This operation may take a few seconds, please wait...done.
[AC1-wlan-ap-group-huawei]vap-profile ayit wlan 1 radio 1
Info: This operation may take a few seconds, please wait...done.
[AC1-wlan-ap-group-huawei]q
旁挂式二层组网
LSW1配置
<Huawei>
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys LSW1
[LSW1]vlan b 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[LSW1]int g0/0/1
[LSW1-GigabitEthernet0/0/1]port link-type trunk
[LSW1-GigabitEthernet0/0/1]port trunk allow-pass vlan 10 20
[LSW1-GigabitEthernet0/0/1]q
[LSW1]int g0/0/2
[LSW1-GigabitEthernet0/0/2]port link-type trunk
[LSW1-GigabitEthernet0/0/2]port trunk allow-pass vlan 10
[LSW1-GigabitEthernet0/0/2]q
[LSW1]dhcp enable
Info: The operation may take a few seconds. Please wait for a moment.done.
[LSW1]int vlanif 20
[LSW1-Vlanif20]ip add
[LSW1-Vlanif20]ip address 10.23.20.1 24
[LSW1-Vlanif20]dhcp select interface
[LSW1-Vlanif20]q
LSW2配置
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys LSW2
[LSW2]vlan batch 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[LSW2]interface GigabitEthernet0/0/2
[LSW2-GigabitEthernet0/0/2] port link-type trunk
[LSW2-GigabitEthernet0/0/2] port trunk allow-pass vlan 10
[LSW2-GigabitEthernet0/0/2]interface GigabitEthernet0/0/1
[LSW2-GigabitEthernet0/0/1]port link-type trunk
[LSW2-GigabitEthernet0/0/1]port trunk pvid vlan 10
[LSW2-GigabitEthernet0/0/1]port trunk allow-pass vlan 10
[LSW2]dis mac-address
MAC address table of slot 0:
MAC Address VLAN/ PEVLAN CEVLAN Port Type LSP/LSR-ID VSI/SI MAC-Tunnel
00e0-fc3d-7a00 10 - - GE0/0/1 dynamic 0/-
Total matching items on slot 0 displayed = 1
AC配置
[AC1]wlan
[AC1-wlan-view]ap-group name huawei
Info: This operation may take a few seconds. Please wait for a moment.done.
[AC1-wlan-ap-group-huawei]q
[AC1-wlan-view]regulatory-domain-profile name default
[AC1-wlan-regulate-domain-default]country-code cn
Info: The current country code is same with the input country code.
[AC1-wlan-regulate-domain-default]q
[AC1-wlan-view]ap-group name huawei
[AC1-wlan-ap-group-huawei]regulatory-domain-profile default
Warning: Modifying the country code will clear channel, power and antenna gain c
onfigurations of the radio and reset the AP. Continue?[Y/N]:y
[AC1-wlan-ap-group-huawei]q
[AC1-wlan-view]q
[AC1]capwap source interface vlanif 10
[AC1]wlan
[AC1-wlan-view]ap auth-mode mac-auth
[AC1-wlan-view]ap-id 0 ap-mac 00e0-fc3d-7a00
[AC1-wlan-ap-0]ap-name AP1
[AC1-wlan-ap-0]ap-group huawei
Warning: This operation may cause AP reset. If the country code changes, it will
clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y
Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC1-wlan-ap-0]q
[AC1-wlan-view]security-profile name ayit
[AC1-wlan-sec-prof-ayit]security wpa-wpa2 psk pass-phrase huawei@123 aes
[AC1-wlan-sec-prof-ayit]q
[AC1-wlan-view]ssid-profile name ayit
[AC1-wlan-ssid-prof-ayit]ssid ayit
Info: This operation may take a few seconds, please wait.done.
[AC1-wlan-ssid-prof-ayit]q
[AC1-wlan-view]vap-profile name ayit
[AC1-wlan-vap-prof-ayit]forward-mode tunnel
Info: This operation may take a few seconds, please wait.done.
[AC1-wlan-vap-prof-ayit]service-vlan vlan-id 20
Info: This operation may take a few seconds, please wait.done.
[AC1-wlan-vap-prof-ayit]security-profile ayit
Info: This operation may take a few seconds, please wait.done.
[AC1-wlan-vap-prof-ayit]ssid-profile ayit
Info: This operation may take a few seconds, please wait.done.
[AC1-wlan-vap-prof-ayit]q
[AC1-wlan-view]ap-group name huawei
[AC1-wlan-ap-group-huawei]vap-profile ayit wlan 1 radio 0
Info: This operation may take a few seconds, please wait...done.
[AC1-wlan-ap-group-huawei]vap-profile ayit wlan 1 radio 1
Info: This operation may take a few seconds, please wait...done.
[AC1-wlan-ap-group-huawei]q
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
