二层架构(Spine集中式双活+Leaf M-LAG)
Spine1配置 | 配置说明 | Spine2配置 |
system-view immediately | 进入系统视图并设置立即生效模式 | system-view immediately |
sysname Spine1 | Spine设备命名 | sysname Spine2 |
# | # | |
#配置METH口 | #配置METH口 | |
interface Meth0/0/0 | interface Meth0/0/0 | |
ip address 192.108.39.11 24 | 带外管理CE交换机IP地址 | ip address 192.108.39.12 24 |
# | # | |
#配置设备维护管理用户名和密码 | #配置设备维护管理用户名和密码 | |
user-interface con 0 | 配置设备Console密码,必配,安全考虑 | user-interface con 0 |
authentication-mode password | authentication-mode password | |
set authentication password cipher Huawei@123 | set authentication password cipher Huawei@123 | |
# | # | |
user-interface maximum-vty 21 | 配置VTY用户界面最大数目为21个 | user-interface maximum-vty 21 |
user-interface vty 0 20 | user-interface vty 0 20 | |
authentication-mode aaa | 认证模式为aaa | authentication-mode aaa |
user privilege level 3 | 用户级别是3 | user privilege level 3 |
protocol inbound ssh | 指定接入协议为SSH,安全性更高 | protocol inbound ssh |
# | # | |
stelnet server enable | stelnet server enable | |
# | # | |
aaa | 进入aaa视图 | aaa |
local-user huawei password irreversible-cipher Admin@123 | 配置本地用户名huawei,密码是Admin@123,用于日常登陆维护设备 | local-user huawei password irreversible-cipher Admin@123 |
local-user huawei service-type ssh | 指定接入协议类型为SSH | local-user huawei service-type ssh |
local-user huawei level 3 | 设置huawei用户名的用户级别 | local-user huawei level 3 |
# | # | |
ssh user huawei | ssh user huawei | |
ssh user huawei authentication-type password | ssh user huawei authentication-type password | |
ssh user huawei service-type stelnet | ssh user huawei service-type stelnet | |
# | # |
#配置网络设备与AC对接的参数 SNMP | #配置网络设备与AC对接的参数 SNMP | |
snmp-agent sys-info version v3 | SNMP使用V3版本 | snmp-agent sys-info version v3 |
snmp-agent mib-view included iso-view iso | 配置mib-view视图 | snmp-agent mib-view included iso-view iso |
snmp-agent mib-view included nt iso | snmp-agent mib-view included nt iso | |
snmp-agent mib-view included rd iso | snmp-agent mib-view included rd iso | |
snmp-agent mib-view included wt iso | snmp-agent mib-view included wt iso | |
snmp-agent group v3 dc-admin privacy read-view rd write-view wt notify-view nt | 配置SNMP用户组,并将该MIB视图添加到用户组的属性中,使具备读、写、告警上报功能 | snmp-agent group v3 dc-admin privacy read-view rd write-view wt notify-view nt |
snmp-agent usm-user v3 Snmpv3mgr | 配置SNMP用户,用户名是Snmpv3mgr,专门用于与AC控制器对接 | snmp-agent usm-user v3 Snmpv3mgr |
snmp-agent usm-user v3 Snmpv3mgr group dc-admin | 指定用户对应的组名为dc-admin | snmp-agent usm-user v3 Snmpv3mgr group dc-admin |
snmp-agent usm-user v3 Snmpv3mgr authentication-mode sha | 配置认证方式为SHA | snmp-agent usm-user v3 Snmpv3mgr authentication-mode sha |
Huawei12#$ | 认证密码 | Huawei12#$ |
Huawei12#$ | Huawei12#$ | |
snmp-agent usm-user v3 Snmpv3mgr privacy-mode aes128 | 配置加密方式为AES128 | snmp-agent usm-user v3 Snmpv3mgr privacy-mode aes128 |
Huawei12#$ | 加密密码 | Huawei12#$ |
Huawei12#$ | Huawei12#$ | |
snmp-agent trap enable | 使能交换机发送Trap报文 | snmp-agent trap enable |
snmp-agent trap source loopback1 | 指定发送Trap的源接口,此接口为与Agile Controller-DCN对接的管理接口 | snmp-agent trap source loopback1 |
# | # | |
#配置网络设备与AC对接的参数Netconf | #配置网络设备与AC对接的参数Netconf | |
aaa | aaa | |
local-user netconf password irreversible-cipher Admin@123 | 添加一个Netconf的本地用户,用户名是netconf,密码是Admin@123,专门用于与AC控制器对接 | local-user netconf password irreversible-cipher Admin@123 |
local-user netconf service-type ssh | 配置netconf的接入类型,必须为SSH | local-user netconf service-type ssh |
local-user netconf level 3 |