233484603-HCNA-Entry-Lab
233484603-HCNA-Entry-Lab
Methods to get the E-learning privilege : submit Huawei Account and email being used for
Huawei Account registration to [email protected] .
2、 Training Material Download
Content: Huawei product training material and Huawei career certification training
material
Method:Logon http://learning.huawei.com/en and enter HuaWei Training/Classroom Training ,then
you can download training material in the specific training introduction page.
3、 Priority to participate in Huawei Online Open Class(LVC)
Content:The Huawei career certification training covering all ICT technical domains like
R&S, UC&C, Security, Storage and so on, which are conducted by Huawei
professional instructors
s:
eNSP (Enterprise Network Simulation Platform) is a graphical network simulation tool which is
developed by Huawei and free of charge. eNSP mainly simulates enterprise routers,
switches as close to the real hardware as it possible, which makes the lab practice
available and easy without any real device.
In addition, Huawei has built up Huawei Technical Forum which allows candidates to discuss
Learnin
g
Huawei experts , share exam experiences with others or be acquainted with Huawei
Products( http://support.huawei.com/ecommunity/)
Mo
HUAWEI TECHNOLOGIES CO., LTD. Huawei
Confidential
1
Huawei Certification
HCNA-HNTD
http://
learning.huawei.com/
ENTRY
Huawei Networking Technology and Device
Lab Guide
Resource
s:
Learnin
g
or
e
Huawei Technologies Co.,Ltd.
Copyright © Huawei Technologies Co., Ltd. 2013. All rights reserved.
http://
and other Huawei trademarks are trademarks of Huawei Technologies
Co., Ltd. All other trademarks and trade names mentioned in this document
learning.huawei.com/
the property of their respective holders.
Notice
ResourceHuawei Certification
Version 2.0
Learnin
g
or
e
Huawei Certification System
http://
quality engineers that are capable of supporting Enterprise networks in the
face of an ever changing ICT industry. The Huawei certification portfolio for
routing and switching (R&S) is comprised of three levels to support and
learning.huawei.com/
validate the growth and value of customer skills and knowledge in routing and
switching technologies.
Resource
communications products, and skills for versatile routing platform (VRP)
operation and management.
s:
The Huawei Certified Network Professional (HCNP-R&S (HCDP)) certification is
aimed at enterprise network engineers involved in design and maintenance,
as well as professionals who wish to develop an in depth knowledge of
routing, switching, network efficiency and optimization technologies. HCNP-
R&S consists of three units including Implement Enterprise Switch Network
(IESN), Implement Enterprise Routing Network (IERN), and Improving
Enterprise Network Performance (IENP), which includes advanced IPv4 routing
and switching technology principles, network security, high availability and
QoS, as well as application of the covered technologies in Huawei products.
Resource
s:
Learnin
g
or
e
Reference Icons
Router L3 Switch
http:// L2 Switch Cloud
learning.huawei.com/
Ethernet link Serial link
In order to ensure that that the configuration given in this lab is supported on
all devices, it is recommended that the following device models and VRP
versions be used:
Identifier
Resource
Device Model VRP version
or
S4 S3700-28TP-EI-AC Version 5.70 (S3700 V100R006C00SPC800)
e
http://
learning.huawei.com/
Resource
s:
Learnin
g
or
e
CONTENTS
http://
LAB 1-1 BUILDING BASIC IP NETWORKS.......................................................................................................1
Resource
CHAPTER 5 FTP AND DHCP........................................................................................................... 107
s:
LAB 5-1 CONFIGURING FTP SERVICES......................................................................................................107
Learnin
g
or
e
http://
learning.huawei.com/
Resource
s:
Learnin
g
or
e
HCNA-HNTD Chapter 1 Establishing Basic Networks with eNSP
Resource
s:
Learnin
g
or
e
Tasks
http://
Step 1 Initiate eNSP. learning.huawei.com/
This step introduces how to start and navigate the eNSP simulator application
for rapid development of TCP/IP knowledge and familiarity with network
operation. If eNSP is not available, please inform the course instructor
After launching eNSP, the following application user interface will be
presented. The left panel houses the icons that represent the various products
and devices that are supported within eNSP, while the central panel provides
lab examples for practice scenarios.
Resource
s:
Learnin
g
or
e
After launching eNSP, users should select the New operator in the top left
corner of the application window to begin a new lab session.
http://
Select the End Devce icon in the top left panel to reveal a list of end devices
that can be applied. Select the Laptop icon and drag it to the canvas, release
learning.huawei.com/
the icon to place it on the canvas.
Resource
s:
Learnin
The same action should be taken to position a second laptop on the canvas
or
e
The devices on the canvas represent simulated end systems that can be used
to emulate real world operations.
Select the connections icon from the upper left panel to reveal a list of media
http://
that can be applied to the topology. Select the copper (Ethernet) medium from
the list. Once the icon has been clicked, the cursor will represent a connector
learning.huawei.com/
to show the current role of the cursor as a connector. Click on the client
device to reveal a list of port interfaces supported by the simulated device. For
the client click the option for Ethernet 0/0/1 to apply the connection.
Resource
s:
Learnin
g Once this has been achieved, click on the peering device to apply the
opposite end of the medium to the end system. Again select the interface
Ethernet 0/0/1 to establish the medium between the two devices and
or complete the construction of a peer-to-peer topology.
http://
Select the end system and use the right click option to display a properties
menu. The settings option should be selected in order to display the current
learning.huawei.com/
system settings for the end system devices.
Resource
s:
Learnin
g
or
e
The settings option in the properties window reveals a set of four tabs for
establishment of basic configuration, the device command line interface,
multcast traffic generator configuration, and UDP packet generator
configuration.
Resource
s:
Learnin
g
or The same process is required for CLIENT2. It is recommended that initially the
IP address 192.168.1.2 be configured, with a subnet mask of 255.255.255.0.
e The basic configuration enables peer-to-peer communication to be supported
between the two end systems.
The devices can be activated using one of two methods. The first involves
using the right click option to open the properties menu and select start for the
individual icons. The alternative involves dragging the cursor over the icons
(as shown) to highlight multiple devices and using the right click settings
http://
option start multiple devices simultaneously.
learning.huawei.com/
Resource
s:
Once the devices are online and active, it is common to notice a change in the
Learnin
status of the connectors through a switch in the colour of the red dot on the
medium to green, highlighting that the status of the connectors is now up.
g
or
e
Once the devices within the network topology are operational, it is possible to
begin to monitor the flow of traffic that is carried over the medium and the
interfaces via which the devices have established a physical peering.
http://
Select the device to for whose interface is to be monitored and use the right
click option to display the settings menu. Highlight the capture data option to
learning.huawei.com/
reveal a list of interfaces that belong to the device and are available for
observation by the packet capture tool. Select the interface from the list that is
to be monitored.
Resource
s:
Learnin
g
The selection of an interface will result in the activation of the Wireshark
packet capture tool for the selected interface. If additional interfaces are to be
or monitored, separate instances of the same packet capture tool will be
activated.
e
Depending on the devices being monitored, the packet capture tool may or
may not begin to generate packet capture results for all traffic that passes
through the selected interface. In the case of the peer-to-peer relationship, it
will be necessary to generate some traffic.
Resource
s:
Learnin
g
or The generation of traffic will be confirmed by the resulting output in which
case the number of packets transmitted are shown to also be received.
e
Following the generation of traffic, the resulting traffic flow shall be captured
by the packet capture tool and can be used for observation of the behavior of
protocols within the IP network along with details of the various layers as
referenced in the OSI reference model.
Resource
s:
The Wireshark application contains many functions for management of the
packet capture process. One of the more common functions includes the filter
function to isolate the packet capture display to a select group of packets or
protocols. This can be achieved using the filter field below the menu bar. The
simplest filter method involves entering the protocol name (in lower case) and
Learnin
pressing Enter. In the given example packets for two protocols have been
captured, entering either icmp, or arp into the filter window will result in only
g the protocol entered in the filter field being displayed in the output.
The packet capture tool consists of three panels, to show the list of packets, a
breakdown of the content of each packet and finally display the equivalent
data format of the packet. The breakdown is invaluable for understanding the
or format of protocol packets and displays the details for protocols as referenced
at each layer of the OSI reference model.
e
Topology
Resource
s:
Learnin Figure 2.1 Lab topology for basic VRP navigation and operation.
g Scenario
A company has purchased two AR G3 routers that require commissioning
or before they can be used in the enterprise network. Items to be commissioned
include setting device names, the system time, and password management.
e
Tasks
Run the display version command to view the software version and hardware
information for the system. http://
<Huawei>display version
Huawei Versatile Routing Platform Softwarelearning.huawei.com/
VRP (R) software, Version 5.120 (AR2200 V200R003C00SPC200)
Copyright (C) 2011-2013 HUAWEI TECH CO., LTD
Huawei AR2220 Router uptime is 0 week, 3 days, 21 hours, 43 minutes
BKP 0 version information:
......output omitted......
The command output includes the VRP operating system version, device
model, and startup time.
The system automatically saves the time. If the time is incorrect, run the clock
timezone and clock datetime commands in the user view to change the
system time.
Resource
<Huawei>clock timezone Local add 08:00:00
s:
<Huawei>clock datetime 12:00:00 2013-09-15
The keyword Local can be exchanged with the current regional timezone name,
and add replaced with minus where the timezone is west of UTC+0.
Learnin
Run the display clock command to check that the new system time has taken
effect.
g <Huawei>display clock
2013-09-15 12:00:21
Sunday
The question mark (?) is a wildcard, and the Tab is used as a shortcut to
enter commands.
<Huawei>display ?
Cellular
aaa http://
Cellular interface
AAA
access-user
accounting-scheme
learning.huawei.com/
User access
Accounting scheme
acl <Group> acl command group
actual Current actual
adp-ipv4 Ipv4 information
adp-mpls Adp-mpls module
alarm Alarm
antenna Current antenna that outputting radio
anti-attack Specify anti-attack configurations
ap <Group> ap command group
ap-auth-mode Display AP authentication mode
......output omit......
To display all the commands that start with a specific letter or string of letters,
enter the desired letters and the question mark (?). The system displays all
the commands that start with the letters entered. For example, if the string
Resource
dis? is entered, the system displays all the commands that start with dis.
s:
If a space exists between the character string and the question mark (?), the
system will identify the command corresponding to the string and display the
parameters of the command. For example, if the string display ? is entered,
the system will display the parameters associated with the display command.
If multiple commands start with the same string (e.g. di ?), the system will
Learnin
display an ambiguity error.
g
The Tab key can also be pressed to complete a command. For example, if
dis is entered followed by Tab, the system completes the display command.
If multiple commands start with dis, the appropriate command can be
selected.
or If there are no other commands starting with the same letters, dis or disp can
e
be entered to indicate display, and int or inter to indicate interface.
http://
Enter system view, return user view with Ctrl+Z.
[Huawei]
learning.huawei.com/
Step 5 Change device names.
To more easily identify devices, set device names during the device
configuration. Change device names based on the lab topology, as shown
below:
Change the name of the R1 router to R1.
[Huawei]sysname R1
[R1]
[Huawei]sysname R3
[R3]
Resource
Step 6 Configure the login information.
s:
Configure the login information to indicate the login result.
[R1]header shell information "Welcome to the Huawei certification lab."
Learnin
Run the preceding command to configure the login information. To check
g whether the login information has been changed, exit from the router
command line interface, and log back in to view the login information.
[R1]quit
or <R1>quit
The console port by default does not have a login password. Users must
configure a password for the console port before logging in to the device.
The password can be changed in the password authentication mode to
huawei in plain text.
http://
learning.huawei.com/
If there is no activity on the console port for the period of time specified by the
timeout interval, the system will automatically log out the user. When this
occurs, log in to the system again using the configured password.
The default timeout interval is set to 10 minutes. If a 10 minutes idle period is
not a reasonable amount of time for the timeout interval, change the timeout
interval to a more suitable duration, here this is set to 20 minutes.
[R1]user-interface console 0
[R1-ui-console0]authentication-mode password
[R1-ui-console0]set authentication password cipher huawei
[R1-ui-console0]idle-timeout 20 0
Resource
user-interface con 0
authentication-mode password
s:
set authentication password cipher %$%$fIn'6>NZ6*~as(#J:WU%,#72Uy8cVlN^NXkT51E
^RX;>#75,%$%$
idle-timeout 20 0
Log out of the system and log back in, using the password set. It should be
Learnin
noted that this password is required to be set when the router is first
g
initialized.
[R1-ui-console0]return
<R1>quit
Configure an IP address for the Gigabit Ethernet 0/0/0 interface of R1. The
subnet mask can be configured using a dotted decimal format (255.255.255.0),
or based on the subnet mask prefix length.
[R1]interface GigabitEthernet 0/0/0
http://
[R1-GigabitEthernet0/0/0]ip address 10.0.13.1 24
learning.huawei.com/
[R1-GigabitEthernet0/0/0]description This interface connects to R3-G0/0/0
Run the display this command to check the configuration results at the
current interface view.
[R1-GigabitEthernet0/0/0]display this
[V200R003C00SPC200]
#
interface GigabitEthernet0/0/0
description This interface connects to R3-G0/0/0
ip address 10.0.13.1 255.255.255.0
#
Return
Resource
GigabitEthernet0/0/0 current state : UP
Line protocol current state : UP
s:
Last line protocol up time : 2013-10-08 04:13:09
Description:This interface connects to R3-G0/0/0
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 10.0.13.1/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 5489-9876-
Learnin
830b Last physical up time
Last physical down time :
: 2013-10-08 03:24:01
2013-10-08 03:25:29
or
Duplex: FULL, Negotiation: ENABLE
Mdi : AUTO
e
Last 300 seconds input rate 2296 bits/sec, 1 packets/sec
Last 300 seconds output rate 88 bits/sec, 0 packets/sec
Input peak rate 7392 bits/sec,Record time: 2013-10-08 04:08:41
Output peak rate 1120 bits/sec,Record time: 2013-10-08 03:27:56
http://
Runts: 0, Symbols: 0
Ignoreds: 0, Frames: 0
learning.huawei.com/
O utput: 181 packets, 63244 bytes
Unicast: 0, Multicast: 0
Broadcast: 181, Jumbo: 0
Discard: 0, Total Error: 0
Collisions: 0, ExcessiveCollisions: 0
Late Collisions: 0, Deferreds: 0
Input bandwidth utilization threshold : 100.00%
Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0.01%
Output bandwidth utilization : 0%
The command output shows that the physical status and protocol status of the
interface are UP, and the corresponding physical layer and data link layer are
functional.
Once the status has been verified, configure the IP address and description
for the interface of R3.
Resource
[R3]interface GigabitEthernet 0/0/0
s:
[R3-GigabitEthernet0/0/0]ip address 10.0.13.3 255.255.255.0
[R3-GigabitEthernet0/0/0]description This interface connects to R1-G0/0/0
After completing the configuration, run the ping command to test the
connection between R1 and R3.
Learnin
<R1>ping 10.0.13.3
PING 10.0.13.3: 56 data bytes, press CTRL_C to break
g
Reply from 10.0.13.3: bytes=56 Sequence=1 ttl=255 time=35 ms
Reply from 10.0.13.3: bytes=56 Sequence=2 ttl=255 time=32 ms
Reply from 10.0.13.3: bytes=56 Sequence=3 ttl=255 time=32 ms
Reply from 10.0.13.3: bytes=56 Sequence=4 ttl=255 time=32 ms
e 5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 32/32/35 ms
Run the dir command in the user view to display the list of files in the current
directory.
<R1>dir
Directory of sd1:/
http://
Idx
0
Attr Size(Byte) Date
-rw- 1,738,816
learning.huawei.com/
Time(LMT)
Mar 14 2013 11:50:24
FileName
web.zip
1 -rw- 68,288,896 Mar 14 2013 14:17:58 ar2220-v200r003c00spc200.cc
2 -rw- 739 Mar 14 2013 16:01:17 vrpcfg.zip
1,927,476 KB total (1,856,548 KB free)
<R3>dir
Directory of sd1:/
Step 10 Resource
Manage device configuration files.
s:
Attempt to display the saved-configuration file.
<R1>display saved-configuration
There is no correct configuration file in FLASH
Learnin
Since no save-configuration file exists, save the current configuration file.
g <R1>save
The current configuration will be written to the device.
Are you sure to continue? (y/n)[n]:y
e Note: The configuration file will take effect after being activated
Run the following command again to view the saved configuration information:
<R1>display saved-configuration
[V200R003C00SPC200]
#
sysname R1
header shell information "Welcome to Huawei certification lab"
#
board add 0/1 1SA
http://
board add 0/2 1SA
……output omit……
learning.huawei.com/
Run the following command to view the current configuration information:
<R1>display current-configuration
[V200R003C00SPC200]
#
sysname R1
header shell information "Welcome to Huawei certification lab"
#
board add 0/1 1SA
board add 0/2 1SA
board add 0/3 2FE
……output omit……
A router can store multiple configuration files. Run the following command to
Resource
view the configuration file to currently be used after the next startup:
<R3>display startup
MainBoard:
s:
Startup system software: sd1:/ar2220-v200r003c00spc200.cc
Next startup system software: sd1:/ar2220-v200r003c00spc200.cc
Backup system software for next startup: null
Startup saved-configuration file: null
g
Startup license file: null
Next startup license file: null
Startup patch package: null
Next startup patch package: null
or Startup voice-files:
Next startup voice-files:
null
null
<R3>reset saved-configuration
http://
This will delete the configuration in the flash memory.
The device configurations will be erased to reconfigure.
learning.huawei.com/
Are you sure? (y/n)[n]:y
Clear the configuration in the device successfully.
<R3>reboot
Info: The system is now comparing the configuration, please wait.
Resource
Warning: All the configuration will be saved to the next startup configuration.
Continue ? [y/n]:n
s:
System will reboot! Continue ? [y/n]:y
g Final Configuration
[R1]display current-configuration
or [V200R003C00SPC200]
#
e sysname R1
header shell information "Welcome to Huawei certification lab"
#
interface GigabitEthernet0/0/0
http://
cipher %$%$4D0K*-E"t/I7[{HD~kgW,%dgkQQ!&|;XTDq9SFQJ.27M%dj,%$%$
idle-timeout 20 0
learning.huawei.com/
#
return
[R3]dispay current-configuration
[V200R003C00SPC200]
#
sysname R3
#
interface GigabitEthernet0/0/0
description This interface connect to R1-G0/0/0
ip address 10.0.13.3 255.255.255.0
#
user-interface con 0
authentication-mode password
set authentication password
cipher %$%$M8\HO3:72:ERQ8JLoHU8,%t+lE:$9=a7"8%yMoARB]$B%t.,%$%$
Resource
user-interface vty 0 4
#
return
s:
Learnin
g
or
e
Topology
Resource
s:
Figure 3.1 STP topology
Learnin
Scenario
e
convergence.
Tasks
learning.huawei.com/
0/0/23 on S3, as well as Ethernet 0/0/14 and Ethernet 0/0/24 on S4 before
starting STP configuration. Ensure that the devices start without any
configuration files. If STP is disabled, run the stp enable command to enable
STP.
<Quidway>system-view
[Quidway]sysname R3
[R3]interface Ethernet 0/0/1
[R3-Ethernet0/0/1]shutdown
[R3-Ethernet0/0/1]quit
[R3]interface Ethernet 0/0/13
[R3-Ethernet0/0/13]shutdown
[R3-Ethernet0/0/13]quit
[R3]interface Ethernet 0/0/23
[R3-Ethernet0/0/23]shutdown
Resource
<Quidway>system-view
[Quidway]sysname S4
s:
[S4]inter Ethernet 0/0/14
[S4-Ethernet0/0/14]shutdown
[S4-Ethernet0/0/14]quit
[S4]interface Ethernet 0/0/24
[S4-Ethernet0/0/24]shutdown
Learnin
In the lab,S1 and S2 are connected through two links, and STP is used.
g
Enable STP on S1 and S2 and set S1 as the root.
<Quidway>system-view
Enter system view, return user view with Ctrl+Z.
or
[Quidway]sysname S1
[S1]stp mode stp
e
[S1]stp root primary
<Quidway>system-view
Enter system view, return user view with Ctrl+Z.
[Quidway]sysname S2
[S2]stp mode stp
[S2]stp root secondary
http://
Run the display stp brief command to view brief information about STP.
<S1>display stp brief
MSTID
0
Port
GigabitEthernet0/0/9
learning.huawei.com/
Role
DESI
STP State
FORWARDING
Protection
NONE
0 GigabitEthernet0/0/10 DESI FORWARDING NONE
Run the display stp interface command to view the STP status of a port.
s:
Port Priority
Port Cost(Dot1T )
128
:Config=auto / Active=20000
Designated Bridge/Port :0.4c1f-cc45-aace / 128.10
Port Edged :Config=default / Active=disabled
Point-to-point :Config=auto / Active=true
Learnin
Transit Limit
Protection Type
:147 packets/hello-time
:None
or TC or TCN send
TC or TCN received
17
33
http://
Designated Bridge/Port :0.4c1f-cc45-aace / 128.10
Port Edged :Config=default / Active=disabled
learning.huawei.com/
Point-to-point :Config=auto / Active=true
Transit Limit :147 packets/hello-time
Protection Type :None
Port STP Mode :STP
Port Protocol Type :Config=auto / Active=dot1s
BPDU Encapsulation :Config=stp / Active=stp
PortTimes :Hello 2s MaxAge 20s FwDly 15s RemHop 0
TC or TCN send 17
TC or TCN received 17
BPDU Sent 35
TCN: 0, Config: 35, RST: 0, MST: 0
BPDU Received 158
TCN: 0, Config: 158, RST: 0, MST: 0
Resource
Run the display stp command to view information about the root bridge.
s:
<S1>display stp
-------[CIST Global Info][Mode STP]-------
CIST Bridge :0 .4c1f-cc45-aace
Bridge Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
CIST Root/ERPC :0 .4c1f-cc45-aace / 0
Learnin
CIST RegRoot/IRPC
CIST RootPortId
:0
:0.0
.4c1f-cc45-aace / 0
g BPDU-Protection
CIST Root Type
:Disabled
:Primary root
TC or TCN received 108
or
TC count per hello 0
STP Converge Mode :Normal
e
Share region-configuration :Enabled
Time since last TC :0 days 0h:9m:23s
……output omit……
<S2>display stp
-------[CIST Global Info][Mode STP]-------
CIST Bridge :4096 .4c1f-cc45-aacc
Bridge Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
CIST Root/ERPC :0 .4c1f-cc45-aace / 20000
CIST RegRoot/IRPC :4096 .4c1f-cc45-aacc / 0
http://
CIST RootPortId :128.9
BPDU-Protection :Disabled
learning.huawei.com/
CIST Root Type :Secondary root
TC or TCN received :55
TC count per hello :0
STP Converge Mode :Normal
Share region-configuration :Enabled
Time since last TC :0 days 0h:9m:30s
……output omit……
Configure S1 as the root bridge and S2 as the backup root bridge using
priority values. The device with the same value for the CIST Bridge and CIST
Root/ERPC is the root bridge. A smaller bridge priority value indicates a
higher bridge priority. Change the priorities of S1 and S2 to 8192 and 4096
respectively so that S2 becomes the root bridge.
[S1]undo stp root
[S1]stp priority 8192
Resource
[S2]undo stp root
[S2]stp priority 4096
s:
Run the display stp command to view information about the new root bridge.
<S1>display stp
-------[CIST Global Info][Mode STP]-------
CIST Bridge :8192 .4c1f-cc45-aace
Learnin
Bridge Times :Hello 2s MaxAge 20s FwDly 15s 0
g
CIST Root/ERPC :4096 .4c1f-cc45-aacc / 20000
CIST RegRoot/IRPC :8192 .4c1f-cc45-aace / 0
CIST RootPortId :128.9
BPDU-Protection :Disabled
<S2>display stp
-------[CIST Global Info][Mode STP]-------
CIST Bridge :4096 .4c1f-cc45-aacc
Bridge Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
CIST Root/ERPC :4096 .4c1f-cc45-aacc / 0
CIST RegRoot/IRPC :4096 .4c1f-cc45-aacc / 0
http://
CIST RootPortId :0.0
BPDU-Protection :Disabled
learning.huawei.com/
TC or TCN received :55
TC count per hello :0
STP Converge Mode :Normal
Share region-configuration :Enabled
Time since last TC :0 days 0h:14m:7s
……output omit……
The highlighted lines in the preceding information indicate that S2 has become
the new root bridge.
Shut down interfaces Gigabit Ethernet 0/0/9 and Gigabit Ethernet 0/0/10 on S2
to isolate S2.
[S2]interface GigabitEthernet 0/0/9
[S2-GigabitEthernet0/0/9]shutdown
[S2-GigabitEthernet0/0/9]quit
[S2]interface GigabitEthernet 0/0/10
[S2-GigabitEthernet0/0/10]shutdown
Resource
[S1]display stp
s:
-------[CIST Global Info][Mode STP]-------
CIST Bridge :8192 .4c1f-cc45-aace
Bridge Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
CIST Root/ERPC :8192 .4c1f-cc45-aace / 0
CIST RegRoot/IRPC :8192 .4c1f-cc45-aace / 0
Learnin
CIST RootPortId :0.0
g
BPDU-Protection :Disabled
TC or TCN received :146
TC count per hello :0
STP Converge Mode :Normal
e ……output omit……
<S1>display stp
http://
CIST Bridge
learning.huawei.com/
-------[CIST Global Info][Mode STP]-------
:8192 .4c1f-cc45-aace
Bridge Times :Hello 2s MaxAge 20s FwDly 15s 0
CIST Root/ERPC :4096 .4c1f-cc45-aacc / 20000
CIST RegRoot/IRPC :8192 .4c1f-cc45-aace / 0
CIST RootPortId :128.9
BPDU-Protection :Disabled
TC or TCN received :143
TC count per hello :0
STP Converge Mode :Normal
Share region-configuration :Enabled
Time since last TC :0 days 0h:0m:27s
……output omitted……
<S2>display stp
-------[CIST Global Info][Mode STP]-------
CIST Bridge
Resource
Bridge Times
:4096 .4c1f-cc45-aacc
:Hello 2s MaxAge 20s FwDly 15s MaxHop 20
s:
CIST Root/ERPC
CIST RegRoot/IRPC
:4096 .4c1f-cc45-aacc / 0
:4096 .4c1f-cc45-aacc / 0
CIST RootPortId :0.0
BPDU-Protection :Disabled
TC or TCN received :55
Learnin
TC count per hello :0
STP Converge Mode :Normal
or The highlighted lines in the preceding information indicate that S2 has been
e restored and has become the root bridge once again.
Run the display stp brief command on S1 to view the roles of the interfaces.
<S1>display stp brief
MSTID Port Role STP State Protection
0
0
GigabitEthernet0/0/9
GigabitEthernet0/0/10 http://
ROOT
ALTE
FORWARDING
DISCARDING
NONE
NONE
learning.huawei.com/
The preceding information shows that G0/0/9 is the root port and G0/0/10 is
the alternate port. You can change port priorities so that port interface
G0/0/10 will become the root port and G0/0/9 will become the alternate port.
Change priorities of G0/0/9 and G0/0/10 on S2.
The default port priority is 128. A larger port priority value indicates a lower
priority. The priorities of G0/0/9 and G0/0/10 on S2 are set to 32 and 16;
therefore, G0/0/10 on S1 becomes the root port.
[S2]interface GigabitEthernet 0/0/9
[S2-GigabitEthernet0/0/9]stp port priority 32
[S2-GigabitEthernet0/0/9]quit
[S2]interface GigabitEthernet 0/0/10
[S2-GigabitEthernet0/0/10]stp port priority 16
Resource
Note that the port priorities are changed on S2, not S1.
<S2>display stp interface GigabitEthernet 0/0/9
Port Protocol
s:
----[CIST][Port9(GigabitEthernet0/0/9)][FORWARDING]----
:Enabled
Port Role :Designated Port
Port Priority :32
Port Cost(Dot1T ) :Config=auto / Active=20000
Learnin
Designated Bridge/Port
Port Edged
:4096.4c1f-cc45-aacc / 32.9
:Config=default / Active=disabled
g Point-to-point
Transit Limit
:Config=auto / Active=true
:147 packets/hello-time
Protection Type :None
or
Port STP Mode :STP
Port Protocol Type :Config=auto / Active=dot1s
http://
----[CIST][Port10(GigabitEthernet0/0/10)][FORWARDING]----
Port Protocol :Enabled
learning.huawei.com/
Port Role :Designated Port
Port Priority :16
Port Cost(Dot1T ) :Config=auto / Active=20000
Designated Bridge/Port :4096.4c1f-cc45-aacc / 16.10
Port Edged :Config=default / Active=disabled
Point-to-point :Config=auto / Active=true
Transit Limit :147 packets/hello-time
Protection Type :None
Port STP Mode :STP
Port Protocol Type :Config=auto / Active=dot1s
BPDU Encapsulation :Config=stp / Active=stp
PortTimes :Hello 2s MaxAge 20s FwDly 15s RemHop 20
TC or TCN send 35
TC or TCN received 1
BPDU Sent 183
TCN: 0, Config: 183, RST: 0, MST: 0
Resource
BPDU Received 2
TCN: 1, Config: 1, RST: 0, MST: 0
s:
Run the display stp brief command on S1 to view the role of the interfaces.
<S1>display stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/9 ALTE DISCARDING NONE
e [S1-GigabitEthernet0/0/10]shutdown
<S1>display stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/9 ROOT FORWARDING NONE
The highlighted line in the preceding information indicates that G0/0/9 has
become the root port. Resume the default priorities of G0/0/9 and G0/0/10 on
S2 and re-enable the shutdown interfaces on S1.
[S2]interface GigabitEthernet 0/0/9
[S2-GigabitEthernet0/0/9]undo stp port priority
[S2-GigabitEthernet0/0/9]quit
[S2]interface GigabitEthernet 0/0/10
http://
learning.huawei.com/
[S2-GigabitEthernet0/0/10]undo stp port priority
Run the display stp brief and display stp interface command on S1 to
view the roles of interfaces.
<S1>display stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/9 ROOT FORWARDING NONE
0 GigabitEthernet0/0/10 ALTE DISCARDING NONE
s:
Port Priority
Port Cost(Dot1T )
128
:Config=auto / Active=20000
Designated Bridge/Port :4096.4c1f-cc45-aacc / 128.9
Port Edged :Config=default / Active=disabled
Point-to-point :Config=auto / Active=true
Learnin
Transit Limit
Protection Type
:147 packets/hello-time
:None
or TC or TCN send 4
e
TC or TCN received 90
BPDU Sent 5
TCN: 4, Config: 1, RST: 0, MST: 0
BPDU Received 622
TCN: 0, Config: 622, RST: 0, MST: 0
http://
Port Cost(Dot1T ) :Config=auto / Active=20000
Designated Bridge/Port :4096.4c1f-cc45-aacc / 128.10
learning.huawei.com/
Port Edged :Config=default / Active=disabled
Point-to-point :Config=auto / Active=true
Transit Limit :147 packets/hello-time
Protection Type :None
Port STP Mode :STP
Port Protocol Type :Config=auto / Active=dot1s
BPDU Encapsulation :Config=stp / Active=stp
PortTimes :Hello 2s MaxAge 20s FwDly 15s RemHop 0
TC or TCN send 3
TC or TCN received 90
BPDU Sent 4
TCN: 3, Config: 1, RST: 0, MST: 0
BPDU Received 637
TCN: 0, Config: 637, RST: 0, MST: 0
The greyed line in the preceding information indicates that G0/0/9 and G0/0/10
Resource
cost is 20000 by default.
Change the cost of G0/0/9 to 200000 on S1.
s:
[S1]interface GigabitEthernet 0/0/9
[S1-GigabitEthernet0/0/9]stp cost 200000
Run the display stp brief and display stp interface command on S1 to view
Learnin
the roles of interfaces.
g
<S1>display stp interface GigabitEthernet 0/0/9
----[CIST][Port9(GigabitEthernet0/0/9)][DISCARDING]----
Port Protocol :Enabled
Port Role :Alternate Port
or Port Priority
Port Cost(Dot1T )
128
:Config=200000 / Active=200000
e Designated Bridge/Port
Port Edged
:4096.4c1f-cc45-aacc / 128.9
:Config=default / Active=disabled
Point-to-point :Config=auto / Active=true
Transit Limit :147 packets/hello-time
http://
TC or TCN received 108
BPDU Sent 5
learning.huawei.com/
TCN: 4, Config: 1, RST: 0, MST: 0
BPDU Received 818
TCN: 0, Config: 818, RST: 0, MST: 0
The highlighted lines in the preceding information indicates that G0/0/10 has
become the root port.
Final Configuration
<S1>display current-configuration
#
Resource
!Software Version V100R006C00SPC800
sysname S1
#
stp mode stp
s:
stp instance 0 priority 8192
#
interface GigabitEthernet0/0/9
Learnin
stp instance 0 cost 200000
g
#
interface GigabitEthernet0/0/10
#
user-interface con 0
or user-interface vty 0 4
#
e return
<S2>display current-configuration
#
http://
interface GigabitEthernet0/0/9
#
learning.huawei.com/
interface GigabitEthernet0/0/10
#
user-interface con 0
user-interface vty 0 4
#
return
<S3>display current-configuration
#
!Software Version V100R006C00SPC800
sysname S3
#
interface Ethernet0/0/1
shutdown
#
interface Ethernet0/0/13
Resource
shutdown
#
s:
interface Ethernet0/0/23
shutdown
#
user-interface con 0
user-interface vty 0 4
Learnin
#
return
g
<S4>display current-configuration
#
e #
interface Ethernet0/0/14
shutdown
#
interface Ethernet0/0/24
shutdown
#
user-interface con 0
user-interface vty 0 4
#
http://
return
learning.huawei.com/
Resource
s:
Learnin
g
or
e
Learning Objectives
As a result of this lab section, you should achieve the following tasks:
Enable and disable RSTP . http://
learning.huawei.com/
Configuration of an edge port.
Configuration of RSTP BPDU protection.
Configuration of RSTP loop protection
Topology
Scenario
Resource
Assume that you are a network administrator of a company. The company
s:
network consists of two layers: core layer and access layer. The network uses
a redundancy design. RSTP will be used to prevent loops. You can configure
features to speed up RSTP route convergence at the edge network and
configure RSTP protection function.
Learnin
Tasks
g
Step 1 Preparing the environment
or If you are starting this section with a non-configured device, begin here and
then move to step 3. For those continuing from previous labs, begin at step 2.
e Irrelevant interfaces must be disabled to ensure test result accuracy.
Shut down port interfaces Ethernet 0/0/1 on S3, Ethernet 0/0/13 and Ethernet
<Quidway>system-view
[Quidway]sysname R3
[R3]interface Ethernet 0/0/1
[R3-Ethernet0/0/1]shutdown
[R3-Ethernet0/0/1]quit
[R3]interface Ethernet 0/0/13
[R3-Ethernet0/0/13]shutdown
[R3-Ethernet0/0/13]quit
[R3]interface Ethernet 0/0/23
[R3-Ethernet0/0/23]shutdown
<Quidway>system-view
Resource
[Quidway]sysname S4
[S4]inter Ethernet 0/0/14
s:
[S4-Ethernet0/0/14]shutdown
[S4-Ethernet0/0/14]quit
[S4]interface Ethernet 0/0/24
[S4-Ethernet0/0/24]shutdown
Learnin
g Step 2 Clean up the previous configuration
Remove the configured STP priority from S1 and S2, and assigned cost on S1.
Resource
[S2]display stp
s:
-------[CIST Global Info][Mode RSTP]-------
CIST Bridge :32768.4c1f-cc45-aacc
Bridge Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
CIST Root/ERPC :32768.4c1f-cc45-aacc / 0
CIST RegRoot/IRPC :32768.4c1f-cc45-aacc / 0
Learnin
CIST RootPortId :0.0
BPDU-Protection :Disabled
Configure ports connected to the user terminals as edge ports. An edge port
can transition to the forwarding state without participating in the RSTP
calculation. In this example, interface Gigabit Ethernet 0/0/4 on S1 and S2
http://
connect to a router and can be configured as edge ports.
[S1]interface GigabitEthernet 0/0/4
learning.huawei.com/
[S1-GigabitEthernet0/0/4]stp edged-port enable
Edge ports are directly connected to user terminal and will not receive
BPDUs. Attackers may send pseudo BPDUs to attack the switching device. If
the edge ports receive the BPDUs, the switching device configures the edge
ports as non-edge ports and triggers a new spanning tree calculation.
Network flapping then occurs. BPDU protection can be used to protect
switching devices against malicious attacks.
Configure BPDU protection on both S1 and S2.
Resource
[S1]stp bpdu-protection
s:
[S2]stp bpdu-protection
Run the display stp brief command to view the port protection.
<S1>display stp brief
Learnin
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/4 DESI FORWARDING BPDU
g 0
0
GigabitEthernet0/0/9
GigabitEthernet0/0/10
ROOT FORWARDING
ALTE DISCARDING
NONE
NONE
or MSTID Port
0 GigabitEthernet0/0/4
Role STP State
DESI FORWARDING
Protection
BPDU
e 0
0
GigabitEthernet0/0/9
GigabitEthernet0/0/10
DESI FORWARDING
DESI FORWARDING
NONE
NONE
http://
On a network running RSTP, a switching device maintains the root port status
and status of alternate ports by receiving BPDUs from an upstream switching
learning.huawei.com/
device. If the switching device cannot receive BPDUs from the upstream
device because of link congestion or unidirectional-link failure, the switching
device re-selects a root port. The original root port becomes a designated port
and the original discarding ports change to the Forwarding state. This
switching may cause network loops, which can be mitigated by configuring
loop protection.
Configure loop protection on both the root port and the alternate port.
[S1]display stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/4 DESI FORWARDING BPDU
0 GigabitEthernet0/0/9 ROOT FORWARDING NONE
0 GigabitEthernet0/0/10 ALTE DISCARDING NONE
G0/0/9 and G0/0/10 on S1 are now the root port and alternate port.Configure
loop protection on these two ports.
Resource
[S1]interface GigabitEthernet 0/0/9
s:
[S1-GigabitEthernet0/0/9]stp loop-protection
[S1-GigabitEthernet0/0/9]quit
[S1]interface GigabitEthernet 0/0/10
[S1-GigabitEthernet0/0/10]stp loop-protection
Learnin
Run the display stp brief command to view the port protection.
g
<S1>display stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/4 DESI FORWARDING BPDU
0 GigabitEthernet0/0/9 ROOT FORWARDING LOOP
e Since S2 is root, all the ports are designated ports and therefore do not need
to configure loop protection. After completing the configuration, you may wish
to set S1 as the root, and configure loop protection on the root port and
alternate port of S2 using the same process as with S1.
Final Configuration
<S1>display current-configuration
#
!Software Version V100R006C00SPC800
sysname S1
#
stp mode rstp
http://
stp bpdu-protection
#
learning.huawei.com/
interface GigabitEthernet0/0/4
stp edged-port enable
#
interface GigabitEthernet0/0/9
stp loop-protection
#
interface GigabitEthernet0/0/10
stp loop-protection
#
user-interface con 0
user-interface vty 0 4
#
return
Resource
s:
<S2>display current-configuration
#
!Software Version V100R006C00SPC800
sysname S2
Learnin
#
stp mode rstp
g
stp bpdu-protection
#
interface GigabitEthernet0/0/4
stp edged-port enable
or #
user-interface con 0
e user-interface vty 0 4
#
return
<S3>display current-configuration
#
!Software Version V100R006C00SPC800
sysname S3
#
http://
interface Ethernet0/0/1
shutdown
learning.huawei.com/
#
interface Ethernet0/0/13
shutdown
#
interface Ethernet0/0/23
shutdown
#
user-interface con 0
user-interface vty 0 4
#
return
<S4>dis current-configuration
#
!Software Version V100R006C00SPC800
Resource
sysname S4
#
s:
interface Ethernet0/0/14
shutdown
#
interface Ethernet0/0/24
shutdown
Learnin
#
user-interface con 0
g user-interface vty 0 4
#
return
or
e
Topology
Resource
s:
Learnin
g
or Figure 4.1 Lab topology for static and default routes
Scenario
http://
Since the network scale is small, with only a few networks, static routes and
default routes are to be used to implement interwork communication. The
learning.huawei.com/
network addressing is to be applied as shown in Figure 4.1.
If a password is requested, and unless otherwise stated, please use the
password: huawei
Tasks
Configure the device names and IP addresses for R1, R2, and R3.
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R1
[R1]interface GigabitEthernet 0/0/0
Resource
[R1-GigabitEthernet0/0/0]ip address 10.0.13.1 24
[R1-GigabitEthernet0/0/0]quit
s:
[R1]interface GigabitEthernet 0/0/1
[R1-GigabitEthernet0/0/1]ip address 10.0.12.1 24
[R1-GigabitEthernet0/0/1]quit
[R1]interface LoopBack 0
[R1-LoopBack0]ip address 10.0.1.1 24
Learnin
g Run the display current-configuration command to check the configuration.
<R1>display ip interface brief
Interface IP Address/Mask Physical Protocol
or
......output omitted......
GigabitEthernet0/0/0 10.0.13.1/24 up up
e
GigabitEthernet0/0/1 10.0.12.1/24 up up
GigabitEthernet0/0/2 unassigned up down
LoopBack0 10.0.1.1/24 up up(s)
......output omitted......
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R2
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet0/0/1]ip address 10.0.12.2 24
http://
[R2-GigabitEthernet0/0/1]quit
[R2]interface GigabitEthernet0/0/2
learning.huawei.com/
[R2-GigabitEthernet0/0/2]ip add 10.0.23.2 24
[R2-GigabitEthernet0/0/2]quit
[R2]interface LoopBack0
[R2-LoopBack0]ip address 10.0.2.2 24
<Huawei>system-view
Resource
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R3
s:
[R3]interface GigabitEthernet 0/0/0
[R3-GigabitEthernet0/0/0]ip address 10.0.13.3 24
[R3-GigabitEthernet0/0/0]quit
[R3]interface GigabitEthernet0/0/2
[R3-GigabitEthernet0/0/2]ip address 10.0.23.3 24
Learnin
[R3-GigabitEthernet0/0/2]quit
[R3]interface LoopBack 0
or ......output omitted......
GigabitEthernet0/0/0 10.0.13.3/24 up up
e GigabitEthernet0/0/1
GigabitEthernet0/0/2
unassigned
10.0.23.3/24
up
up
down
up
LoopBack0 10.0.3.3/24 up up(s)
......output omitted......
http://
Reply from 10.0.12.2: bytes=56 Sequence=3 ttl=255 time=30 ms
Reply from 10.0.12.2: bytes=56 Sequence=4 ttl=255 time=30 ms
learning.huawei.com/
Reply from 10.0.12.2: bytes=56 Sequence=5 ttl=255 time=30 ms
<R1>ping 10.0.13.3
PING 10.0.13.2: 56 data bytes, press CTRL_C to break
Reply from 10.0.13.3: bytes=56 Sequence=1 ttl=255 time=6 ms
Reply from 10.0.13.3: bytes=56 Sequence=2 ttl=255 time=2 ms
Reply from 10.0.13.3: bytes=56 Sequence=3 ttl=255 time=2 ms
Reply from 10.0.13.3: bytes=56 Sequence=4 ttl=255 time=2 ms
Reply from 10.0.13.3: bytes=56 Sequence=5 ttl=255 time=2 ms
Resource
--- 10.0.13.3 ping statistics ---
5 packet(s) transmitted
s:
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 2/2/6 ms
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 31/35/41 ms
<R2>ping 10.0.3.3
PING 10.0.3.3: 56 data bytes, press CTRL_C to break
Request time out
Request time out
Resource
Request time out
Request time out
s:
Request time out
Learnin
100.00% packet loss
or The preceding test result shows that R2 cannot communicate with 10.0.3.3
and 10.0.13.3.
e
Run the display ip routing-table command to view the routing table of R2.
The routing table does not contain the routes of the two networks.
<R2>display ip routing-table
Route Flags: R - relay, D - download to fib
Learnin
Note: In the ip route-static command, 24 indicates the subnet mask length,
or
Route Flags: R - relay, D - download to fib
e 10.0.3.0/24
10.0.12.0/24
Static
Direct
60
0
0
0
RD
D
10.0.23.3
10.0.12.2
GigabitEthernet0/0/2
GigabitEthernet0/0/1
10.0.12.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
http://
The data exchanged between R2 and 10.0.13.3 and 10.0.3.3 is transmitted
learning.huawei.com/
through the link between R2 and R3. R2 fails to communicate with 10.0.13.3
and 10.0.3.3 if the link between R2 and R3 is faulty.
According to the topology, R2 can communicate with R3 through R1 if the link
between R2 and R3 fails. A backup static route can be configured to enable
this redundancy. Backup static routes do not take effect in normal cases. If
the link between R2 and R3 fails, backup static routes are used to transfer
data.
Amend th preferences for on the backup static routes to ensure that the
routes are used only when the primary link fails. In this example, the
preference of the backup static route is set to 80.
[R1]ip route-static 10.0.3.0 24 10.0.13.3
Resource
s:the static routes.
Step 5 Test
View the current static route configuration in the routing table of R2.
Learnin
<R2>display ip routing-table
Route Flags: R - relay, D - download to fib
or
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.2.0/24 Direct 0 0 D 10.0.2.2 LoopBack0
e 10.0.2.2/32
10.0.2.255/32
Direct
Direct
0
0
0
0
D
D
127.0.0.1
127.0.0.1
LoopBack0
LoopBack0
10.0.3.0/24 Static 60 0 RD 10.0.23.3 GigabitEthernet0/0/2
10.0.12.0/24 Direct 0 0 D 10.0.12.2 GigabitEthernet0/0/1
10.0.12.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
HC Series HUAWEI TECHNOLOGIES Page49
HCNA-HNTD Chapter 4 Routing Configuration
http://
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
learning.huawei.com/
The routing table contains two static routes that were configured in step 3.
The value of the Protocol field is Static, indicating a static route. The value of
the Preference field is 60, indicating the default preference is used for the
route.
Test network connectivity to ensure the route between R2 and R3 exists.
<R2>ping 10.0.13.3
PING 10.0.13.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.13.3: bytes=56 Sequence=1 ttl=255 time=34 ms
Reply from 10.0.13.3: bytes=56 Sequence=2 ttl=255 time=34 ms
Reply from 10.0.13.3: bytes=56 Sequence=3 ttl=255 time=34 ms
Reply from 10.0.13.3: bytes=56 Sequence=4 ttl=255 time=34 ms
Reply from 10.0.13.3: bytes=56 Sequence=5 ttl=255 time=34 ms
Resource
5 packet(s) received
0.00% packet loss
s:
round-trip min/avg/max = 34/34/34 ms
<R2>ping 10.0.3.3
PING 10.0.3.3: 56 data bytes, press CTRL_C to break
e
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 41/41/41 ms
The command output shows that the route is functioning normally. The tracert
command can also be run to view the path over which the data is transferred.
<R2>tracert 10.0.13.3
traceroute to 10.0.13.3(10.0.13.3), max hops: 30 ,packet length: 40,
press CTRL_C to break
1 10.0.23.3 40 ms 31 ms 30 ms
<R2>tracert 10.0.3.3
http://
learning.huawei.com/
traceroute to 10.0.3.3(10.0.3.3), max hops: 30 ,packet length: 40,
press CTRL_C to break
1 10.0.23.3 40 ms 30 ms 30 ms
Resource
Compare the routing tables with the previous routing tables before Gigabit
Ethernet 0/0/2 was disabled.
s:
<R2>display ip routing-table
Route Flags: R - relay, D - download to fib
Learnin
g
Destination/Mask Proto Pre Cost Flags NextHop Interface
or 10.0.2.255/32
10.0.3.0/24
Direct
Static 80
0 0
0
D
D
127.0.0.1
10.0.12.2
LoopBack0
GigabitEthernet0/0/1
e 10.0.12.0/24
10.0.12.2/32
Direct
Direct
0
0
0
0
D
D
10.0.12.2
127.0.0.1
GigabitEthernet0/0/1
GigabitEthernet0/0/1
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.13.0/24 Static 80 0 D 10.0.12.2 GigabitEthernet0/0/1
The next hops and preferences of the two routes as shown in the preceding
routing table for R2 have changed.
http://
learning.huawei.com/
Test connectivity between R2 and the destination addresses 10.0.13.3 and
10.0.3.3 on R2.
<R2>ping 10.0.3.3
PING 10.0.3.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=255 time=3 ms
Reply from 10.0.3.3: bytes=56 Sequence=2 ttl=255 time=2 ms
Reply from 10.0.3.3: bytes=56 Sequence=3 ttl=255 time=2 ms
Reply from 10.0.3.3: bytes=56 Sequence=4 ttl=255 time=2 ms
Reply from 10.0.3.3: bytes=56 Sequence=5 ttl=255 time=2 ms
Resource
<R2>ping 10.0.13.3
PING 10.0.13.3: 56 data bytes, press CTRL_C to break
s:
Reply from 10.0.13.3: bytes=56 Sequence=1 ttl=255 time=3 ms
Reply from 10.0.13.3: bytes=56 Sequence=2 ttl=255 time=2 ms
Reply from 10.0.13.3: bytes=56 Sequence=3 ttl=255 time=2 ms
Reply from 10.0.13.3: bytes=56 Sequence=4 ttl=255 time=2 ms
Learnin
Reply from 10.0.13.3: bytes=56 Sequence=5 ttl=255 time=2 ms
g
--- 10.0.13.3 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
e The network is not disconnected when the link between R2 and R3 is shut
down.
The tracert command can also be run to view through over which path the
data is being forwarded.
<R2>tracert 10.0.13.3
traceroute to 10.0.13.3(10.0.13.3), max hops: 30 ,packet length: 40,press
CTRL_C to break
1 10.0.12.1 40 ms 21 ms 21 ms
2 10.0.13.3 30 ms 21 ms 21 ms
http://
<R2>tracert 10.0.3.3
learning.huawei.com/
traceroute to 10.0.3.3(10.0.3.3), max hops: 30 ,packet length: 40,press
CTRL_C to break
1 10.0.12.1 40 ms 21 ms 21 ms
2 10.0.13.3 30 ms 21 ms 21 ms
The command output shows that the data sent by R2 reaches R3 via the
10.0.12.0 and 10.0.13.0 networks connected to R1.
Resource
Verify connectivity to the network 10.0.23.0 from R1.
s:
[R1]ping 10.0.23.3
PING 10.0.23.3: 56 data bytes, press CTRL_C to break
Request time out
Request time out
Request time out
Learnin
Request time out
Request time out
or
0 packet(s) received
100.00% packet loss
<R1>display ip routing-table
Route Flags: R - relay, D - download to fib
learning.huawei.com/
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.1.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.3.0/24 Static 60 0 RD 10.0.13.3 GigabitEthernet0/0/0
10.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet0/0/1
10.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet0/0/0
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
Resource
[R1]ip route-static 0.0.0.0 0.0.0.0 10.0.13.3
s:
After the configuration is complete, test connectivity between R1 and
10.0.23.3.
<R1>ping 10.0.23.3
PING 10.0.23.3: 56 data bytes, press CTRL_C to break
e
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 2/2/3 ms
The default route forwards traffic destined for 10.0.23.3 to the next hop of
10.0.13.3 on R3. R3 is directly connected to the 10.0.23.0 network.
If the link between R1 and R3 fails, a backup default route can be used to
http://
communicate with 10.0.23.3 and 10.0.3.3 via the 10.0.12.0 network.
learning.huawei.com/
However, R1 is not directly connected to these networks and therefore a
backup route (in both directions) must be configured to provide a forwarding
path.
[R1]ip route-static 0.0.0.0 0.0.0.0 10.0.12.2 preference 80
View the routes of R1 when the link between R1 and R3 works properly.
<R1>display ip routing-table
Route Flags: R - relay, D - download to fib
Resource
Destinations : 15 Routes : 15
Destination/Mask Proto Pre Cost Flags NextHop Interface
s:
0.0.0.0/0 Static 60 0 RD 10.0.13.3 GigabitEthernet0/0/0
10.0.1.0/24 Direct 0 0 D 10.0.1.1 LoopBack0
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.1.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.3.0/24 Static 60 0 RD 10.0.13.3 GigabitEthernet0/0/0
Learnin
10.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet0/0/1
10.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
g 10.0.12.255/32 Direct
10.0.13.0/24 Direct
0
0
0
0
D
D
127.0.0.1
10.0.13.1
GigabitEthernet0/0/1
GigabitEthernet0/0/0
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
or 127.0.0.0/8
127.0.0.1/32
Direct
Direct
0
0
0
0
D
D
127.0.0.1
127.0.0.1
InLoopBack0
InLoopBack0
e 127.255.255.255/32
255.255.255.255/32
Direct
Direct
0
0
0
0
D
D
127.0.0.1
127.0.0.1
InLoopBack0
InLoopBack0
[R3]interface GigabitEthernet0/0/0
http://
[R3-GigabitEthernet0/0/0]shutdown
[R3-GigabitEthernet0/0/0]quit
learning.huawei.com/
<R1>display ip routing-table
Route Flags: R - relay, D - download to fib
Resource
127.0.0.0/8
127.0.0.1/32
Direct 0
Direct 0
0
0
D
D
127.0.0.1
127.0.0.1
InLoopBack0
InLoopBack0
s:
127.255.255.255/32 Direct 0
255.255.255.255/32 Direct 0
0
0
D
D
127.0.0.1
127.0.0.1
InLoopBack0
InLoopBack0
Learnin
column indicates that the backup default route 0.0.0.0 is actively forwarding
traffic to the next hop of 10.0.23.3.
g Test network connectivity on R1.
<R1>ping 10.0.23.3
or
PING 10.0.23.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.23.3: bytes=56 Sequence=1 ttl=254 time=76 ms
e
Reply from 10.0.23.3: bytes=56 Sequence=2 ttl=254 time=250 ms
Reply from 10.0.23.3: bytes=56 Sequence=3 ttl=254 time=76 ms
Reply from 10.0.23.3: bytes=56 Sequence=4 ttl=254 time=76 ms
Reply from 10.0.23.3: bytes=56 Sequence=5 ttl=254 time=76 ms
http://
traceroute to 10.0.23.3(10.0.23.2), max hops: 30 ,packet length: 40,press
CTRL_C to break
learning.huawei.com/
1 10.0.12.2 30 ms 26 ms 26 ms
2 10.0.23.3 60 ms 53 ms 56 ms
The IP packets are reaching R3 (10.0.23.3) via the next hop 10.0.12.2 of R2.
Final Configuration
<R1>dis current-configuration
[V200R003C00SPC200]
#
sysname R1
#
interface GigabitEthernet0/0/0
shutdown
ip address 10.0.13.1 255.255.255.0
#
Resource
interface GigabitEthernet0/0/1
ip address 10.0.12.1 255.255.255.0
#
s:
interface LoopBack0
ip address 10.0.1.1 255.255.255.0
#
ip route-static 0.0.0.0 0.0.0.0 10.0.13.3
Learnin
ip route-static 0.0.0.0 0.0.0.0 10.0.12.2 preference 80
ip route-static 10.0.3.0 255.255.255.0 10.0.13.3
e user-interface vty 0 4
#
return
<R2>display current-configuration
[V200R003C00SPC200]
#
sysname R2
interface GigabitEthernet0/0/1
ip address 10.0.12.2 255.255.255.0
http://
#
interface GigabitEthernet0/0/2
learning.huawei.com/
ip address 10.0.23.2 255.255.255.0
#
interface LoopBack0
ip address 10.0.2.2 255.255.255.0
#
ip route-static 10.0.3.0 255.255.255.0 10.0.23.3
ip route-static 10.0.3.0 255.255.255.0 10.0.12.1 preference 80
ip route-static 10.0.13.0 255.255.255.0 10.0.23.3
ip route-static 10.0.13.0 255.255.255.0 10.0.12.1 preference 80
#
user-interface con 0
authentication-mode password
set authentication password cipher
%$%$1=cd%b%/O%Id-8X:by1N,+s}'4wD6TvO<I|/pd# #44C@+s#,%$%$
user-interface vty 0 4
#
Resource
return
s:
<R3>display current-configuration
[V200R003C00SPC200]
#
sysname R3
#
Learnin
interface GigabitEthernet0/0/0
shutdown
or #
interface LoopBack0
#
user-interface con 0
authentication-mode password
set authentication password cipher %$%$ksXDMg7Ry6yUU:63:DQ),#/sQg"@*S\
U#.s.bHW xQ,y%#/v,%$%$
user-interface vty 0 4
http://
#
return
learning.huawei.com/
Resource
s:
Learnin
g
or
e
Learning Objectives
As a result of this lab section, you should achieve the following tasks:
http://
Establish routing loop prevention mechanisms for RIP
Configuration of RIPv1.
learning.huawei.com/
Enable RIP for a specified network and interface.
Use of the display and debugging commands to view RIP operation.
Procedure for testing connectivity of the RIP network.
Configuration of RIPv2.
Topology
Resource
s:
Learnin
g
or
e Figure 4.2 Lab topology for RIPv1 and RIPv2
Scenario
Tasks learning.huawei.com/
Step 1 Preparing the environment.
If you are starting this section with a non-configured device begin here and
then move to step 3. For those continuing from previous labs, begin at step
2.
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R1
[R1]interface GigabitEthernet 0/0/0
[R1-GigabitEthernet0/0/0]ip address 10.0.13.1 24
[R1-GigabitEthernet0/0/0]quit
[R1]interface LoopBack 0
Resource
[R1-LoopBack0]ip address 10.0.1.1 24
[R1-LoopBack0]quit
s:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R2
Learnin
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet0/0/1]ip address 10.0.12.2 24
g
[R2-GigabitEthernet0/0/1]quit
[R2]interface LoopBack 0
[R2-LoopBack0]ip address 10.0.2.2 24
or <Huawei>system-view
Enter system view, return user view with Ctrl+Z.
e [Huawei]sysname R3
[R3]interface LoopBack 0
[R3-LoopBack0]ip address 10.0.3.3 24
Clean up previous static route configuration and disable all unsed interfaces
[R1]interface GigabitEthernet0/0/1
http://
[R1-GigabitEthernet0/0/1]shutdown
[R1-GigabitEthernet0/0/1]quit
learning.huawei.com/
[R1]interface GigabitEthernet0/0/0
[R1-GigabitEthernet0/0/0]undo shutdown
[R1-GigabitEthernet0/0/0]quit
[R1]undo ip route-static 0.0.0.0 0.0.0.0
[R1]undo ip route-static 10.0.3.0 255.255.255.0
[R1]undo ip route-static 10.0.12.0 255.255.255.0
Resource
[R3-GigabitEthernet0/0/2]quit
[R3]undo ip route-static 10.0.12.0 255.255.255.0
s:
Step 3 Additional address configuration
[R3]interface GigabitEthernet0/0/1
Verify that R1 and R2 can communicate with one another over the 10.0.13.0
network.
<R1>ping 10.0.13.2
PING 10.0.13.2: 56 data bytes, press CTRL_C to break
Reply from 10.0.13.2: bytes=56 Sequence=1 ttl=255 time=30 ms
Reply from 10.0.13.2: bytes=56 Sequence=2 ttl=255 time=30 ms
http://
Reply from 10.0.13.2: bytes=56 Sequence=3 ttl=255 time=30 ms
Reply from 10.0.13.2: bytes=56 Sequence=4 ttl=255 time=30 ms
learning.huawei.com/
Reply from 10.0.13.2: bytes=56 Sequence=5 ttl=255 time=30 ms
Resource
Reply from 10.0.12.3: bytes=56 Sequence=5 ttl=255 time=41 ms
s:
--- 10.0.12.3 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 31/35/41 ms
Learnin
Step 4 Configure RIPv1.
g
Enable RIP on R1, and then advertise the 10.0.0.0 network segment.
or
[R1]rip 1
[R1-rip-1]network 10.0.0.0
e Enable RIP on R2, and then advertise the 10.0.0.0 network segment.
[R2]rip 1
[R2-rip-1]network 10.0.0.0
Enable RIP on R3, and then advertise the 10.0.0.0 network segment.
[R3]rip 1
[R3-rip-1]network 10.0.0.0
Resource
10.0.3.0/24 RIP 100 2 D 10.0.13.2 GigabitEthernet0/0/0
10.0.12.0/24 RIP 100 1 D 10.0.13.2 GigabitEthernet0/0/0
s:
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet0/0/0
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
Learnin
127.255.255.255/32 Direct
255.255.255.255/32 Direct
0
0
0
0
D
D
127.0.0.1
127.0.0.1
InLoopBack0
InLoopBack0
g <R2>display ip routing-table
Route Flags: R - relay, D - download to fib
http://
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.13.0/24 Direct 0 0 D 10.0.13.2 GigabitEthernet0/0/0
learning.huawei.com/
10.0.13.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
<R3>display ip routing-table
Route Flags: R - relay, D - download to fib
Resource
10.0.2.0/24 RIP 100 1 D 10.0.12.2 GigabitEthernet0/0/1
10.0.3.0/24 Direct 0 0 D 10.0.3.3 LoopBack0
s:
10.0.3.3/32
10.0.3.255/32
Direct
Direct
0
0
0
0
D
D
127.0.0.1
127.0.0.1
LoopBack0
LoopBack0
10.0.12.0/24 Direct 0 0 D 10.0.12.3 GigabitEthernet0/0/1
10.0.12.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
Learnin
10.0.13.0/24
127.0.0.0/8
RIP
Direct
100
0
1
0
D
D
10.0.12.2
127.0.0.1
GigabitEthernet0/0/1
InLoopBack0
g 127.0.0.1/32
127.255.255.255/32
Direct
Direct
0
0
0
0
D
D
127.0.0.1
127.0.0.1
InLoopBack0
InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
[R1]ping 10.0.12.3
PING 10.0.12.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.12.3: bytes=56 Sequence=1 ttl=254 time=70 ms
Reply from 10.0.12.3: bytes=56 Sequence=2 ttl=254 time=65 ms
Reply from 10.0.12.3: bytes=56 Sequence=3 ttl=254 time=65 ms
Reply from 10.0.12.3: bytes=56 Sequence=4 ttl=254 time=65 ms
http://
Reply from 10.0.12.3: bytes=56 Sequence=5 ttl=254 time=65 ms
learning.huawei.com/
--- 10.0.12.3 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 65/66/70 ms
Resource
RIP Process id: 1
s:
Debugs ON: SEND, RECEIVE, PACKET, TIMER, EVENT, BRIEF,
JOB, ROUTE-PROCESSING, ERROR,
REPLAY-PROTECT, GR
<R1>terminal debugging
Info: Current terminal debugging is on.
Learnin
<R1>
Nov 29 2013 09:45:07.860.1+00:00 R1 RIP/7/DBG: 6: 12734: RIP 1: Receiving v1
g
response on GigabitEthernet0/0/0 from 10.0.13.2 with 3 RTEs
<R1>
Nov 29 2013 09:45:07.860.2+00:00 R1 RIP/7/DBG: 6: 12785: RIP 1: Receive response
from 10.0.13.2 on GigabitEthernet0/0/0
or <R1>
Nov 29 2013 09:45:07.860.3+00:00 R1 RIP/7/DBG: 6: 12796: Packet: Version 1, Cmd
e response, Length 64
<R1>
Nov 29 2013 09:45:07.860.4+00:00 R1 RIP/7/DBG: 6: 12845: Dest 10.0.2.0, Cost 1
<R1>
http://
expired for interface GigabitEthernet0/0/1
learning.huawei.com/
Run the undo debugging rip <process-id> or undo debugging all
command to disable the debugging functions.
<R1>undo debugging rip 1
Resource
GigabitEthernet0/0/0 (10.0.13.1) is deleted from the periodic update queue
s:
<R1>undo debugging all
Info: All possible debugging has been turned off
Learnin
Therefore, the use of commands (such as debug all) for enabling debugging
functions in batches should be performed with caution.
g Step 6 Configure RIPv2.
or After the preceding configuration, you need to configure only version 2 in
the RIP sub view.
e [R1]rip 1
[R1-rip-1]version 2
[R2]rip 1
[R2-rip-1]version 2
[R3]rip 1
[R3-rip-1]version 2
Resource
10.0.2.0/24 RIP 100 1 D 10.0.13.2 GigabitEthernet0/0/0
10.0.3.0/24 RIP 100 2 D 10.0.13.2 GigabitEthernet0/0/0
s:
10.0.12.0/24 RIP 100 1 D 10.0.13.2 GigabitEthernet0/0/0
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet0/0/0
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
Learnin127.0.0.1/32 Direct
127.255.255.255/32 Direct
0
0
0
0
D
D
127.0.0.1
127.0.0.1
InLoopBack0
InLoopBack0
or <R2>display ip routing-table
Route Flags: R - relay, D - download to fib
http://
10.0.3.0/24 RIP 100 1 D 10.0.12.3 GigabitEthernet0/0/1
10.0.12.0/24 Direct 0 0 D 10.0.12.2 GigabitEthernet0/0/1
learning.huawei.com/
10.0.12.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.13.0/24 Direct 0 0 D 10.0.13.2 GigabitEthernet0/0/0
10.0.13.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
[R3]display ip routing-table
Route Flags: R - relay, D - download to fib
Resource
Destination/Mask Proto Pre Cost Flags NextHop Interface
s:
10.0.1.0/24 RIP 100 2 D 10.0.12.2 GigabitEthernet0/0/1
10.0.2.0/24 RIP 100 1 D 10.0.12.2 GigabitEthernet0/0/1
10.0.3.0/24 Direct 0 0 D 10.0.3.3 LoopBack0
10.0.3.3/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.3.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
Learnin10.0.12.0/24
10.0.12.3/32
Direct
Direct
0
0
0
0
D
D
10.0.12.3
127.0.0.1
GigabitEthernet0/0/1
GigabitEthernet0/0/1
g 10.0.12.255/32 Direct
10.0.13.0/24 RIP
0
100
0
1
D
D
127.0.0.1
10.0.12.2
GigabitEthernet0/0/1
GigabitEthernet0/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
or 127.255.255.255/32 Direct
255.255.255.255/32 Direct
0
0
0
0
D
D
127.0.0.1
127.0.0.1
InLoopBack0
InLoopBack0
e
Test connectivity from R1 to the IP destination 10.0.12.3 on interface Gigabit
Ethernet 0/0/2 of R3.
<R1>ping 10.0.12.3
PING 10.0.12.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.12.3: bytes=56 Sequence=1 ttl=254 time=74 ms
Reply from 10.0.12.3: bytes=56 Sequence=2 ttl=254 time=75 ms
Reply from 10.0.12.3: bytes=56 Sequence=3 ttl=254 time=75 ms
Reply from 10.0.12.3: bytes=56 Sequence=4 ttl=254 time=75 ms
http://
Reply from 10.0.12.3: bytes=56 Sequence=5 ttl=254 time=75 ms
learning.huawei.com/
--- 10.0.12.3 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 74/74/75 ms
The debugging command can be used to view the RIPv2 periodic updates.
<R1>terminal debugging
Info: Current terminal debugging is on.
<R1>debugging rip 1 event
<R1>
Nov 29 2013 10:41:04.490.1+00:00 R1 RIP/7/DBG: 25: 5719: RIP 1: Periodic timer
expired for interface GigabitEthernet0/0/0 (10.0.13.1) and its added to
periodic update queue
<R1>
Nov 29 2013 10:41:04.500.1+00:00 R1 RIP/7/DBG: 25: 6048: RIP 1: Interface
Resource
GigabitEthernet0/0/0 (10.0.13.1) is deleted from the periodic update queue
s:
<R1>undo debugging rip 1
Learnin
on interface GigabitEthernet0/0/0 from 10.0.13.1 to 224.0.0.9
g
<R1>
Nov 29 2013 10:43:07.770.2+00:00 R1 RIP/7/DBG: 6: 12796: Packet: Version 2, Cmd
response, Length 24
<R1>
e
0.0.0.0, Cost 1, Tag 0
When using RIPv1, a router sends network IDs and other route update
information to its neighbor routers without sending subnet masks. How do
neighbor routers process the route update information and generate the
corresponding subnet masks?
http://
How are RIPv1 and RIPv2 compatible with each other?
Resource
interface LoopBack0
ip address 10.0.1.1 255.255.255.0
s:
#
rip 1
version 2
network 10.0.0.0
#
user-interface con 0
Learnin
authentication-mode password
set authentication password cipher %$%$+L'YR&IZt'4,)>-*#lH",}%K-
g
oJ_M9+'lOU~bD (\WTqB}%N,%$%$
user-interface vty 0 4
#
return
or
e
<R2>display current-configuration
[V200R003C00SPC200]
#
sysname R2
#
interface GigabitEthernet0/0/0
http://
ip address 10.0.13.2 255.255.255.0
#
learning.huawei.com/
interface GigabitEthernet0/0/1
ip address 10.0.12.2 255.255.255.0
#
interface GigabitEthernet0/0/2
shutdown
ip address 10.0.23.2 255.255.255.0
#
interface LoopBack0
ip address 10.0.2.2 255.255.255.0
#
rip 1
version 2
network 10.0.0.0
#
user-interface con 0
authentication-mode password
Resource
set authentication password cipher
%$%$1=cd%b%/O%Id-8X:by1N,+s}'4wD6TvO<I|/pd# #44C@+s#,%$%$
s:
user-interface vty 0 4
#
return
Learnin
<R3>display current-configuration
[V200R003C00SPC200]
g #
sysname R3
#
interface GigabitEthernet0/0/0
or shutdown
ip address 10.0.13.3 255.255.255.0
e #
interface GigabitEthernet0/0/1
ip address 10.0.12.3 255.255.255.0
#
interface GigabitEthernet0/0/2
shutdown
ip address 10.0.23.3 255.255.255.0
#
interface LoopBack0
ip address 10.0.3.3 255.255.255.0
http://
#
rip 1
learning.huawei.com/
version 2
network 10.0.0.0
#
user-interface con 0
authentication-mode password
set authentication password cipher %$%$ksXDMg7Ry6yUU:63:DQ),#/sQg"@*S\
U#.s.bHW xQ,y%#/v,%$%$
user-interface vty 0 4
#
return
Resource
s:
Learnin
g
or
e
Learning Objectives
As a result of this lab section, you should achieve the following tasks:
Aggregation of routes in RIPv2 http://
learning.huawei.com/
Implementation of authentication between RIP peers
Troubleshoot RIP peer authentication failures.
Topology
Resource
s:
Learnin
g
Figure 4.3 RIPv2 route aggregation and authentication topology
or
e
Scenario
As the network administrator of a small company you are responsible for the
support of a RIPv2 based enterprise network. In order to better manage and
optimize the routing table, route aggregation is required.
http://
Additionally, concerns over the insertion of rogue devices into the network that
may affect routing tables means that RIP authentication is required to protect
the network.
learning.huawei.com/
Tasks
If you are starting this section with a non-configured device begin here and
then move to step 2. For those continuing from previous labs, begin at step 2.
Configure the base system information and addressing for R1, R2 and R3 on
the network.
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R1
Resource
[R1]interface GigabitEthernet 0/0/0
[R1-GigabitEthernet0/0/0]ip address 10.0.13.1 24
s:
[R1-GigabitEthernet0/0/0]quit
[R1]interface LoopBack 0
[R1-LoopBack0]ip address 10.0.1.1 24
<Huawei>system-view
Learnin
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R2
or
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet0/0/1]ip address 10.0.12.2 24
e
[R2-GigabitEthernet0/0/1]quit
[R2]interface LoopBack 0
[R2-LoopBack0]ip address 10.0.2.2 24
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R3
[R3]interface GigabitEthernet 0/0/1
[R3-GigabitEthernet0/0/1]ip address 10.0.12.3 24
[R3-GigabitEthernet0/0/1]quit
http://
[R3]interface LoopBack 0
[R3-LoopBack0]ip address 10.0.3.3 24
learning.huawei.com/
After the IP addresses have been configured for the interfaces, test the
network connectivity.
<R1>ping 10.0.13.2
PING 10.0.13.2: 56 data bytes, press CTRL_C to break
Reply from 10.0.13.2: bytes=56 Sequence=1 ttl=255 time=30 ms
Reply from 10.0.13.2: bytes=56 Sequence=2 ttl=255 time=30 ms
Reply from 10.0.13.2: bytes=56 Sequence=3 ttl=255 time=30 ms
Reply from 10.0.13.2: bytes=56 Sequence=4 ttl=255 time=30 ms
Reply from 10.0.13.2: bytes=56 Sequence=5 ttl=255 time=30 ms
Resource
<R2>ping 10.0.12.3
s:
PING 10.0.12.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.12.3: bytes=56 Sequence=1 ttl=255 time=31 ms
Reply from 10.0.12.3: bytes=56 Sequence=2 ttl=255 time=31 ms
Reply from 10.0.12.3: bytes=56 Sequence=3 ttl=255 time=41 ms
Reply from 10.0.12.3: bytes=56 Sequence=4 ttl=255 time=31 ms
[R2]rip 1
[R2-rip-1]version 2
[R2-rip-1]network 10.0.0.0
http://
[R3]rip 1
learning.huawei.com/
[R3-rip-1]version 2
[R3-rip-1]network 10.0.0.0
Resource
[R3-LoopBack4]interface LoopBack 5
[R3-LoopBack5]ip address 172.16.3.1 24
s:
Step 3 Advertize the loopback addresses in RIP.
Learnin
Advertise the 172.16.0.0 network range on R3.
g
[R3]rip
[R3-rip-1]network 172.16.0.0
View the routing table of R1 to verify the new networks are being advertized.
or <R1>display ip routing-table
e
Route Flags: R - relay, D - download to fib
http://
10.0.3.0/24 RIP 100 2 D 10.0.13.2 GigabitEthernet0/0/0
10.0.12.0/24 RIP 100 1 D 10.0.13.2 GigabitEthernet0/0/0
learning.huawei.com/
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet0/0/0
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.16.0.0/24 RIP 100 2 D 10.0.13.2 GigabitEthernet0/0/0
172.16.1.0/24 RIP 100 2 D 10.0.13.2 GigabitEthernet0/0/0
172.16.2.0/24 RIP 100 2 D 10.0.13.2 GigabitEthernet0/0/0
172.16.3.0/24 RIP 100 2 D 10.0.13.2 GigabitEthernet0/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
The information in grey shows that R1 has learned specific routes but not
aggregated routes.
Test network connectivity from R1 to the 172.16.0.0 network range.
Resource
<R1>ping 172.16.0.1
PING 172.16.0.1: 56 data bytes, press CTRL_C to break
s:
Reply from 172.16.0.1: bytes=56 Sequence=1 ttl=254 time=80 ms
Reply from 172.16.0.1: bytes=56 Sequence=2 ttl=254 time=79 ms
Reply from 172.16.0.1: bytes=56 Sequence=3 ttl=254 time=79 ms
Reply from 172.16.0.1: bytes=56 Sequence=4 ttl=254 time=79 ms
Reply from 172.16.0.1: bytes=56 Sequence=5 ttl=254 time=79 ms
Learnin
--- 172.16.0.1 ping statistics ---
g 5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
http://
172.16.0.0/16.
[R2]interface GigabitEthernet0/0/0
learning.huawei.com/
[R2-GigabitEthernet0/0/0]rip summary-address 172.16.0.0 255.255.0.0
View the routing table of R1 that should now include an aggregated route.
<R1>display ip routing-table
Route Flags: R - relay, D - download to fib
Resource
10.0.3.0/24 RIP 100 2 D 10.0.13.2 GigabitEthernet0/0/0
10.0.12.0/24 RIP 100 1 D 10.0.13.2 GigabitEthernet0/0/0
s:
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet0/0/0
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
Learnin
127.255.255.255/32 Direct
172.16.0.0/16 RIP
0
100 2
0 D
D
127.0.0.1
10.0.13.2
InLoopBack0
GigabitEthernet0/0/0
Verify that the routes are still supported for the 172.16.0.0 network range.
<R1>ping 172.16.0.1
PING 172.16.0.1: 56 data bytes, press CTRL_C to break
Reply from 172.16.0.1: bytes=56 Sequence=1 ttl=254 time=60 ms
Reply from 172.16.0.1: bytes=56 Sequence=2 ttl=254 time=59 ms
Reply from 172.16.0.1: bytes=56 Sequence=3 ttl=254 time=80 ms
http://
Reply from 172.16.0.1: bytes=56 Sequence=4 ttl=254 time=60 ms
Reply from 172.16.0.1: bytes=56 Sequence=5 ttl=254 time=60 ms
The preceding information shows that route aggregation reduces the size of
the routing table without affecting communication to aggregated networks.
s:
[R1-GigabitEthernet0/0/0]rip authentication-mode simple huawei
[R2]interface GigabitEthernet0/0/0
[R2-GigabitEthernet0/0/0]rip authentication-mode simple huawei
[R2-GigabitEthernet0/0/0]quit
Learnin
[R2]interface GigabitEthernet0/0/1
[R2-GigabitEthernet0/0/1]rip authentication-mode md5 usual huawei
g [R3]interface GigabitEthernet0/0/1
[R3-GigabitEthernet0/0/1]rip authentication-mode md5 usual huawei
or
e
After the configuration is complete, verify that the routes are not affected.
<R1>display ip routing-table
Route Flags: R - relay, D - download to fib
Destination/Mask Proto
http://
Pre Cost Flags NextHop Interface
Resource
<R2>display ip routing-table
Route Flags: R - relay, D - download to fib
s:
Routing Tables: Public
Destinations : 19 Routes : 19
Learnin
Destination/Mask Proto Pre Cost Flags NextHop Interface
g
10.0.1.0/24 RIP 100 1 D 10.0.13.1 GigabitEthernet0/0/0
10.0.2.0/24 Direct 0 0 D 10.0.2.2 LoopBack0
10.0.2.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.2.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
or 10.0.3.0/24
10.0.12.0/24
RIP
Direct
100
0
1
0
D
D
10.0.12.3
10.0.12.2
GigabitEthernet0/0/1
GigabitEthernet0/0/1
e 10.0.12.2/32
10.0.12.255/32
Direct
Direct
0
0
0
0
D
D
127.0.0.1
127.0.0.1
GigabitEthernet0/0/1
GigabitEthernet0/0/1
10.0.13.0/24 Direct 0 0 D 10.0.13.2 GigabitEthernet0/0/0
10.0.13.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
http://
172.16.2.0/24 RIP 100 1 D 10.0.12.3 GigabitEthernet0/0/1
172.16.3.0/24 RIP 100 1 D 10.0.12.3 GigabitEthernet0/0/1
learning.huawei.com/
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
<R3>display ip routing-table
Route Flags: R - relay, D - download to fib
Resource
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.13.0/24 RIP 100 1 D 10.0.12.2 GigabitEthernet0/0/1
s:
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.16.0.0/24 Direct 0 0 D 172.16.0.1 LoopBack2
172.16.0.1/32 Direct 0 0 D 127.0.0.1 LoopBack2
g 172.16.1.1/32 Direct
172.16.1.255/32 Direct
0
0
0
0
D
D
127.0.0.1
127.0.0.1
LoopBack3
LoopBack3
172.16.2.0/24 Direct 0 0 D 172.16.2.1 LoopBack4
172.16.2.1/32 Direct 0 0 D 127.0.0.1 LoopBack4
or 172.16.2.255/32 Direct
172.16.3.0/24 Direct
0
0
0
0
D
D
127.0.0.1
172.16.3.1
LoopBack4
LoopBack5
e 172.16.3.1/32 Direct
172.16.3.255/32 Direct
0
0
0
0
D
D
127.0.0.1
127.0.0.1
LoopBack5
LoopBack5
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
Resource
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
s:
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
or [R2]interface GigabitEthernet0/0/1
[R2-GigabitEthernet0/0/1]rip authentication-mode simple huawei
e Run the following command to delete the routes learned by R3 from R2 before
you change the authentication password.
View the routing table of R3.
<R3>display ip routing-table
10.0.3.0/24
10.0.3.3/32
Direct
Direct
0
0
0
0
learning.huawei.com/
D
D
10.0.3.3
127.0.0.1
LoopBack0
LoopBack0
10.0.3.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.12.0/24 Direct 0 0 D 10.0.12.3 GigabitEthernet0/0/1
10.0.12.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.16.0.0/24 Direct 0 0 D 172.16.0.1 LoopBack2
172.16.0.1/32 Direct 0 0 D 127.0.0.1 LoopBack2
172.16.0.255/32 Direct 0 0 D 127.0.0.1 LoopBack2
172.16.1.0/24 Direct 0 0 D 172.16.1.1 LoopBack3
172.16.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack3
172.16.1.255/32 Direct 0 0 D 127.0.0.1 LoopBack3
Resource
172.16.2.0/24 Direct 0 0 D 172.16.2.1 LoopBack4
172.16.2.1/32 Direct 0 0 D 127.0.0.1 LoopBack4
s:
172.16.2.255/32 Direct 0 0 D 127.0.0.1 LoopBack4
172.16.3.0/24 Direct 0 0 D 172.16.3.1 LoopBack5
172.16.3.1/32 Direct 0 0 D 127.0.0.1 LoopBack5
172.16.3.255/32 Direct 0 0 D 127.0.0.1 LoopBack5
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
Learnin
Since R2 and R3 use different RIP authentication modes, R3 cannot receive
e Verify that routes in routing tables of R1, R2, and R3 have been restored. Note
that RIP updates routes periodically, so may take a moment to be restored.
<R1>display ip routing-table
learning.huawei.com/
10.0.1.1 /32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.1.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.2.0/24 RIP 100 1 D 10.0.13.2 GigabitEthernet0/0/0
10.0.3.0/24 RIP 100 2 D 10.0.13.2 GigabitEthernet0/0/0
10.0.12.0/24 RIP 100 1 D 10.0.13.2 GigabitEthernet0/0/0
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet0/0/0
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.16.0.0/16 RIP 100 2 D 10.0.13.2 GigabitEthernet0/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
[R2]display ip routing-table
Route Flags: R - relay, D - download to fib
Resource
Routing Tables: Public
s:
Destinations : 19 Routes : 19
Learnin10.0.2.0/24
10.0.2.2/32
Direct
Direct
0
0
0
0
D
D
10.0.2.2
127.0.0.1
LoopBack0
LoopBack0
g 10.0.2.255/32
10.0.3.0/24
Direct
RIP
0
100 1
0 D
D
127.0.0.1
10.0.12.3
LoopBack0
GigabitEthernet0/0/1
10.0.12.0/24 Direct 0 0 D 10.0.12.2 GigabitEthernet0/0/1
10.0.12.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
or 10.0.12.255/32
10.0.13.0/24
Direct
Direct
0
0
0
0
D
D
127.0.0.1
10.0.13.2
GigabitEthernet0/0/1
GigabitEthernet0/0/0
e 10.0.13.2/32
10.0.13.255/32
Direct
Direct
0
0
0
0
D
D
127.0.0.1
127.0.0.1
GigabitEthernet0/0/0
GigabitEthernet0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
<R3>display ip routing-table
http://
learning.huawei.com/
Route Flags: R - relay, D - download to fib
Resource
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
s:
172.16.0.0/24 Direct 0 0 D 172.16.0.1 LoopBack2
172.16.0.1/32 Direct 0 0 D 127.0.0.1 LoopBack2
172.16.0.255/32 Direct 0 0 D 127.0.0.1 LoopBack2
172.16.1.0/24 Direct 0 0 D 172.16.1.1 LoopBack3
172.16.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack3
Learnin
172.16.1.255/32 Direct 0 0 D 127.0.0.1 LoopBack3
172.16.2.0/24 Direct 0 0 D 172.16.2.1 LoopBack4
g
172.16.2.1/32 Direct 0 0 D 127.0.0.1 LoopBack4
172.16.2.255/32 Direct 0 0 D 127.0.0.1 LoopBack4
172.16.3.0/24 Direct 0 0 D 172.16.3.1 LoopBack5
172.16.3.1/32 Direct 0 0 D 127.0.0.1 LoopBack5
or 172.16.3.255/32 Direct
255.255.255.255/32 Direct
0
0
0
0
D
D
127.0.0.1
127.0.0.1
LoopBack5
InLoopBack0
Final Configuration
<R1>display current-configuration
[V200R003C00SPC200]
#
sysname R1
http://
#
interface GigabitEthernet0/0/0
ip address 10.0.13.1 255.255.255.0
learning.huawei.com/
rip authentication-mode simple cipher %$%$S2AJ2_mJ)Hf++RSng6^NN|Xl%$%$
#
interface LoopBack0
ip address 10.0.1.1 255.255.255.0
#
rip 1
version 2
network 10.0.0.0
#
user-interface con 0
authentication-mode password
set authentication password cipher %$%$+L'YR&IZt'4,)>-*#lH",}%K-
oJ_M9+'lOU~bD (\WTqB}%N,%$%$
user-interface vty 0 4
Resource
#
return
s:
<R2>display current-configuration
[V200R003C00SPC200]
#
sysname R2
#
Learnin
interface GigabitEthernet0/0/0
ip address 10.0.13.2 255.255.255.0
e
rip authentication-mode md5 usual cipher %$%$C]'$.`NWGZ}|gLV%:XF>OG}|%$%$
#
interface LoopBack0
ip address 10.0.2.2 255.255.255.0
#
rip 1
version 2
network 10.0.0.0
#
user-interface con 0
http://
authentication-mode password
set authentication password cipher
learning.huawei.com/
%$%$1=cd%b%/O%Id-8X:by1N,+s}'4wD6TvO<I|/pd# #44C@+s#,%$%$
user-interface vty 0 4
#
return
<R3>display current-configuration
[V200R003C00SPC200]
#
sysname R3
#
interface GigabitEthernet0/0/1
ip address 10.0.12.3 255.255.255.0
rip authentication-mode md5 usual cipher %$%$_5VL+wN6FNe]rVKbh[E(O=E>%$%$
#
interface LoopBack0
Resource
ip address 10.0.3.3 255.255.255.0
#
s:
interface LoopBack2
ip address 172.16.0.1 255.255.255.0
#
interface LoopBack3
ip address 172.16.1.1 255.255.255.0
Learnin
#
interface LoopBack4
or #
rip 1
e version 2
network 10.0.0.0
network 172.16.0.0
#
user-interface con 0
authentication-mode password
set authentication password cipher %$%$ksXDMg7Ry6yUU:63:DQ),#/sQg"@*S\
U#.s.bHW xQ,y%#/v,%$%$
user-interface vty 0 4
#
http://
return
learning.huawei.com/
Resource
s:
Learnin
g
or
e
Learning Objectives
As a result of this lab section, you should achieve the following tasks:
http://
Configuration of the Router-ID for OSPF.
learning.huawei.com/
Establish OSPF on a specified interface or network.
View OSPF operations using display commands.
Advertisement of default routes in OSPF.
Change of the OSPF hello interval and dead interval.
Famliarization with DR or BDR election on multi-access networks.
Change of the OSPF route priority to manipulate DR election.
Topology
Resource
s:
Learnin
g
Figure 4.4 OSPF single area topology
or
e
Scenario
Tasks learning.huawei.com/
Step 1 Prepare the environment
If you are starting this section with a non-configured device, begin here and
then move to step 3. For those continuing from previous labs, begin at step 2.
Establish the basic system configuration and addressing for the lab.
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R1
[R1]interface GigabitEthernet 0/0/1
[R1-GigabitEthernet 0/0/1]ip address 10.0.12.1 24
Resource
[R1-GigabitEthernet 0/0/1]quit
[R1]interface GigabitEthernet 0/0/0
s:
[R1-GigabitEthernet0/0/0]ip address 10.0.13.1 24
[R1-GigabitEthernet0/0/0]quit
[R1]interface LoopBack 0
[R1-LoopBack0]ip address 10.0.1.1 24
Learnin
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
g
[Huawei]sysname R2
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet 0/0/1]ip address 10.0.12.2 24
[R2-GigabitEthernet 0/0/1]quit
or [R2]interface LoopBack 0
[R2-LoopBack0]ip address 10.0.2.2 24
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R3
[R3]interface GigabitEthernet 0/0/0
[R3-GigabitEthernet0/0/0]ip address 10.0.13.3 24
[R3-GigabitEthernet0/0/0]quit
http://
[R3]interface LoopBack 0
[R3-LoopBack0]ip address 10.0.3.3 24
learning.huawei.com/
[R3-LoopBack0]quit
[R3]interface LoopBack 2
[R3-LoopBack2]ip address 172.16.0.1 24
Enable the interfaces necessary for this lab and disable those not needed.
Resource
[R3]interface GigabitEthernet 0/0/0
s:
[R3-GigabitEthernet0/0/0]undo shutdown
[R3-GigabitEthernet0/0/0]quit
[R3]interface GigabitEthernet 0/0/1
[R3-GigabitEthernet0/0/1]shutdown
[R3-GigabitEthernet0/0/1]quit
Learnin
[R3]undo interface LoopBack 3
Info: This operation may take a few seconds. Please wait for a
g
moment...succeeded. [R3]undo interface LoopBack 4
Info: This operation may take a few seconds. Please wait for a
moment...succeeded. [R3]undo interface LoopBack 5
Info: This operation may take a few seconds. Please wait for a
or
moment...succeeded.
[R1]undo rip 1
Warning: The RIP process will be deleted. Continue?[Y/N]y
http://
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet0/0/1]undo rip authentication-mode
learning.huawei.com/
[R2-GigabitEthernet0/0/1]quit
[R2]undo rip 1
Warning: The RIP process will be deleted. Continue?[Y/N]y
Assign the value 10.0.1.1 (as used on logical interface loopback 0 for
simplicity) as the router ID. Use OSPF process 1 (the default process),
and specify network segments 10.0.1.0/24, 10.0.12.0/24, and 10.0.13.0/24
Resource
as part of OSPF area 0.
[R1]ospf 1 router-id 10.0.1.1
s:
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 10.0.1.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 10.0.13.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 10.0.12.0 0.0.0.255
Learnin
Different process ID’s will generate multiple link state databases, therefore
ensure that all routers use the same OSPF process ID. The wildcard mask
g must be specified as part of the network command.
Manually assign the value 10.0.2.2 as the router ID. Use OSPF process 1,
and advertise network segments 10.0.12.0/24 and 10.0.2.0/24 into OSPF
or area 0.
…output omitted…
Nov 30 2013 09:41:39+00:00 R2 %%01OSPF/4/NBR_CHANGE_E(l)[5]:Neighbor changes event:
neighbor status changed. (ProcessId=1, NeighborAddress=10.0.12.1,
NeighborEvent=LoadingDone, NeighborPreviousState=Loading, NeighborCurrentState=Full)
http://
Adjacency is attained when “NeighborCurrentState=Full”. For R3, Manually
learning.huawei.com/
assign the value 10.0.3.3 as the router ID. Use OSPF process 1, and
advertise network segments 10.0.3.0/24 and 10.0.13.0/24 into OSPF area 0.
[R3]ospf 1 router-id 10.0.3.3
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 10.0.3.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]network 10.0.13.0 0.0.0.255
…output omitted…
Nov 30 2013 16:05:34+00:00 R3 %%01OSPF/4/NBR_CHANGE_E(l)[5]:Neighbor changes event:
neighbor status changed. (ProcessId=1, NeighborAddress=10.0.13.1,
NeighborEvent=LoadingDone, NeighborPreviousState=Loading, NeighborCurrentState=Full)
After OSPF route convergence is complete, view routing tables of R1, R2,
and R3.
Resource
<R1>display ip routing-table
s:
Route Flags: R - relay, D - download to fib
Learnin
Destination/Mask Proto Pre Cost Flags NextHop Interface
g 10.0.1.0/24
10.0.1.1/32
Direct
Direct
0
0
0
0
D
D
10.0.1.1
127.0.0.1
LoopBack0
LoopBack0
10.0.1.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.2.2/32 OSPF 10 1 D 10.0.12.2 GigabitEthernet0/0/1
or 10.0.3.3/32
10.0.12.0/24
OSPF
Direct
10
0
1
0
D
D
10.0.13.3
10.0.12.1
GigabitEthernet0/0/0
GigabitEthernet0/0/1
e 10.0.12.1/32
10.0.12.255/32
Direct
Direct
0
0
0
0
D
D
127.0.0.1
127.0.0.1
GigabitEthernet0/0/1
GigabitEthernet0/0/1
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet0/0/0
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
http://
<R2>display ip routing-table
Route Flags: R - relay, D - download to fib
Resource
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
s:
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
<R3>display ip routing-table
Route Flags: R - relay, D - download to fib
Learnin
Routing Tables: Public
Destinations : 16 Routes : 16
or 10.0.2.2/32
10.0.3.0/24
OSPF
Direct
10
0
2
0
D
D
10.0.13.1
10.0.3.3
GigabitEthernet0/0/0
LoopBack0
e 10.0.3.3/32
10.0.3.255/32
Direct
Direct
0
0
0
0
D
D
127.0.0.1
127.0.0.1
LoopBack0
LoopBack0
10.0.12.0/24 OSPF 10 2 D 10.0.13.1 GigabitEthernet0/0/0
10.0.13.0/24 Direct 0 0 D 10.0.13.3 GigabitEthernet0/0/0
http://
172.16.0.1/32 Direct 0 0 D 127.0.0.1 LoopBack2
172.16.0.255/32 Direct 0 0 D 127.0.0.1 LoopBack2
learning.huawei.com/
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
Resource
0.00% packet loss
round-trip min/avg/max = 37/41/45 ms
s:
<R2>ping 10.0.3.3
PING 10.0.3.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=254 time=37 ms
Reply from 10.0.3.3: bytes=56 Sequence=2 ttl=254 time=42 ms
or 5 packet(s) received
0.00% packet loss
Run the display ospf peer command to view the OSPF neighbor status.
<R1>display ospf peer
learning.huawei.com/
State: Full Mode:Nbr is Master Priority: 1
DR: 10.0.12.1 BDR: 10.0.12.2 MTU: 0
Dead timer due in 32 sec
Retrans timer interval: 5
Neighbor is up for 00:47:59
Authentication Sequence: [ 0 ]
Neighbors
Resource
Authentication Sequence: [ 0 ]
s:
The display ospf peer command displays detailed information about any
peering neighbors. In the example given, the link 10.0.13.1 of R1 shows to be
the DR. The DR election is non pre-emptive, meaning that the link of R3 will
not take over the role of DR from R1 unless the OSPF process is reset.
Learnin
The display ospf peer brief command can also be used to display a
condensed version of the OSPF peer information.
e Area Id
0.0.0.0
Interface
GigabitEthernet0/0/0
Neighbor id
10.0.3.3
State
Full
0.0.0.0 GigabitEthernet0/0/1 10.0.2.2 Full
http://
0.0.0.0 GigabitEthernet0/0/1 10.0.1.1 Full
Resource
Interfaces
s:
Interface: 10.0.13.1 (GigabitEthernet0/0/0)
Cost: 1 State: DR Type: Broadcast MTU: 1500
Priority: 1
Designated Router: 10.0.13.1
Learnin
Backup Designated Router: 10.0.13.3
Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1
g Run the ospf timer command to change the OSPF hello interval and dead
interval on GE0/0/0 of R1 to 15s and 60s respectively.
NeighborInterface=GigabitEthernet0/0/0,NeighborDownImmediate reason=Neighbor
Down Due to Inactivity, NeighborDownPrimeReason=Interface Parameter
Mismatch, NeighborChangeTime=2013-11-30 16:58:39)
http://
OSPF Process 1 with Router ID 10.0.1.1
Interfaces
learning.huawei.com/
Interface: 10.0.13.1 (GigabitEthernet0/0/0)
Cost: 1 State: DR Type: Broadcast MTU: 1500
Priority: 1
Designated Router: 10.0.13.1
Backup Designated Router: 10.0.13.3
Timers: Hello 15 , Dead 60 , Poll 120 , Retransmit 5 , Transmit Delay 1
s:
The preceding information shows that R1 has only one neighbor, R2. Since
the OSPF hello intervals and dead intervals on R1 and R3 are different, R1
and R3 will fail to establish an OSPF neighbor relationship.
Learnin
Run the ospf timer command to change the OSPF hello interval and dead
interval on GE0/0/0 of R3 to 15s and 60s respectively.
or …output omitted…
Nov 30 2013 17:03:33+00:00 R3 %%01OSPF/4/NBR_CHANGE_E(l)[4]:Neighbor changes
http://
Cost: 1 State: DR Type: Broadcast MTU: 1500
Priority: 1
learning.huawei.com/
Designated Router: 10.0.13.3
Backup Designated Router: 10.0.13.1
Timers: Hello 15 , Dead 60 , Poll 120 , Retransmit 5 , Transmit Delay 1
Learnin
View routing tables of R1 and R2. You can see that R1 and R2 have learned
e Destinations : 16 Routes : 16
http://
10.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet0/0/1
10.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
learning.huawei.com/
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet0/0/0
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
<R2>display ip routing-table
Route Flags: R - relay, D - download to fib
Resource
Destination/Mask Proto Pre Cost Flags NextHop Interface
s:
0.0.0.0/0
10.0.1.1/32
O_ASE
OSPF1
150
0
1
1
D
D
10.0.12.1
10.0.12.1
GigabitEthernet0/0/1
GigabitEthernet0/0/1
10.0.2.0/24 Direct 0 0 D 10.0.2.2 LoopBack0
10.0.2.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.2.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
Learnin10.0.3.3/32
10.0.12.0/24
OSPF
Direct
10
0
2
0
D
D
10.0.12.1
10.0.12.2
GigabitEthernet0/0/1
GigabitEthernet0/0/1
g 10.0.12.2/32 Direct
10.0.12.255/32 Direct
0
0
0
0
D
D
127.0.0.1
127.0.0.1
GigabitEthernet0/0/1
GigabitEthernet0/0/1
10.0.13.0/24 OSPF 10 2 D 10.0.12.1 GigabitEthernet0/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
or 127.0.0.1/32 Direct
127.255.255.255/32 Direct
0
0
0
0
D
D
127.0.0.1
127.0.0.1
InLoopBack0
InLoopBack0
<R3>display ip routing-table
Route Flags: R - relay, D - download to fib
Resource
172.16.0.255/32 Direct 0 0 D 127.0.0.1 LoopBack2
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
s:
Run the ping command to test connectivity between R2 and Loopback2 at
172.16.0.1.
<R2>ping 172.16.0.1
Learnin
PING 172.16.0.1: 56 data bytes, press CTRL_C to break
Reply from 172.16.0.1: bytes=56 Sequence=1 ttl=254 time=47 ms
g
Reply from 172.16.0.1: bytes=56 Sequence=2 ttl=254 time=37 ms
Reply from 172.16.0.1: bytes=56 Sequence=3 ttl=254 time=37 ms
Reply from 172.16.0.1: bytes=56 Sequence=4 ttl=254 time=37 ms
Reply from 172.16.0.1: bytes=56 Sequence=5 ttl=254 time=37 ms
e 5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 37/39/47 ms
Run the display ospf peer command to view the DR and BDR of R1 and R3.
<R1>display ospf peer 10.0.3.3
http://
OSPF Process 1 with Router ID 10.0.1.1
Neighbors
learning.huawei.com/
Area 0.0.0.0 interface 10.0.13.1(GigabitEthernet0/0/0)'s neighbors
Router ID: 10.0.3.3 Address: 10.0.13.3
State: Full Mode:Nbr is Master Priority: 1
DR: 10.0.13.3 BDR: 10.0.13.1 MTU: 0
Dead timer due in 49 sec
Retrans timer interval: 5
Neighbor is up for 00:17:40
Authentication Sequence: [ 0 ]
The preceding information shows that R3 is the DR and R1 is the BDR. This
is because R3's router ID 10.0.3.3 is greater than R1's router ID 10.0.1.1. R1
and R3 use the default priority of 1, so their router IDs are used for DR or
BDR election.
Resource
Run the ospf dr-priority command to change DR priorities of R1 and R3.
[R1]interface GigabitEthernet 0/0/0
s:
[R1-GigabitEthernet0/0/0]ospf dr-priority 200
Learnin
A DR or BDR is elected in non-preemption mode, by default. After router
priorities are changed, a DR is not re-elected, so you must reset the OSPF
g neighbor relationship between R1 and R3.
Shut down and re-enable Gigabit Ethernet 0/0/0 interfaces on R1 and R3 to
reset the OSPF neighbor relationship between R1 and R3.
or [R3]interface GigabitEthernet0/0/0
e [R3-GigabitEthernet0/0/0]shutdown
[R1]interface GigabitEthernet0/0/0
[R1-GigabitEthernet0/0/0]shutdown
[R1-GigabitEthernet0/0/0]undo shutdown
[R3-GigabitEthernet0/0/0]undo shutdown
Run the display ospf peer command to view the DR and BDR of R1 and R3.
[R1]display ospf peer 10.0.3.3
http://
learning.huawei.com/
OSPF Process 1 with Router ID 10.0.1.1
Neighbors
Resource
Final Configuration
s:
<R1>display current-configuration
[V200R003C00SPC200]
#
sysname R1
#
interface GigabitEthernet0/0/0
Learnin
ip address 10.0.13.1 255.255.255.0
ospf dr-priority 200
or
ip address 10.0.12.1 255.255.255.0
#
e interface LoopBack0
ip address 10.0.1.1 255.255.255.0
#
http://
user-interface con 0
authentication-mode password
learning.huawei.com/
set authentication password cipher %$%$+L'YR&IZt'4,)>-*#lH",}%K-
oJ_M9+'lOU~bD (\WTqB}%N,%$%$
user-interface vty 0 4
#
return
<R2>display current-configuration
[V200R003C00SPC200]
#
sysname R2
#
interface GigabitEthernet0/0/1
ip address 10.0.12.2 255.255.255.0
#
interface LoopBack0
Resource
ip address 10.0.2.2 255.255.255.0
#
s:
ospf 1 router-id 10.0.2.2
area 0.0.0.0
network 10.0.2.0 0.0.0.255
network 10.0.12.0 0.0.0.255
#
Learnin
user-interface con 0
authentication-mode password
or return
<R3>display current-configuration
[V200R003C00SPC200]
#
sysname R3
#
interface GigabitEthernet0/0/0
http://
ip address 10.0.13.3 255.255.255.0
ospf dr-priority 100
learning.huawei.com/
ospf timer hello 15
#
interface LoopBack0
ip address 10.0.3.3 255.255.255.0
#
interface LoopBack2
ip address 172.16.0.1 255.255.255.0
#
ospf 1 router-id 10.0.3.3
default-route-advertise
area 0.0.0.0
network 10.0.3.0 0.0.0.255
network 10.0.13.0 0.0.0.255
#
ip route-static 0.0.0.0 0.0.0.0 LoopBack2
#
Resource
user-interface con 0
authentication-mode password
s:
set authentication password cipher %$%$ksXDMg7Ry6yUU:63:DQ),#/sQg"@*S\
U#.s.bHW xQ,y%#/v,%$%$
user-interface vty 0 4
#
return
Learnin
g
or
e
Topology
Tasks
If you are starting this section with a non-configured device, begin here and
http://
then move to step 2. For those continuing from previous labs, begin at step
2.
learning.huawei.com/
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R1
[R1]interface GigabitEthernet 0/0/1
[R1-GigabitEthernet0/0/1]ip address 10.0.12.1 24
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R2
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet0/0/1]ip address 10.0.12.2 24
Resource
Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=10 ms
s:
Reply from 10.0.12.2: bytes=56 Sequence=2 ttl=255 time=1 ms
Reply from 10.0.12.2: bytes=56 Sequence=3 ttl=255 time=1 ms
Reply from 10.0.12.2: bytes=56 Sequence=4 ttl=255 time=10 ms
Reply from 10.0.12.2: bytes=56 Sequence=5 ttl=255 time=1 ms
Learnin
--- 10.0.12.2 ping statistics ---
g
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/4/10 ms
server.
Configure user authorization for FTP users to access the server. Unauthorized
users will not be able to access the FTP server, reducing security risks.
[R1]aaa
http://
[R1-aaa]local-user huawei password cipher huawei
Info: Add a new user.
learning.huawei.com/
[R1-aaa]local-user huawei service-type ftp
[R1-aaa]local-user huawei privilege level 15
[R1-aaa]local-user huawei ftp-directory sd1:
[R1]display ftp-server
FTP server is running
Max user number 5
User count 0
Timeout value(in minute) 30
Listening port 21
Acl number 0
FTP server's source address 0.0.0.0
Resource
Step 3 Establish an FTP client connection
s:
Establish a connection to the FTP Server from R2.
<R2>ftp 10.0.12.1
Trying 10.0.12.1 ...
Press CTRL+K to abort
Learnin
Connected to 10.0.12.1.
220 FTP service ready. User(10.0.12.1:
g (none)):huawei
331 Password required for huawei.
Enter password:
or
230 User logged in.
e
[R2-ftp]
Following entry of the correct user name and password, the FTP server can be
successfully logged into.
Run the dir command before downloading a file or after uploading a file to
view the detailed information of the file.
[R2-ftp]dir
200 Port command okay.
150 Opening ASCII mode data connection for *.
-rwxrwxrwx 1 noone nogroup 286620 Mar 14 09:22 sacrule.dat
-rwxrwxrwx 1 noone
-rwxrwxrwx 1 noone
nogroup
nogroup
http://
512000 Nov 28 14:39 mon_file.txt
48128 Oct 10 2011 ar2220_v200r001sph001.pat
-rwxrwxrwx 1 noone
-rwxrwxrwx 1 noone
nogroup
nogroup
learning.huawei.com/
120 Dec 28 2012 iascfg.zip
699 Nov 28 17:52 vrpcfg.zip
-rwxrwxrwx 1 noone nogroup 93871872 Mar 14 09:13 ar2220-v200r003c00spc200.cc
-rwxrwxrwx 1 noone nogroup 512000 Nov 28 14:40 mon_lpu_file.txt
226 Transfer complete.
FTP: 836 byte(s) received in 0.976 second(s) 856.55byte(s)/sec.
[R2-ftp]binary
200 Type set to I.
Retrieve a file from the FTP server. Note: If the vrpcfg.zip file is not present in
the sd1: directory of R1, use the save command on R1 to create it.
Resource
200 Port command okay.
150 Opening BINARY mode data connection for vrpcfg.zip.
s:
226 Transfer complete.
FTP: 120 byte(s) received in 0.678 second(s) 176.99byte(s)/sec.
After downloading the file from FTP server, use the bye command to close the
connection
Learnin
g
[R2-ftp]bye
221 Server closing.
<R2>dir
or Directory of sd1:/
e Idx Attr
0 -rw-
Size(Byte) Date Time(LMT) FileName
286,620 Mar 14 2013 09:05:14 sacrule.dat
1 -rw- 512,000 Nov 30 2013 03:47:04 mon_file.txt
3 -rw- 48,128 Oct 10 2011 12:30:26 ar2220_v200r001sph001.pat
http://
A file can be uploaded to the FTP server by using the command put, for which
a new file name can also be assigned.
[R2-ftp]put vrpnew.zip vrpnew2.zip
200 Port command okay.
learning.huawei.com/
150 Opening BINARY mode data connection for vrpnew2.zip.
226 Transfer complete.
FTP: 120 byte(s) sent in 0.443 second(s) 270.88byte(s)/sec.
After uploading the file, check for the presence of the file on FTP server.
<R1>dir
Directory of sd1:/
Learnin
Remove the created vrpnew.zip and vrpnew2.zip files on R1 and R2.
<R1>delete sd1:/vrpnew2.zip
or
<R2>delete sd1:/vrpnew.zip
Delete sd1:/vrpnew.zip? (y/n)[n]:y
e
Info: Deleting file sd1:/vrpnew.zip...succeed.
Note: Please take exteme care when deleting the configuration files so to
ensure that the entire sd1:/ directory of R1 and R2 is not erased.
Final Configuration
<R1>display current-configuration
[V200R003C00SPC200]
#
sysname R1
ftp server enable
http://
learning.huawei.com/
set default ftp-directory sd1:
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$=i~>Xp&aY+*2cEVcS-A23Uwe%$%$
local-user admin service-type http
local-user huawei password cipher %$%$f+~&ZkCn]NUX7m.t;tF9R48s%$%$
local-user huawei privilege level 15
local-user huawei ftp-directory sd1:
local-user huawei service-type ftp
#
interface GigabitEthernet0/0/1
Resource
ip address 10.0.12.1 255.255.255.0
#
s:
user-interface con 0
authentication-mode password
set authentication password cipher %$%$+L'YR&IZt'4,)>-*#lH",}%K-
oJ_M9+'lOU~bD (\WTqB}%N,%$%$
user-interface vty 0 4
Learnin
#
return
g <R2>display current-configuration
[V200R003C00SPC200]
#
or sysname R2
ftp server enable
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$=i~>Xp&aY+*2cEVcS-A23Uwe%$%$
local-user admin service-type http
http://
local-user huawei password cipher %$%$<;qM3D/O;ZLqy/"&6wEESdg$%$%$
local-user huawei privilege level 15
learning.huawei.com/
local-user huawei ftp-directory sd1:
local-user huawei service-type ftp
#
interface GigabitEthernet0/0/1
ip address 10.0.12.2 255.255.255.0
#
user-interface con 0
authentication-mode password
set authentication password cipher
%$%$1=cd%b%/O%Id-8X:by1N,+s}'4wD6TvO<I|/pd# #44C@+s#,%$%$
user-interface vty 0 4
#
return
Resource
s:
Learnin
g
or
e
Learning Objectives
As a result of this lab section, you should achieve the following tasks:
http://
Configuration of a global DHCP pool.
learning.huawei.com/
Configuration of an interface based DHCP pool.
Enable DHCP discovery and IP allocation for switch interfaces.
Method of global address pool configuration.
Method of interface address pool configuration.
Topology
Resource
s:
Figure 5.2 DHCP topology
Learnin
Scenario
g As the administrator of an enterprise you have been tasked with implementing
DHCP application services within the network. The gateway router in the
Tasks
If you are starting this section with a non-configured device, begin here and
http://
then move to step 3. For those continuing from previous labs, begin at step 2.
learning.huawei.com/
Establish the addressing for the lab and temporarily shut down the interfaces
Gigabit Ethernet 0/0/2 of R1 and Gigabit Ethernet 0/0/1 of R3.
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R1
[R1]interface GigabitEthernet 0/0/1
[R1-GigabitEthernet0/0/1]ip address 10.0.12.1 24
[R1-GigabitEthernet0/0/1]quit
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R3
[R3]interface GigabitEthernet 0/0/1
[R3-GigabitEthernet0/0/1]ip address 10.0.12.3 24
[R3-GigabitEthernet0/0/1]shutdown
[R3-GigabitEthernet0/0/1]quit
Resource
[R3]interface GigabitEthernet 0/0/2
s:
[R3-GigabitEthernet0/0/2]ip address 10.0.23.3 24
<Quidway>system-view
Enter system view, return user view with Ctrl+Z.
[Quidway]sysname S1
Learnin
g
<Quidway>system-view
Enter system view, return user view with Ctrl+Z.
[Quidway]sysname S2
or
e
http://
Step 3 Additional configuration
learning.huawei.com/
Disable the port interfaces between S1 and S2 as well as other interfaces to
prevent interference from other devices.
Resource
[S2]interface GigabitEthernet 0/0/9
s:
[S2-GigabitEthernet0/0/9]shutdown
[S2-GigabitEthernet0/0/9]quit
[S2]interface GigabitEthernet 0/0/10
[S2-GigabitEthernet0/0/10]shutdown
[S2-GigabitEthernet0/0/10]quit
Learnin
[S2]interface GigabitEthernet 0/0/23
[S2-GigabitEthernet0/0/23]shutdown
g
[S2-GigabitEthernet0/0/23]quit
[S2]interface GigabitEthernet 0/0/24
[S2-GigabitEthernet0/0/24]shutdown
e [R1-GigabitEthernet0/0/2]shutdown
Verify that Gigabit Ethernet interfaces 0/0/9, 0/0/10, 0/0/13 and 0/0/14, have
been shut down on S1 and that Gigabit Ethernet interfaces 0/09, 0/0/10,
0/0/23 and 0/0/24 have been shut down on S2.
http://
Interface PHY Protocol InUti OutUti inErrors outErrors
GigabitEthernet0/0/1 up up 0.01% 0.01% 0 0
learning.huawei.com/
GigabitEthernet0/0/2 up up 0.01% 0.01% 0 0
GigabitEthernet0/0/3 down down 0% 0% 0 0
GigabitEthernet0/0/4 up up 0% 0.01% 0 0
GigabitEthernet0/0/5 up up 0% 0.01% 0 0
GigabitEthernet0/0/6 down down 0% 0% 0 0
GigabitEthernet0/0/7 down down 0% 0% 0 0
GigabitEthernet0/0/8 down down 0% 0% 0 0
GigabitEthernet0/0/9 *down down 0% 0% 0 0
GigabitEthernet0/0/10 *down down 0% 0% 0 0
GigabitEthernet0/0/11 down down 0% 0% 0 0
GigabitEthernet0/0/12 down down 0% 0% 0 0
GigabitEthernet0/0/13 *down down 0% 0% 0 0
GigabitEthernet0/0/14 *down down 0% 0% 0 0
…output omitted…
Resource
…output omitted…
GigabitEthernet0/0/9 *down down 0% 0% 0 0
s:
GigabitEthernet0/0/10
GigabitEthernet0/0/11
*down
up
down
up
0%
0.01%
0%
0.01%
0
0
0
0
GigabitEthernet0/0/12 up up 0.01% 0.01% 0 0
GigabitEthernet0/0/13 up up 0% 0.01% 0 0
GigabitEthernet0/0/14 down down 0% 0% 0 0
Learnin
GigabitEthernet0/0/15 down down 0% 0% 0 0
GigabitEthernet0/0/16 down down 0% 0% 0 0
g
GigabitEthernet0/0/17 down down 0% 0% 0 0
GigabitEthernet0/0/18 down down 0% 0% 0 0
GigabitEthernet0/0/19 down down 0% 0% 0 0
GigabitEthernet0/0/20 down down 0% 0% 0 0
or GigabitEthernet0/0/21
GigabitEthernet0/0/22
down
down
down
down
0%
0%
0%
0%
0
0
0
0
e GigabitEthernet0/0/23
GigabitEthernet0/0/24
*down
*down
down
down
0%
0%
0%
0%
0
0
0
0
…output omitted…
Verify that only interface Gigabit Ethernet 0/0/2 is disabled on R1 and that
only interface Gigabit Ethernet 0/0/1 is disabled on R3.
http://
GigabitEthernet0/0/2 10.0.23.1/24 *down down
…output omitted…
The DHCP service is not enabled by default, enable the DHCP service on
the router(s).
[R1]dhcp enable
[R3]dhcp enable
Learnin
[R1-ip-pool-pool1]network 10.0.12.0 mask 24
[R1-ip-pool-pool1]gateway-list 10.0.12.1
e
Info: It's successful to create an IP address pool.
[R3-ip-pool-pool2]network 10.0.23.0 mask 24
[R3-ip-pool-pool2]gateway-list 10.0.23.3
[R3-ip-pool-pool2]lease day 1 hour 12
Run the display ip pool name <name> command on the router to view the
assigned IP address pool configuration parameters.
<R1>display ip pool name pool1
Pool-name
Pool-No
: pool1
: 0
http://
Lease
Domain-name
learning.huawei.com/
: 1 Days 12 Hours 0 Minutes
: -
DNS-server0 : -
NBNS-server0 : -
Netbios-type : -
Position : Local Status : Unlocked
Gateway-0 : 10.0.12.1
Mask : 255.255.255.0
VPN instance : --
Resource
Configure the default management interface for S1 to request an IP address
from the DHCP server (R1). Perform the same steps on S2 for R3.
s:
[S1]dhcp enable
[S1]interface Vlanif 1
[S1-Vlanif1]ip address dhcp-alloc
Learnin
<S1>display ip interface brief
…output omitted…
g Interface
MEth0/0/1
IP Address/Mask
unassigned
Physical
down
Protocol
down
NULL0 unassigned up up(s)
or
Vlanif1 10.0.12.254/24 up up
Verify that this address was taken from the DHCP pool named pool1 on R1,
and for S2, from the DHCP pool named pool2 on R3.
http://
Lease : 1 Days 12 Hours 0 Minutes
Domain-name : -
learning.huawei.com/
DNS-server0 : -
NBNS-server0 : -
Netbios-type : -
Position : Local Status : Unlocked
Gateway-0 : 10.0.12.1
Mask : 255.255.255.0
VPN instance : --
Resource
Pool-No : 0
Lease : 1 Days 12 Hours 0 Minutes
Domain-name
DNS-server0s: :
: -
-
NBNS-server0 : -
Netbios-type : -
Position : Local Status : Unlocked
Learnin
Gateway-0
Mask
: 10.0.23.3
: 255.255.255.0
g VPN instance : --
e
Ensure that global pool configuration has been completed for both R1 and R3
before continuing!
Disable the interface Gigabit Ethernet 0/0/1 R1. For R3 disable interface
Gigabit Ethernet 0/0/2.
[R1]interface GigabitEthernet 0/0/1
[R1-GigabitEthernet0/0/1]shutdown
http://
[R3]interface GigabitEthernet 0/0/2
[R3-GigabitEthernet0/0/2]shutdown
learning.huawei.com/
Configure an interface address pool to allow the clients connected via Gigabit
Ethernet 0/0/2 of R1 to obtain IP addresses. Perform the same operation for
Gigabit Ethernet 0/0/1 of R3. Do not enable these interfaces, as we do not yet
wish to activate the DHCP service on the network.
[R1]interface GigabitEthernet 0/0/2
[R1-GigabitEthernet0/0/2]dhcp select interface
Isolate addresses from the pool GigabitEthernet0/0/2 for R1, and the pool
GigabitEthernet0/0/1 for R3, for DNS services. Additionally, set the IP address
Resource
lease period for the interface address pool.
[R1-GigabitEthernet0/0/2]dhcp server dns-list 10.0.23.254
s:
[R1-GigabitEthernet0/0/2]dhcp server excluded-ip-address 10.0.23.254
[R1-GigabitEthernet0/0/2]dhcp server lease day 1 hour 12
Learnin
[R3-GigabitEthernet0/0/1]dhcp server lease day 1 hour 12
g Run the display ip pool interface command on the router to view the
configured parameters of the interface address pool. For R3 the interface is
Gigabit Ethernet 0/0/1.
e Pool-name
Pool-No
: GigabitEthernet0/0/2
: 1
Lease : 1 Days 12 Hours 0 Minutes
Domain-name : -
DNS-server0 : 10.0.23.254
NBNS-server0 : -
Netbios-type : -
Position : Interface Status : Unlocked
Gateway-0 : 10.0.23.1
Mask : 255.255.255.0
http://
VPN instance : --
learning.huawei.com/
Start End Total Used Idle(Expired) Conflict Disable
Flush the existing Vlanif1 address from S2 to allow for dynamic allocation of a
new IP address from the interface GigabitEthernet0/0/2 pool.
[S2]interface Vlanif 1
[S2-Vlanif1]shutdown
[S2-Vlanif1]undo shutdown
Enable interface Gigabit Ethernet 0/0/2 to allow the DHCP server to become
active on the network and to begin sending DHCP discover messages.
[R1]interface GigabitEthernet0/0/2
[R1-GigabitEthernet0/0/2]undo shutdown
Resource
<R1>display ip pool interface GigabitEthernet0/0/2
Pool-name
Pool-No
s: : GigabitEthernet0/0/2
: 1
Lease : 1 Days 12 Hours 0 Minutes
Domain-name : -
DNS-server0 : 10.0.23.254
Learnin
NBNS-server0 : -
Netbios-type : -
g Position
Gateway-0
: Interface
: 10.0.23.1
Status : Unlocked
Mask : 255.255.255.0
or
VPN instance : --
e
Start End Total Used Idle(Expired) Conflict Disable
http://
The interface Vlanif1 shows to have been allocated an address from the
GigabitEthernet0/0/2 address pool of R1.
learning.huawei.com/
Flush the existing Vlanif1 address from S1 to allow for dynamic allocation of a
new IP address from the interface GigabitEther0/0/1 pool.
[S1]interface Vlanif 1
[S1-Vlanif1]shutdown
[S1-Vlanif1]undo shutdown
Enable interface Gigabit Ethernet 0/0/1 to allow the DHCP server to become
active on the network and to begin sending DHCP discover messages.
Verify that the new IP address as been allocated from the interface pool.
Resource
<R3>display ip pool interface GigabitEthernet0/0/1
Pool-name
Pool-No
s: : GigabitEthernet0/0/1
: 1
Lease : 1 Days 12 Hours 0 Minutes
Domain-name : -
DNS-server0 : 10.0.12.254
Learnin
NBNS-server0 : -
g
Netbios-type : -
Position : Interface Status : Unlocked
Gateway-0 : 10.0.12.3
Mask : 255.255.255.0
or VPN instance : --
http://
It should also be noted that a default static route pointing to the DHCP server is
learning.huawei.com/
automatically generated by the switch, as seen in the final configuration below.
Final Configuration
[R1]display current-configuration
[V200R003C00SPC200]
#
sysname R1
#
dhcp enable
#
ip pool pool1
gateway-list 10.0.12.1
network 10.0.12.0 mask 255.255.255.0
lease day 1 hour 12 minute 0
#
Resource
interface GigabitEthernet0/0/1
shutdown
s:
ip address 10.0.12.1 255.255.255.0
dhcp select global
#
interface GigabitEthernet0/0/2
ip address 10.0.23.1 255.255.255.0
Learnin
dhcp select interface
g
dhcp server excluded-ip-address 10.0.23.254
dhcp server lease day 1 hour 12 minute 0
dhcp server dns-list 10.0.23.254
#
or user-interface con 0
authentication-mode password
[R3]dis current-configuration
[V200R003C00SPC200]
#
sysname R3
#
http://
dhcp enable
#
learning.huawei.com/
ip pool pool2
gateway-list 10.0.23.3
network 10.0.23.0 mask 255.255.255.0
lease day 1 hour 12 minute 0
#
interface GigabitEthernet0/0/1
ip address 10.0.12.3 255.255.255.0
dhcp select interface
dhcp server excluded-ip-address 10.0.12.254
dhcp server lease day 1 hour 12 minute 0
dhcp server dns-list 10.0.12.254
#
interface GigabitEthernet0/0/2
shutdown
ip address 10.0.23.3 255.255.255.0
dhcp select global
Resource
#
user-interface con 0
s:
authentication-mode password
set authentication password cipher %$%$ksXDMg7Ry6yUU:63:DQ),#/sQg"@*S\
U#.s.bHW xQ,y%#/v,%$%$
user-interface vty 0 4
#
Learnin
return
g <S1>dis current-configuration
#
!Software Version V100R006C00SPC800
sysname S1
or #
dhcp enable
e #
interface Vlanif1
ip address dhcp-alloc
#
Resource
s:
Learnin
g
or
e
Methods to get the E-learning privilege : submit Huawei Account and email being used for
Huawei Account registration to [email protected] .
2、 Training Material Download
Content: Huawei product training material and Huawei career certification training
material
Method:Logon http://learning.huawei.com/en and enter HuaWei Training/Classroom Training ,then
you can download training material in the specific training introduction page.
3、 Priority to participate in Huawei Online Open Class(LVC)
Content:The Huawei career certification training covering all ICT technical domains like
R&S, UC&C, Security, Storage and so on, which are conducted by Huawei
professional instructors
s:
eNSP (Enterprise Network Simulation Platform) is a graphical network simulation tool which is
developed by Huawei and free of charge. eNSP mainly simulates enterprise routers,
switches as close to the real hardware as it possible, which makes the lab practice
available and easy without any real device.
In addition, Huawei has built up Huawei Technical Forum which allows candidates to discuss
Learnin
g
Huawei experts , share exam experiences with others or be acquainted with Huawei
Products( http://support.huawei.com/ecommunity/)
Mo
HUAWEI TECHNOLOGIES CO., LTD. Huawei
Confidential
1