问题描述:
华为设备替换华三设备需变更配置;求大佬检查一遍;
组网及组网描述:
- 2022-07-18提问
- 举报
-
(0)
zhiliao_juDMG
知了小白
| <HEB-SDN-C2-A20-PE01>dis current-configuration | ||
| sysname HEB-SDN-C2-A20-PE01 | ||
| # | ||
| undo ftp server source all-interface | ||
| undo ftp ipv6 server source all-interface | ||
| # | ||
| info-center loghost source LoopBack0 | //需要核实(命令支持) | |
| info-center loghost 10.33.2.158 port 5044 facility local5 | ||
| info-center loghost 10.11.1.3 facility local3 | ||
| info-center loghost 10.11.1.6 | ||
| # | ||
| system resource standard | ||
| # | ||
| device board 1 board-type CE6857-48S6CQ-EI | ||
| # | ||
| drop-profile default | ||
| # | ||
| dcb pfc | ||
| # | ||
| dcb ets-profile default | ||
| # | ||
| ntp server source-interface all disable | ||
| ntp ipv6 server source-interface all disable | ||
| # | ||
| vlan reserved 4060 | ||
| # | ||
| vlan reserved for main-interface 4000 to 4050 | ||
| # | ||
| vlan batch 2 4091 to 4094 | ||
| # | ||
| stp disable | ||
| # | ||
| evpn-overlay enable | ||
| # | ||
| router id 10.2.0.46 | ||
| # | ||
| telnet server disable | ||
| telnet ipv6 server disable | ||
| undo telnet server-source all-interface | ||
| undo telnet ipv6 server-source all-interface | ||
| # | ||
| diffserv domain default | ||
| # | ||
| ip vpn-instance HDM | ||
| # | ||
| bfd | ||
| # | ||
| mpls lsr-id 10.2.0.46 | ||
| # | ||
| mpls | ||
| label advertise non-null | ||
| mpls | ||
| # | ||
| traffic classifier test type or | ||
| if-match any | ||
| # | ||
| traffic behavior test | ||
| statistics enable | ||
| car cir 10000 kbps | ||
| # | ||
| traffic policy test | ||
| # | ||
| aaa | ||
| undo local-user policy security-enhance | ||
| local-user ceni_heb password irreversible-cipher ceni_heb@2019 //重新添加 | ||
| local-user ceni_heb service-type ssh | ||
| local-user ceni_heb level 3 | ||
| local-user ceni_sftp password irreversible-cipher $1c$}D7T;5(DMJ$;<!ASN$3@S.'cu*U6,9AbxJO*RJFm'xTYWSIpL'F$ | ||
| local-user ceni_sftp service-type ssh | ||
| local-user ceni_sftp level 3 | ||
| local-user nms_admin password irreversible-cipher $1c$8N~nHYHbUA$F2ug!ftaR<D.qy3=1p#V}*2d>-RO\$qQA}W~rE#H$ | ||
| local-user nms_admin service-type ssh | ||
| local-user nms_admin level 3 | ||
| # | ||
| authentication-scheme default | ||
| # | ||
| authorization-scheme default | ||
| # | ||
| accounting-scheme default | ||
| # | ||
| domain default | ||
| # | ||
| domain default_admin | ||
| # | ||
| stack | ||
| # | ||
| license | ||
| # | ||
| isis 10 | ||
| is-level level-2 | ||
| cost-style wide | ||
| timer lsp-generation 1 50 50 level-2 | ||
| flash-flood level-2 | ||
| bfd all-interfaces enable | ||
| bfd all-interfaces min-tx-interval 100 min-rx-interval 100 frr-binding | ||
| network-entity 49.0001.0100.0200.0045.00 | ||
| is-name HEB-SDN-C2-A20-PE01 | ||
| timer spf 1 50 50 | ||
| set-overload on-startup send-sa-bit 120 allow external | ||
| frr | ||
| loop-free-alternate level-2 | ||
| # | ||
| interface Vlanif4091 | ||
| description manager | ||
| ip address 10.1.4.97 255.255.255.240 | ||
| # | ||
| interface Vlanif4092 | ||
| description control | ||
| ip address 10.2.1.97 255.255.255.240 | ||
| # | ||
| interface Vlanif4093 | ||
| description data | ||
| ip address 10.3.3.97 255.255.255.240 | ||
| # | ||
| interface Vlanif4094 | ||
| description Internet | ||
| ip address 10.4.1.97 255.255.255.240 | ||
| # | ||
| interface MEth0/0/0 | ||
| # | ||
| interface 10GE1/0/1 | ||
| undo portswitch | ||
| description to HEB-SDN-C2-A20-VXLAN.SW-S6860-10GE1/0/25 | ||
| # | ||
| interface 10GE1/0/1.4091 | ||
| description to Manage | ||
| ip address 10.1.8.161 255.255.255.224 | ||
| isis enable 10 | ||
| isis silent //需要核实(命令支持) | ||
| # vlan-type dot1q vid 4091 //需要核实(不需要,删除) | ||
| # | ||
| interface 10GE1/0/1.4092 | ||
| description to HDM | ||
| ip binding vpn-instance HDM //需要核实(命令支持) | ||
| ip address 10.2.5.161 255.255.255.224 | ||
| # vlan-type dot1q vid 4092 //需要核实(不需要,删除) | ||
| # | ||
| interface 10GE1/0/2 | ||
| description to HEB-SDN-C2-A20-SW01-Manager-10GE1/0/1 | ||
| port link-type trunk | ||
| undo port trunk allow-pass vlan 1 | ||
| port trunk allow-pass vlan 4091 to 4094 | ||
| device transceiver 10GBASE-FIBER | ||
| # | ||
| interface 10GE1/0/3 | ||
| description to HEB-SDN-C2-A20-SW01-Manager-10GE1/0/2 | ||
| shutdown | ||
| device transceiver 10GBASE-FIBER | ||
| # | ||
| interface 10GE1/0/4 | ||
| description to HEB-SDN-C2-A20-FW01-GE1/0/0 | ||
| port link-type trunk | ||
| undo port trunk allow-pass vlan 1 | ||
| port trunk allow-pass vlan 4091 | ||
| device transceiver 1000BASE-X | ||
| # | ||
| interface 10GE1/0/5 | ||
| device transceiver 10GBASE-FIBER | ||
| # | ||
| interface 10GE1/0/6 | ||
| device transceiver 10GBASE-FIBER | ||
| # | ||
| interface 10GE1/0/7 | ||
| device transceiver 10GBASE-FIBER | ||
| # | ||
| interface 10GE1/0/8 | ||
| device transceiver 10GBASE-FIBER | ||
| # | ||
| interface 10GE1/0/9 | ||
| device transceiver 10GBASE-FIBER | ||
| # | ||
| interface 10GE1/0/10 | ||
| device transceiver 10GBASE-FIBER | ||
| # | ||
| interface 10GE1/0/11 | ||
| device transceiver 10GBASE-FIBER | ||
| # | ||
| interface 10GE1/0/12 | ||
| device transceiver 10GBASE-FIBER | ||
| # | ||
| interface 10GE1/0/13 | ||
| device transceiver 10GBASE-FIBER | ||
| # | ||
| interface 10GE1/0/14 | ||
| device transceiver 10GBASE-FIBER | ||
| # | ||
| interface 10GE1/0/15 | ||
| device transceiver 10GBASE-FIBER | ||
| # | ||
| interface 10GE1/0/16 | ||
| device transceiver 10GBASE-FIBER | ||
| # | ||
| interface 10GE1/0/17 | ||
| # | ||
| interface 10GE1/0/18 | ||
| device transceiver 10GBASE-FIBER | ||
| # | ||
| interface 10GE1/0/19 | ||
| device transceiver 10GBASE-FIBER | ||
| # | ||
| interface 10GE1/0/20 | ||
| # | ||
| interface 10GE1/0/21 | ||
| # | ||
| interface 10GE1/0/22 | ||
| # | ||
| interface 10GE1/0/23 | ||
| # | ||
| interface 10GE1/0/24 | ||
| # | ||
| interface 10GE1/0/25 | ||
| # | ||
| interface 10GE1/0/26 | ||
| # | ||
| interface 10GE1/0/27 | ||
| # | ||
| interface 10GE1/0/28 | ||
| # | ||
| interface 10GE1/0/29 | ||
| # | ||
| interface 10GE1/0/30 | ||
| # | ||
| interface 10GE1/0/31 | ||
| # | ||
| interface 10GE1/0/32 | ||
| # | ||
| interface 10GE1/0/33 | ||
| # | ||
| interface 10GE1/0/34 | ||
| # | ||
| interface 10GE1/0/35 | ||
| # | ||
| interface 10GE1/0/36 | ||
| # | ||
| interface 10GE1/0/37 | ||
| # | ||
| interface 10GE1/0/38 | ||
| # | ||
| interface 10GE1/0/39 | ||
| # | ||
| interface 10GE1/0/40 | ||
| # | ||
| interface 10GE1/0/41 | ||
| # | ||
| interface 10GE1/0/42 | ||
| loopback internal | ||
| # | ||
| interface 10GE1/0/43 | ||
| undo portswitch | ||
| statistics enable | ||
| loopback internal | ||
| # | ||
| interface 10GE1/0/44 | ||
| loopback internal | ||
| # | ||
| interface 10GE1/0/45 | ||
| undo portswitch | ||
| loopback internal | ||
| # | ||
| interface 10GE1/0/46 | ||
| # | ||
| interface 10GE1/0/47 | ||
| # | ||
| interface 10GE1/0/48 | ||
| # | ||
| interface 100GE1/0/1 | ||
| undo portswitch | ||
| mtu 9000 | ||
| description TO HEB-SDN-C2-A20-P01_HGE1/0/1 | ||
| ip address 10.5.0.114 255.255.255.252 | ||
| isis enable 10 | ||
| isis circuit-type p2p | ||
| isis circuit-level level-2 | ||
| isis authentication-mode md5 cipher //重新添加 | ||
| isis small-hello | ||
| device transceiver 100GBASE-FIBER | ||
| isis bfd enable //需要核实(命令支持) | ||
| mpls | //需要核实(命令支持) | |
| # mpls te enable | //需要核实(不支持,删除) | |
| # ip mtu 9000 | //需要核实(删除,同mtu 9000) | |
| ipv6 mtu 9000 | //需要核实(命令支持) | |
| # bfd min-transmit-interval 100 | //需要核实(不支持,删除,ISIS进程内已经开启所有接口BFD功能) | |
| # bfd min-receive-interval 100 | //需要核实(不支持,删除) | |
| # bfd detect-multiplier 3 | //需要核实(不支持,删除) | |
| # | ||
| interface 100GE1/0/2 | ||
| # | ||
| interface 100GE1/0/3 | ||
| # | ||
| interface 100GE1/0/4 | ||
| # | ||
| interface 100GE1/0/5 | ||
| # | ||
| interface 100GE1/0/6 | ||
| # | ||
| interface LoopBack0 | ||
| description for_Management | ||
| ip address 10.2.0.45 255.255.255.255 | ||
| isis enable 10 | ||
| # | ||
| interface LoopBack1 | ||
| description for_Service | ||
| ip address 10.2.0.46 255.255.255.255 | ||
| isis enable 10 | ||
| # isis prefix-sid index 19942 no-php | //需要核实(不支持,删除) | |
| # | ||
| bgp 137749 | ||
| # non-stop-routing | //需要核实(不支持,删除) | |
| router-id 10.2.0.46 | ||
| group RR internal | ||
| peer RR connect-interface LoopBack1 | ||
| peer RR password cipher | //需要重配 | |
| peer 10.1.0.2 as-number 137749 | ||
| peer 10.1.0.2 group RR | ||
| peer 10.1.0.6 as-number 137749 | ||
| peer 10.1.0.6 group RR | ||
| # | ||
| ipv4-family unicast | ||
| peer RR enable | ||
| peer 10.1.0.2 enable | ||
| peer 10.1.0.2 group RR | ||
| peer 10.1.0.6 enable | ||
| peer 10.1.0.6 group RR | ||
| # | ||
| l2vpn-family evpn | ||
| peer RR enable | ||
| peer RR advertise-community | ||
| peer RR next-hop-local | //需要核实(命令支持) | |
| peer RR advertise encap-type mpls | //需要核实(命令支持) | |
| peer 10.1.0.2 enable | ||
| peer 10.1.0.2 group RR | ||
| peer 10.1.0.6 enable | ||
| peer 10.1.0.6 group RR | ||
| # | ||
| #segment-routing | //需要核实(不支持,删除) | |
| # | ||
| snmp-agent community read ceni_public | ||
| snmp-agent sys-info version all | ||
| snmp-agent group v3 admin_123 privacy | ||
| snmp-agent group v3 ceni_public privacy | ||
| snmp-agent group v3 snmpv3 write-view ViewDefault | ||
| snmp-agent group v3 terra-monitor-group privacy | ||
| snmp-agent target-host trap address udp-domain 10.11.1.6 params securityname admin_123 v3 privacy | ||
| snmp-agent target-host trap address udp-domain 10.11.1.5 params securityname ceni_public | ||
| snmp-agent target-host trap address udp-domain 192.168.11.253 params securityname ceni_public | ||
| snmp-agent target-host trap address udp-domain 10.33.2.158 udp-port 60162 params securityname public v2c | ||
| snmp-agent target-host trap address udp-domain 10.255.1.34 udp-port 9317 params securityname admin_123 v3 privacy | ||
| snmp-agent usm-user v3 admin_123 admin_123 simple authentication-mode md5 cipher 123_admin | ||
| snmp-agent usm-user v3 admin_123 privacy-mode des56 cipher 123_admin | ||
| snmp-agent usm-user v3 ceni_public ceni_public authentication-mode md5 *** | ||
| snmp-agent usm-user v3 terra-monitor terra-monitor authentication-mode sha *** privacy-mode des56 *** | ||
| snmp-agent trap enable feature-name arp | ||
| snmp-agent trap enable feature-name l2vpn | ||
| snmp-agent trap enable feature-nam radius | ||
| snmp-agent trap enable feature-name bfd | ||
| snmp-agent trap enable feature-name bgp | ||
| snmp-agent trap enable feature-name configuration | ||
| snmp-agent trap enable feature-name isis | ||
| snmp-agent trap enable feature-name l3vpn | ||
| snmp-agent trap enable feature-name ldp | ||
| snmp-agent trap enable feature-name system | ||
| snmp-agent trap source LoopBack0 | ||
| # | ||
| undo snmp-agent proxy protocol source-status all-interface | ||
| undo snmp-agent proxy protocol source-status ipv6 all-interface | ||
| # | ||
| lldp enable | ||
| # | ||
| ssh server enable | ||
| stelnet server enable | ||
| sftp server enable | ||
| snetconf server enable | ||
| ssh user ceni_sftp | ||
| ssh user ceni_sftp authentication-type password | ||
| ssh user ceni_sftp service-type sftp | ||
| ssh user ceni_sftp sftp-directory flash:/ | ||
| ssh user ceni_heb | ||
| ssh user ceni_heb authentication-type password | ||
| ssh user ceni_heb service-type snetconf stelnet | ||
| ssh user nms_admin | ||
| ssh user nms_admin authentication-type password | ||
| ssh user nms_admin service-type all | ||
| ssh user nms_admin sftp-directory flash:/ | ||
| ssh server-source all-interface | ||
| ssh ipv6 server-source all-interface | ||
| ssh authorization-type default aaa | ||
| # | ||
| //ssh server cipher aes256_ctr aes128_ctr | ||
| //ssh server hmac sha2_256_96 sha2_256 sha1_96 | ||
| //ssh server key-exchange dh_group_exchange_sha256 dh_group_exchange_sha1 ecdh_sha2_nistp256 ecdh_sha2_nistp384 ecdh_sha2_nistp521 sm2_kep | ||
| # | ||
| //ssh server publickey dsa ecc rsa | ||
| # | ||
| //ssh server dh-exchange min-len 2048 | ||
| # | ||
| ssh client first-time enable | ||
| ssh client peer 10.1.0.21 assign ecc-key 10.1.0.21 | ||
| ssh client peer 172.5.0.41 assign ecc-key 172.5.0.41 | ||
| # | ||
| ssh client publickey dsa ecc rsa | ||
| # | ||
| ssh client cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr aes256_cbc aes128_cbc 3des_cbc | ||
| ssh client hmac sha2_512 sha2_256_96 sha2_256 sha1 sha1_96 md5 md5_96 | ||
| ssh client key-exchange dh_group_exchange_sha256 dh_group_exchange_sha1 dh_group14_sha1 dh_group1_sha1 ecdh_sha2_nistp256 ecdh_sha2_nistp384 ecdh_sha2_nistp521 sm2_kep | ||
| # | ||
| ping mac enable | ||
| # | ||
| user-interface con 0 | ||
| authentication-mode password | ||
| set authentication password cipher $1c$K],M:7$/O"$[r(k3vImnHxJPh84'KR*WK.H,srvz%5NY|#>vAYS$ | ||
| # | ||
| user-interface vty 0 4 | ||
| authentication-mode aaa | ||
| protocol inbound ssh | ||
| # | ||
| vm-manager | ||
| # | ||
| http | ||
| # | ||
| return |
- 2022-07-18回答
- 评论(0)
- 举报
-
(0)
编辑答案
➤
✖
亲~登录后才可以操作哦!
确定
✖
✖
你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
✖
举报
×
侵犯我的权益
>
对根叔社区有害的内容
>
辱骂、歧视、挑衅等(不友善)
侵犯我的权益
×
侵犯了我企业的权益
>
抄袭了我的内容
>
诽谤我
>
辱骂、歧视、挑衅等(不友善)
骚扰我
侵犯了我企业的权益
×
您好,当您发现根叔知了上有关于您企业的造谣与诽谤、商业侵权等内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到 pub.zhiliao@h3c.com 邮箱,我们会在审核后尽快给您答复。
- 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
- 3. 是哪家企业?(营业执照,单位登记证明等证件)
- 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
我们认为知名企业应该坦然接受公众讨论,对于答案中不准确的部分,我们欢迎您以正式或非正式身份在根叔知了上进行澄清。
抄袭了我的内容
×
原文链接或出处
诽谤我
×
您好,当您发现根叔知了上有诽谤您的内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到pub.zhiliao@h3c.com 邮箱,我们会尽快处理。
- 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
我们认为知名企业应该坦然接受公众讨论,对于答案中不准确的部分,我们欢迎您以正式或非正式身份在根叔知了上进行澄清。
对根叔社区有害的内容
×
垃圾广告信息
色情、暴力、血腥等违反法律法规的内容
政治敏感
不规范转载
>
辱骂、歧视、挑衅等(不友善)
骚扰我
诱导投票
不规范转载
×
举报说明
文件为什么上传不上去呢,好奇怪
附件形式上传,或者直接复制黏贴
<HEB-SDN-C2-A20-PE01>dis current-configuration sysname HEB-SDN-C2-A20-PE01 # undo ftp server source all-interface undo ftp ipv6 server source all-interface # info-center loghost source LoopBack0 //需要核实(命令支持) info-center loghost 10.33.2.158 port 5044 facility local5 info-center loghost 10.11.1.3 facility local3 info-center loghost 10.11.1.6 # system resource standard # device board 1 board-type CE6857-48S6CQ-EI # drop-profile default # dcb pfc # dcb ets-profile default # ntp server source-interface all disable ntp ipv6 server source-interface all disable # vlan reserved 4060 # vlan reserved for main-interface 4000 to 4050 # vlan batch 2 4091 to 4094 # stp disable # evpn-overlay enable # router id 10.2.0.46 # telnet server disable telnet ipv6 server disable undo telnet server-source all-interface undo telnet ipv6 server-source all-interface # diffserv domain default # ip vpn-instance HDM # bfd # mpls lsr-id 10.2.0.46 # mpls label advertise non-null mpls # traffic classifier test type or if-match any # traffic behavior test statistics enable car cir 10000 kbps # traffic policy test # aaa undo local-user policy security-enhance local-user ceni_heb password irreversible-cipher ceni_heb@2019 //重新添加 local-user ceni_heb service-type ssh local-user ceni_heb level 3 local-user ceni_sftp password irreversible-cipher $1c$}D7T;5(DMJ$;<!ASN$3@S.'cu*U6,9AbxJO*RJFm'xTYWSIpL'F$ local-user ceni_sftp service-type ssh local-user ceni_sftp level 3 local-user nms_admin password irreversible-cipher $1c$8N~nHYHbUA$F2ug!ftaR<D.qy3=1p#V}*2d>-RO\$qQA}W~rE#H$ local-user nms_admin service-type ssh local-user nms_admin level 3 # authentication-scheme default # authorization-scheme default # accounting-scheme default # domain default # domain default_admin # stack # license # isis 10 is-level level-2 cost-style wide timer lsp-generation 1 50 50 level-2 flash-flood level-2 bfd all-interfaces enable bfd all-interfaces min-tx-interval 100 min-rx-interval 100 frr-binding network-entity 49.0001.0100.0200.0045.00 is-name HEB-SDN-C2-A20-PE01 timer spf 1 50 50 set-overload on-startup send-sa-bit 120 allow external frr loop-free-alternate level-2 # interface Vlanif4091 description manager ip address 10.1.4.97 255.255.255.240 # interface Vlanif4092 description control ip address 10.2.1.97 255.255.255.240 # interface Vlanif4093 description data ip address 10.3.3.97 255.255.255.240 # interface Vlanif4094 description Internet ip address 10.4.1.97 255.255.255.240 # interface MEth0/0/0 # interface 10GE1/0/1 undo portswitch description to HEB-SDN-C2-A20-VXLAN.SW-S6860-10GE1/0/25 # interface 10GE1/0/1.4091 description to Manage ip address 10.1.8.161 255.255.255.224 isis enable 10 isis silent //需要核实(命令支持) # vlan-type dot1q vid 4091 //需要核实(不需要,删除) # interface 10GE1/0/1.4092 description to HDM ip binding vpn-instance HDM //需要核实(命令支持) ip address 10.2.5.161 255.255.255.224 # vlan-type dot1q vid 4092 //需要核实(不需要,删除) # interface 10GE1/0/2 description to HEB-SDN-C2-A20-SW01-Manager-10GE1/0/1 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 4091 to 4094 device transceiver 10GBASE-FIBER # interface 10GE1/0/3 description to HEB-SDN-C2-A20-SW01-Manager-10GE1/0/2 shutdown device transceiver 10GBASE-FIBER # interface 10GE1/0/4 description to HEB-SDN-C2-A20-FW01-GE1/0/0 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 4091 device transceiver 1000BASE-X # interface 10GE1/0/5 device transceiver 10GBASE-FIBER # interface 10GE1/0/6 device transceiver 10GBASE-FIBER # interface 10GE1/0/7 device transceiver 10GBASE-FIBER # interface 10GE1/0/8 device transceiver 10GBASE-FIBER # interface 10GE1/0/9 device transceiver 10GBASE-FIBER # interface 10GE1/0/10 device transceiver 10GBASE-FIBER # interface 10GE1/0/11 device transceiver 10GBASE-FIBER # interface 10GE1/0/12 device transceiver 10GBASE-FIBER # interface 10GE1/0/13 device transceiver 10GBASE-FIBER # interface 10GE1/0/14 device transceiver 10GBASE-FIBER # interface 10GE1/0/15 device transceiver 10GBASE-FIBER # interface 10GE1/0/16 device transceiver 10GBASE-FIBER # interface 10GE1/0/17 # interface 10GE1/0/18 device transceiver 10GBASE-FIBER # interface 10GE1/0/19 device transceiver 10GBASE-FIBER # interface 10GE1/0/20 # interface 10GE1/0/21 # interface 10GE1/0/22 # interface 10GE1/0/23 # interface 10GE1/0/24 # interface 10GE1/0/25 # interface 10GE1/0/26 # interface 10GE1/0/27 # interface 10GE1/0/28 # interface 10GE1/0/29 # interface 10GE1/0/30 # interface 10GE1/0/31 # interface 10GE1/0/32 # interface 10GE1/0/33 # interface 10GE1/0/34 # interface 10GE1/0/35 # interface 10GE1/0/36 # interface 10GE1/0/37 # interface 10GE1/0/38 # interface 10GE1/0/39 # interface 10GE1/0/40 # interface 10GE1/0/41 # interface 10GE1/0/42 loopback internal # interface 10GE1/0/43 undo portswitch statistics enable loopback internal # interface 10GE1/0/44 loopback internal # interface 10GE1/0/45 undo portswitch loopback internal # interface 10GE1/0/46 # interface 10GE1/0/47 # interface 10GE1/0/48 # interface 100GE1/0/1 undo portswitch mtu 9000 description TO HEB-SDN-C2-A20-P01_HGE1/0/1 ip address 10.5.0.114 255.255.255.252 isis enable 10 isis circuit-type p2p isis circuit-level level-2 isis authentication-mode md5 cipher //重新添加 isis small-hello device transceiver 100GBASE-FIBER isis bfd enable //需要核实(命令支持) mpls //需要核实(命令支持) # mpls te enable //需要核实(不支持,删除) # ip mtu 9000 //需要核实(删除,同mtu 9000) ipv6 mtu 9000 //需要核实(命令支持) # bfd min-transmit-interval 100 //需要核实(不支持,删除,ISIS进程内已经开启所有接口BFD功能) # bfd min-receive-interval 100 //需要核实(不支持,删除) # bfd detect-multiplier 3 //需要核实(不支持,删除) # interface 100GE1/0/2 # interface 100GE1/0/3 # interface 100GE1/0/4 # interface 100GE1/0/5 # interface 100GE1/0/6 # interface LoopBack0 description for_Management ip address 10.2.0.45 255.255.255.255 isis enable 10 # interface LoopBack1 description for_Service ip address 10.2.0.46 255.255.255.255 isis enable 10 # isis prefix-sid index 19942 no-php //需要核实(不支持,删除) # bgp 137749 # non-stop-routing //需要核实(不支持,删除) router-id 10.2.0.46 group RR internal peer RR connect-interface LoopBack1 peer RR password cipher //需要重配 peer 10.1.0.2 as-number 137749 peer 10.1.0.2 group RR peer 10.1.0.6 as-number 137749 peer 10.1.0.6 group RR # ipv4-family unicast peer RR enable peer 10.1.0.2 enable peer 10.1.0.2 group RR peer 10.1.0.6 enable peer 10.1.0.6 group RR # l2vpn-family evpn peer RR enable peer RR advertise-community peer RR next-hop-local //需要核实(命令支持) peer RR advertise encap-type mpls //需要核实(命令支持) peer 10.1.0.2 enable peer 10.1.0.2 group RR peer 10.1.0.6 enable peer 10.1.0.6 group RR # #segment-routing //需要核实(不支持,删除) # snmp-agent community read ceni_public snmp-agent sys-info version all snmp-agent group v3 admin_123 privacy snmp-agent group v3 ceni_public privacy snmp-agent group v3 snmpv3 write-view ViewDefault snmp-agent group v3 terra-monitor-group privacy snmp-agent target-host trap address udp-domain 10.11.1.6 params securityname admin_123 v3 privacy snmp-agent target-host trap address udp-domain 10.11.1.5 params securityname ceni_public snmp-agent target-host trap address udp-domain 192.168.11.253 params securityname ceni_public snmp-agent target-host trap address udp-domain 10.33.2.158 udp-port 60162 params securityname public v2c snmp-agent target-host trap address udp-domain 10.255.1.34 udp-port 9317 params securityname admin_123 v3 privacy snmp-agent usm-user v3 admin_123 admin_123 simple authentication-mode md5 cipher 123_admin snmp-agent usm-user v3 admin_123 privacy-mode des56 cipher 123_admin snmp-agent usm-user v3 ceni_public ceni_public authentication-mode md5 *** snmp-agent usm-user v3 terra-monitor terra-monitor authentication-mode sha *** privacy-mode des56 *** snmp-agent trap enable feature-name arp snmp-agent trap enable feature-name l2vpn snmp-agent trap enable feature-nam radius snmp-agent trap enable feature-name bfd snmp-agent trap enable feature-name bgp snmp-agent trap enable feature-name configuration snmp-agent trap enable feature-name isis snmp-agent trap enable feature-name l3vpn snmp-agent trap enable feature-name ldp snmp-agent trap enable feature-name system snmp-agent trap source LoopBack0 # undo snmp-agent proxy protocol source-status all-interface undo snmp-agent proxy protocol source-status ipv6 all-interface # lldp enable # ssh server enable stelnet server enable sftp server enable snetconf server enable ssh user ceni_sftp ssh user ceni_sftp authentication-type password ssh user ceni_sftp service-type sftp ssh user ceni_sftp sftp-directory flash:/ ssh user ceni_heb ssh user ceni_heb authentication-type password ssh user ceni_heb service-type snetconf stelnet ssh user nms_admin ssh user nms_admin authentication-type password ssh user nms_admin service-type all ssh user nms_admin sftp-directory flash:/ ssh server-source all-interface ssh ipv6 server-source all-interface ssh authorization-type default aaa # //ssh server cipher aes256_ctr aes128_ctr //ssh server hmac sha2_256_96 sha2_256 sha1_96 //ssh server key-exchange dh_group_exchange_sha256 dh_group_exchange_sha1 ecdh_sha2_nistp256 ecdh_sha2_nistp384 ecdh_sha2_nistp521 sm2_kep # //ssh server publickey dsa ecc rsa # //ssh server dh-exchange min-len 2048 # ssh client first-time enable ssh client peer 10.1.0.21 assign ecc-key 10.1.0.21 ssh client peer 172.5.0.41 assign ecc-key 172.5.0.41 # ssh client publickey dsa ecc rsa # ssh client cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr aes256_cbc aes128_cbc 3des_cbc ssh client hmac sha2_512 sha2_256_96 sha2_256 sha1 sha1_96 md5 md5_96 ssh client key-exchange dh_group_exchange_sha256 dh_group_exchange_sha1 dh_group14_sha1 dh_group1_sha1 ecdh_sha2_nistp256 ecdh_sha2_nistp384 ecdh_sha2_nistp521 sm2_kep # ping mac enable # user-interface con 0 authentication-mode password set authentication password cipher $1c$K],M:7$/O"$[r(k3vImnHxJPh84'KR*WK.H,srvz%5NY|#>vAYS$ # user-interface vty 0 4 authentication-mode aaa protocol inbound ssh # vm-manager # http # return
都支持的,没啥特别的