Hi,
today I want to go through the configuration of a few Huawei switches. The “CloudEngine S5735”. I have never configured a Huawei switch before, so this will be completely new to me. We have 8 devices of the same model, which are planned for a customer in Germany with its HQ in China. The configuration will basically be the same for all the switches, with a few small differences.
These switches will expand an already existing infrastructure. The main goal is, to provide a network for a new floor, that was added to the building. Additionally, the customer ordered 4 more switches to expand the ports on the 1 floor.
We have two infrastructures which are physically separated (internal and lab). These have their own separate networks divided by VLANs. The Lab network does not have access to the internet.
The primary configuration will be done by the IT team in China, but we need to do some base setup first. Creating the stack, VLANs, MC-LAG and so on.
As always, I will be using Fedora as my OS and the command “screen” to connect to the devices (yes the pictures show Windows, but that’s just a test device). If you are using Windows, just use Putty for serial and SSH or if you (like me) prefer cmd/Powershell for SSH.
Let’s begin.
Accessing the switch
To gain access to the switch, we will use a serial cable with a serial to USB adapter. I am using the Digitus USB 2.0 serial adapter DA-70156.
Connect the cable to “console” port on the switch and attach it to your system with the adapter.
First find out which COM the adapter connects to, using the “dmesg” command. I will mark it red.
fedora-kde :: ~ » dmesg [21002.302086] usb 1-8: Product: FT232R USB UART [21002.302088] usb 1-8: Manufacturer: FTDI [21002.302089] usb 1-8: SerialNumber: 0000000 [21002.322109] ftdi_sio 1-8:1.0: FTDI USB Serial Device converter detected [21002.322133] usb 1-8: Detected FT232RL [21002.330209] usb 1-8: FTDI USB Serial Device converter now attached to ttyUSB0
Now connect to the switch using “screen”.
fedora-kde :: ~ » sudo screen /dev/ttyUSB0
Once you hit “enter”, you will be asked to set a password for the “admin” user with a minimum of 8 characters.
Configuring the switch (Hostname, VLAN, SVI, Default GW)
Next, we will switch to the configuration mode and change the hostname.
But first a few basic commands. For the configuration mode, type “system-view”. To get out of it, use the “quit” command.
To save the configuration to flash type “save”. As far as I know, you need to be in the user view to run this command. At least for me, it didn’t work in the command view.
Let’s continue.
Hostname configuration
## Change into the configuration mode <HUAWEI> system-view ## Change the hostname [HUAWEI] sysname LAB-GF [LAB-GF]
VLAN / SVI configuration
Add a few VLANs.
## Create VLANs [LAB-GF] vlan 10 20 1001
We will use the VLAN 1001 as a management VLAN, so let us assign an IP address to it.
## Change into the VLAN 1001 interface [LAB-GF] interface vlanif 1001 ## Assign IP [LAB-GF-Vlanif1001] ip address 10.80.10.26/29 [LAB-GF-Vlanif1001] quit
Static-route configuration
Next, we will set the default gateway for this switch.
## Set static route [LAB-GF] ip route-static 0.0.0.0 0.0.0.0 10.80.10.25
Show configuration
Alright. Let’s check our work.
## Display VLANs [LAB-GF] display vlan or [LAB-GF] display vlan 1001
## Display the assigned IP [LAB-GF] display ip interface vlanif 1001
Ok, now the routing table.
## Display routing table [LAB-GF] display routing-table
To top it all off. The running configuration.
## Display the running configuration [LAB-GF] display current-configuration
Configuring the switch (SSH, Stack, LAG)
Alright. If we are happy with the configuration, we can continue.
SSH configuration
Let’s set the SSH configuration. This needs a lot of commands. I am used to Arubas way, with requires 1 or 2 commands to enable SSH. Anyway.
## Set VTY user interface [LAB-GF] user-interface vty 0 4 [LAB-GF] authentication-mode aaa [LAB-GF] protocol inbound ssh ## Enable the SSH Server (called stelnet here) [LAB-GF] ssh server-source -i vlanif 1001 (optional. default is VLAN 1) [LAB-GF] stelnet server enable ## Setup a local user [LAB-GF] aaa [LAB-GF-aaa] local-user admin password cipher SUPER-SECURE-PASSWORD [LAB-GF-aaa] local-user admin privilege level 15 [LAB-GF-aaa] local-user admin service-type ssh ## Setup the user for SSH [LAB-GF] ssh user admin [LAB-GF] ssh user admin authentication-type password [LAB-GF] ssh user admin service-type stelnet
That’s it for SSH.
There is only one more thing. I want to test the SSH connection, so we need to assign the VLAN 1001 to a port. I will use the first one.
Assign VLAN to ports (untagged)
[LAB-GF] interface GigabitEthernet 0/0/1 [LAB-GF-GigabitEthernet0/0/1] port link-type access [LAB-GF-GigabitEthernet0/0/1] port default vlan 1001
With this, we can assign an IP to our NIC on the laptop and test the SSH connection. I won’t be able to demonstrate this but it should work without a hitch.
You will have to change the password on your first login.
Stack configuration
Before we setup LAG we need the stack to be up and running. So I am going to do that next.
We will define two stack ports on the Huawei switches. 0/1 and 0/2. For the stack configuration to work, you need to connect SwitchA – Stack-Port 0/1 to SwitchB – Stack-Port 0/2 and vice versa.
I will call SwitchA (LAB-GF-01) and SwitchB (LAB-GF-02) for this example.
The first switch.:
## Configure the stack ports on the first switch [LAB-GF-01] interface stack-port 0/1 [LAB-GF-01-stack-port0/1] port interface XGigabitEthernet 0/0/3 enable [LAB-GF-01-stack-port0/1] quit [LAB-GF-01] interface stack-port 0/2 [LAB-GF-01-stack-port0/2] port interface XGigabitEthernet 0/0/4 enable [LAB-GF-01-stack-port0/2] quit ## Set the stack slot and priority [LAB-GF-01] stack slot 0 priority 200 # Save the configuration [LAB-GF-01] quit <LAB-GF-01> save
The second switch.:
## Configure the stack ports on the second switch [LAB-GF-02] interface stack-port 0/1 [LAB-GF-02-stack-port0/1] port interface XGigabitEthernet 0/0/3 enable [LAB-GF-02-stack-port0/1] quit [LAB-GF-02] interface stack-port 0/2 [LAB-GF-02-stack-port0/2] port interface XGigabitEthernet 0/0/4 enable [LAB-GF-02-stack-port0/2] quit ## Set the stack slot and renumber [LAB-GF-02] stack slot 0 renumber 1 ## Save the configuration [LAB-GF-02] quit <LAB-GF-02> save
Now, power off both switches and connect the port from SwitchA that was assigned to stack-port 0/1 to stack-port 0/2 on SwitchB. Do the same with the other stack-port.
Next power on SwitchA and wait until it’s up. Now boot the second switch. If everything worked out, you should see both switches when displaying the stack.
## Display the stack <LAB-GF> display stac
Great. Now that we have our stack, we can create a LAG across both switches.
LAG configuration
First, we need to create the LAG interface. I will use the last possible ID on these switches.
<LAB-GF> system-view ## Create the LAG interface [LAB-GF] interface eth-trunk 127 ## Assign ports [LAB-GF-Eth-Trunk127] trunkport GigabitEthernet 0/0/48 [LAB-GF-Eth-Trunk127] trunkport GigabitEthernet 1/0/48 ## Set LACP [LAB-GF-Eth-Trunk127] mode lacp
Now we should define the link type and set the allowed VLANs.
Assign VLAN to ports (tagged)
[LAB-GF] interface eth-trunk 127 [LAB-GF-Eth-Trunk127] port link-type trunk [LAB-GF-Eth-Trunk127] port trunk allow-pass vlan 10 20 1001 ## if you want to set the pvid. [LAB-GF-Eth-Trunk127] port trunk pvid vlan 10
Check the configuration.
[LAB-GF] display eth-trunk 127
Ok. That’s it. Do not forget to save your configuration.
[LAB-GF] quit <LAB-GF> save
Till next time.
Here are a few links I used for this.: