华为5700交换机MPLS配置

华为5700系列交换机堆叠步骤华为5700系列交换机堆叠步骤1、确定主设备，优先级最大的才能成为主设备例如：A为主用设备，B为用设备A]stack slot 0 priority 150A]interface stack-port 0/1 '此处0/1的0表示slot,主设备为0则用0，为1则用1 ；/1表示logic stack port ID，该ID为全局唯一，不可与堆叠内其它设备一致，否则会冲突，造成堆叠失败。

A-stack-port 0/1]port interface XGigabitEthernet 0/0/1 enableA-stack-port 0/1]port interface XGigabitEthernet 0/0/2 enablestack slot 0 renumber 1 '备设备需要把slot更改为1，并重新启动重启完成后接着配置B设备B]stack slot 1 priority 100 '将优先级调小，该优先级系统默认值为100B]interface stack-port 1/2B-stack-port 1/2]port interface XGigabitEthernet 1/0/1 enableB-stack-port 1/2]port interface XGigabitEthernet 1/0/2 enable所有设备配置完成后save,然后断电、连线(交叉连，主0/0/1连备1/0/2,主0/0/2连备1/0/1,)，检查连线，最后开机。

注意事项：1、配置堆叠时，如果是将在网的设备配为主，请不要更改其的slot，因为在堆叠完成后，主用设备原来配置仍可以正常使用，不需要更改。

如果是新上设备配为主，则需要将新上的设备slot更改为0以外的其它数字（1－8），备用设备不需要更改slot，完成堆叠后，主设备的配置是空的，需要将原备设备的配置手工配置上去。

华为S5700交换机的基础配置命令# 设置设备的名称为GSH-FZ-Frontsystem-view[Quidway] sysname GSH-FZ-Front?# 设置查看设备的时区,时间clock timezone BJ add 8clock datetime 18:20:30 2011-06-08display clock#telnet远程登录system-view[Quidway] aaa[Quidway-aaa] local-user testadmin password cipher p@ssw0rd privilege level 15 [Quidway-aaa] quit[Quidway]user-interface vty 0 4[Quidway-vty0-4]authentication-mode aaa#添加VLANsystem-view[Quidway] vlan 128[Quidway-vlan128] quit#设定端口模式system-view[Quidway] int gigabitethernet 0/0/1[Quidway-GigabitEthernet0/0/1] port link-type access#将端口加入Vlansystem-view[Quidway] vlan 131[Quidway-vlan131] port gigabitethernet 0/0/21 to 0/0/22 [Quidway-Vlan131] quit#设置Trunksystem-view[Quidway] interface GigabitEthernet 0/0/23[Quidway-GigabitEthernet0/0/23] port link-type trunk [Quidway-GigabitEthernet0/0/23] port trunk allow-pass vlan 128 131 #设置VLAN IP(管理IP)system-view[Quidway] interface vlanif 131[Quidway-Vlanif131] ip address 192.168.0.253 255.255.255.0 [Quidway-Vlanif131] shutdown[Quidway-Vlanif131] undo shutdown#设置默认路由system-view[Quidway] ip route-static 0.0.0.0 0.0.0.0 192.168.0.254#设定NTPsystem-view[Quidway] ntp-service unicast-peer 192.168.0.254# 关闭WEB Server,dhcpsystem-view[Quidway] undo http server enable[Quidway] undo dhcp enable#保存配置save#相关查看命令[Quidway] display version 显示VRP版本号[Quidway] display current-configuration 显示系统运行配置信息[Quidway] display saved-configuration 显示保存的配置信息[Quidway] display interfaces brief 显示接口配置信息。

华为三层交换机5700DHCP配置交换机配置DHCP配置1，交换机作DHCP Server『配置环境参数』1. PC1、PC2的⽹卡均采⽤动态获取IP地址的⽅式2. PC1连接到交换机的以太⽹端⼝0/1，属于VLAN10；PC2连接到交换机的以太⽹端⼝0/2，属于VLAN203. 三层交换机SwitchA的VLAN接⼝10地址为10.1.1.1/24，VLAN接⼝20地址为10.1.2.1/24『组⽹需求』1. PC1可以动态获取10.1.1.0/24⽹段地址，并且⽹关地址为10.1.1.1；PC2可以动态获取10.1.2.0/24⽹段地址，并且⽹关地址为10.1.2.1『DHCP Server配置流程流程』可以完成对直接连接到三层交换机的PC机分配IP地址，也可以对通过DHCP中继设备连接到三层交换机的PC机分配IP地址。

分配地址的⽅式可以采⽤接⼝⽅式，或者全局地址池⽅式。

【SwitchA采⽤接⼝⽅式分配地址相关配置】1. 创建（进⼊）VLAN10[SwitchA]vlan 102. 将E0/1加⼊到VLAN10[SwitchA-vlan10]port Ethernet 0/13. 创建（进⼊）VLAN接⼝10[SwitchA]interface Vlan-interface 104. 为VLAN接⼝10配置IP地址[SwitchA-Vlan-interface10]ip address 10.1.1.1 255.255.255.05. 在VLAN接⼝10上选择接⼝⽅式分配IP地址[SwitchA-Vlan-interface10]dhcp select interface6. 禁⽌将PC机的⽹关地址分配给⽤户[SwitchA]dhcp server forbidden-ip 10.1.1.1【SwitchA采⽤全局地址池⽅式分配地址相关配置】1. 创建（进⼊）VLAN10[SwitchA]vlan 102. 将E0/1加⼊到VLAN10[SwitchA-vlan10]port Ethernet 0/13. 创建（进⼊）VLAN接⼝10[SwitchA]interface Vlan-interface 104. 为VLAN接⼝10配置IP地址[SwitchA-Vlan-interface10]ip address 10.1.1.1 255.255.255.05. 在VLAN接⼝10上选择全局地址池⽅式分配IP地址[SwitchA-Vlan-interface10]dhcp select global6. 创建全局地址池，并命名为”vlan10”[SwitchA]dhcp server ip-pool vlan107. 配置vlan10地址池给⽤户分配的地址范围以及⽤户的⽹关地址[SwitchA-dhcp-vlan10]network 10.1.1.0 mask 255.255.255.0[SwitchA-dhcp-vlan10]gateway-list 10.1.1.18. 禁⽌将PC机的⽹关地址分配给⽤户[SwitchA]dhcp server forbidden-ip 10.1.1.1【补充说明】以上配置以VLAN10的为例，VLAN20的配置参照VLAN10的配置即可。

基于接口划分VLAN某企业有很多部门，要求业务相同部门之间的员工可以互相访问，业务不同部门之间的员工不能互相访问。

如图1所示，某企业包含4个部门。

部门1通过SwitchA与Switch的接口GE0/0/1相连。

部门2通过SwitchB与Switch的接口GE0/0/2相连。

部门3通过SwitchC与Switch的接口GE0/0/3相连。

部门4通过SwitchD与Switch的接口GE0/0/4相连。

要求：● VLAN2内的部门1、部门2与VLAN3内的部门3、部门4互相隔离。

● VLAN2内的部门1与部门2可以互相访问。

● VLAN3内的部门3与部门4可以互相访问。

配置思路采用如下的思路配置VLAN：1. 创建VLAN。

2. 将接口加入VLAN。

配置思路采用如下的思路配置VLAN：1. 创建VLAN。

2. 将接口加入VLAN。

数据准备为完成此配置例，需准备如下的数据：●接口GigabitEthernet0/0/1、GigabitEthernet0/0/2属于VLAN2。

●接口GigabitEthernet0/0/3、GigabitEthernet0/0/4属于VLAN3。

操作步骤1. 配置Switch# 创建VLAN2。

<Quidway> system-view[Quidway] vlan 2[Quidway-vlan2] quit# 将接口GigabitEthernet0/0/1的类型为Trunk，并加入到VLAN2中。

[Quidway] interface gigabitethernet 0/0/1[Quidway-GigabitEthernet0/0/1] port link-type trunk[Quidway-GigabitEthernet0/0/1] port trunk allow-pass vlan 2 [Quidway-GigabitEthernet0/0/1] quit# 配置接口GigabitEthernet0/0/2的类型为Trunk，并加入到VLAN2中。

华为5700配置#!Software Version V200R001C00SPC300sysname Quidway#vlan batch 2 to 3 10#http server load s5700ei-v200r001c00.001.web.zip#undo nap slave enable#dhcp enable#aaaauthentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain defaultdomain default_adminlocal-user admin password cipher %$%$Zlrd~\y[IH%(\*2T"MrW<$xo%$%$local-user admin privilege level 15local-user admin service-type httplocal-user huawei password cipher %$%$+gVXCgW[N!L|>DVplyh@<6-$%$%$local-user huawei privilege level 15local-user huawei service-type http#ntp-service unicast-peer 192.168.10.254#interface Vlanif2ip address 192.168.1.1 255.255.255.0 dhcp select interfacedhcp server dns-list 202.175.36.16 8.8.8.8 #interface Vlanif3ip address 192.168.0.1 255.255.255.0 dhcp select interfacedhcp server dns-list 202.175.36.16 8.8.8.8 #interface Vlanif10ip address 10.10.10.2 255.255.255.0#interface MEth0/0/1#interface GigabitEthernet0/0/1port link-type accessport default vlan 2#interface GigabitEthernet0/0/2port link-type accessport default vlan 2#interface GigabitEthernet0/0/3port link-type accessport default vlan 2#interface GigabitEthernet0/0/4port link-type accessport default vlan 2#interface GigabitEthernet0/0/5 port link-type accessport default vlan 2#interface GigabitEthernet0/0/6 port link-type accessport default vlan 2#interface GigabitEthernet0/0/7 port link-type accessport default vlan 2#interface GigabitEthernet0/0/8 port link-type accessport default vlan 2#interface GigabitEthernet0/0/9 port link-type accessport default vlan 2#interface GigabitEthernet0/0/10 port link-type accessport default vlan 2#interface GigabitEthernet0/0/11 port link-type accessport default vlan 2#interface GigabitEthernet0/0/12 port link-type accessport default vlan 2#interface GigabitEthernet0/0/13 port link-type accessport default vlan 2#interface GigabitEthernet0/0/14 port link-type accessport default vlan 2#interface GigabitEthernet0/0/15 port link-type accessport default vlan 2#interface GigabitEthernet0/0/16 port link-type accessport default vlan 2#interface GigabitEthernet0/0/17 port link-type accessport default vlan 2#interface GigabitEthernet0/0/18 port link-type accessport default vlan 2#interface GigabitEthernet0/0/19 port link-type accessport default vlan 3#interface GigabitEthernet0/0/20port link-type accessport default vlan 3#interface GigabitEthernet0/0/21port link-type accessport default vlan 3#interface GigabitEthernet0/0/22port link-type accessport default vlan 3#interface GigabitEthernet0/0/23port link-type accessport default vlan 3#interface GigabitEthernet0/0/24port link-type accessport default vlan 10#interface NULL0#ip route-static 0.0.0.00.0.0.0 10.10.10.1#user-interface con 0authentication-mode passwordset authentication passwordcipher %$%$]x*%!PdIw83uD8.p1VY/,>5,`<\.B%Y0#B&X:8Y% $&!F)D;6%$%$user-interface vty 0 4authentication-mode aaauser-interface vty 16 20#returnAug 22 2013 15:27:45-05:13 Quidway SRM/3/POWERFAULT:OID 1.3.6.1.4.1.2011.5.25.129.2.1.9 Power is abnormal.(EntityPhysicalIndex=67108873, BaseTrapSeverity=3, BaseTrapProbableCause=67966, BaseTrapEventType=5, EntPhysicalContainedIn=5, EntPhysicalName=MPU Board 0, RelativeResource=SubCard #4 POWER, ReasonDescription=SubCard #4 POWER is abnormal)dis cur#!Software Version V200R001C00SPC300sysname Quidway#vlan batch 2 to 3 10#http server load s5700ei-v200r001c00.001.web.zip#undo nap slave enable#dhcp enable#aaaauthentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain defaultdomain default_adminlocal-user admin password cipher %$%$Zlrd~\y[IH%(\*2T"MrW<$xo%$%$local-user admin privilege level 15local-user admin service-type httplocal-user huawei password cipher %$%$+gVXCgW[N!L|>DVplyh@<6-$%$%$local-user huawei privilege level 15local-user huawei service-type http#ntp-service unicast-peer 192.168.10.254#interface Vlanif2ip address 192.168.1.1 255.255.255.0dhcp select interfacedhcp server dns-list 202.175.36.16 8.8.8.8#interface Vlanif3ip address 192.168.0.1 255.255.255.0dhcp select interfacedhcp server dns-list 202.175.36.16 8.8.8.8#interface Vlanif10ip address 10.10.10.2 255.255.255.0#interface MEth0/0/1#interface GigabitEthernet0/0/1 port link-type accessport default vlan 2#interface GigabitEthernet0/0/2 port link-type accessport default vlan 2#interface GigabitEthernet0/0/3 port link-type accessport default vlan 2#interface GigabitEthernet0/0/4 port link-type accessport default vlan 2#interface GigabitEthernet0/0/5 port link-type accessport default vlan 2#interface GigabitEthernet0/0/6 port link-type accessport default vlan 2#interface GigabitEthernet0/0/7 port link-type accessport default vlan 2#interface GigabitEthernet0/0/8 port link-type accessport default vlan 2#interface GigabitEthernet0/0/9 port link-type accessport default vlan 2#interface GigabitEthernet0/0/10 port link-type accessport default vlan 2#interface GigabitEthernet0/0/11 port link-type accessport default vlan 2#interface GigabitEthernet0/0/12 port link-type accessport default vlan 2#interface GigabitEthernet0/0/13 port link-type accessport default vlan 2#interface GigabitEthernet0/0/14 port link-type accessport default vlan 2#interface GigabitEthernet0/0/15 port link-type accessport default vlan 2#interface GigabitEthernet0/0/16 port link-type accessport default vlan 2#interface GigabitEthernet0/0/17 port link-type accessport default vlan 2#interface GigabitEthernet0/0/18 port link-type accessport default vlan 2#interface GigabitEthernet0/0/19 port link-type accessport default vlan 3#interface GigabitEthernet0/0/20 port link-type accessport default vlan 3#interface GigabitEthernet0/0/21 port link-type accessport default vlan 3#interface GigabitEthernet0/0/22 port link-type accessport default vlan 3#interface GigabitEthernet0/0/23port link-type accessport default vlan 3#interface GigabitEthernet0/0/24port link-type accessport default vlan 10#interface NULL0#ip route-static 0.0.0.0 0.0.0.0 10.10.10.1#user-interface con 0authentication-mode passwordset authentication password cipher %$%$]x*%!PdIw83uD8.p1VY/,>5,`<\.B%Y0#B&X:8Y% $&!F)D;6%$%$user-interface vty 0 4authentication-mode aaauser-interface vty 16 20#returnAug 22 2013 15:37:45-05:13 Quidway SRM/3/POWERFAULT:OID 1.3.6.1.4.1.2011.5.25.129.2.1.9 Power is abnormal.(EntityPhysicalIndex=67108873, BaseTrapSeverity=3, BaseTrapProbableCause=67966, BaseTrapEventType=5,EntPhysicalContainedIn=5, EntPhysicalName=MPU Board 0, RelativeResource=SubCard #4 POWER, ReasonDescription=SubCard #4 POWER is abnormal)User interface con0 is availablePlease Press ENTER.Login authenticationPassword:dir curError: File can't be found.dir curError: File can't be found.dis cur#!Software Version V200R001C00SPC300 sysname Quidway#vlan batch 2 to 3 10#http server load s5700ei-v200r001c00.001.web.zip #undo nap slave enable#dhcp enable#aaaauthentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain defaultdomain default_adminlocal-user admin password cipher %$%$Zlrd~\y[IH%(\*2T"MrW<$xo%$%$local-user admin privilege level 15local-user admin service-type httplocal-user huawei password cipher %$%$+gVXCgW[N!L|>DVplyh@<6-$%$%$local-user huawei privilege level 15local-user huawei service-type http#ntp-service unicast-peer 192.168.10.254#interface Vlanif2ip address 192.168.1.1 255.255.255.0dhcp select interfacedhcp server dns-list 202.175.36.16 8.8.8.8#interface Vlanif3ip address 192.168.0.1 255.255.255.0dhcp select interfacedhcp server dns-list 202.175.36.16 8.8.8.8#interface Vlanif10ip address 10.10.10.2 255.255.255.0#interface MEth0/0/1interface GigabitEthernet0/0/1 port link-type accessport default vlan 2#interface GigabitEthernet0/0/2 port link-type accessport default vlan 2#interface GigabitEthernet0/0/3 port link-type accessport default vlan 2#interface GigabitEthernet0/0/4 port link-type accessport default vlan 2#interface GigabitEthernet0/0/5 port link-type accessport default vlan 2#interface GigabitEthernet0/0/6 port link-type accessportdefault vlan 2#interface GigabitEthernet0/0/7 port link-type accessport default vlan 2interface GigabitEthernet0/0/8 port link-type accessport default vlan 2#interface GigabitEthernet0/0/9 port link-type accessport default vlan 2#interface GigabitEthernet0/0/10 port link-type accessport default vlan 2#interface GigabitEthernet0/0/11 port link-type accessport default vlan 2#interface GigabitEthernet0/0/12 port link-type accessport default vlan 2#interface GigabitEthernet0/0/13 port link-type accessport default vlan 2#interface GigabitEthernet0/0/14 port link-type accessport default vlan 2#interface GigabitEthernet0/0/15port link-type accessport default vlan 2#interface GigabitEthernet0/0/16 port link-type accessport default vlan 2#interface GigabitEthernet0/0/17 port link-type accessport default vlan 2#interface GigabitEthernet0/0/18 port link-type accessport default vlan 2#interface GigabitEthernet0/0/19 port link-type accessport default vlan 3#interface GigabitEthernet0/0/20 port link-type accessport default vlan 3#interface GigabitEthernet0/0/21 port link-type accessport default vlan 3#interface GigabitEthernet0/0/22 port link-type accessport default vlan 3#interface GigabitEthernet0/0/23port link-type accessport default vlan 3#interface GigabitEthernet0/0/24port link-type accessport default vlan 10#interface NULL0#ip route-static 0.0.0.0 0.0.0.0 10.10.10.1#user-interface con 0authentication-mode passwordset authentication password cipher %$%$]x*%!PdIw83uD8.p1VY/,>5,`<\.B%Y0#B&X:8Y% $&!F)D;6%$%$user-interface vty 0 4authentication-mode aaauser-interface vty 16 20。

MPLS：多协议标签交换技术（工作在二层与三层之间）IETF确定MPLS协议作为标准的协议MPLS采用短而定长的标签进行数据转发，大大提高了硬件限制下的转发能力；而且MPLS可以扩展到多种网络协议（如IPv6，IPX等）MPLS协议从各种链路层协议（如PPP、ATM、帧中继、以太网等）得到链路层服务，又为网络层提供面向连接的服务。

MPLS能从IP路由协议和控制协议中得到支持，路由功能强大、灵活，可以满足各种新应用对网络的要求作用：加快IP网络转发速度缺点：硬件不行，FIB，现今应用：MPLS VPNMPLS TE：流量工程MPLS概述MPLS基本网络结构（工作在运行商）路由器的角色：1.LER（Label Edge Router）：标签边界路由器，在MPLS网络中，具备标签分配功能，用于标签的压入或弹出，并且同时连接IP与MPLS网络的路由器，如上图中的RTB，RTD。

入站LER：负责对接收到的IP报文压入标签出站LER：负责给离开MPLS网络的报文弹出标签2.LSR（Label Switched Router）：标签交换路由器，在MPLS网络中，具有标签分配和标签转发能力的路由器，用于标签的交换，如图中的RTCLSP（Label Switched Path）：标签交换路径，即到达同一目的地址的报文在MPLS网络中经过的路径（单向路径）入节点（Ingress）：LSP的入口LER中间节点（Transit）：位于LSP中间的LSR出节点（Egress）：LSP的出口LERFEC（Forwarding Equivalent Class）：转发等价类，一般指具有相同转发处理方式的报文。

在MPLS网络中，到达同一目的地址（网络前缀相同的IP地址）的所有报文就是一个FEC （FEC：华为默认32位的主机路由）FEC的划分方式非常灵活，可以是以源地址、目的地址、源端口、目的端口、协议类型或VPN 等为划分依据的任意组合MPLS体系结构：LSP建立到分发标签的最终过程控制平面：负责产生和维护路由信息以及标签信息路由信息表RIB（Routing Information Base）：由IP路由协议生成，用于选择路由标签分发协议LDP（Label Distribution Protocol）：负责标签的分配、标签转发信息表的建立、标签交换路径的建立、拆除等工作标签信息表LIB（Label Information Base）：由标签分发协议生成，用于管理标签信息转发平面：即数据平面（Data Plane），负责普通IP报文的转发以及带MPLS标签报文的转发转发信息表FIB（Forwarding Information Base）：从RIB提取必要的路由信息生成，负责普通IP报文的转发标签转发信息表LFIB（Label Forwarding Information Base）：简称标签转发表，由标签分发协议建立LFIB，负责带MPLS标签报文的转发MPLS路由器上，报文的转发过程：当收到普通IP报文时，查找FIB表：如果Tunnel ID（隧道id）为0x0，则进行普通IP转发如果Tunnel ID为非0x0，则查找LFIB表，进行MPLS转发当收到带标签的报文时，查找LFIB表：如果对应的出标签是普通标签，则进行MPLS转发如果对应的出标签是特殊标签，如标签3，则将报文的标签去掉，进行IP转发MPLS数据报文结构：MPLS标签封装在链路层和网络层之间，可以支持任意的链路层协议MPLS标签共分4个字段：（4字节）Label：20bit，标签值域，是一个短而定长的、只有本地意义的标识，用于唯一标识去往同一目的地址的报文分组Exp：3bit，用于扩展。

华为5700交换机MPLS配置1实验目标通过实验模拟3台5700交换机上运行MPLS。

完成底层IGP-OSPF多区域配置、MPLS配置。

2实验拓扑图3拓扑图描述3台华为5700交换机底层运行IGP-OSPF，各个接口的IP地址如图所示，环回口启用OSPF 并作为OSPF的router-id和MPLS的lsr—id（将环回口置于OSPF的silient-interface），在sw1-sw2、sw2-sw3相连的接口启用mpls ldp建立本地ldp会话lsp会自动建立。

4配置及描述4.1Sw1配置[sw1］dis curr＃sysname sw1#vlan batch 10#mpls lsr-id 192。

168。

0。

1 配置MPLS LSR ID 是启用MPLS的前提条件(也是ldp建立会话的传输地址，确保lsr—id路由可达)mpls 全局启用mplslsp-trigger all 所有静态路由和IGP 路由项触发建立LSPmpls ldp 全局启用mpls ldp（全局启用mpls ldp之前必须先全局启用mpls）＃interface Vlanif10ip address 10。

1.0.1 255.255。

255。

0ospf network-type p2p 修改ospf网络类型为点到点mpls 接口启用mplsmpls ldp 接口启用mpls ldp（接口启用mpls ldp之前必须先在接口下启用mpls）＃interface GigabitEthernet0/0/1port link—type accessport default vlan 10＃interface LoopBack0 环回口不能转发mpls报文ip address 192。

168.0。

1 255。

255。

255.255#ospf 1 router-id 192。

168.0。

1silent—interface LoopBack0 抑制环回口发送、接收ospf报文area 0。

华为三层交换机5700系列配置⽰例配置说明配置华为交换机的注意事项（针对5700系列）默认情况下，华为设备管理地址为192.168.1.253/24，账号 admin, 密码 admin@如果有web界⾯管理功能，可以尝试使⽤ETH⼝登陆，如果登陆不上，可以按住MODE键6s,重置，打开web登陆功能。

在配三层交换机配置vlan时，默认情况下不同的vlan⽹段是可以通过路由互通的，不⽤额外配置（如思科等设备需要开启ip routing）如果要对端⼝批量操作，如配置vlan，可以先创建⼀个组,使⽤ port-group GROUP-NAME命令创建组，并通过group-member GigabitEthernet 0/0/1 to GigabitEthernet 0/0/20 来批量添加组员，以后需要对这些端⼝操作进⼊此group就可以了。

如果要对不同的vlan⽹络隔离，需要配置ACL策略。

在使⽤PC机进⾏测试时，要关闭⽆线和其他的虚拟⽹卡，并确认关闭防⽕墙，排除测试⼲扰因素。

实现⽅式三层核⼼交换机在配置多个不同⽹段互联时，有以下两种⽅式：1. 单臂路由⽅式: 三层核⼼交换机配置多⽹络vlan，与上联汇聚层设备接⼝使⽤trunk透传，上联防⽕墙或路由器创建⼦接⼝并对应VLAN作为⽹关，vlan间的数据路由在上联设备完成。

单臂路由⽅式：2. 静态路由⽅式: 三层核⼼交换机作为接⼊设备，配置多⽹络vlan，并创建⽹关，上联接⼝配置静态IP，交换机和上联设备添加静态路由，vlan之间的数据路由在接⼊交换机上完成。

静态路由⽅式：设备配置单臂路由⽅式（Trunk）路由器：LAN1: 192.168.1.1下⼀跳地址： 192.168.1.2SW1GE1/0/1: 192.168.1.2 VLAN 1GE1/0/2: TRUNK 允许 VLAN 2 3GE1/0/3: 192.168.4.1 VLAN 4SW2GE1/0/1: TRUNK VLAN 2 3GE1/0/23: 192.168.2.1/24 VLAN 2GE1/0/24: 192.168.3.1/24 VLAN 3SW3默认不⽤配置，充当⼆层交换机配置思路采⽤如下的思路配置汇聚层设备作为⽹关实现不同⽹段⽤户间的通信：配置接⼊交换机，基于接⼝划分VLAN，实现⼆层互通。

telnet登录华为5700的配置学习内容一、掌握华为5700的基本常用操作命令二、掌握华为5700的常规开局学习方案一、登录界面及等级切换<Quidway>super ---进入特权模式Now user privilege is 3 level, and only those commands whose level is equal to orless than this level can be used.Privilege note: 0-VISIT, 1-MONITOR, 2-SYSTEM, 3-MANAGE<Quidway>system-view ---进入系统配置模式Enter system view, return user view with Ctrl+Z.[Quidway]display current-configuration --显示系统当前配置二、配置管理IP和vlan配置交换机的IP地址：二层交换机只支持一个IP地址，并且是作为VLAN的接口IP地址出现的。

所以，我们首先要在系统视图下使用interface?vlan?vlan-number命令进入VLAN接口配置视图，然后使用ip?address命令配置IP地址。

[Quidway]vlan 200 ---创建了一个vlan 200[Quidway-vlan200]quit[Quidway]interface Vlanif 200 ---进入vlan 200 虚拟子接口[Quidway-Vlanif200]ip address 192.168.80.3 24 ---建立一个管理IP 192.168.80.3 掩码24 位[Quidway-Vlanif200]display this ---查看接口当前配置#interface Vlanif200ip address 192.168.80.3 255.255.255.0#[Quidway-Vlanif200]quit[Quidway]interface GigabitEthernet 0/0/1 --- 进入千兆以太网口0/0/1 [Quidway-GigabitEthernet0/0/1]port link-type access --- 端口类型access[Quidway-GigabitEthernet0/0/1]port default vlan 200 --- 端口默认vlan 200[Quidway-GigabitEthernet0/0/1]quit三、配置本地用户权限配置用户登录口令：在缺省情况下，交换机允许5个vty用户，但都没有配置登录口令。

华为交换机基本配置命令一、单交换机VLAN划分命令命令解释system 进入系统视图system-view 进入系统视图uit 退到系统视图undo vlan20 删除van20sysname 交换机命名disp vlan 显示anvlan 20 创建van（也可进入an20port e1/0/1toe1/05 把端口1-5放入ⅥLAN20中1、5700系列单个端口放入VLAN·[Huawei] lint g0/0/1·[Huawei]port link- type access（注:接口类型 access， hybrid、tunk）·[Huawei]port default vlan 10批量端口放入VLAN·[Huawei]port-group 1·[Huawei-port-group-1]group-member ethernet G0/0/1 to ethernet GO/0/20 ·[Huawei-port-group-l]port hybrid untagged vlan 3删除 group（组）vlan200内的15端口·LHuawei]int g0/0/15·[Huawei-GigabitEtherneto/0/15]undo port hybrid untagged vlan 200通过 group端口限速设置·[Huawei]Port-group 2·[Huawei]group-member go/0/2 to go/0/23·[Huawei]gos Ir outbound cir 2000 cbs 20000disp vlan 20 显示vlan里的端口20int e1/0/24 进入端口24undo port e1/0/10 表示删除当前VLAN端口10disp curr 显示当前配置·return 返回·save 保存二、跨交换机VLAN的通信在sw1上：vlan 10 建立VLAN 10int e1/0/5 进入端口5port access vlan 10 端口5加入van 10vlan 20 建立VLAN 20int e1/0/15 进入端口15port access vlan 2 端口15加入VLAN 20int e1/0/24 进入端口24port link-type trun 24 端口设为TRUNK端口port trunk permit vlan all在sw2上：vlan 10 建立VLAN 10int e1/0/20 进入端口20port access vlan 10 端口20加入van 10int e1/0/24 进入端口24port link-type trun 24 端口设为TRUNK端口port trunk permit vlan all 把24端口为所有vlan使用，即该端口可通过所有vlan disp int e1/0/24 查看端口24是否为trunk三、路由的配置命令·system 进入系统模式·sysname 命名。

SW1配置如下：<Huawei><Huawei>sy<Huawei>system-view （进入全局模式）Enter system view, return user view with Ctrl+Z.[Huawei]sy[Huawei]sysname SW1 ( 设备命名）[SW1][SW1]d[SW1]dhcp en[SW1]dhcp enable （使用DHCP功能）Info: The operation may take a few seconds. Please wait for a moment.done.[SW1][SW1]ip pool 10 （创建全局地址池，同时进入全局地址池视图）Info:It's successful to create an IP address pool.[SW1-ip-pool-10]netw[SW1-ip-pool-10]network 192.168.10.0 m[SW1-ip-pool-10]network 192.168.10.0 mask 24（配置全局地址池可动态分配的IP地址范围）[SW1-ip-pool-10][SW1-ip-pool-10]dns-list 8.8.8.8 （配置DNS ）[SW1-ip-pool-10][SW1-ip-pool-10]gateway-list 192.168.10.1 （配置网关）[SW1-ip-pool-10]ex[SW1-ip-pool-10]excluded-ip-address 192.168.10.201 192.168.10.254 （保留不被分配的地址）[SW1-ip-pool-10][SW1-ip-pool-10]lease d[SW1-ip-pool-10]lease day 7 （IP租约期限）[SW1-ip-pool-10][SW1-ip-pool-10]dis this （查询当前模式的配置）#ip pool 10gateway-list 192.168.10.1 （网关）network 192.168.10.0 mask 255.255.255.0 （IP地址范围）excluded-ip-address 192.168.10.201 192.168.10.254 （保留IP地址范围）lease day 7 hour 0 minute 0 （IP租约周期）dns-list 8.8.8.8#return[SW1-ip-pool-10][SW1-ip-pool-10][SW1-ip-pool-10]quit (退出）[SW1][SW1][SW1][SW1]ip pool 20Info:It's successful to create an IP address pool.[SW1-ip-pool-20][SW1-ip-pool-20][SW1-ip-pool-20]netw[SW1-ip-pool-20]network 192.168.20.0 m[SW1-ip-pool-20]network 192.168.20.0 mask 24[SW1-ip-pool-20][SW1-ip-pool-20][SW1-ip-pool-20]d[SW1-ip-pool-20]dns-list 8.8.8.8[SW1-ip-pool-20][SW1-ip-pool-20]g[SW1-ip-pool-20]gateway-list 192.168.20.1[SW1-ip-pool-20][SW1-ip-pool-20][SW1-ip-pool-20]ex[SW1-ip-pool-20]excluded-ip-address 192.168.20.201 192.168.20.254 [SW1-ip-pool-20][SW1-ip-pool-20][SW1-ip-pool-20]l[SW1-ip-pool-20]lease d[SW1-ip-pool-20]lease day 7[SW1-ip-pool-20][SW1-ip-pool-20][SW1-ip-pool-20][SW1-ip-pool-20][SW1-ip-pool-20]dis this#ip pool 20gateway-list 192.168.20.1network 192.168.20.0 mask 255.255.255.0excluded-ip-address 192.168.20.201 192.168.20.254lease day 7 hour 0 minute 0dns-list 8.8.8.8#return[SW1-ip-pool-20][SW1-ip-pool-20][SW1-ip-pool-20]q[SW1][SW1][SW1]v[SW1]vlan b[SW1]vlan batch 10 20 （批量创建vlan）Info: This operation may take a few seconds. Please wait for a moment...done. [SW1][SW1][SW1]int[SW1]interface g[SW1]interface GigabitEthernet 0/0/1 （进入port 1)[SW1-GigabitEthernet0/0/1]por[SW1-GigabitEthernet0/0/1]port l[SW1-GigabitEthernet0/0/1]port link-t[SW1-GigabitEthernet0/0/1]port link-type a[SW1-GigabitEthernet0/0/1]port link-type access (配置port 1 类型）[SW1-GigabitEthernet0/0/1][SW1-GigabitEthernet0/0/1][SW1-GigabitEthernet0/0/1]port[SW1-GigabitEthernet0/0/1]port def[SW1-GigabitEthernet0/0/1]port default v[SW1-GigabitEthernet0/0/1]port default vlan 10 （配置port 1 vlan) [SW1-GigabitEthernet0/0/1][SW1-GigabitEthernet0/0/1]quit (退出）[SW1][SW1]int[SW1]interface g[SW1]interface GigabitEthernet 0/0/2[SW1-GigabitEthernet0/0/2][SW1-GigabitEthernet0/0/2][SW1-GigabitEthernet0/0/2][SW1-GigabitEthernet0/0/2]por[SW1-GigabitEthernet0/0/2]port l[SW1-GigabitEthernet0/0/2]port link-t[SW1-GigabitEthernet0/0/2]port link-type a[SW1-GigabitEthernet0/0/2]port link-type access[SW1-GigabitEthernet0/0/2][SW1-GigabitEthernet0/0/2]por[SW1-GigabitEthernet0/0/2]port def[SW1-GigabitEthernet0/0/2]port default v[SW1-GigabitEthernet0/0/2]port default vlan 20[SW1-GigabitEthernet0/0/2][SW1-GigabitEthernet0/0/2]quit[SW1][SW1][SW1][SW1]int[SW1]interface v （配置VLANIF10接口下的客户端从全局地址池中获取IP地址）[SW1]interface Vlanif 10 （创建vlanif 10)[SW1-Vlanif10][SW1-Vlanif10][SW1-Vlanif10]ip add[SW1-Vlanif10]ip address 192.168.10.1 24 (配置IP地址）[SW1-Vlanif10][SW1-Vlanif10]dhcp sel[SW1-Vlanif10]dhcp select g[SW1-Vlanif10]dhcp select global （在vlanif 10模式下调用全局地址池）[SW1-Vlanif10][SW1-Vlanif10][SW1-Vlanif10]dis[SW1-Vlanif10]display this （查询当前配置参数）#interface Vlanif10ip address 192.168.10.1 255.255.255.0dhcp select global#return[SW1-Vlanif10][SW1-Vlanif10][SW1-Vlanif10]quit[SW1][SW1][SW1]int[SW1]interface v[SW1]interface Vlanif 20[SW1-Vlanif20][SW1-Vlanif20][SW1-Vlanif20]ip add[SW1-Vlanif20]ip address 192.168.20.1 24 [SW1-Vlanif20][SW1-Vlanif20]dhcp[SW1-Vlanif20]dhcp sel[SW1-Vlanif20]dhcp select g[SW1-Vlanif20]dhcp select global[SW1-Vlanif20][SW1-Vlanif20]dis this#interface Vlanif20ip address 192.168.20.1 255.255.255.0dhcp select global#return[SW1-Vlanif20][SW1-Vlanif20][SW1-Vlanif20]quit[SW1][SW1]dis[SW1]display ip pool （查看IP地址池配置情况）-----------------------------------------------------------------------Pool-name : 10Pool-No : 0Position : Local Status : UnlockedGateway-0 : 192.168.10.1Mask : 255.255.255.0VPN instance : -------------------------------------------------------------------------Pool-name : 20Pool-No : 1Position : Local Status : Unlocked Gateway-0 : 192.168.20.1Mask : 255.255.255.0VPN instance : --IP address StatisticTotal :506Used :0 Idle :398Expired :0 Conflict :0 Disable :108 [SW1][SW1][SW1]quit<SW1><SW1><SW1>save （保存配置，写入设备）The current configuration will be written to the device.Are you sure to continue?[Y/N]yNow saving the current configuration to the slot 0.Mar 18 2017 13:30:47-08:00 SW1 %%01CFM/4/SAVE(l)[63]:The user chose Y when deciding whether to save the configuration to the device.Save the configuration successfully.<SW1>PC情况如下。

华为交换机配置教程华为交换机配置教程华为交换机是目前市场上最常用的网络设备之一，它可以提供可靠的网络通信服务。

本教程将向您介绍如何配置华为交换机。

1. 首先，连接华为交换机到电源，并将其连接到本地网络。

确保所有的连接都是正确的，并确保交换机的电源正常工作。

2. 连接到交换机的计算机上，打开一个浏览器，并输入交换机的IP地址。

这个地址通常是192.168.1.1，但也可能因您的网络设置而有所不同。

输入正确的地址后，按下回车键，您会看到华为交换机的登录页面。

3. 在登录页面上，输入正确的用户名和密码。

默认的用户名是admin，密码是admin。

如果您修改了用户名和密码，请使用修改后的凭据登录。

4. 成功登陆后，您将进入华为交换机的控制面板。

在这里，您可以进行各种配置和管理操作。

例如，您可以创建和删除VLAN（虚拟局域网），设置端口安全性，配置子接口等等。

5. 如果您想配置VLAN，在控制面板上找到“VLAN”选项，并点击进入。

在VLAN页面上，您可以创建新的VLAN，并将端口分配给它。

您可以根据需要创建多个VLAN，并将它们与不同的端口进行关联。

6. 如果您想设置端口安全性，找到“安全性”选项，并点击进入。

在这里，您可以配置交换机的端口安全策略，设置允许和禁止连接的MAC地址，以及设置一些其他相关的参数。

7. 如果您想配置子接口，在控制面板上找到“接口”选项，并点击进入。

在接口页面上，您可以配置交换机的子接口参数，如VLAN ID，IP地址等等。

这对于划分不同的网络和实现更高的网络可用性非常有用。

8. 配置完成后，记得保存并应用您的改动。

在控制面板上找到“保存”选项，并点击保存您的配置。

这样，您的配置将被应用到交换机上。

华为交换机的配置教程到此结束。

通过按照以上步骤进行配置，您将能够对华为交换机进行各种操作和管理。

同时，我们也建议您参考华为交换机的用户手册和官方文档，以获取更详细的信息和指导。

希望这个教程能对您有所帮助，并对您在配置华为交换机时更加自信和熟练。

Huawei S5700-EI Series SwitchesProduct BrochureThe S5700-EI series gigabit enterprise switches (S5700-EI) are next-generation energy-saving switchesdeveloped by Huawei to meet the demand for high-bandwidth access and Ethernet multi-servicemaintain, reducing workloads for network planning, construction, and maintenance. The S5700-EI usesS5700-EI Series Gigabit Enterprise Switches Product OverviewProduct Appearance•Switching capacity: 416Gbps2-2Huawei Enterprise Sx700 Series Switch Product•Switching capacity: 416GbpsProduct Features and highlightsPowerful support for services•The S5700-EI supports IGMP v1/v2/v3 snooping, IGMP filter, IGMP fast leave, and IGMP proxy. It supportsline-speed replication of multicast packets between VLANs, multicast load balancing among member interfaces of a trunk, and controllable multicast, meeting requirements for IPTV services and othermulticast services.•The S5700-EI provides the Multi-VPN-Instance CE (MCE) function to isolate users in different VPNs on a device, ensuring data security and reducing costs.•The S5710-EI supports multiple MPLS & VPN features, including Label Distribution Protocol (LDP) or Resource Reservation Protocol for Traffic Engineering (RSVP-TE), MPLS TE, VLL, VPLS, and MPLS L3VPN. Comprehensive reliability mechanisms•Besides STP, RSTP, and MSTP, the S5700-EI supports enhanced Ethernet reliability technologies such asSmart Link and RRPP (Rapid Ring Protection Protocol), which implement millisecond-level protection switchover and ensure network reliability. It also provides Smart Link multi-instance and RRPP multi-instance to implement load balancing among links, optimizing bandwidth usage.Huawei Enterprise Sx700 Series Switch Product2-3•The S5700-EI supports enhanced trunk (E-Trunk) that enables a CE to be dual-homed to two PEs (S5700s).E-Trunk greatly enhances link reliability between devices and implements link aggregation betweendevices. This improves reliability of access devices.•The S5700-EI supports the Smart Ethernet Protection (SEP) protocol, a ring network protocol applied tothe link layer on an Ethernet network. SEP can be used on open ring networks and can be deployed onupper-layer aggregation devices to provide fast switchover, ensuring non-stop transmission of services.SEP features simplicity, high reliability, fast switchover, easy maintenance, and flexible topology, facilitatingnetwork planning and management.•The S5700-EI supports Ethernet Ring Protection Switching (ERPS), also referred to as G.8032. As the latestring network protocol, ERPS was developed based on traditional Ethernet MAC and bridging functionsand uses mature Ethernet OAM function and a Ring Automatic Protection Switching (R-APS) mechanismto implement millisecond-level protection switching. ERPS supports various services and allows flexiblenetworking, helping customers build a network with lower OPEX and CAPEX.•The S5700-EI supports redundant power supplies, and can use an AC power supply and a DC powersimultaneously. Users can choose a single power supply or use two power supplies to ensure devicereliability.•The S5700-EI supports VRRP, and can set up VRRP groups with other Layer 3 switches. VRRP providesredundant routes to ensure stable and reliable communication. Multiple equal-cost routes to an uplinkdevice can be configured on the S5700-EI to provide route redundancy. When an active route isunreachable, traffic is switched to a backup route.•The S5700-EI supports Bidirectional Forwarding Detection (BFD) and provides millisecond-level detectionfor protocols such as OSPF, IS-IS, VRRP, and PIM to improve network reliability. The S5700-EI complies withIEEE 802.3ah and 802.1ag. IEEE 802.3ah defines the mechanism for detecting faults on direct links overthe Ethernet in the first mile, and 802.1ag defines the mechanism for end-to-end service fault detection.The S5700-EI supports Y.1731. Besides fast end-to-end service fault detection, the S5700-EI can use theperformance measurement tools defined in Y.1731 to monitor network performance, providing accuratedata about network quality.Well-designed QoS policies and security mechanisms•The S5700-EI implements complex traffic classification based on packet information such as the 5-tuple,IP precedence, ToS, DSCP, IP protocol type, ICMP type, TCP/UDP port number, VLAN ID, Ethernet protocoltype. ACLs can be applied to inbound or outbound direction on an interface. The S5700-EI supportsa flow-based two-rate three-color CAR. Each port supports eight priority queues and multiple queuescheduling algorithms such as WRR, DRR, SP, WRR+SP, and DRR+SP. All of these ensure the quality ofvoice, video, and data services.Huawei Enterprise Sx700 Series Switch Product•The S5700-EI provides multiple security measures to defend against Denial of Service (DoS) attacks,and attacks against networks or users. DoS attack types include SYN Flood attacks, Land attacks, Smurf attacks, and ICMP Flood attacks. Attacks to networks refer to STP BPDU/root attacks. Attacks to users include bogus DHCP server attacks, man-in-the-middle attacks, IP/MAC spoofing attacks, DHCP requestflood attacks. DoS attacks that change the CHADDR field in DHCP packets are also attacks against users.•The S5700-EI supports DHCP snooping, which discards invalid packets that do not match any binding entries, such as ARP spoofing packets and IP spoofing packets. This prevents man-in-the-middle attacksto campus networks that hackers initiate by using ARP packets. The interface connected to a DHCP server can be configured as a trusted interface to protect the system against bogus DHCP server attacks.•The S5700-EI supports strict ARP learning, which prevents ARP spoofing attacks that will exhaust ARP entries. It also provides IP source check to prevent DoS attacks caused by MAC address spoofing, IP address spoofing, and MAC/IP spoofing.•The S5700-EI supports 802.1x authentication, MAC address authentication, and combined authentication on a per port basis, as well as Portal authentication on a per VLANIF interface basis. The S5700-EI also supports NAC. The S5700-EI authenticates users based on statically or dynamically bound user information such as the user name, IP address, MAC address, VLAN ID, access interface, and flag indicating whether antivirus software is installed. VLANs, QoS policies, and ACLs can be applied to users dynamically.•The S5700-EI can limit the number of MAC addresses learned on an interface to prevent attackers from exhausting MAC address entries by using bogus source MAC addresses. This function minimizes packetflooding that occurs when MAC addresses of users cannot be found in the MAC address table.Fine-grained traffic management•The S5710-EI supports NetStream. The NetStream module supports V5, V8, and V9 packet formats and provides various traffic analysis functions, such as real-time traffic sampling, dynamic report generation, traffic attribute analysis, and traffic exception report. The Netstream module enables administrators to monitor network status in real time and provides applications and analysis functions including potential fault detection, effective fault rectification, fast problem handling, and security monitoring, to help customers optimize network structure and adjust resource deployment.•The S5700-EI supports the Sampled Flow (sFlow) function, which uses a sampling mechanism to obtain statistics about traffic forwarded on a network and sends the statistics to the Collector in real time. The Collector analyzes traffic statistics to help customers manage network traffic efficiently. The S5700-EI integrates the sFlow Agent module and uses hardware for traffic monitoring. Unlike traffic monitoring through port mirroring, sFlow does not degrade network performance during traffic monitoring.Easy deployment and maintenance free•The S5700-EI supports automatic configuration, plug-and-play, and batch remote upgrade. These capabilities simplify device management and maintenance and reduce maintenance costs. The S5700-EI supports SNMP v1/v2c/v3 and provides flexible methods for managing devices. Users can manageHuawei Enterprise Sx700 Series Switch Productthe S5700-EI using the CLI and Web NMS. The NQA function helps users with network planning andupgrading. In addition, the S5700-EI supports NTP, SSH v2, HWTACACS+, RMON, log hosts, and port-based traffic statistics.•EasyDeploy: The Commander collects information about the topology of the client connecting to theCommander and saves client startup information based on the topology. The client can be replacedwithout configuration. Configuration and scripts can be delivered to the client in batches. In addition, theconfiguration delivery result can be queried. The Commander can collect and display power consumptionon the entire network.•The S5700-EI supports the GARP VLAN Registration Protocol (GVRP), which dynamically distributes,registers, and propagates VLAN attributes to reduce manual configuration workloads of networkadministrators and to ensure correct VLAN configuration. In a complex network topology, GVRP simplifiesVLAN configuration and reduces network communication faults caused by incorrect VLAN configuration.•The S5700-EI supports MUX VLAN. MUX VLAN isolates Layer 2 traffic between interfaces in a VLAN.Interfaces in a subordinate separate VLAN can communicate with ports in the principal VLAN but cannotcommunicate with each other. MUX VLAN is usually used on an enterprise intranet to isolate userinterfaces from each other but allow them to communicate with server interfaces. This function preventscommunication between network devices connected to certain interfaces or interface groups but allowsthe devices to communicate with the default gateway.PoE function•The S5700-EI PWR can use PoE power supplies with different power levels to provide -48V DC power forPowered Devices (PDs) such as IP phones, WLAN APs, and Bluetooth APs. In its role as Power SourcingEquipment (PSE), the S5700-EI PWR complies with IEEE 802.3af and 802.3at (PoE+) and can work with PDsthat are incompatible with 802.3af or 802.3at. Each port provides a maximum of 30 W power, complyingwith IEEE 802.3at. The PoE+ function increases the maximum power of each port and implements intelligentpower management for high-power consumption applications. This facilitates the use of PDs. PoE portscan work in power-saving mode. The S5700-EI PWR provides improved PoE solutions. Users can configurewhether and when a PoE port supplies power.High scalability•The S5700-EI supports intelligent stacking (iStack). Multiple S5700-EI switches can be connected withstack cables to set up a stack, which functions as a virtual switch. A stack consists of a master switch,a backup switch, and several slave switches. The backup switch takes over services when the masterswitch fails, reducing service interruption time. Stacks support intelligent upgrade so that users do notneed to change the software version of a switch when adding it to a stack. The iStack function allowsusers to connect multiple switches with stack cables to expand system capacity. These switches can bemanaged using a single IP address, which greatly reduces the costs of system expansion, operation, andmaintenance. Compared with traditional networking technologies, iStack has advantages in scalability,reliability, and system architecture.Huawei Enterprise Sx700 Series Switch ProductVarious IPv6 features•The S5700-EI supports IPv4/IPv6 dual stack and can migrate from an IPv4 network to an IPv6 network.S5700-EI hardware supports IPv4/IPv6 dual stack, IPv6 over IPv4 tunnels (including manual tunnels, 6to4tunnels, and ISATAP tunnels), and Layer 3 line-speed forwarding. The S5700-EI can be deployed on IPv4networks, IPv6 networks, or networks that run both IPv4 and IPv6. This makes networking flexible andenables easy migration from IPv4 to IPv6.Product Specifications2-7Huawei Enterprise Sx700 Series Switch ProductHuawei Enterprise Sx700 Series Switch Product*:The S5700 switches of the EI series are collectively called S5700-EI. S5710-EI is a sub-series switches of S5700-EI .2-9Huawei Enterprise Sx700 Series Switch ProductOn Large-sized Enterprise NetworksThe S5700-EI can function as an access device on a large-sized enterprise network or an aggregation device on a small-sized or medium-sized campus network. It supports link aggregation and dual-homing to improve network reliability.In Data CentersThe S5700-EI can be used in a data center. It connects to gigabit servers and aggregates traffic from the servers to uplink devices through trunk links. If multiple servers are available, an S5700-EI stack can be used to facilitate network maintenance and improve network reliability.InternetWANApplicationsHuawei Enterprise Sx700 Series Switch ProductFor more information, visit or contact your local Huawei sales office.S5710-28C-EI(24xEthernet 10/100/1000 ports,4 of which are dual-purpose 10/100/1000 or SFP ,4x10 GigSFP+, without power module)S5710-28C-PWR-EI-AC(24xEthernet 10/100/1000 PoE+ ports,4 of which are dual-purpose 10/100/1000 orSFP ,4x10 Gig SFP+, with 580W AC power)S5710-52C-EI(48xEthernet 10/100/1000 ports,4x10 Gig SFP+, with 2 interface slots, without powermodule)S5710-52C-PWR-EI(48xEthernet 10/100/1000 PoE+ ports, 4x10 Gig SFP+, with 2 interface slots, withoutpower module)8xGig SFP interface card(used in S5710-EI series)8xEthernet 10/100/1000 ports interface card(used in S5710-EI series)4xGig SFP interface card(including 4xGig SFP optical interface, extend channel card)(used in S5700-EI series)2x10GE SFP+ interface card(used in S5710-EI series)2x10GE SFP+ interface card(used in S5700-SI and S5700-EI series)4x10GE SFP+ optical interface card(including 4x10GE SFP+ interface, extend channel card)(used in S5700-SIand S5700-EI series)Ethernet Stack Interface Card(Including stack card,100cm stack cable)Ethernet Stack Interface Card(Including stack card,300cm stack cable)150W AC Power Module150W DC Power Module500W AC PoE Power Module580W AC PoE Power Module 1150W AC PoE Power Module Product List2-11Huawei Enterprise Sx700 Series Switch ProductCopyright © Huawei Technologies Co., Ltd. 2015. All rights reserved.No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd.Trademark Notice, HUAWEI, and are trademarks or registered trademarks of Huawei Technologies Co., Ltd.Other trademarks, product, service and company names mentioned are the property of their respective owners.General DisclaimerThe information in this document may contain predictive statements including,without limitation, statements regarding the future financial and operating results,future product portfolio, new technology, etc. There are a number of factors thatcould cause actual results and developments to differ materially from thoseexpressed or implied in the predictive statements. Therefore, such information isprovided for reference purpose only and constitutes neither an offer nor anacceptance. Huawei may change the information at any time without notice.。