华为5700操作手册

华为S5700交换机操作手册MEth 0/0/1 属于管理口system-view[Quidway]interface MEth 0/0/1[Quidway]ip adddress 192.168.5.2 255.255.255.0 #设置管理ip配置连接密码打开web操作sysaaalocal-user huawei password cipher adminlocal-user huawei level15local-user huawei ftp-directory flash;local-user hawed service-type telnet terminal httpCONSOLE:通过密码：[Quidway]user-interface con 0[Quidway-ui-console0]authentication-mode password[Quidway-ui-console0]set authentication password simple h3c[Quidway-ui-console0]user privilege level 3------------->可以不配置，默认级别是3通过用户名和密码：[Quidway]local-user quidway[Quidway-luser-quidway]password simple h3c[Quidway-luser-quidway]service-type terminal level 3[Quidway]user-interface con 0[Quidway-ui-console0]authentication-mode schemeTELNET:通过密码：[Quidway]user-interface vty 0 4[Quidway-ui-vty0-4]authentication-mode password [Quidway-ui-vty0-4]set authentication password simple h3c [Quidway-ui-vty0-4]user privilege level 3通过用户名和密码：[Quidway]user-interface vty 0 4[Quidway-ui-vty0-4]authentication-mode password [Quidway-ui-vty0-4]set authentication password simple h3c [Quidway]local-user quidway[Quidway-luser-quidway]password simple h3c [Quidway-luser-quidway]service-type telnet level 3默认是VRP1.74和1.44是没有缺省用户名和密码的。

精彩沟通无线生活欢迎您使用华为技术有限公司T5700手机HUAWEI T5700手机 用户手册声明Copyright ©2008华为技术有限公司版权所有，保留一切权利。

非经本公司书面许可，任何单位或个人不得以任何方式摘抄、复制本书内容的部分或全部，并不得以任何形式传播。

、HUAWEI、华为均为华为技术有限公司的商标。

对于本手册中出现的其它商标和产品名字，由各自的所有人拥有。

由于产品版本升级或其它原因，本手册内容会不定期进行更新。

除非另有约定，本手册仅作为使用指导，本手册中的所有陈述、消息和建议不构成任何明示或暗示的担保。

华为技术有限公司地址：深圳市龙岗区坂田华为总部办公楼邮编：518129网址：使用手机前，请仔细阅读本节内容，也请让您的孩子了解这些内容，以确保正确和安全地使用手机。

有关更详细的信息，请参阅本手册中的“安全警告和注意事项”内容。

在禁止使用手机的场所，或者使用手机会引起干扰或危险时，请关闭手机。

请勿在驾驶汽车时使用手机，以免妨碍安全驾驶。

在医疗场所，请遵守有关规定或条例。

在靠近医疗设备的区域，请关闭手机。

登机时请关闭手机，以免无线信号干扰飞机控制信号。

在使用高精度的电子设备附近，请关闭手机，否则可能会导致电子设备故障。

请勿擅自拆卸手机及附件，只有授权机构才可维修本手机。

请勿将手机及附件放置于具有强大电磁场的器具中。

请将手机远离磁性设备，手机的辐射会抹掉磁性设备上存储的信息。

请勿在高温处、有易燃气体的地方（如加油站附近）使用手机。

请将手机及附件放在儿童触摸不到的地方，请勿让儿童在无人监管的情况下使用手机。

请使用本公司指定的电池和充电器，否则，可能会引起爆炸。

使用本手机时，请遵守相关法律法规，并尊重他人隐私及合法权利。

使用USB 数据线时请严格遵守本手册中的相关说明，否则可能损坏您的手机或个人计算机。

安全须知目录 1网络帐户设置 1彩信帐户设置 (1)Email帐户设置 (1)浏览器帐户设置 (1)游戏网络设置 (1)数据同步帐号设置 (2)了解您的手机 3包箱清单 (3)您的手机 (4)使用手机入门 7安装智能卡 (7)取出智能卡 (7)为电池充电 (8)安装/取出存储卡 (9)开机和关机 (9)通话功能 11拨打及接听电话 (11)语音通话中的操作 (12)通话记录 (13)输入法 14T9输入法 (14)Abc输入法 (14)简体拼音输入法 (15)简体笔画输入法 (16)123输入法 (16)符号输入法 (16)输入法语言 (16)通讯录 17通过通讯录拨打电话 (17)查找联系人 (17)显示手机或智能卡中联系人 (17)其他操作 (17)群组 (18)信息中心 20信息 (20)电子邮件 (22)小区广播收件箱 (25)模板 (25)音乐 26音乐库 (26)播放列表 (26)工具箱 27闹钟 (27)日历 (27)待办事宜 (28)记事本 (29)数据同步 (29)计算器 (30)单位转换 (30)汇率转换 (30)录音机 (31)时区 (31)秒表 (31)倒计时器 (31)目录1服务拨号 (31)文件夹 32浏览器 33主页 (33)打开新页 (33)书签 (33)已保存的页面 (33)历史记录 (33)恢复 (33)设置 (34)应用程序 35游戏 (35)照相机 (35)录像机 (36)播放音乐 (36)数据连接 37蓝牙 (37)USB (39)存储卡读卡器 (40)PC助手的使用 (40)设置 42手机设置 (42)显示设置 (43)信息设置 (43)通话设置 (43)电话本设置 (45)Java 设置 (45)数据连接 (45)网络设置 (45)安全设置 (45)DRM设置 (46)安全警告及注意事项 48电子设备 (48)医疗场所 (48)易燃易爆区域 (48)交通安全 (48)存放环境 (49)儿童健康 (49)操作环境 (49)清洁维护 (50)环境保护 (51)紧急呼叫 (51)使用电池 (51)使用充电器 (52)使用USB数据线 (52)射频能量吸收比率（SAR） (53)缩略语表 54附录 55索引 121网络帐户设置您的手机在彩信、Email、浏览器、游戏的网络设置、数据同步等部分预置了中国移动和中国联通的网络帐户。

华为三层交换机5700DHCP配置交换机配置DHCP配置1，交换机作DHCP Server『配置环境参数』1. PC1、PC2的⽹卡均采⽤动态获取IP地址的⽅式2. PC1连接到交换机的以太⽹端⼝0/1，属于VLAN10；PC2连接到交换机的以太⽹端⼝0/2，属于VLAN203. 三层交换机SwitchA的VLAN接⼝10地址为10.1.1.1/24，VLAN接⼝20地址为10.1.2.1/24『组⽹需求』1. PC1可以动态获取10.1.1.0/24⽹段地址，并且⽹关地址为10.1.1.1；PC2可以动态获取10.1.2.0/24⽹段地址，并且⽹关地址为10.1.2.1『DHCP Server配置流程流程』可以完成对直接连接到三层交换机的PC机分配IP地址，也可以对通过DHCP中继设备连接到三层交换机的PC机分配IP地址。

分配地址的⽅式可以采⽤接⼝⽅式，或者全局地址池⽅式。

【SwitchA采⽤接⼝⽅式分配地址相关配置】1. 创建（进⼊）VLAN10[SwitchA]vlan 102. 将E0/1加⼊到VLAN10[SwitchA-vlan10]port Ethernet 0/13. 创建（进⼊）VLAN接⼝10[SwitchA]interface Vlan-interface 104. 为VLAN接⼝10配置IP地址[SwitchA-Vlan-interface10]ip address 10.1.1.1 255.255.255.05. 在VLAN接⼝10上选择接⼝⽅式分配IP地址[SwitchA-Vlan-interface10]dhcp select interface6. 禁⽌将PC机的⽹关地址分配给⽤户[SwitchA]dhcp server forbidden-ip 10.1.1.1【SwitchA采⽤全局地址池⽅式分配地址相关配置】1. 创建（进⼊）VLAN10[SwitchA]vlan 102. 将E0/1加⼊到VLAN10[SwitchA-vlan10]port Ethernet 0/13. 创建（进⼊）VLAN接⼝10[SwitchA]interface Vlan-interface 104. 为VLAN接⼝10配置IP地址[SwitchA-Vlan-interface10]ip address 10.1.1.1 255.255.255.05. 在VLAN接⼝10上选择全局地址池⽅式分配IP地址[SwitchA-Vlan-interface10]dhcp select global6. 创建全局地址池，并命名为”vlan10”[SwitchA]dhcp server ip-pool vlan107. 配置vlan10地址池给⽤户分配的地址范围以及⽤户的⽹关地址[SwitchA-dhcp-vlan10]network 10.1.1.0 mask 255.255.255.0[SwitchA-dhcp-vlan10]gateway-list 10.1.1.18. 禁⽌将PC机的⽹关地址分配给⽤户[SwitchA]dhcp server forbidden-ip 10.1.1.1【补充说明】以上配置以VLAN10的为例，VLAN20的配置参照VLAN10的配置即可。

华为S5700交换机初始化和配置TELNET远程登录方法：1,交换机开启Telnet服务<Huawei>system-view #进入系统视图[Huawei]telnet server ？ #查看有enable还是disable选项，选择对应的开启方式。

[Huawei]telnet server enable #enable选项开启Telnet服务（普通系列一般为这个）[Huawei]undo telnet server disable #disable选项开启Telnet服务（CE高端系列一般为这个）2，配置VTY用户界面的最大个数（同时可以登录的最大数）[Huawei]user-interface maximum-vty 15 #默认是5，这个可以不设置3，配置VTY用户界面的终端属性[Huawei]user-interface vty 0 14 #上面是15所有这里是0 14 如果选择默认这里是0 4 [Huawei-ui-vty0-14]protocol inbound telnet #配置vty支持telnet协议4，配置VTY用户界面的用户验证方式[Huawei-ui-vty0-14]authentication-mode aaa #配置用户终端的身份验证模式为aaa认证为aaa认证[Huawei-ui-vty0-14]quit #退出vty配置界面5，配置登录验证方式[Huawei]aaa #进入aaa配置模式[Huawei-aaa]local-user admin1234 password ? #查看可以选择的密码选择[Huawei-aaa]local-user admin1234 password simple Huawei1234 #密码选项simple 账号admin1234 密码Huawei1234 (普通系列一般为这个)[Huawei-aaa]local-user admin1234 password irreversible-cipher Huawei12#$ #密码选项irreversible-cipher 账号admin1234 密码Huawei12#$ (CE高端系列一般为这个)[Huawei-aaa]local-user admin1234 service-type telnet #配置接入服务类型，如果还需要SSH 登录请加上[Huawei-aaa]local-user admin1234 privilege level 3 #配置账号的级别，默认3级是超级管理员的权限[Huawei-aaa]quit #退出<Huawei>telnet 127.0.0.1 #测试telnet配置是否OK<Huawei>save #保存配置===================================================================华为S5700交换机初始化和配置SSH和TELNET远程登录方法：AAA是指：authentication（认证）、authorization（授权）、accounting（计费）的简称，是网络安全的一种管理机制；Authentication是本地认证/授权，authorization和accounting是由远处radius（远程拨号认证系统）服务或hwtacacs（华为终端访问控制系统）服务器完成认证/授权；AAA是基于用户进行认证、授权、计费的，而NAC方案是基于接入设备接口进行认证的,在实际应用中，可以使用AAA的一种或两种服务。

华为S5700交换机初始化和配置TELNET远程登录方法：1,交换机开启Telnet服务<Huawei>system-view #进入系统视图[Huawei]telnet server ？#查看有enable还是disable选项，选择对应的开启方式。

[Huawei]telnet server enable #enable选项开启Telnet服务（普通系列一般为这个）[Huawei]undo telnet server disable #disable选项开启Telnet服务（CE高端系列一般为这个）2，配置VTY用户界面的最大个数（同时可以登录的最大数）[Huawei]user-interface maximum-vty 15 #默认是5，这个可以不设置3，配置VTY用户界面的终端属性[Huawei]user-interface vty 0 14 #上面是15所有这里是0 14 如果选择默认这里是0 4[Huawei-ui-vty0-14]protocol inbound telnet #配置vty支持telnet协议4，配置VTY用户界面的用户验证方式[Huawei-ui-vty0-14]authentication-mode aaa #配置用户终端的身份验证模式为aaa认证为aaa认证[Huawei-ui-vty0-14]quit #退出vty配置界面5，配置登录验证方式[Huawei]aaa #进入aaa配置模式[Huawei-aaa]local-user admin1234 password ? #查看可以选择的密码选择[Huawei-aaa]local-user admin1234 password simple Huawei1234 #密码选项simple 账号admin1234 密码Huawei1234 (普通系列一般为这个)[Huawei-aaa]local-user admin1234 password irreversible-cipher Huawei12#$ #密码选项irreversible-cipher 账号admin1234 密码Huawei12#$ (CE高端系列一般为这个)[Huawei-aaa]local-user admin1234 service-type telnet #配置接入服务类型，如果还需要SSH登录请加上[Huawei-aaa]local-user admin1234 privilege level 3 #配置账号的级别，默认3级是超级管理员的权限[Huawei-aaa]quit #退出<Huawei>telnet 127.0.0.1 #测试telnet配置是否OK<Huawei>save #保存配置===================================================================华为S5700交换机初始化和配置SSH和TELNET远程登录方法：AAA是指：authentication（认证）、authorization（授权）、accounting（计费）的简称，是网络安全的一种管理机制；Authentication是本地认证/授权，authorization和accounting是由远处radius（远程拨号认证系统）服务或hwtacacs（华为终端访问控制系统）服务器完成认证/授权；AAA是基于用户进行认证、授权、计费的，而NAC方案是基于接入设备接口进行认证的,在实际应用中，可以使用AAA的一种或两种服务。

User view commands:（用户视图命令）cd Change current directory（更改当前目录)check Check information(检查信息）clear Clear information（清晰的信息）clock Specify the system clock（系统时间设置）cluster Run cluster command（运行群集命令）cluster-ftp FTP command of cluster（集群的FTP命令）compare Compare function（比较功能）configuration Configuration interlockcopy Copy from one file to anotherdebugging Enable system debugging functionsdelete Delete a filedir List files on a file systemdisplay Display current system informationfixdisk Recover lost chains in storage deviceformat Format the deviceftp Establish an FTP connectionhwtacacs-userkill Release a user terminal interfacelanguage-mode Specify the language environmentlldp Link Layer Discovery Protocollocal-user Add/Delete/Set user(s)lock Lock the current user terminal interfacemkdir Create a new directorymore Display the contents of a filemove Move the filemtrace Trace route to multicast sourcentdp Run NTDP commandspatch Patch subcommandsping Send echo messagespwd Display current working directoryquit Exit from current command viewreboot Reboot systemrefresh Do soft resetrename Rename a file or directoryreset Reset operationrmdir Remove an existing directorysave Save current configurationschedule Schedule system taskscreen-length Set the number of lines displayed on a screenscreen-width Set screen widthsend Send information to other user terminal interfaces set Setstack Stackstart-script Start a script on an user-interfacestartup Configure parameter for system to startupsuper Privilege current user a specified priority levelsystem-view Enter the system viewtelnet Establish a Telnet connectionterminal Set the terminal line characteristicstest-aaa Accounts testtftp Establish a TFTP connectiontrace Trace route (switch) to host on Data Link Layertracert Trace route to hostundelete Recover a deleted fileundo Cancel current configurationunzip Decompress a filezip Compress a file使用命令local-user ccssoft password cipher 123456 privilege level 15Info: Add a new user.（本地用户ccssoft密码密码123456特权级15信息：添加新用户。

Quidway S5700 系列以太网交换机V100R006C00快速入门文档版本02发布日期2011-07-15版权所有 © 华为技术有限公司 2011。

保留一切权利。

非经本公司书面许可，任何单位和个人不得擅自摘抄、复制本文档内容的部分或全部，并不得以任何形式传播。

商标声明和其他华为商标均为华为技术有限公司的商标。

本文档提及的其他所有商标或注册商标，由各自的所有人拥有。

注意您购买的产品、服务或特性等应受华为公司商业合同和条款的约束，本文档中描述的全部或部分产品、服务或特性可能不在您的购买或使用范围之内。

除非合同另有约定，华为公司对本文档内容不做任何明示或默示的声明或保证。

由于产品版本升级或其他原因，本文档内容会不定期进行更新。

除非另有约定，本文档仅作为使用指导，本文档中的所有陈述、信息和建议不构成任何明示或暗示的担保。

华为技术有限公司地址：深圳市龙岗区坂田华为总部办公楼邮编：518129网址：客户服务邮箱：support@客户服务电话：4008302118前言读者对象本手册针对Quidway S5700系列以太网交换机设备开局，从管理维护的角度，对设备功能进行基本的验证，确保设备稳定、可靠地投入网上运行。

本文档主要适用于以下工程师：l数据配置工程师l调测工程师l网络监控工程师l系统维护工程师符号约定在本文中可能出现下列标志，它们所代表的含义如下。

命令行格式约定修订记录修订记录累积了每次文档更新的说明。

最新版本的文档包含以前所有文档版本的更新内容。

文档版本 02 (2011-07-15)相对于版本01 (2011-05-20）的变化如下：修改：l 2 产品硬件简介l7 文档获取文档版本 01 (2011-05-20)第一次正式发布。

快速入门目录目录前言 (ii)1 概述 (1)2 产品硬件简介 (2)2.1 S2700以太网交换机简介 (3)2.2 S3700以太网交换机简介 (5)2.3 S5700以太网交换机简介 (7)2.4 S6700以太网交换机简介 (10)2.5 S2700系列以太网交换机指示灯介绍 (11)2.6 S3700系列以太网交换机指示灯介绍 (14)2.7 S5700系列以太网交换机指示灯介绍 (18)2.8 S6700系列以太网交换机指示灯介绍 (25)3 设备安装 (29)4 设备上电 (30)4.1 上电前检查 (31)4.2 设备上电 (34)4.3 上电后检查 (34)5 登录设备 (36)5.1 通过Console口登录Switch (37)5.2 通过Telnet登录设备 (40)5.3 登录Web网管客户端 (42)6 业务部署 (44)7 文档获取 (45)1概述介绍快速入门包括的内容。

华为s5700-SI交换机常用命令有哪些交换机的主要功能包括物理编址、网络拓扑结构、错误校验、帧序列以及流控。

交换机还具备了一些新的功能，如对VLAN(虚拟局域网)的支持、对链路汇聚的支持，甚至有的还具有防火墙的功能。

不同品牌交换机配置方法命令可能有所不同，但是大体思路都是一样的。

这篇文章主要介绍了华为交换机常用命令以s5700-SI为例,需要的朋友可以参考下配置命令save // 配置完交换机后保存当前配置的命令system-view // 进入系统视图的命令clock timezone BJ add|minus 8 // 设置时区clock datetime 16:36:00 2016-07-01 //设置交换机的时间系统视图: 在用户视图下输入system-view后进入系统视图,一般为方括号[]display current-configuration // 显示当前配置user-interface maximum-vty 15 //配置vty最大连接数user-interface vty 0 14 //进入vty用户界面视图user privilege level 2 //设置vty登入的用户等级为2(配置用户级别)authentication-mode aaa //设置vty登入时的验证模式为用户名和密码验证aaa //进入AAA视图local-user admin password cipher admin@123 //设置aaa登入的用户名和密码local-user admin service-type telnet //设置admin用户远程登入时的协议user-interface console 0 //进入第0个console口的用户界面authentication-mode passwd //配置从console口登入交换机的认证模式为密码认证set authentication password cipher admin@123 //配置从console口登入交换机的密码vlan 10 //创建一个VLANinterface meth 0/0/1 //进入交换机的第一个管理网口ip address 192.168.1.110 24 //设置管理网口的ip地址和子网掩码interface gigabitethernet 0/0/1 //进入第一个业务网口port link-type access //设置第1个网口位access模式port default vlan 10 //设置此网口的VLAN号为10interface gigabitethnet 0/0/2 //进入第2个业务网口port link-type trunk //设置第二个网口位trunk模式port trunk allow-pass vlan 10 20 30 //设置此端口可以通过的VLAN号// port trunk allow-pass vlan all 表示可以通过所有的带VLAN 的帧Interface gigabitethnet 0/0/3 //进入第3个业务网口Port link-type hybrid //设置此端口为hybrid模式,每个端口默认就是hybrid模式Port hybrid pvid vlan 10 //设置pvid为10Port hybrid tagged vlan 20 30 40 //设置tagged列表为20,30,40Port hybrid untagged vlan 50 60 //设置untagged列表为50,60Display port vlan //显示当前各端口的VLAN情况清除某个端口的配置Interface gigabitethernet 0/0/2Clear configuration thisUndo shutdownInterface gigabitethernet 0/0/3Undo port default vlan //access 模式的端口Undo port hybrid pvid vlan vlanid //hybrid 模式的端口Undo port hybrid untagged vlan vlanidUndo port hybrid tagged vlan vlanidUndo port trunk pvid vlan //trunk 模式的端口Undo port trunk allow-pass vlan vlanidUndo port link-type恢复出厂设置s5700SI在用户视图下(按Ctrl+z组合键回到用户视图)输入如下命令操作reset saved-configurationYRebootNY设置交换机的mux-vlan模式假设主VLAN是10,从VLAN中group模式的有VLAN 20, separate模式的有VLAN 30,server连接1号端口,PC1和PC2连接2和3号端口,PC3和PC4连接4和5号端口Vlan batch 10 20 30Vlan 10Mux-vlanSubordinate group 20Subordinate separate 30把各连接的端口设为access模式,并且加入到各自的VLAN中,且同时开启mux-vlan功能,Interface gigabitethernet 0/0/1Port link-type accessPort default vlan 10Port mux-vlan enableInterface gigabitethernet 0/0/2 //3号端口设置方法类似Port default vlan 20Port mux-vlan enableInterface gigabitethernet 0/0/4 //5号端口设置方法类似Port link-type accessPort default vlan 30Port mux-vlan enable三层交换机接路由器LAN口Vlan 60 70Interface vlanif 60ip address 192.168.60.1 24interface vlanif 70ip address 192.168.1.238 24interface gigabitethernet 0/0/3port link-type accessport default vlan 60interface gigabitethernet 0/0/4port link-type accessport default vlan 70ip route-static 0.0.0.0 0.0.0.0 192.168.1.1在与交换机相连的路由器上设置一条静态ip地址,目的地址为交换机相关的各个网段地址,网关为交换机与路由器相连的vlanif的ip地址批量配置交换机端口vlan batch 10 20port-group 1group-member gigabitethernet 0/0/1 to gigabitethernet 0/0/10port link-type accessport default vlan 10补充：交换机常见故障解决通过观察初步定为故障，一般如果设备正常，而且线路连接也正常，则交换机指示灯会亮绿色并且一闪一闪的。

华为三层交换机5700系列配置⽰例配置说明配置华为交换机的注意事项（针对5700系列）默认情况下，华为设备管理地址为192.168.1.253/24，账号 admin, 密码 admin@如果有web界⾯管理功能，可以尝试使⽤ETH⼝登陆，如果登陆不上，可以按住MODE键6s,重置，打开web登陆功能。

在配三层交换机配置vlan时，默认情况下不同的vlan⽹段是可以通过路由互通的，不⽤额外配置（如思科等设备需要开启ip routing）如果要对端⼝批量操作，如配置vlan，可以先创建⼀个组,使⽤ port-group GROUP-NAME命令创建组，并通过group-member GigabitEthernet 0/0/1 to GigabitEthernet 0/0/20 来批量添加组员，以后需要对这些端⼝操作进⼊此group就可以了。

如果要对不同的vlan⽹络隔离，需要配置ACL策略。

在使⽤PC机进⾏测试时，要关闭⽆线和其他的虚拟⽹卡，并确认关闭防⽕墙，排除测试⼲扰因素。

实现⽅式三层核⼼交换机在配置多个不同⽹段互联时，有以下两种⽅式：1. 单臂路由⽅式: 三层核⼼交换机配置多⽹络vlan，与上联汇聚层设备接⼝使⽤trunk透传，上联防⽕墙或路由器创建⼦接⼝并对应VLAN作为⽹关，vlan间的数据路由在上联设备完成。

单臂路由⽅式：2. 静态路由⽅式: 三层核⼼交换机作为接⼊设备，配置多⽹络vlan，并创建⽹关，上联接⼝配置静态IP，交换机和上联设备添加静态路由，vlan之间的数据路由在接⼊交换机上完成。

静态路由⽅式：设备配置单臂路由⽅式（Trunk）路由器：LAN1: 192.168.1.1下⼀跳地址： 192.168.1.2SW1GE1/0/1: 192.168.1.2 VLAN 1GE1/0/2: TRUNK 允许 VLAN 2 3GE1/0/3: 192.168.4.1 VLAN 4SW2GE1/0/1: TRUNK VLAN 2 3GE1/0/23: 192.168.2.1/24 VLAN 2GE1/0/24: 192.168.3.1/24 VLAN 3SW3默认不⽤配置，充当⼆层交换机配置思路采⽤如下的思路配置汇聚层设备作为⽹关实现不同⽹段⽤户间的通信：配置接⼊交换机，基于接⼝划分VLAN，实现⼆层互通。

telnet登录华为5700的配置学习内容一、掌握华为5700的基本常用操作命令二、掌握华为5700的常规开局学习方案一、登录界面及等级切换<Quidway>super ---进入特权模式Now user privilege is 3 level, and only those commands whose level is equal to orless than this level can be used.Privilege note: 0-VISIT, 1-MONITOR, 2-SYSTEM, 3-MANAGE<Quidway>system-view ---进入系统配置模式Enter system view, return user view with Ctrl+Z.[Quidway]display current-configuration --显示系统当前配置二、配置管理IP和vlan配置交换机的IP地址：二层交换机只支持一个IP地址，并且是作为VLAN的接口IP地址出现的。

所以，我们首先要在系统视图下使用interface?vlan?vlan-number命令进入VLAN接口配置视图，然后使用ip?address命令配置IP地址。

[Quidway]vlan 200 ---创建了一个vlan 200[Quidway-vlan200]quit[Quidway]interface Vlanif 200 ---进入vlan 200 虚拟子接口[Quidway-Vlanif200]ip address 192.168.80.3 24 ---建立一个管理IP 192.168.80.3 掩码24 位[Quidway-Vlanif200]display this ---查看接口当前配置#interface Vlanif200ip address 192.168.80.3 255.255.255.0#[Quidway-Vlanif200]quit[Quidway]interface GigabitEthernet 0/0/1 --- 进入千兆以太网口0/0/1 [Quidway-GigabitEthernet0/0/1]port link-type access --- 端口类型access[Quidway-GigabitEthernet0/0/1]port default vlan 200 --- 端口默认vlan 200[Quidway-GigabitEthernet0/0/1]quit三、配置本地用户权限配置用户登录口令：在缺省情况下，交换机允许5个vty用户，但都没有配置登录口令。

BrochureProduct OverviewBuilding on next-generation, high-performance hardware and the Huawei Versatile Routing Platform (VRP), the S5700-LI supports Advanced Hibernation Management (AHM), intelligent stack (iStack), flexible Ethernet networking, and diversified security control. It provides customers with a green, easy-to-manage, easy-to-expand, and cost-effective gigabit to the desktop solution. In addition, Huawei customizes specialized models to meet customer requirements to suit special scenarios.● Huawei S5700-LI-BAT series battery LAN switches (S5700-LI-BAT for short) are the industry's first switch series to support batteries and provide visualized battery status management. The S5700-LI-BAT can ensure uninterrupted services inenvironments facing frequent mains power failures at the access layer. Access switches are usually distributed; therefore, it is costly and space-consuming to deploy high-performance Uninterruptible Power Supplies (UPSs) for the access switches.Huawei battery LAN switches solve this problem. The use of batteries ensures stable operation of the access layer in the event of mains power failures.● CSFP switches support downlink CSFP ports, and each downlink CSFP port provides 2 Gbit/s bandwidth bidirectionally. CSFP switches apply to scenarios where users increase continuously and demand higher bandwidth, and scenarios where deploying fibers is costly and difficult and construction timeframes are long. The switches with front power sockets can be installed in the 300 mm deep cabinet.Models and AppearancesModels and AppearancesDescriptionS5700-28P-LI-BAT●24x10/100/1000Base-T Ethernet ports, 4xGE SFP ports ● AC power supply●One battery slot for an external lead-acid battery used in the event of a mains power failure or a 150 W AC or DC power module used as the redundant power source ● Forwarding performance: 42 Mpps ● Switching Capacity: 256 GbpsS5700-28P-LI-24S-BAT●28 xGE SFP ports, 4 xCombo 10/100/1000Base-T Ethernet ports ● AC power supply●One battery slot for an external lead-acid battery used in the event of a mains power failure or a 150 W AC or DC power module used as the redundant power source ● Forwarding performance: 42 Mpps ●Switching Capacity: 256 GbpsS5700-52X-LI-48CS-AC ●48 xGE CSFP ports or 24 x GE SFP ports, 4 xCombo 10/100/1000Base-T Ethernetports, 4 x 10GE SFP+ ports●AC power supply, front power sockets, front access●Forwarding performance: 132 Mpps●Switching Capacity: 256 GbpsFeatures and HighlightsInnovative Energy Saving Design●The S5700-LI series smart energy-saving switches reduce power consumption without degrading system performance or user experience. The S5700-LI series uses innovative energy-saving technologies including energy efficient Ethernet (EEE), port power detection, dynamic CPU frequency adjustment, and device sleep mode. These technologies help reduce power consumption by adjusting power depending on the Up/Down states of links, presence/absence of optical modules, shutdown and undo shutdown operations on ports, and peak and off-peak hours. The S5700-LI series is the industry's first switch series that supports device sleep mode, and provides three energy saving modes to adapt to different usage scenarios: standard, basic, and deep modes.Flexible Ethernet Networking●In addition to traditional Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP), the S5700-LI supports Huawei-developed Smart Ethernet Protection (SEP) technology and the latest Ethernet Ring Protection Switching (ERPS) standard. SEP is a ring protection protocol specific to the Ethernet link layer, and applies to various ring network topologies, such as open ring topology, closed ring topology, and cascading ring topology. This protocol is reliable, easy to maintain, and implements fast protection switching within 50 ms. ERPS is defined in ITU-T G.8032. It implements millisecond-level protection switching based on traditional Ethernet MAC and bridging functions.●The S5700-LI supports SmartLink, which implements backup of uplinks. One S5700-LI switch can connect to multiple aggregation switches through multiple links, significantly improving reliability of access devices.●The S5700-LI supports Ethernet OAM (IEEE 802.3ah/802.1ag) to fast-detect link faults.Diversified Security Control●The S5700-LI supports 802.1x authentication, MAC address authentication, and combined authentication on a per port basis, as well as Portal authentication on a per VLANIF interface basis, and implements dynamic policy delivery (VLAN, QoS, and ACL) to users.●The S5700-LI provides a series of mechanisms to defend against DoS attacks and user-targeted attacks. DoS attacks are targeted at switches and include SYN flood, Land, Smurf, and ICMP flood attacks. User-targeted attacks include bogus DHCP server attacks, IP/MAC address spoofing, DHCP request flood, and changing of the DHCP CHADDR value.●The S5700-LI collects and maintains information about access users, such as IP addresses, MAC addresses, IP address leases, VLAN IDs, and interface numbers in a DHCP snooping binding table. In this way, IP addresses and access interfaces of DHCP users can be tracked. You can specify DHCP snooping trusted and untrusted ports to ensure that users connect only to the authorized DHCP server.●The S5700-LI supports strict ARP learning. This feature prevents ARP spoofing attackers from exhausting ARP entries so that users can connect to the Internet normally.Easy Operation and Maintenance●The S5700-LI supports Huawei Easy Operation, a solution that provides zero-touch deployment, replacement of faulty devices without additional configuration, USB-based deployment, batch configuration, and batch remote upgrade. The Easy Operation solution facilitates device deployment, upgrade, service provisioning, and other management and maintenance operations, and also greatly reduces costs of operation and maintenance. The S5700-LI can be managed and maintained using Simple Network Management Protocol (SNMP) V1, V2, and V3, Command Line Interface (CLI), web-based network management system, or Secure Shell (SSH) V2.0. Additionally, it supports remote network monitoring (RMON), multiple log hosts, port traffic statistics collection, and network quality analysis that helps with network consolidation and reconstruction.●EasyDeploy: The Commander collects information about the topology of the client connecting to the Commander and saves client startup information based on the topology. The client can be replaced without configuration. Configuration and scripts can be delivered to the client in batches. In addition, the configuration delivery result can be queried.●The Commander can collect and display power consumption on the entire network.●The S5700-LI can use the GARP VLAN Registration Protocol (GVRP) to implement dynamic distribution, registration, and propagation of VLAN attributes. GVRP reduces manual configuration workload and ensures correct configuration. Additionally, the S5700-LI supports MUX VLAN, which involves a principal VLAN and multiple subordinate VLANs. Subordinate VLANs are classified into group VLANs and separate VLANs. Ports in the principal VLAN can communicate with ports in subordinate VLANs. Ports in a subordinate group VLAN can communicate with each other, whereas ports in a subordinate separate VLAN can communicate only with ports in the principal VLAN. The S5700-LI also supports VLAN Central Management Protocol (VCMP) and VLAN-Based Spanning Tree (VBST) protocol.iStack●The S5700-LI supports intelligent stack (iStack). This technology combines multiple switches into a logical switch. Member switches in a stack implement redundancy backup to improve device reliability and use inter-device link aggregation to improve link reliability. iStack provides high network scalability. You can increase ports, bandwidth, and processing capacity of a stack by simply adding member switches to the stack. iStack also simplifies device configuration and management. After a stack is set up, multiple physical switches are virtualized into one logical device. You can log in to any member switch in the stack to manage all the member switches in the stack.Excellent Network Traffic Analysis●The S5700-LI supports the sFlow function. It uses a method defined in the sFlow standard to sample traffic passing through it and sends sampled traffic to the collector in real time. The collected traffic statistics are used to generate statistical reports, helping enterprises maintain their networks.CSFP Providing High-density Access and Increased Bandwidth●CSFP switches support downlink CSFP ports. Each downlink CSFP port equipped with a CSFP GE optical module and one pair of fibers can provide 2 Gbit/s bandwidth bidirectionally, which is two times the bandwidth of standard SFP optical modules. The 24 downlink CSFP ports can provide 48 Gbit/s bandwidth bidirectionally, implementing high-density access (equal to access of 48 standard SFP ports) and saving the cost of deploying fibers and adding optical modules.Easy O&M with Front Panel●The models with front power sockets can be installed in a 300 mm deep cabinet, and can be maintained through the front panel. This simplifies operation and maintenance. The cabinets can be placed against the wall or back to back, and is well-suited for shallow cabinets and limited equipment room space.Product SpecificationsFixed ports ●S5700-28P-LI-BAT: 24 10/100/1000Base-TEthernet ports, 4 GE SFP ports●S5700-28P-LI-24S-BAT: 28 GE SFP ports,4 Combo 10/100/1000Base-T Ethernetports 48 GE CSFP ports or 24 GE SFP ports, 4 Combo 10/100/1000Base-T Ethernet ports, 4 10GE SFP+ portsMAC address table 16K MAC address entriesMAC address learning and agingStatic, dynamic, and blackhole MAC address entriesPacket filtering based on source MAC addressesInterface-based MAC learning limitingVLAN features 4K VLANsGuest VLAN and voice VLANGVRPMUX VLANVLAN assignment based on MAC addresses, protocols, IP subnets, policies, and interfaces1:1 and N:1 VLAN mappingJumbo frame 10KReliability RRPP ring topology and RRPP multi-instanceSmart Link tree topology and Smart Link multi-instance, providing millisecond-level protectionswitchoverSEPERPS (G.8032)STP (IEEE 802.1d), RSTP (IEEE 802.1w), and MSTP (IEEE 802.1s)BPDU protection, root protection, and loop protectionBPDU tunnelIP routing Static route, RIP, RIPngIPv6 features Neighbor Discovery (ND)Path MTU (PMTU)IPv6 ping, IPv6 tracert, and IPv6 TelnetACLs based on the source IPv6 address, destination IPv6 address, Layer 4 ports, and protocol typeMLDv1/v2 snoopingMulticast IGMPv1/v2/v3 snooping and IGMP fast leaveMulticast forwarding in a VLAN and multicast replication between VLANsMulticast load balancing among member ports of a trunkControllable multicastInterface-based multicast traffic statisticsQoS/ACL Rate limiting on packets sent and received by an interfacePacket redirectionInterface-based traffic policing and two-rate and three-color CAREight queues on each interfaceWRR, DRR, SP, WRR+SP, and DRR+SP queue scheduling algorithmsRe-marking of the 802.1p priority and DSCP priorityPacket filtering at Layer 2 to Layer 4, filtering out invalid frames based on the source MAC address,destination MAC address, source IP address, destination IP address, TCP/UDP port number, protocoltype, and VLAN IDRate limiting in each queue and traffic shaping on interfacesSecurity Hierarchical user management and password protectionDoS attack defense, ARP attack defense, and ICMP attack defenseBinding of the IP address, MAC address, interface number, and VLAN IDPort isolation, port security, and sticky MACMFFBlackhole MAC address entriesLimit on the number of learned MAC addressesIEEE 802.1x authentication and limit on the number of users on an interfaceAAA authentication, RADIUS authentication, HWTACACS authentication, and NACSSH V2.0Hypertext Transfer Protocol Secure (HTTPS)CPU defenseBlacklist and whitelistAccess Security DHCP relay, DHCP server, DHCP snooping, and DHCP securityLightning protection Service interface: 6 kV Service interface: 2 kVSuper Virtual Fabric (SVF) Working as an SVF client that is plug-and-play with zero configuration Automatically loading the system software package and patches of clients One-click and automatic delivery of service configurationsSupports independent running clientManagement and maintenance iStack (excluding battery LAN switches)Virtual Cable Test (VCT)Remote configuration and maintenance using Telnet SNMPv1/v2c/v3RMONeSight and web-based NMSHTTPSLLDP/LLDP-MEDSystem logs and multi-level alarms802.3az EEEDying Gasp (excluding battery LAN switches)Interoperability Supports VBST (Compatible with PVST/PVST+/RPVST)Supports LNP (Similar to DTP)Supports VCMP (Similar to VTP)Operating environment ●Long-term operating temperature: 0°C to45°C●Relative humidity: 5% to 95% (non-condensing)●Long-term operating temperature: 0°C to 45°C●Relative humidity: 5% to 95% (non-condensing)Input voltage AC:●Rated voltage range: 100 V to 240 V AC,50/60 Hz●Maximum voltage range: 90 V to 264 V AC,47/63 HzDC:●Rated voltage range: –48 V to –60 V, DC●Maximum voltage range: –36 V to –72 V,DC AC:●Rated voltage range: 100 V to 240 V AC, 50/60Hz●Maximum voltage range: 90 V to 264 V AC,47/63 HzDC:●Rated voltage range: –48 V to –60 V, DC●Maximum voltage range: –36 V to –72 V, DCPower socketpositionRear power sockets Front power sockets Battery One slot for lead-acid battery charger module NADimensions (W x D442 mm x 310 mm x 43.6 mm 442 mm x 220 mm x 43.6 mmx H)<79.9 WPower consumption ●S5700-28P-LI-BAT: <23 W●S5700-28P-LI-24S-BAT: <34.1 WNetworking and ApplicationsThe S5700-LI provides 1000M desktop access functions for a high performance network, such as voice VLAN, NAC and so on.The S5700-LI-BAT uses a battery as the backup power supply. When a mains power failure occurs, the battery begins powering the switch. When the mains power supply recovers, the switch automatically charges the battery. The use of batteries ensures high reliability at the access layer in the case of frequent mains power failures.Ordering Information98010509 S5700-28P-LI-BAT (24x10/100/1000Base-T Ethernet ports, 4xGE SFP ports, 1 battery slot, AC power supply)98010511 S5700-28P-LI-24S-BAT (28xGE SFP ports, 4xCombo 10/100/1000Base-T Ethernet ports, 1 battery slot,AC power supply)02357823 S5700-52X-LI-48CS-AC (48xGE CSFP ports or 24xGE SFP ports, 4xCombo 10/100/1000Base-T Ethernet ports, 4x10GE SFP+ ports, AC power supply, front power sockets, front access)02310TEE 100/1000BASE-BIDI CSFP single-fiber bidirectional optical module-CSFP-GE/FE-single-mode optical module (Tx1490/Rx1310 nm, 10 km, LC)02353857 RPS1800 Redundant Power System98010517 PBB-12AHA (12AH lead-acid battery charger module)02310JFA 150 W AC power module (optional for battery LAN switches, used as the redundancy for the internal power module)02310JFD 150 W DC power module (optional for battery LAN switches, used as the redundancy for the internal power module)More InformationFor more information about Huawei Campus Switches, visit or contact us in the following ways:●Global service hotline: /en/service-hotline●Logging in to the Huawei Enterprise technical support website: /enterprise/●Sending an email to the customer service mailbox: ********************Copyright © Huawei Technologies Co., Ltd. 2018. All rights reserved.No part of this document may be reproduced or transmitted in any form or by any means without prior writtenconsent of Huawei Technologies Co., Ltd.Trademarks and Permissionsand other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.All other trademarks and trade names mentioned in this document are the property of their respective holders.NoticeThe purchased products, services and features are stipulated by the contract made between Huawei and thecustomer. All or part of the products, services and features described in this document may not be within thepurchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, andrecommendations in this document are provided "AS IS" without warranties, guarantees or representations ofany kind, either express or implied.The information in this document is subject to change without notice. Every effort has been made in thepreparation of this document to ensure accuracy of the contents, but all statements, information, andrecommendations in this document do not constitute a warranty of any kind, express or implied.Huawei Technologies Co., Ltd.Address:Huawei Industrial Base Bantian,Longgang Shenzhen 518129 People'sRepublic of ChinaWebsite:。

Huawei S5700-EI Series SwitchesProduct BrochureThe S5700-EI series gigabit enterprise switches (S5700-EI) are next-generation energy-saving switchesdeveloped by Huawei to meet the demand for high-bandwidth access and Ethernet multi-servicemaintain, reducing workloads for network planning, construction, and maintenance. The S5700-EI usesS5700-EI Series Gigabit Enterprise Switches Product OverviewProduct Appearance•Switching capacity: 416Gbps2-2Huawei Enterprise Sx700 Series Switch Product•Switching capacity: 416GbpsProduct Features and highlightsPowerful support for services•The S5700-EI supports IGMP v1/v2/v3 snooping, IGMP filter, IGMP fast leave, and IGMP proxy. It supportsline-speed replication of multicast packets between VLANs, multicast load balancing among member interfaces of a trunk, and controllable multicast, meeting requirements for IPTV services and othermulticast services.•The S5700-EI provides the Multi-VPN-Instance CE (MCE) function to isolate users in different VPNs on a device, ensuring data security and reducing costs.•The S5710-EI supports multiple MPLS & VPN features, including Label Distribution Protocol (LDP) or Resource Reservation Protocol for Traffic Engineering (RSVP-TE), MPLS TE, VLL, VPLS, and MPLS L3VPN. Comprehensive reliability mechanisms•Besides STP, RSTP, and MSTP, the S5700-EI supports enhanced Ethernet reliability technologies such asSmart Link and RRPP (Rapid Ring Protection Protocol), which implement millisecond-level protection switchover and ensure network reliability. It also provides Smart Link multi-instance and RRPP multi-instance to implement load balancing among links, optimizing bandwidth usage.Huawei Enterprise Sx700 Series Switch Product2-3•The S5700-EI supports enhanced trunk (E-Trunk) that enables a CE to be dual-homed to two PEs (S5700s).E-Trunk greatly enhances link reliability between devices and implements link aggregation betweendevices. This improves reliability of access devices.•The S5700-EI supports the Smart Ethernet Protection (SEP) protocol, a ring network protocol applied tothe link layer on an Ethernet network. SEP can be used on open ring networks and can be deployed onupper-layer aggregation devices to provide fast switchover, ensuring non-stop transmission of services.SEP features simplicity, high reliability, fast switchover, easy maintenance, and flexible topology, facilitatingnetwork planning and management.•The S5700-EI supports Ethernet Ring Protection Switching (ERPS), also referred to as G.8032. As the latestring network protocol, ERPS was developed based on traditional Ethernet MAC and bridging functionsand uses mature Ethernet OAM function and a Ring Automatic Protection Switching (R-APS) mechanismto implement millisecond-level protection switching. ERPS supports various services and allows flexiblenetworking, helping customers build a network with lower OPEX and CAPEX.•The S5700-EI supports redundant power supplies, and can use an AC power supply and a DC powersimultaneously. Users can choose a single power supply or use two power supplies to ensure devicereliability.•The S5700-EI supports VRRP, and can set up VRRP groups with other Layer 3 switches. VRRP providesredundant routes to ensure stable and reliable communication. Multiple equal-cost routes to an uplinkdevice can be configured on the S5700-EI to provide route redundancy. When an active route isunreachable, traffic is switched to a backup route.•The S5700-EI supports Bidirectional Forwarding Detection (BFD) and provides millisecond-level detectionfor protocols such as OSPF, IS-IS, VRRP, and PIM to improve network reliability. The S5700-EI complies withIEEE 802.3ah and 802.1ag. IEEE 802.3ah defines the mechanism for detecting faults on direct links overthe Ethernet in the first mile, and 802.1ag defines the mechanism for end-to-end service fault detection.The S5700-EI supports Y.1731. Besides fast end-to-end service fault detection, the S5700-EI can use theperformance measurement tools defined in Y.1731 to monitor network performance, providing accuratedata about network quality.Well-designed QoS policies and security mechanisms•The S5700-EI implements complex traffic classification based on packet information such as the 5-tuple,IP precedence, ToS, DSCP, IP protocol type, ICMP type, TCP/UDP port number, VLAN ID, Ethernet protocoltype. ACLs can be applied to inbound or outbound direction on an interface. The S5700-EI supportsa flow-based two-rate three-color CAR. Each port supports eight priority queues and multiple queuescheduling algorithms such as WRR, DRR, SP, WRR+SP, and DRR+SP. All of these ensure the quality ofvoice, video, and data services.Huawei Enterprise Sx700 Series Switch Product•The S5700-EI provides multiple security measures to defend against Denial of Service (DoS) attacks,and attacks against networks or users. DoS attack types include SYN Flood attacks, Land attacks, Smurf attacks, and ICMP Flood attacks. Attacks to networks refer to STP BPDU/root attacks. Attacks to users include bogus DHCP server attacks, man-in-the-middle attacks, IP/MAC spoofing attacks, DHCP requestflood attacks. DoS attacks that change the CHADDR field in DHCP packets are also attacks against users.•The S5700-EI supports DHCP snooping, which discards invalid packets that do not match any binding entries, such as ARP spoofing packets and IP spoofing packets. This prevents man-in-the-middle attacksto campus networks that hackers initiate by using ARP packets. The interface connected to a DHCP server can be configured as a trusted interface to protect the system against bogus DHCP server attacks.•The S5700-EI supports strict ARP learning, which prevents ARP spoofing attacks that will exhaust ARP entries. It also provides IP source check to prevent DoS attacks caused by MAC address spoofing, IP address spoofing, and MAC/IP spoofing.•The S5700-EI supports 802.1x authentication, MAC address authentication, and combined authentication on a per port basis, as well as Portal authentication on a per VLANIF interface basis. The S5700-EI also supports NAC. The S5700-EI authenticates users based on statically or dynamically bound user information such as the user name, IP address, MAC address, VLAN ID, access interface, and flag indicating whether antivirus software is installed. VLANs, QoS policies, and ACLs can be applied to users dynamically.•The S5700-EI can limit the number of MAC addresses learned on an interface to prevent attackers from exhausting MAC address entries by using bogus source MAC addresses. This function minimizes packetflooding that occurs when MAC addresses of users cannot be found in the MAC address table.Fine-grained traffic management•The S5710-EI supports NetStream. The NetStream module supports V5, V8, and V9 packet formats and provides various traffic analysis functions, such as real-time traffic sampling, dynamic report generation, traffic attribute analysis, and traffic exception report. The Netstream module enables administrators to monitor network status in real time and provides applications and analysis functions including potential fault detection, effective fault rectification, fast problem handling, and security monitoring, to help customers optimize network structure and adjust resource deployment.•The S5700-EI supports the Sampled Flow (sFlow) function, which uses a sampling mechanism to obtain statistics about traffic forwarded on a network and sends the statistics to the Collector in real time. The Collector analyzes traffic statistics to help customers manage network traffic efficiently. The S5700-EI integrates the sFlow Agent module and uses hardware for traffic monitoring. Unlike traffic monitoring through port mirroring, sFlow does not degrade network performance during traffic monitoring.Easy deployment and maintenance free•The S5700-EI supports automatic configuration, plug-and-play, and batch remote upgrade. These capabilities simplify device management and maintenance and reduce maintenance costs. The S5700-EI supports SNMP v1/v2c/v3 and provides flexible methods for managing devices. Users can manageHuawei Enterprise Sx700 Series Switch Productthe S5700-EI using the CLI and Web NMS. The NQA function helps users with network planning andupgrading. In addition, the S5700-EI supports NTP, SSH v2, HWTACACS+, RMON, log hosts, and port-based traffic statistics.•EasyDeploy: The Commander collects information about the topology of the client connecting to theCommander and saves client startup information based on the topology. The client can be replacedwithout configuration. Configuration and scripts can be delivered to the client in batches. In addition, theconfiguration delivery result can be queried. The Commander can collect and display power consumptionon the entire network.•The S5700-EI supports the GARP VLAN Registration Protocol (GVRP), which dynamically distributes,registers, and propagates VLAN attributes to reduce manual configuration workloads of networkadministrators and to ensure correct VLAN configuration. In a complex network topology, GVRP simplifiesVLAN configuration and reduces network communication faults caused by incorrect VLAN configuration.•The S5700-EI supports MUX VLAN. MUX VLAN isolates Layer 2 traffic between interfaces in a VLAN.Interfaces in a subordinate separate VLAN can communicate with ports in the principal VLAN but cannotcommunicate with each other. MUX VLAN is usually used on an enterprise intranet to isolate userinterfaces from each other but allow them to communicate with server interfaces. This function preventscommunication between network devices connected to certain interfaces or interface groups but allowsthe devices to communicate with the default gateway.PoE function•The S5700-EI PWR can use PoE power supplies with different power levels to provide -48V DC power forPowered Devices (PDs) such as IP phones, WLAN APs, and Bluetooth APs. In its role as Power SourcingEquipment (PSE), the S5700-EI PWR complies with IEEE 802.3af and 802.3at (PoE+) and can work with PDsthat are incompatible with 802.3af or 802.3at. Each port provides a maximum of 30 W power, complyingwith IEEE 802.3at. The PoE+ function increases the maximum power of each port and implements intelligentpower management for high-power consumption applications. This facilitates the use of PDs. PoE portscan work in power-saving mode. The S5700-EI PWR provides improved PoE solutions. Users can configurewhether and when a PoE port supplies power.High scalability•The S5700-EI supports intelligent stacking (iStack). Multiple S5700-EI switches can be connected withstack cables to set up a stack, which functions as a virtual switch. A stack consists of a master switch,a backup switch, and several slave switches. The backup switch takes over services when the masterswitch fails, reducing service interruption time. Stacks support intelligent upgrade so that users do notneed to change the software version of a switch when adding it to a stack. The iStack function allowsusers to connect multiple switches with stack cables to expand system capacity. These switches can bemanaged using a single IP address, which greatly reduces the costs of system expansion, operation, andmaintenance. Compared with traditional networking technologies, iStack has advantages in scalability,reliability, and system architecture.Huawei Enterprise Sx700 Series Switch ProductVarious IPv6 features•The S5700-EI supports IPv4/IPv6 dual stack and can migrate from an IPv4 network to an IPv6 network.S5700-EI hardware supports IPv4/IPv6 dual stack, IPv6 over IPv4 tunnels (including manual tunnels, 6to4tunnels, and ISATAP tunnels), and Layer 3 line-speed forwarding. The S5700-EI can be deployed on IPv4networks, IPv6 networks, or networks that run both IPv4 and IPv6. This makes networking flexible andenables easy migration from IPv4 to IPv6.Product Specifications2-7Huawei Enterprise Sx700 Series Switch ProductHuawei Enterprise Sx700 Series Switch Product*:The S5700 switches of the EI series are collectively called S5700-EI. S5710-EI is a sub-series switches of S5700-EI .2-9Huawei Enterprise Sx700 Series Switch ProductOn Large-sized Enterprise NetworksThe S5700-EI can function as an access device on a large-sized enterprise network or an aggregation device on a small-sized or medium-sized campus network. It supports link aggregation and dual-homing to improve network reliability.In Data CentersThe S5700-EI can be used in a data center. It connects to gigabit servers and aggregates traffic from the servers to uplink devices through trunk links. If multiple servers are available, an S5700-EI stack can be used to facilitate network maintenance and improve network reliability.InternetWANApplicationsHuawei Enterprise Sx700 Series Switch ProductFor more information, visit or contact your local Huawei sales office.S5710-28C-EI(24xEthernet 10/100/1000 ports,4 of which are dual-purpose 10/100/1000 or SFP ,4x10 GigSFP+, without power module)S5710-28C-PWR-EI-AC(24xEthernet 10/100/1000 PoE+ ports,4 of which are dual-purpose 10/100/1000 orSFP ,4x10 Gig SFP+, with 580W AC power)S5710-52C-EI(48xEthernet 10/100/1000 ports,4x10 Gig SFP+, with 2 interface slots, without powermodule)S5710-52C-PWR-EI(48xEthernet 10/100/1000 PoE+ ports, 4x10 Gig SFP+, with 2 interface slots, withoutpower module)8xGig SFP interface card(used in S5710-EI series)8xEthernet 10/100/1000 ports interface card(used in S5710-EI series)4xGig SFP interface card(including 4xGig SFP optical interface, extend channel card)(used in S5700-EI series)2x10GE SFP+ interface card(used in S5710-EI series)2x10GE SFP+ interface card(used in S5700-SI and S5700-EI series)4x10GE SFP+ optical interface card(including 4x10GE SFP+ interface, extend channel card)(used in S5700-SIand S5700-EI series)Ethernet Stack Interface Card(Including stack card,100cm stack cable)Ethernet Stack Interface Card(Including stack card,300cm stack cable)150W AC Power Module150W DC Power Module500W AC PoE Power Module580W AC PoE Power Module 1150W AC PoE Power Module Product List2-11Huawei Enterprise Sx700 Series Switch ProductCopyright © Huawei Technologies Co., Ltd. 2015. All rights reserved.No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd.Trademark Notice, HUAWEI, and are trademarks or registered trademarks of Huawei Technologies Co., Ltd.Other trademarks, product, service and company names mentioned are the property of their respective owners.General DisclaimerThe information in this document may contain predictive statements including,without limitation, statements regarding the future financial and operating results,future product portfolio, new technology, etc. There are a number of factors thatcould cause actual results and developments to differ materially from thoseexpressed or implied in the predictive statements. Therefore, such information isprovided for reference purpose only and constitutes neither an offer nor anacceptance. Huawei may change the information at any time without notice.。

华为s5700交换机vlan设置现有一台华为s5700交换机和普通交换机数台，以及tp-link路由器一台。

1.tp-link路由器连接外网。

2.s5700交换机划分vlan。

3.普通交换机接vlan和pc端。

网络拓扑图如下：配置说明：s5700默认有vlan1所有端口都在vlan1里面。

vlanif1配置路由器网段ip用于连接路由器。

三层交换机要配置一条指向路由器的静态路由。

路由器要配置nat对应个vlan ip。

路由器要配置路由到各个vlan网段。

1.s5700交换机web管理ip和用户配置。

使用Console线缆将计算机连接至交换机的Console口。

在计算机上打开终端仿真软件，新建连接，设置连接的端口以及通信参数。

计算机终端的通信参数配置要和交换机Console 口的缺省配置保持一致，交换机Console口的缺省配置如数据位：8校验方式：无停止位：1流控方式：无按Enter键，直到仿真终端出现如下显示，提示用户配置验证密码。

Please configure the login password (6-16)Enter Password:123456789Confirm Password:123456789配置交换机的管理IP。

system-viewinterface meth 0/0/1ip address 10.255.4.100 24quitquitsave配置web登陆用户信息。

system-viewaaalocal-user admin password cipher pioneer@2015local-user admin privilege level 15local-user admin service-type http ftplocal-user admin ftp-directory flash:quitquitsave使用网线将计算机与交换机的ETH口相连,配置计算机上的IP。