huawei-华为-交换机-防火墙 启用 SSH TELNET SNMP LACP SFLOW 等

USG2100

aaa

local-user eid_sw password simple eid_sw1234
local-user eid_sw service-type web terminal telnet ssh
local-user eid_sw level 15
authentication-scheme default


user-interface vty 0 4
authentication-mode aaa
protocol inbound all

SSH

stelnet server enable
ssh user eid_sw
ssh user eid_sw authentication-type all
ssh user eid_sw service-type all


#生成密钥
rsa local-key-pair create

TELNET

	telnet server enable

SNMP


 snmp-agent
 snmp-agent local-engineid 000007DB7F00000100004FD1
 snmp-agent community read  eid_sh_zj
 snmp-agent sys-info contact R&D Huawei Technologies Co.,Ltd.
 snmp-agent sys-info location Shenzhen China
 snmp-agent sys-info version all
 snmp-agent target-host trap address udp-domain 172.28.10.10 params securityname public
 snmp-agent trap enable bgp
 snmp-agent trap enable lsp
 snmp-agent trap enable ldp
 snmp-agent trap enable configuration
 snmp-agent trap enable system
 snmp-agent trap enable standard
 snmp-agent trap enable mstp
 snmp-agent trap enable vrrp
 snmp-agent trap enable ssh
 snmp-agent trap enable flash

ntp

clock timezone cst add 8

ntp-service unicast-server 172.27.10.114

#lacp


interface Eth-Trunk19
 port link-type access
 port default vlan 20
 mode lacp-static
 lacp timeout fast
 lacp preempt enable
 lacp preempt delay 10
 bpdu enable


 #建议修改 交换机mac 老化过期时间
 arp expire-time 60
 arp  detect-times 6

sflow

#display  sflow
#全局
sflow agent ip 172.17.60.42     #这里的ip 可以使用交换机的管理ip
sflow collector 2 ip 172.17.60.42 port 9996 description netanalyzer 

#接口下
 sflow counter-sampling collector 2
 sflow counter-sampling interval 120
 sflow flow-sampling collector 2
 sflow flow-sampling rate 4000

#或者
 sflow counter-sampling collector 2
 sflow counter-sampling interval 20
 sflow flow-sampling collector 2
 sflow flow-sampling rate 3000

#Ce12804 略有不同
sflow sampling collector 2 rate 5000 outbound inbound
sflow counter collector 2 interval 25

发表评论