華為ensp的安裝和使用

去年學完了Cisco的路由交換，從CCNA學到CCIE。學完之后才發現，整個國內市場好像更傾向於使用華為、H3C這類國有網絡設備廠商。不過還好，至少網絡的基礎理論知識是相同的，於是買了基本關於HUAWEI認證的書籍，准備稍稍過一遍，有了思科的學習經歷，對應華為而言應該不難，那么開始吧！

華為認證體系

華為和思科一樣擁有一整套的認證體系。

操作系統

有過思科學習經歷的都知道思科的實驗大部分都是在GNS3中進行的，雖然思科官方有packet tracer，但是能通過packet tracer做出來的實驗非常少，只能模擬CCNA階段的實驗，我是特別喜歡GNS3，因為他具備跨平台性，基本思科的實驗都是在Linux上完成，搭配IOU，無需通過虛擬機獲取鏡像非常省資源。 那么華為也有自己的模擬器，叫做ENSP，目前最新的版本是1.2.00.360。華為的操作系統叫VRRP（Versatile Routing Platform），它是整個華為數通產品的通用網絡操作系統。

1.獲取模擬器的方式：

http://support.huawei.com/enterprise/toolsinfo?lang=zh&idAbsPath=0602_ROOT&pid=0602_ROOT&show=showVDetail&toolId=TL1000000015

2.啟動路由器

啟動路由器和通過gns3拖拽路由器或者交換機設備啟動是一樣的方式，如圖拖拽設備后通過線纜連接 然后選擇菜單欄的啟動按鈕即可啟動設備

3.啟動界面

啟動完成后，就進入了配置路由器的界面了，和思科一樣，華為的管理型網絡設備的配置都是在命令行模式下進行。

VRRP各模式下的切換

啟動設備后我們可以通過命令在各個模式下切換和配置，與思科基本思路是一樣的，但仍有些差異，下面簡單看下與思科對比最基本的配置命令

1.調出當前模式下所能使用的命令，在命令行中按？號鍵即可看到。

<Huawei>?
User view commands:
  arp-ping               ARP-ping
  autosave               <Group> autosave command group
  backup                 Backup  information
  cd                     Change current directory 
  clear                  <Group> clear command group
  clock                  Specify the system clock
  cls                    Clear screen
  compare                Compare configuration file
  copy                   Copy from one file to another 
  debugging              <Group> debugging command group
  delete                 Delete a file 
  dialer                 Dialer
  dir                    List files on a filesystem 
  display                Display information
  factory-configuration  Factory configuration
  fixdisk                Try to restory disk 
  format                 Format file system
  free                   Release a user terminal interface
  ftp                    Establish an FTP connection
  help                   Description of the interactive help system
  hwtacacs-user          HWTACACS user
  license                <Group> license command group
  lldp                   Link Layer Discovery Protocol
  ---- More ----

2.切換到特權模式，暫且這樣叫吧，用思科習慣了！都是一個意思，可以使用簡寫如：sys，或者輸入完整的system-view。一般沒事誰願意不偷懶誰是傻瓜。

<Huawei>sys 
<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]

3.進入接口，配置IP地址

（1）我們首先需要知道連接的接口是什么？單擊菜單欄的顯示所有接口顯示出來。

（2）然后，我們開始配置，第一步，進入接口，不記得的單詞可以按？號顯示哦！

[Huawei]int 
[Huawei]interface ?
  Bridge-if         Bridge-if interface
  Cellular          Cellular interface
  Dialer            Dialer interface
  Eth-Trunk         Ethernet-Trunk interface
  GigabitEthernet   GigabitEthernet interface
  Ima-group         ATM-IMA interface
  LoopBack          LoopBack interface
  MFR               MFR interface
  Mp-group          Mp-group interface
  NULL              NULL interface
  Tunnel            Tunnel interface
  Virtual-Ethernet  Virtual-Ethernet interface
  Virtual-Template  Virtual-Template interface
  Vlanif            Vlan interface
  Wlan-Ess          Wlan-Ess interface
[Huawei]interface g 
[Huawei]interface GigabitEthernet 0/0/0
[Huawei-GigabitEthernet0/0/0]

（3）配置IP，華為這塊做的比較人性化，子網可以采用CIDR的方式去簡寫。

[Huawei-GigabitEthernet0/0/0]ip add 
[Huawei-GigabitEthernet0/0/0]ip address 1.1.1.1 24
Oct 17 2015 07:34:36-08:00 Huawei %%01IFNET/4/LINK_STATE(l)[1]:The line protocol 
IP on the interface GigabitEthernet0/0/0 has entered the UP state. 
[Huawei-GigabitEthernet0/0/0]

（4）退出接口模式

Huawei-GigabitEthernet0/0/0]quit

4.修改設備名稱，使用sysname去命名，比如我們現在的交換機在杭州市福地機房A1樓層B9機房C09機櫃第48U上，我們可以這樣縮寫。方便我們定位設備位置，以便於設備出現故障我們能夠快速知道故障設備去進行排查。

[Huawei]sysname HZ-FD-A1-B9-C09-48
[HZ-FD-A1-B9-C09-48]

5.查看設備版本，思科是show，華為是display。

HZ-FD-A1-B9-C09-48]display version 
Huawei Versatile Routing Platform Software
VRP (R) software, Version 5.130 (AR2200 V200R003C00)
Copyright (C) 2011-2012 HUAWEI TECH CO., LTD
Huawei AR2220 Router uptime is 0 week, 0 day, 0 hour, 14 minutes
BKP 0 version information: 
1. PCB      Version  : AR01BAK2A VER.NC
2. If Supporting PoE : No
3. Board    Type     : AR2220
4. MPU Slot Quantity : 1
5. LPU Slot Quantity : 6

MPU 0(Master) : uptime is 0 week, 0 day, 0 hour, 14 minutes
MPU version information : 
1. PCB      Version  : AR01SRU2A VER.A
2. MAB      Version  : 0
3. Board    Type     : AR2220
4. BootROM  Version  : 0

6.修改時間，我們使用clock timezone 設置時區，使用clock datetime設置時間。

<HZ-FD-A1-B9-C09-48>clock timezone BJ add 08:00:00
<HZ-FD-A1-B9-C09-48>clock datetime 7:41:50 2015-10-17

7.設置標題信息

如果需要在登錄路由器提供警告信息，我們可以設置header login為登錄標題，header shell 可以設置登錄成功后標題文本信息為"Warning, do not touch this device"。 HZ-FD-A1-B9-C09-48]header login information "hello" [HZ-FD-A1-B9-C09-48]header shell information "Warning, do not touch this device" [ [HZ-FD-A1-B9-C09-48]quit quit

  Configuration console exit, please press any key to log on

Warning, do not touch this device
<HZ-FD-A1-B9-C09-48>

8.查看配置信息display current-configuration 查看當前設備的配置信息。

[HZ-FD-A1-B9-C09-48]display current-configuration 
[V200R003C00]
#
 sysname HZ-FD-A1-B9-C09-48
 header shell information "Warning, do not touch this device"
 header login information "Warning, do not touch this device"
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent 
#
 clock timezone BJ add 08:00:00
#
portal local-server load portalpage.zip
#
 drop illegal-mac alarm
#
 set cpu-usage threshold 80 restore 75
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
  ---- More ----

9.查看接口配置信息

[HZ-FD-A1-B9-C09-48]display interface GigabitEthernet 0/0/0
GigabitEthernet0/0/0 current state : UP
Line protocol current state : UP
Last line protocol up time : 2015-10-17 07:34:36 UTC-08:00
Description:HUAWEI, AR Series, GigabitEthernet0/0/0 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 1.1.1.1/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 00e0-fc0e-79a9
Last physical up time   : 2015-10-17 07:24:45 UTC-08:00
Last physical down time : 2015-10-17 07:24:37 UTC-08:00
Current system time: 2015-10-17 07:48:45+08:00
Port Mode: FORCE COPPER
Speed : 1000,  Loopback: NONE
Duplex: FULL,  Negotiation: ENABLE
Mdi   : AUTO
Last 300 seconds input rate 0 bits/sec, 0 packets/sec
Last 300 seconds output rate 0 bits/sec, 0 packets/sec
Input peak rate 0 bits/sec,Record time: -
Output peak rate 96 bits/sec,Record time: 2015-10-17 07:34:45

Input:  0 packets, 0 bytes
  Unicast:                  0,  Multicast:                   0
  Broadcast:                0,  Jumbo:                       0
  Discard:                  0,  Total Error:                 0

  CRC:                      0,  Giants:                      0
  Jabbers:                  0,  Throttles:                   0
  Runts:                    0,  Symbols:      
  ---- More ----  Ignoreds:                 0,  Frames:       

Output:  1 p
  ---- More ----  Unicast:                  0,  Multicast:                   0
  Broadcast:                1,  Jumbo:        
  ---- More ----  Discard:                  0,  Total Error:  

  Collisions:               0,  ExcessiveColli
  ---- More ----  Late Collisions:          0,  Deferreds:        ---- More ----    Input bandwidth utilization thr
    Output bandwidth utilization threshold: 100.00%
    Input bandwidth util
  ---- More ----    Output bandwidth utilization :    0%

10.保存配置，華為路由器以及H3C路由器報錯配置需要在普通模式下操作。

<HZ-FD-A1-B9-C09-48>save
  The current configuration will be written to the device. 
  Are you sure to continue? (y/n)[n]:y
  It will take several minutes to save configuration file, please wait.......
  Configuration file had been saved successfully
  Note: The configuration file will take effect after being activated
<HZ-FD-A1-B9-C09-48>

11.查看當前路由器所有接口的簡單信息。

[HZ-FD-A1-B9-C09-48]display ip interface brief 
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 2
The number of interface that is DOWN in Physical is 2
The number of interface that is UP in Protocol is 2
The number of interface that is DOWN in Protocol is 2

Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              1.1.1.1/24           up         up        
GigabitEthernet0/0/1              unassigned           down       down      
GigabitEthernet0/0/2              unassigned           down       down      
NULL0                             unassigned           up         up(s)     

12.查看路由表信息

HZ-FD-A1-B9-C09-48]display ip routing-table 
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
         Destinations : 7        Routes : 7        

Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface

        1.1.1.0/24  Direct  0    0           D   1.1.1.1         GigabitEthernet0
/0/0
        1.1.1.1/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0
/0/0
      1.1.1.255/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0
/0/0
      127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0
      127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0
127.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0
255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0

[HZ-FD-A1-B9-C09-48]

13.ping直連接口

[HZ-FD-A1-B9-C09-48]ping 1.1.1.2
  PING 1.1.1.2: 56  data bytes, press CTRL_C to break
    Reply from 1.1.1.2: bytes=56 Sequence=1 ttl=255 time=90 ms
    Reply from 1.1.1.2: bytes=56 Sequence=2 ttl=255 time=30 ms
    Reply from 1.1.1.2: bytes=56 Sequence=3 ttl=255 time=40 ms
    Reply from 1.1.1.2: bytes=56 Sequence=4 ttl=255 time=20 ms
    Reply from 1.1.1.2: bytes=56 Sequence=5 ttl=255 time=20 ms

  --- 1.1.1.2 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 20/40/90 ms

14.抓包，單擊路由器右鍵選擇數據包

以上是關於華為路由器的簡單配置。當然，華為和H3C的配置幾乎一模一樣，學完華為H3C信手拈來。