Login
- Table of Contents
-
- H3C S7500 Series Operation Manual(Release 3100 Series)-(V1.04)
- 00-1Cover
- 00-2Overview
- 01-CLI Configuration
- 02-Login Configuration
- 03-Configuration File Management Configuration
- 04-VLAN Configuration
- 05-Extended VLAN Application Configuration
- 06-IP Address-IP Performance-IPX Configuration
- 07-GVRP Configuration
- 08-QinQ Configuration
- 09-Port Basic Configuration
- 10-Link Aggregation Configuration
- 11-Port Isolation Configuration
- 12-Port Binding Configuration
- 13-DLDP Configuration
- 14-MAC Address Table Configuration
- 15-MSTP Configuration
- 16-Routing Protocol Configuration
- 17-Multicast Configuration
- 18-802.1x Configuration
- 19-AAA-RADIUS-HWTACACS-EAD Configuration
- 20-Traffic Accounting Configuration
- 21-VRRP-HA Configuration
- 22-ARP Configuration
- 23-DHCP Configuration
- 24-ACL Configuration
- 25-QoS Configuration
- 26-Mirroring Configuration
- 27-Cluster Configuration
- 28-PoE Configuration
- 29-UDP-Helper Configuration
- 30-SNMP-RMON Configuration
- 31-NTP Configuration
- 32-SSH Terminal Service Configuration
- 33-File System Management Configuration
- 34-FTP and TFTP Configuration
- 35-Information Center Configuration
- 36-DNS Configuration
- 37-System Maintenance and Debugging Configuration
- 38-HWPing Configuration
- 39-RRPP Configuration
- 40-NAT-Netstream-Policy Routing Configuration
- 41-Telnet Protection Configuration
- 42-Hardware-Dependent Software Configuration
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 01-CLI Configuration | 119 KB |
1.2 Command Level/Command View
1.2.1 Switching Between User Levels.
1.2.2 Configuring the Level of a Specific Command in a Specific View
Chapter 1 CLI Overview
Go to these sections for information you are interested in:
1.1 Introduction to the CLI
H3C series Ethernet switches provide command line interfaces (CLI) and commands for you to configure and manage the Ethernet switches. The CLI features the following:
l Commands are grouped by levels. This prevents unauthorized users from operating the switch with relevant commands.
l Users can gain online help at any time by entering the question mark ?.
l Commonly used diagnosing utilities (such as Tracert and Ping) are available.
l Debugging information of various kinds is available.
l The command history is available. You can recall and execute a history command easily.
l You can execute a command by only entering part of the command in the CLI, as long as the keywords you input uniquely identify the corresponding ones.
1.2 Command Level/Command View
To prevent unauthorized accesses, commands are grouped by command levels.
Commands fall into four levels: visit, monitor, system, and manage:
l Visit level: Commands at this level are mainly used to diagnose network and change the language mode of user interface, and cannot be saved in configuration files. For example, the ping, tracert, and language-mode commands are at this level.
l Monitor level: Commands at this level are mainly used to maintain the system and diagnose service problems, and cannot be saved to configuration files. For example, the display and debugging commands are at this level.
l System level: Commands at this level are mainly used to configure services. Commands concerning routing and network layers are at this level. You can utilize network services by using these commands.
l Manage level: Commands at this level are associated with the basic operation of the system, and the system supporting modules. These commands provide supports to services. Commands concerning file system, FTP/TFTP/XModem downloading, user management, and level setting are at this level.
Users logging into a switch also fall into four levels, each of which corresponding to one of the above command levels. Users at a specific level can only use the commands of the same level and those of the lower levels.
1.2.1 Switching Between User Levels
A user can switch the user level from one to another by executing a related command after logging into a switch. The administrator can also set user level switching passwords as required.
I. Setting a user level switching password
Follow these steps to set a user level switching password:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Set a password for switching from a lower user level to the user level identified by the level argument |
super password [ level level ] { simple | cipher } password |
Optional A password is necessary only when a user switches from a lower user level to a higher user level. |
II. Switching to another user level
Follow these steps to switch to another user level
|
To do... |
Use the command... |
Remarks |
|
Switch to the user level identified by the level argument |
super [ level ] |
Required Execute this command in user view. If a password for switching to the user level identified by the level argument is set and you want to switch to a lower user level, you will remain at the lower user level unless you provide the correct password after executing this command. |
& Note:
l If the user level is not specified when user level switching and the switching password are set, the user level is 3 by default.
l For security purposes, the password a user enters when switching to a higher user level is not displayed. A user will remain at the original user level if the user has tried three times to enter the correct password but fails to do this.
1.2.2 Configuring the Level of a Specific Command in a Specific View
You can configure the level of a specific command in a specific view. Commands fall into four command levels: visit, monitor, system, and manage, which are identified as 0, 1, 2, and 3 respectively. The administrator can change the command level to which a command belongs.
Follow these steps to configure the level of a specific command in a specific view:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Configure the level of a specific command in a specific view |
command-privilege level level view view command |
Required Use this command with cautions to prevent inconvenience on maintenance and operation. |
1.2.3 CLI Views
CLI views are designed for different configuration tasks. They are interrelated. You will enter user view once you log into a switch successfully, where you can perform operations such as displaying operation status and statistical information. And by executing the system-view command, you can enter system view, where you can enter other views by executing the corresponding commands.
The following CLI views are provided:
l User view
l System view
l M-Ethernet interface view
l Ethernet port view
l Null interface view
l Tunnel interface view
l VLAN view
l VLAN interface view
l Loopback interface view
l Local user view
l User interface view
l FTP client view
l SFTP client view
l Cluster view
l DHCP address pool view
l MST region view
l RRPP domain view
l MSDP region view
l Port-isolate-group view
l HWping view
l Public key view
l Public key code view
l PIM view
l RIP view
l OSPF view
l OSPF area view
l BGP view
l BGP IPv4 family multicast view
l IS-IS view
l ES-IS view
l Routing policy view
l Basic ACL view
l Advanced ACL view
l Layer 2 ACL view
l User-defined ACL view
l Traffic-group view
l QoS view
l QinQ view
l RADIUS scheme view
l HWTACACS scheme view
l ISP domain view
Table 1-1 lists information about CLI views (including the operations you can perform in these views, how to enter these views, and so on).
|
View |
Available operation |
Prompt example |
Enter method |
Quit method |
|
User view |
Display operation status and statistical information |
<H3C> |
Enter user view once logging into the switch. |
Execute the quit command in user view to log out of the switch. |
|
System view |
Configure system parameters |
[H3C] |
Execute the system-view command in user view. |
Execute the quit or return command to return to user view. |
|
M-Ethernet interface view |
Configure M-Ethernet interface parameters |
[H3C-M-Ethernet0/0/0] |
Manage Ethernet port view. Execute the interface m-ethernet 0/0/0 command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
Ethernet port view |
Configure Ethernet port parameters |
100 M Ethernet port view Execute the interface ethernet 3/0/1 command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
|
[H3C-GigabitEthernet4/0/1] |
Gigabit Ethernet port view Execute the interface gigabitethernet 4/0/1 command in system view. |
|||
|
Null interface view |
Configure null interface parameters |
[H3C-NULL0] |
Execute the interface null 0 command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
Tunnel interface view |
Configure tunnel interface parameters |
[H3C-Tunnel0] |
Execute the interface tunnel 0 command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
VLAN view |
Configure VLAN parameters |
[H3C-vlan1] |
Execute the vlan 1 command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
VLAN interface view |
Configure IP interface parameters for VLANs |
[H3C-Vlan-interface1] |
Execute the interface vlan-interface 1 command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
Loopback interface view |
Configure Loopback interface parameters |
[H3C-LoopBack0] |
Execute the interface loopback 0 command in system view |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
Local user view |
Configure local user parameters |
[H3C-luser-user1] |
Execute the local-user user1 command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
User interface view |
Configure user interface parameters |
[H3C-ui0] |
Execute the user-interface 0 command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
FTP client view |
Configure FTP client parameters |
[ftp] |
Execute the ftp command in user view. |
Execute the quit command to return to user view. |
|
SFTP client view |
Configure SFTP client parameters |
sftp-client> |
Execute the sftp 10.1.1.1 command in system view. |
Execute the quit command to return to user view. |
|
Cluster view |
Configure cluster parameters |
[H3C-cluster] |
Execute the cluster command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
DHCP address pool view |
Configure DHCP address pool parameters |
[H3C-dhcp-pool-1] |
Execute the dhcp server ip-pool 1 command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
MST region view |
Configure MST region parameters |
[H3C-mst-region] |
Execute the stp region-configuration command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
RRPP domain view |
Configure RRPP domain parameters |
[H3C- rrpp-domain1] |
Execute the rrpp domain 1 command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
MSDP domain view |
Configure MSDP domain parameters |
[H3C-msdp] |
Execute the msdp command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
Port-isolate-group view |
Configure port-isolate-group parameters |
[H3C-port-isolate-group1] |
Execute the port-isolate group 1 command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
HWping view |
Configure HWping test group parameters |
[H3C-hwping-administrator-test] |
Execute the hwping administrator test command in system view |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
Public key view |
Configure RSA public keys for secure shell (SSH) users |
[H3C-rsa-public-key] |
Execute the rsa peer-public-key h3c003 command in system view. |
Execute the peer-public-key end command to return to system view. |
|
Public key code view |
Edit RSA public keys of SSH users |
[H3C-rsa-key-code] |
Execute the public-key-code begin command in public key view. |
Execute the public-key-code end command to return to public key view. |
|
PIM view |
Configure PIM parameters |
[H3C-pim] |
Execute the pim command in system view. Use the multicast routing-enable command in system view to enable multicast routing if multicast routing is disabled. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
RIP view |
Configure RIP parameters |
[H3C-rip] |
Execute the rip command in system view |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
OSPF view |
Configure OSPF protocol parameters |
[H3C-ospf-1] |
Execute the ospf command in system view |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
OSPF area view |
Configure OSPF area parameters |
[H3C-ospf-1-area-0.0.0.1] |
Execute the area 1 command in OSPF view |
Execute the quit command to return to OSPF view. Execute the return command to return to user view. |
|
BGP view |
Configure parameters for the border gateway protocol (BGP) protocol |
[H3C-bgp] |
Execute the bgp 100 command in system view |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
BGP IPv4 family multicast view |
Configure parameters for BGP IPv4 family multicast |
[H3C-bgp-af-mul] |
Execute the ipv4-family multicast command in BGP view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
IS-IS view |
Configure IS-IS parameters |
[H3C-isis] |
Execute the isis command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
ES-IS view |
Configure parameters for the ES-IS protocol |
[H3C-esis] |
Execute the esis command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
Routing policy view |
Configure routing policies |
[H3C-route-policy] |
Execute the route-policy policy1 permit node 10 command in system view |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
Basic ACL view |
Define rules for a basic ACL (ACLs with their IDs ranging from 2000 to 2999 are basic ACLs.) |
[H3C-acl- basic-2000] |
Execute the acl number 2000 command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
Advanced ACL view |
Define rules for an advanced ACL (ACLs with their IDs ranging from 3000 to 3999 are advanced ACLs.) |
[H3C-acl- adv-3000] |
Execute the acl number 3000 command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
Layer 2 ACL view |
Define the sub-rules of Layer 2 ACLs, which is numbered from 4,000 to 4,999. |
[H3C-acl-link-4000] |
Execute the acl number 4000 command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
User-defined ACL view |
Define the sub-rules of user-defined ACLs, which are in the range of 5000 to 5999 |
[H3C-acl-user-5000] |
Execute the acl number 5000 command in system view |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
Traffic-group view |
Configure traffic group parameters |
[H3C-traffic-group-1] |
Execute the traffic-accounting traffic-group 1 command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
QoS view |
Configure QoS parameters |
[H3C-qoss-GigabitEthernet4/0/1] or: [H3C-qosb-GigabitEthernet4/0/1] |
Execute the qos command in Ethernet port view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
QinQ view |
Create QinQ instances and configure parameters for QinQ |
[H3C-GigabitEthernet4/0/1-vid-1000] |
Execute the vlan-vpn vid 1000 command in Ethernet port view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
RADIUS scheme view |
Configure RADIUS parameters |
[H3C-radius-1] |
Execute the radius scheme 1 command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
HWTACACS scheme view |
Configure parameters for the HWTACACS protocol |
[H3C-hwtacacs-1] |
Execute the hwtacacs scheme 1 command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
|
ISP domain view |
Configure parameters for an ISP domain |
[H3C-isp-aabbcc.net] |
Execute the domain aabbcc.net command in system view. |
Execute the quit command to return to system view. Execute the return command to return to user view. |
1.3 CLI Features
1.3.1 Online Help
CLI provides two types of online help: complete online help and partial online help. They assist you with your configuration.
I. Complete online help
1) Enter a ? character in any view on your terminal to display all the commands available in the view and their brief descriptions. The following takes user view as an example.
<H3C> ?
User view commands:
backup Backup current configuration
boot Set boot option
cd Change current directory
clock Specify the system clock
cluster Run cluster command
copy Copy from one file to another
debugging Enable system debugging functions
delete Delete a file
dir List files on a file system
display Display current system information
<omitted>
2) Enter a command, a space, and a ? character (instead of a keyword available in this position of the command) on your terminal to display all the available keywords and their brief descriptions. The following takes the clock command as an example.
<H3C> clock ?
datetime Specify the time and date
summer-time Configure summer time
timezone Configure time zone
3) Enter a command, a space, and a ? character (instead of an argument available in this position of the command) on your terminal to display all the available arguments and their brief descriptions. The following takes the interface vlan command as an example.
[H3C] interface vlan-interface ?
<1-4094> VLAN interface number
[H3C] interface vlan-interface 1 ?
<cr>
The string <cr> means no argument is available in the position occupied by the ? character. You can execute the command without providing any other information.
II. Partial online help
1) Enter a string followed directly by a ? character on your terminal to display all the commands beginning with the string. For example:
<H3C> pi?
ping
2) Enter a command, a space, and a string followed by a ? character on your terminal to display all the keywords that belong to the command and begin with the string (if available). For example:
<H3C> display ver?
version
3) Enter the first several characters of a keyword in a command and then press <Tab>, the complete keyword will be displayed on the terminal screen if the input characters uniquely identify a keyword; all the keyword that match the input characters will be displayed on the terminal screen if the input characters match more than one keywords.
You can use the language-mode command to translate the help into Chinese.
1.3.2 Terminal Display
CLI provides the following display features:
l The online help and prompt information can be displayed in either Chinese or English.
l Display suspending, that is, the displaying of output information can be paused when the screen is full and you can then perform the three operations listed in Table 1-2 as needed.
Table 1-2 Displaying-related operations
|
Operation |
Function |
|
Press <Ctrl + C> |
Suspend displaying and executing. |
|
Press the space key |
Scroll the output information up by one page. |
|
Press <Enter> |
Scroll the output information up by one line. |
1.3.3 Command History
CLI can store the latest executed commands as history commands so that users can recall and execute them again. By default, CLI can store 10 history commands for each user. Table 1-3 lists history command-related operations.
Table 1-3 Access history commands
|
To do... |
Command or key |
Remarks |
|
Display history commands |
Execute the display history-command command |
This command displays valid history commands. |
|
Recall the previous history command |
Press the up-arrow key or <Ctrl + P> |
This operation recalls the previous history command (if available). |
|
Recall the next history command |
Press the down-arrow key or <Ctrl + N> |
This operation recalls the next history command (if available). |
& Note:
l As the Up and Down keys have different meanings in HyperTerminal running on Windows 9x, these two keys can be used to recall history commands only in terminals running Windows 3.x or Telnet running in Windows 3.x. You can press <Ctrl + P> or <Ctrl + N> in Windows 9x to achieve the same purpose.
l If you enter and execute the same command successively for multiple times, only the first command is saved in the CLI as a history command.
1.3.4 Error Messages
If the command you enter passes the syntax check, it will be successfully executed; otherwise, an error message will appear. Table 1-4 lists the common error messages.
Table 1-4 Common error messages
|
Error message |
Remarks |
|
Unrecognized command |
The command does not exist. |
|
The keyword does not exist. |
|
|
The parameter type is wrong. |
|
|
The parameter value is out of range. |
|
|
Incomplete command |
The command entered is incomplete. |
|
Too many parameters |
You have entered too many parameters. |
|
Ambiguous command |
The parameters entered are ambiguous. |
|
Wrong parameter found at '^' position. |
The parameter labeled by '^' is unrecognizable. |
1.3.5 Command Edit
The CLI provides basic command edit functions and supports multi-line editing. The maximum number of characters a command can contain is 256. Table 1-5 lists the CLI edit operations.
Table 1-5 Edit operations
|
Press… |
To… |
|
A common key |
Insert the character the key represents at the cursor and move the cursor one character to the right if the edit buffer is not full. |
|
The Backspace key |
Delete the character on the left of the cursor and move the cursor one character to the left. |
|
The left arrow key or <Ctrl + B> |
Move the cursor one character to the left. |
|
The right arrow key or <Ctrl + F> |
Move the cursor one character to the right. |
|
The up arrow key or <Ctrl + P> The down arrow key or <Ctrl + N> |
Access history commands. |
|
The Tab key |
Utilize the partial online help. That is, when you enter an incomplete keyword and the Tab key, if the input keyword uniquely identifies an existing keyword, the system completes the keyword and displays the command on the next line. If the input keyword matches more than one keyword, all the keywords are displayed on the terminal screen, with each keyword on a line. If the input keyword matches no keyword, the system displays your original input on a new line without any change. |
