Configuring Huawei Quidway S3900 Switches

For example, take the switch Huawei Quidway S3928P-EI, the settings are essentially suitable for the entire Huawei Quidway S3900 series, but may differ slightly depending on the firmware version. If something fails to register, then you can see the options for the teams by typing a question mark after a space after any command.

At me at switching-on of the switch, through the console the following characteristics were displayed:

Creation date: Aug 25 2006
CPU type: BCM4704
CPU Clock Speed: 200MHz
BUS Clock Speed: 33MHz
Memory Size: 64MB

Let’s see the current configuration with the command:

display current-configuration

To enter the configuration mode, type:

system-view

If desired, we specify the name of the switch:

sysname NAME

Let’s add vlan for management:

vlan 207
description Management
quit
management-vlan 207

Add vlan for users:

vlan 226
description Users
quit

Let’s add an interface in a managed vlan:

interface Vlan-interface 207
ip address 192.168.1.2 255.255.255.0
quit

Add a default route:

ip route 0.0.0.0 0.0.0.0 192.168.1.1

Let’s configure the first SFP port as UPLINK:

interface GigabitEthernet 1/1/1
port link-type trunk
port trunk permit vlan 207 226
quit

Activate the loop protection function:

loopback-detect enable
loopback-detection interval-time 300

We will configure the ports for the users, specify the necessary vlan and port type, configure loopback-detect protection, limit the broadcast traffic to 30 pps:

interface Ethernet 1/0/1
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/2
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/3
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/4
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/5
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/6
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/7
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/8
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/9
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/10
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/11
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/12
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/13
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/14
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/15
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/16
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/17
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/18
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/19
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/20
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/21
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/22
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/23
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
interface Ethernet 1/0/24
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 30
quit

Also, configure the remaining Gigabit ports for clients:

interface GigabitEthernet 1/1/2
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 50
interface GigabitEthernet 1/1/3
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 50
interface GigabitEthernet 1/1/4
port link-type access
port access vlan 226
loopback-detect enable
loopback-detection shutdown enable
broadcast-suppression 50
quit

Add administrator password:

user-interface vty 0 4
authentication-mode password
set authentication password cipher PASSWORD
user privilege level 3
quit

Let’s specify the NTP server for time synchronization:

ntp-service unicast-server 192.168.1.1 source-interface Vlan-interface 207

Set up SNMP (for example, public with read access):

snmp-agent
snmp-agent sys-info version v2c
snmp community read public

When all configured to go into the initial mode, save the configuration and specify that it is bootable:

quit
save config.cfg
startup saved-configuration config.cfg

Let’s restart the switch:

reboot

To view the MAC address table, use the command:

display mac-address

See also my articles:
Port isolation on Huawei switches
Blocking third-party DHCP servers on the Huawei Quidway S2300

Подписаться на IT Blog (RU) по Email
Subscribe to IT Blog (EN) by Email

Did my article help you? How about buying me a cup of coffee as an encouragement? Buy me a coffe.

Leave a Reply