No part of this manual may be reproduced or transmitted in any form or by any means without prior
written consent of Hangzhou H3C Technologies Co., Ltd.
G, VnG, PSPT,
XGbus, N-Bus, TiGem, InnoVision and HUASAN are trademarks of Hangzhou H3C Technologies Co.,
Ltd.
All other trademarks that may be mentioned in this manual are the property of their respective owners.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Preface
The H3C S5120-SI Series Ethernet Switches Configuration Guide, Release 1101 describes the
fundamentals and configuration of software features available in the sof tware release 1101 for the H3C
S5120-SI series, and guides you through the software configuration procedures.
This preface includes:
1) About This Document
z Audience
z Organization
z Conventions
2) Documentation Guide
z Related Documentation
z Obtaining Documentation
z Technical Support
z Documentation Feedback
3) Product Features
z Introduction to Product
z Network Scenarios
2-1
1 About This Document
Audience
This documentation is intended for:
z Network planners
z Field technical support and servicing engineers
z Network administrators working with the S5120-SI series
Organization
The H3C S5120-SI Series Ethernet Switches Configuration Guide, Release 1101 comprises these
chapters:
Chapter Content
01-CLI
02-Login
03- Ethernet Port
04-Loopback Interface
and Null Interface
z Introduction to CLI
z CLI configuration
z Introduction to User Interfaces
z Logging In Through the Console Port
z Logging In Through Telnet/SSH
z Logging in Through Web-based Network Management System
z Logging In Through NMS
z Specifying Source for Telnet Packets
z Controlling Login Users
z Basic Ethernet Port Configuration
z Configuring an Auto-negotiation Transmission Rate
z Configuring Flow Control on an Ethernet Port
z Configuring Loopback Testing on an Ethernet Port
z Enabling Auto Power Down on an Ethernet Port
z Configuring a Port Group
z Configuring Traffic Storm Protection
z Setting the Interval for Collecting Ethernet Port Statistics
z Enabling Forwarding of Jumbo Frames
z Enabling Loopback Detection on an Ethernet Port
z Configuring the MDI Mode for an Ethernet Port
z Enabling Bridging on an Ethernet Port
z Testing the Cable on an Ethernet Port
z Introduction to Loopback Interface
z Configuring a Loopback Interface
z Introduction to Null Interface
z Configuring Null 0 Interface
2-1
Chapter Content
05-Ethernet Link
Aggregation
06-Port Isolation
07-Port Mirroring
08-LLDP
09-VLAN
10-MSTP
11-IP Addressing
12-IP Performance
Optimization
13-ARP
14-DHCP
15-FTP and TFTP
16-IP Routing Basics
Configuration
17-Static Routing
18-Mulitcast
z Overview
z Configuring an Aggregation Group
z Configuring an Aggregate Interface
z Introduction to Port Isolation
z Configuring an Isolation Group
z Configuring Local Port Mirroring
z Introduction to LLDP
z Performing Basic LLDP Configuration
z Configuring CDP Compatibility
z Configuring LLDP Trapping
z VLAN Configuration
z Voice VLAN Configuration
z Introduction to STP/RSTP/MSTP
z Configuring MSTP
z IP Addressing Overview
z Configuring IP Addresses
z Enabling Reception and Forwarding of Directed Broadcasts to a Directly
Connected Network
z Configuring TCP Attributes
z Configuring ICMP to Send Error Packets
z Configuring ARP
z Configuring Gratuitous ARP
z Configuring ARP Active Acknowledgement
z Configuring Source MAC Address Based ARP Attack Detection
z Configuring ARP Packet Rate Limit
z Configuring ARP Detection
z Configuring Periodic Sending of Gratuitous ARP Packets
z DHCP Relay Agent Configuration
z DHCP Client Configuration
z DHCP Snooping Configuration
z BOOTP Client Configuration
z FTP Configuration
z TFTP Configuration
z Introduction to IP routing and routing table
z Routing protocol overview
z Static route overview
z Static route configuration
z Multicast overview
z IGMP Snooping overview
z Configuring Basic Functions of IGMP Snooping
z Configuring IGMP Snooping Port Functions
z Configuring IGMP Snooping Querier
z Configuring IGMP Snooping Proxying
z Configuring an IGMP Snooping Policy
z Multicast VLAN Configuration
2-2
Chapter Content
19-QoS
20-802.1X
21-AAA
22-PKI
23-SSL
24-SSH2.0
25-Public Key
26-HABP
27-ACL
28-Device Management
29-NTP
30-SNMP
31-RMON
z Configuring QoS Policy
z Configuring Priority Mapping
z Configuring Line Rate
z Configuring SP, WRR, and SP+WRR Queuing
z Configuring Traffic Filtering
z Configuring Traffic Redirecting
z 802.1X basic configuration
z 802.1X extended configuration
z 802.1X Guest-VLAN
z 802.1X Auth-Fail VLAN
z Authentication, authorization, and accounting (AAA)
z Remote authentication dial-In user service (RADIUS)
z PKI configuration
z SSL Server
z SSL Client
z SSH Server
z SSH Client
z SFTP Server
z SFTP Client
z Local Asymmetric Key Pair
z Public Key of a Peer
z HABP server
z HABP client
z Configuring Basic ACL
z Configuring Advanced ACL
z Configuring Ethernet Frame Header ACL
z Configuring ACL Application for Packet Filtering
z Device management overview
z Configuring the Exception Handling Method
z Rebooting a device
z Configuring the scheduled automatic execution function
z Upgrading Device Software
z Clearing the 16-bit interface indexes not used in the current system
z Identifying and Diagnosing Pluggable Transceivers
z NTP overview
z Configuring the Operation Modes of NTP
z Configuring Optional Parameters of NTP
z Configuring Access-Control Rights
z Configuring NTP Authentication
z SNMP overview
z Basic SNMP function configuration
z SNMP log configuration
z Trap configuration
z MIB style configuration
z RMON overview
z RMON configuration (event group, history group, alarm group, private alarm
group)
2-3
Chapter Content
32-File System
Management
33-System Maintaining
and Debugging
34-Basic System
Configuration
35-Information Center
36-MAC Address Table
37-Cluster Management
38-HTTP
39-Stack Management
40-PoE
41-IP Source Guard
42-Appendices
z File system management
z Configuration File Management
z Maintenance and debugging overview
z Maintenance and debugging configuration
z Configuration Display
z Configuring the Device Name
z Configuring the System Clock
z Enabling/Disabling the Display of Copyright Information
z Configuring a Banner
z Configuring CLI Hotkeys
z Configuring User Privilege Levels and Command Levels
z Displaying and Maintaining Basic Configurations
z Information Center Overview
z Setting to Output System Information to the Console
z Setting to Output System Information to a Monitor Terminal
z Setting to Output System Information to a Log Host
z Setting to Output System Information to the Trap Buffer
z Setting to Output System Information to the Log Buffer
z Setting to Output System Information to the SNMP Module
z Configuring Synchronous Information Output
z Disabling a Port from Generating Link Up/Down Logging Information
z MAC address table overview
z Configuring MAC Address Entries
z Configuring MAC Address Aging Timer
z Configuring the MAC Learning Limit
z Establishing a Cluster
z Cluster Member Management
z Configuring Topology Management
z Configuring SNMP Synchronization Function
z Configuring Web User Accounts in Batches
z HTTP
z HTTPS
z Configuring a Stack
z PoE overview
z Enabling PoE
z Detecting PDs
z Configuring the PoE Power
z Configuring PoE Power Management
z Configuring the PoE Monitoring Function
z Configuring PoE Interface through PoE Profile
z Upgrading PSE Processing Software in Service
z IP Source Guard Overview
z Configuring a Static Binding Entry
z Configuring Dynamic Binding Function
z Acronyms
2-4
Conventions
This section describes the conventions used in this documentation set.
Command conventions
Convention Description
Boldface Bold
italic
[ ]
{ x | y | ... }
[ x | y | ... ]
{ x | y | ... } *
[ x | y | ... ] *
&<1-n>
# A line that starts with a pound (#) sign is comments.
text represents commands and keywords that you enter literally as shown.
Italic text represents arguments that you replace with actual values.
Square brackets enclose syntax choices (keywords or arguments) that are
optional.
Braces enclose a set of required syntax choices separated by vertical bars,
from which you select one.
Square brackets enclose a set of optional syntax choices separated by vertical
bars, from which you select one or none.
Asterisk marked braces enclose a set of required syntax choices separated by
vertical bars, from which you select at least one.
Asterisk marked square brackets enclose optional syntax choices separated by
vertical bars, from which you may select multiple choices or none.
The argument or keyword and argument combination before the ampersand (&)
sign can be entered 1 to n times.
GUI conventions
Convention Description
Boldface
>
Symbols
Convention Description
Window names, button names, field names, and menu items are in Boldface.
For example, the
Multi-level menus are separated by angle brackets. For example,
Folder
>
Means reader be extremely careful. Improper operation may cause bodily
injury.
Means reader be careful. Improper operation may cause data loss or damage to
equipment.
Means an action or information that needs special attention to ensure
successful configuration or good performance.
Means a complementary description.
Means techniques helpful for you to make configuration with ease.
.
New User
window appears; click OK.
File
>
Create
2-5
2 Documentation Guide
Related Documentation
The H3C S5120-SI documentation set also includes:
Category Documents Purposes
Product
description and
specifications
Marketing brochures Describe product specifications and benefits.
Hardware
specifications
and installation
Power
configuration
Software
configuration
Operations and
maintenance
Compliance and safety
manual
Installation guide
H3C Pluggable SFP
[SFP+]
[XFP]
Transceiver Modules
Installation Guide
RPS ordering guide
Configuration guide Describes software features and configuration procedures.
Command reference Provides a quick reference to all available commands.
Login password
recovery manual
Release notes
Provides regulatory information and the safety instructions that
must be followed during installation.
Provides a complete guide to hardware installation and
z
hardware specifications.
Provides a complete guide to software and hardware
z
troubleshooting.
Guides you through installing SFP/SFP+/XFP transceiver
modules.
Provides th
specifications.
Tells how to find the lost password or recover the password
when the login password is lost.
Provide i
version history, hardware and software compatibility matrix,
version upgrade information, technical support information, and
software upgrading.
e RPS and switch compatibility matrix and RPS cable
nformation about the product release, including the
Obtaining Documentation
You can access the most up-to-date H3C product documentation on the World Wide Web at this URL:
http://www.h3c.com.
Click the links on the top navigation bar to obtain different categories of product documentation: