NEC QX-S3218TP 設定メモ - Knowlege Database

Starting......

           ***********************************************************
           *                                                         *
           *           NEC QX-S3218TP BOOTROM, Version 518           *
           *                                                         *
           ***********************************************************

           Copyright(C) 2004-2008. All rights reserved.
           Creation date   : Jan 16 2008, 15:53:06
           CPU Clock Speed : 200MHz
           BUS Clock Speed : 33MHz
           Memory Size     : 64MB
           Mac Address     : 000fe2xxxxxx


Press Ctrl-B to enter Boot Menu...

ブートメニューこの段階で「Ctrl + B」を押下すると、ブートメニューに入る。
初期状態ではパスワードは未設定のため、[Enter]を押下する。

Press Ctrl-B to enter Boot Menu... 1

password:


   BOOT  MENU

1. Download application file to flash
2. Select application file to boot
3. Display all files in flash
4. Delete file from flash
5. Modify bootrom password
6. Enter bootrom upgrade menu
7. Skip current configuration file
8. Set bootrom password recovery
9. Set switch startup mode
0. Reboot

Enter your choice(0-9):

ログイン
タイムアウトすると通常のコンソールモードで起動する。
初期状態ではパスワードは未設定のため、[Enter]を押下する。
```
Press Ctrl-B to enter Boot Menu... 0
Auto-booting...
Decompress Image....OK!
Starting at 0x80100000...

User interface aux0 is available.

Press ENTER to get started.
```

パスワードが設定されていない場合(初期状態)

%Apr  1 23:56:06:068 2000 QX-S3218TP SHELL/5/LOGIN:- 1 - Console(aux0) in unit1 login
<QX-S3218TP>

パスワードが設定されている場合
```
Login authentication
Password:
```

↑

再起動†

コマンドラインからの再起動

reboot

<QX-S3218TP> reboot

 Start to check configuration with next startup configuration file,
 please wait......
 This command will reboot the device. Current configuration will be lost in next startup if you continue.   Continue? [Y/N] Y
 This will reboot device. Continue? [Y/N] Y
#Apr  1 23:56:53:947 2000 QX-S3218TP COMMONSY/5/REBOOT:- 1 -
 Reboot device by command.

<QX-S3218TP>
%Apr  1 23:56:57:934 2000 QX-S3218TP DEV/5/DEV_LOG:- 1 -
Switch is rebooting...

↑

設定†

↑

表示†

↑

現在の設定を表示†

<QX-S3218TP>sys

[QX-S3218TP] display current-configuration

↑

基礎設定†

↑

ホスト名の設定†

機器のホスト名を設定する。

sysname

<QX-S3218TP>sys

[QX-S3218TP] sysname QX-S3218TP-02

[QX-S3218TP-02]

↑

管理IPの設定†

VLAN 1に対して管理用IPアドレスを設定する。

例（192.168.1.9/24を設定）

<QX-S3218TP>sys

[QX-S3218TP] interface Vlan-interface 1
%Apr  2 01:20:05:490 2000 QX-S3218TP L2INF/5/VLANIF LINK STATUS CHANGE:- 1 -
Vlan-interface1 is UP

[QX-S3218TP-Vlan-interface1] ip address 192.168.1.9 255.255.255.0
%Apr  2 01:20:22:623 2000 QX-S3218TP IFNET/5/UPDOWN:- 1 -Line protocol on the interface Vlan-interface1 is UP

[QX-S3218TP-Vlan-interface1] quit

↑

SSH接続の有効化†

ログイン用ユーザの作成
ssh telnet terminalからのアクセスを許可する、ID:admin、PW:adminを設定する。

<QX-S3218TP> sys

[QX-S3218TP] local-user admin
New local user added.

[QX-S3218TP-luser-admin] password simple admin

[QX-S3218TP-luser-admin] service-type ssh telnet terminal

[QX-S3218TP-luser-admin] level 3

[QX-S3218TP-luser-admin] quit

ssh接続時の認証方式の設定

[QX-S3218TP] ssh authentication-type default password

[QX-S3218TP] ssh user admin authentication-type password

[QX-S3218TP] ssh user admin service-type stelnet

リモート接続時の認証方式を指定

[QX-S3218TP] user-interface vty 0 4

[QX-S3218TP-ui-vty0-4] authentication-mode scheme

[QX-S3218TP-ui-vty0-4] protocol inbound ssh

[QX-S3218TP-ui-vty0-4]quit

設定を保存

[QX-S3218TP] save

The configuration will be written to the device.
Are you sure?[Y/N]y
Please input the file name(*.cfg)(To leave the existing filename
 unchanged press the enter key):
Now saving current configuration to the device.
Saving configuration. Please wait.........
Unit1 save configuration flash:/startup.cfg successfully

%Apr  2 00:02:35:583 2000 QX-S3218TP CFM/3/CFM_LOG:- 1 -Unit1 saved configuration successfully.

SSH鍵の生成

[QX-S3218TP] rsa local-key-pair create

The local-key-pair will be created.
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
       It will take a few minutes.
Input the bits in the modulus[default = 1024]:
Generating keys...
......................................................++++++
...............++++++
..........................++++++++
..........................++++++++
..Done!

[QX-S3218TP] quit

SSH鍵の確認

<QX-S3218TP> dir /all
  5       -rwh       151  Apr 01 2000 23:56:57   private-data.txt
  7       -rwh       716  Apr 02 2000 00:05:43   hostkey
  8       -rwh       572  Apr 02 2000 00:05:50   serverkey

SSH接続
ターミナルソフトより、作成したユーザでSSH接続を行う。コンソールには以下の様なメッセージが表示される。
```
%Apr  2 00:07:16:052 2000 QX-S3218TP SHELL/5/LOGIN:- 1 - admin(192.168.1.xxx) in unit1 login
```

↑

SNMP有効化†

Web画面からも設定が可能だが、コマンドラインからは以下の様な設定を行う。
snmp-agentコマンドを実行した段階で自動的に「local-engineid」は付与される。
デフォルトではSNMPv3が有効化されるため、v2を使用する場合には明示的に設定を入れる。

snmp-agent

<QX-S3218TP> sys

[QX-S3218TP] snmp-agent

[QX-S3218TP] snmp-agent community read 【Community Name】

[QX-S3218TP] snmp-agent sys-info location 【Location Name】

[QX-S3218TP] snmp-agent sys-info version v2c

↑

CDP有効化†

cdp enable

<QX-S3218TP> sys

[QX-S3218TP] cdp enable

↑

時刻設定†

時刻設定は以下の順番に行うこと。

1. タイムゾーン設定（user-viewモード）
2. 現在時刻の設定（user-viewモード）
3. NTPサーバの設定（system-viewモード）

タイムゾーン設定

書式
```
clock timezone [ZoneName] add [Offset]
```

日本時間に設定

<QX-S3218TP-02> clock timezone JST add 9

時刻設定

書式
```
clock datetime HH:MM:SS YYYY/MM/DD
```

サンプル

<QX-S3218TP-02> clock datetime 17:50:00 2017/10/01

NTPサーバ設定

[QX-S3218TP-02] ntp-service unicast-server 【NTP Server IPaddress】
%Apr  2 00:52:27:930 2000 QX-S3218TP-02 NTP/5/NTP_LOG:- 1 -
NTP service enable

↑

VLAN設定†

↑

ポートベースVLAN†

物理ポート単位でスイッチを区切る際に使用する。

書式

<QX-S3218TP-02> sys
[QX-S3218TP-02] vlan 【VLAN NUM】
[QX-S3218TP-02-vlan【NUM】] quit
[QX-S3218TP-02] interface Ethernet 【PORT NUM】
[QX-S3218TP-02-Ethernet【PORT NUM】] port access vlan 【VLAN NUM】
[QX-S3218TP-02-Ethernet【PORT NUM】] quit

サンプル
Ethernet 1/0/1～2にVLAN 100、Ethernet 1/0/3～4にVLAN 200を付与する例。

sys
vlan 100
quit
vlan 200
quit

interface Ethernet 1/0/1
port access vlan 100
quit

interface Ethernet 1/0/2
port access vlan 100
quit

interface Ethernet 1/0/3
port access vlan 200
quit

interface Ethernet 1/0/4
port access vlan 200
quit

save

↑

設定ファイル操作†

↑

概要†

機器のメモリ内に設定ファイルを複数保持することが出来る。

↑

操作†

↑

ファイルの確認†

dirコマンドでメモリ内のファイルを確認できる。
(*)が付いているファイルが現在使用されているファイルとなる。

dir /all

<qx>dir /all

Directory of unit1>flash:/
  1 (*)   -rw-   3721202  Feb 18 2008 16:13:04   qx-s3200-v313.bin
  2 (*)   -rw-    576644  Jan 01 2004 00:00:00   qx-http3.1.8-0036.web
  3       -rw-      1010  Jan 01 2004 00:00:00   vrpcfg.def
  4 (*)   -rw-      2594  Apr 02 2000 00:43:24   vrpcfg.cfg
  5       -rwh       151  Apr 02 2000 17:36:43   private-data.txt
  6       -rw-      1010  Apr 02 2000 00:44:59   startup.cfg

↑

設定ファイルの選択†

起動時に使用する設定ファイルを変更する場合には以下の様なコマンドを使用する。

書式
```
startup saved-configuration [FILENAME]
```

例

状態の確認

<qx>display startup

UNIT1:
 Current Startup saved-configuration file:          flash:/vrpcfg.cfg
 Next main startup saved-configuration file:        flash:/vrpcfg.cfg
 Next backup startup saved-configuration file:      NULL
 Bootrom-access enable state:                       enabled

設定ファイルの変更

<qx>startup saved-configuration startup.cfg

 Please wait.............Done!
%Apr  2 00:48:19:294 2000 qx CFM/3/CFM_LOG:- 1 -Unit1 set the configuration successfully.

変更結果の確認

<qx>display startup

UNIT1:
 Current Startup saved-configuration file:          flash:/vrpcfg.cfg
 Next main startup saved-configuration file:        flash:/startup.cfg
 Next backup startup saved-configuration file:      NULL
 Bootrom-access enable state:                       enabled

↑

コマンド†

↑

概要†

QX-S3218TPはH3C社のOEM製品であるため、コマンド体系はH3C系機器と同一である。

↑

基本操作†

↑

モード切替†

user-viewモード
```
<xxx-xxx>
```

system-viewモード

<xxx-xxx> system-view
[xxx-xxx]

又は、

<xxx-xxx> sys
[xxx-xxx]

↑

設定の保存†

save

<QX-S3218TP> save

The configuration will be written to the device.
Are you sure?[Y/N]y
Please input the file name(*.cfg)(To leave the existing filename
 unchanged press the enter key):
Now saving current configuration to the device.
Saving configuration. Please wait...
......
 Unit1 save configuration flash:/startup.cfg successfully

↑

バージョン情報の表示†

display version

<QX-S3218TP>display version

Versatile Routing Platform Software
VRP(R) Software, Version 3.1.3
Copyright (c) 2004-2008 NEC Corporation. All rights reserved.
QX-S3218TP uptime is 0 week, 0 day, 0 hour, 2 minutes

QX-S3218TP with 1 Processor
64M     bytes SDRAM
8M      bytes Flash Memory
Config Register points to FLASH

Hardware Version is REV.A
Bootrom Version is 518
CPLD Version is 003
[Subslot 0] 16FE         Hardware Version is REV.A
[Subslot 1]  1GE         Hardware Version is REV.A
[Subslot 2]  1GE         Hardware Version is REV.A

↑

設定の表示†

display current-configuration

<QX-S3218TP>display current-configuration

#
 sysname QX-S3218TP
#
radius scheme system
#
domain system
#
vlan 1
#
interface Aux1/0/0
#
interface Ethernet1/0/1
#
interface Ethernet1/0/2
#
interface Ethernet1/0/3
#
interface Ethernet1/0/4
#
interface Ethernet1/0/5
#
interface Ethernet1/0/6
#
interface Ethernet1/0/7
#
interface Ethernet1/0/8
#
interface Ethernet1/0/9
#
interface Ethernet1/0/10
#
interface Ethernet1/0/11
#
interface Ethernet1/0/12
#
interface Ethernet1/0/13
#
interface Ethernet1/0/14
#
interface Ethernet1/0/15
#
interface Ethernet1/0/16
#
interface GigabitEthernet1/1/1
#
interface GigabitEthernet1/1/2
 shutdown
#
interface GigabitEthernet1/2/1
#
interface GigabitEthernet1/2/2
 shutdown
#
interface NULL0
#
user-interface aux 0
user-interface vty 0 4
#
return

↑

ヘルプ†

モードにより使用できるコマンドが変化する。
各モードで使用可能なコマンドは「?」を入力することで表示される。

user-viewモード

<xxx-xxx> ?

User view commands:
 boot         Set boot option
 cd           Change current directory
 clock        Specify the system clock
 cluster      Run cluster command
 copy         Copy from one file to another
 debugging    Enable system debugging functions
 delete       Delete a file
 dir          List files on a file system
 display      Display current system information
 fixdisk      Recover lost chains in storage device
 format       Format the device
 free         Clear user terminal interface
 ftp          Open FTP connection
 lock         Lock current user terminal interface
 mkdir        Create a new directory
 more         Display the contents of a file
 move         Move a file
 nslookup     Query Internet name servers
 ntdp         Run NTDP commands
 ping         Ping function
 pwd          Display current working directory
 quit         Exit from current command view
 reboot       Reset switch
 rename       Rename a file or directory
 reset        Reset operation
 rmdir        Remove an existing directory
 save         Save current configuration
 schedule     Schedule system task
 send         Send information to other user terminal interfaces
 stacking     Run command on stack switch
 startup      Specify system startup parameters
 super        Set the current user priority level
 system-view  Enter the System View
 telnet       Establish one TELNET connection
 terminal     Set the terminal line characteristics
 tftp         Open TFTP connection
 tracemac     Trace MAC function
 tracert      Trace route function
 undelete     Recover a deleted file
 undo         Cancel current setting
 xmodem       Establish an xmodem connection

system-viewモード

[xxx-xxx] ?

System view commands:
 acl                      Specify acl configuration information
 am                       Access management
 apply                    Apply qos-profile
 arp                      Add static ARP entry
 bpdu-tunnel              Global Enable tunneling protocol frame
 broadcast-suppression    Specify the broadcast storm control
 burst-mode               Specify burst-mode
 cdp                      CDP Neighbor discovery protocol
 cluster                  Specify cluster configuration information
 command-privilege        Specify the command level
 copy                     Copy source port configuration to destination port
 copyright-info           Displaying copyright information
 cut                      Cut connection
 delete                   Delete route information
 dhcp                     DHCP packet rate limit
 dhcp-snooping            DHCP snooping
 display                  Display current system information
 dldp                     Specify configuration information of DLDP
 dns                      Specify domain name system
 domain                   Add domain or modify domain attributes
 dot1x                    Specify 802.1X configuration information
 end-station              Configure ip address of end station
 execute                  Batch Command
 file                     Specify file system configuration information
 ftp                      Specify FTP server configuration information
 garp                     Generic Attribute Registration Protocol
 gratuitous-arp-learning  Gratuitous Arp learning function
 gvrp                     GARP VLAN Registration Protocol
 habp                     Specify HABP configuration information
 header                   Specify the login banner
 hwping                   Specify HWPing test class
 hwping-agent             Specify HWPing agent task function
 hwping-server            Specify HWPing server task function
 hwtacacs                 Specify HWTACACS server
 icmp                     Specify ICMP(the Internet Control Message Protocol)
                          configuration information
 igmp-snooping            IGMP snooping
 info-center              Specify information center configuration information
 interface                Specify the interface configuration view
 ip                       Specify IP(Internet Protocol) configuration
                          information
 ipv6                     Specify IPv6(Internet Protocol Version 6)
                          configuration information
 lacp                     Configure LACP Protocol
 link-aggregation         Configure a link aggregation group
 local-server             Specify local RADIUS server configuration
                          information
 local-user               Specify local user configuration information
 loopback-detection       Detect if loopback exists
 mac-address              Configure MAC address
 mac-authentication       Specify MAC authentication configuration information
 management-vlan          Specify management-vlan
 mirrored-to              Mirror the packets
 mirroring-group          Specify mirroring-group
 monitor-link             Configure Monitor Link
 multicast-source-deny    Multicast source port deny
 ndp                      Neighbor discovery protocol
 nslookup                 Query Internet name servers
 ntdp                     Specify NTDP configuration information
 ntp-service              Specify NTP(Network Time Protocol) configuration
                          information
 oadp                     OADP Neighbor discovery protocol
 packet-filter            Filter packets based on acl
 ping                     Ping function
 port-group               All ports which belong to a certain port-group
 port-mac                 Config port MAC start address
 port-security            Specify port-security configuration information
 priority                 Specify priority
 priority-trust           Specify priority trust mode
 public-key               Specify public-key module configuration information
 qos                      QoS configuration information
 qos-profile              Specify qos-profile configuration information
 queue-scheduler          Specify queue scheduling mode and parameters
 quit                     Exit from current command view
 radius                   Specify RADIUS configuration information
 reset                    Reset operation
 return                   Exit to User View
 rmon                     Specify RMON
 rsa                      Specify RSA module configuration information
 save                     Save current configuration
 schedule                 Schedule system task
 sftp                     Set SFTP service attribute
 smart-link               Configure Smart Link
 smarton                  SmartOn enable function
 snmp-agent               Specify SNMP(Simple Network Management Protocol)
                          configuration information
 ssh                      Specify SSH (secure shell) configuration information
 ssh2                     Open a secure shell client connection
 stacking                 Specify stack configuration information
 stp                      Spanning tree protocol
 super                    Modify super password parameters
 sysname                  Specify system name and the command line prompt
 system-guard             System-guard module options
 system-monitor           Specify system-monitor configuration information
 tcp                      Specify TCP(Transmission Control Protocol)
                          configuration information
 tftp                     Open TFTP connection
 tftp-server              TFTP Server
 time-range               Specify time-range configuration information
 tracemac                 Trace MAC function
 tracert                  Trace route function
 traffic-limit            Limit the rate of the packets
 traffic-priority         Specify new priority of the packets
 traffic-redirect         Redirect the packets
 traffic-statistic        Count the packets
 undo                     Cancel current setting
 unknown-multicast        Unknown multicast
 user-interface           Configure the user terminal interface
 vlan                     Configure VLAN
 vlan-mapping             Specify VLAN mapping function
 vlan-vpn                 Specify VLAN VPN (Virtual Private Net) information
 voice                    Specify voice vlan