标签:
华为QuidWay交换机配置命令手册: 1、开始 建立本地配置环境,将主机的串口通过配置电缆与以太网交换机的Console口连接。 在主机上运行终端仿真程序(如Windows的超级终端等),设置终端通信参数为:波特率为9600bit/s、8位数据位、1位停止位、无校验和无流控,并选择终端类型为VT100。 以太网交换机上电,终端上显示以太网交换机自检信息,自检结束后提示用户键入回车,之后将出现命令行提示符(如<Quidway>)。 键入命令,配置以太网交换机或查看以太网交换机运行状态。需要帮助可以随时键入"?" 2、命令视图 (1)用户视图(查看交换机的简单运行状态和统计信息)<Quidway>:与交换机建立连接即进入 (2)系统视图(配置系统参数)[Quidway]:在用户视图下键入system-view (3)以太网端口视图(配置以太网端口参数)[Quidway-Ethernet0/1]:在系统视图下键入interface ethernet 0/1 (4)VLAN视图(配置VLAN参数)[Quidway-Vlan1]:在系统视图下键入vlan 1 (5)VLAN接口视图(配置VLAN和VLAN汇聚对应的IP接口参数)[Quidway-Vlan-interface1]:在系统视图下键入interface vlan-interface 1 (6)本地用户视图(配置本地用户参数)[Quidway-luser-user1]:在系统视图下键入local-user user1 (7)用户界面视图(配置用户界面参数)[Quidway-ui0]:在系统视图下键入user-interface 3、其他命令 设置系统时间和时区<Quidway>clock time Beijing add 8 <Quidway>clock datetime 12:00:00 2005/01/23 设置交换机的名称[Quidway]sysname TRAIN-3026-1[TRAIN-3026-1] 配置用户登录[Quidway]user-interface vty 0 4 [Quidway-ui-vty0]authentication-mode scheme 创建本地用户[Quidway]local-user huawei [Quidway-luser-huawei]password simple huawei [Quidway-luser-huawei] service-type telnet level 3 4、VLAN配置方法 『配置环境参数』 SwitchA端口E0/1属于VLAN2,E0/2属于VLAN3 『组网需求』 把交换机端口E0/1加入到VLAN2 ,E0/2加入到VLAN3 数据配置步骤 『VLAN配置流程』 (1)缺省情况下所有端口都属于VLAN 1,并且端口是access端口,一个access端口只能属于一个vlan; (2)如果端口是access端口,则把端口加入到另外一个vlan的同时,系统自动把该端口从原来的vlan中删除掉; (3)除了VLAN1,如果VLAN XX不存在,在系统视图下键入VLAN XX,则创建VLAN XX并进入VLAN视图;如果VLAN XX已经存在,则进入VLAN视图。 【SwitchA相关配置】 方法一: (1)创建(进入)vlan2 [SwitchA]vlan 2 (2)将端口E0/1加入到vlan2 [SwitchA-vlan2]port ethernet 0/1 (3)创建(进入)vlan3 [SwitchA-vlan2]vlan 3 (4)将端口E0/2加入到vlan3 [SwitchA-vlan3]port ethernet 0/2 方法二: (1)创建(进入)vlan2 [SwitchA]vlan 2 (2)进入端口E0/1视图 [SwitchA]interface ethernet 0/1 (3)指定端口E0/1属于vlan2 [SwitchA-Ethernet1]port access vlan 2 (4)创建(进入)vlan3 [SwitchA]vlan 3 (5)进入端口E0/2视图 [SwitchA]interface ethernet 0/2 (6)指定端口E0/2属于vlan3 [SwitchA-Ethernet2]port access vlan 3 测试验证 (1)使用命令disp cur可以看到端口E0/1属于vlan2,E0/2属于vlan3; (2)使用display interface Ethernet 0/1可以看到端口为access端口,PVID为2; (3)使用display interface Ethernet 0/2可以看到端口为access端口,PVID为3 5、交换机IP地址配置 功能需求及组网说明 『配置环境参数』 三层交换机SwitchA有两个端口ethetnet 0/1、ethernet 0/2,分别属于vlan 2、vlan 3; 以vlan 2的三层接口地址分别是1.0.0.1/24作为PC1的网关; 以vlan 3的三层接口地址分别是2.0.0.1/24作为PC2的网关; 『组网需求』 PC1和PC2通过三层接口互通 【SwitchA相关配置】 (1)创建(进入)vlan2 [Quidway]vlan 2 (2)将端口E0/1加入到vlan2 [Quidway-vlan2]port ethernet 0/1 (3)进入vlan2的虚接口 [Quidway-vlan2]interface vlan 2 (4)在vlan2的虚接口上配置IP地址 [Quidway-Vlan-interface2]ip address 1.0.0.1 255.255.255.0 (5)创建(进入)vlan3 [Quidway]vlan 3 (6)将E0/2加入到vlan3 [Quidway-vlan3]port ethernet 0/2 (7)进入vlan3的虚接口 [Quidway-vlan3]interface vlan 3 (8)在vlan3的虚接口上配置IP地址 [Quidway-Vlan-interface3]ip address 2.0.0.1 255.255.255.0 测试验证 (1)PC1和PC2都可以PING通自己的网关 (2)PC1和PC2可以相互PING通 6、端口的trunk配置 『配置环境参数』 (1)SwitchA 端口E0/1属于vlan10,E0/2属于vlan20,E0/3与SwitchB端口E0/3互连 (2)SwitchB 端口E0/1属于vlan10,E0/2属于vlan20,E0/3与SwitchA端口E0/3互连 『组网需求』 (1)要求SwitchA的vlan10的PC与SwitchB的vlan10的PC互通 (2)要求SwitchA的vlan20的PC与SwitchB的vlan20的PC互通 数据配置步骤 【SwitchA相关配置】 (1)创建(进入)vlan10 [SwitchA] vlan 10 (2)将E0/1加入到vlan10 [SwitchA-vlan10]port Ethernet 0/1 (3)创建(进入)vlan20 [SwitchA]vlan 20 (4)将E0/2加入到vlan20 [SwitchA-vlan20]port Ethernet 0/2 (5)实际当中一般将上行端口设置成trunk属性,允许vlan透传 [SwitchA-Ethernet0/3]port link-type trunk (6)允许所有的vlan从E0/3端口透传通过,也可以指定具体的vlan值 [SwitchA-Ethernet0/3]port trunk permit vlan all 【SwitchB相关配置】 (1)创建(进入)vlan10 [SwitchB] vlan 10 (2)将E0/1加入到vlan10 [SwitchB-vlan10]port Ethernet 0/1 (3)创建(进入)vlan20 [SwitchB]vlan 20 (4)将E0/2加入到vlan20 [SwitchB-vlan20]port Ethernet 0/2 (5)实际当中一般将上行端口设置成trunk属性,允许vlan透传 [SwitchB-Ethernet0/3]port link-type trunk (7)允许所有的vlan从E0/3端口透传通过,也可以指定具体的vlan值 [SwitchB-Ethernet0/3]port trunk permit vlan all 【补充说明】 (1)如果一个端口是trunk端口,则该端口可以属于多个vlan; (2)缺省情况下trunk端口的PVID为1,可以在端口模式下通过命令port trunk pvid vlan vlanid 来修改端口的PVID; (3)如果从trunk转发出去的数据报文的vlan id和端口的PVID一致,则该报文的VLAN信息会被剥去,这点在配置trunk端口时需要注意。 (4)一台交换机上如果已经设置了某个端口为hybrid端口,则不可以再把另外的端口设置为trunk端口。 (5)一般情况下最好指定端口允许通过哪些具体的VLAN,不要设置允许所有的VLAN通过。 测试验证 (1)SwitchA vlan10内的PC可以与SwitchB vlan10内的PC互通 (2)SwitchA vlan20内的PC可以与SwitchB vlan20内的PC互通 (3)SwitchA vlan10内的PC不能与SwitchB vlan20内的PC互通 (4)SwitchA vlan20内的PC不能与SwitchB vlan10内的PC互通 7、端口汇聚配置 『配置环境参数』 (1)交换机SwitchA和SwitchB通过以太网口实现互连。 (2)SwitchA用于互连的端口为e0/1和e0/2,SwitchB用于互连的端口为e0/1和e0/2。 『组网需求』 增加SwitchA的SwitchB的互连链路的带宽,并且能够实现链路备份,使用端口汇聚 数据配置步骤 【SwitchA交换机配置】 (1)进入端口E0/1 [SwitchA]interface Ethernet 0/1 (2)汇聚端口必须工作在全双工模式 [SwitchA-Ethernet0/1]duplex full (3)汇聚的端口速率要求相同,但不能是自适应 [SwitchA-Ethernet0/1]speed 100 (4)进入端口E0/2 [SwitchA]interface Ethernet 0/2 (5)汇聚端口必须工作在全双工模式 [SwitchA-Ethernet0/2]duplex full (6)汇聚的端口速率要求相同,但不能是自适应 [SwitchA-Ethernet0/2]speed 100 (7)根据源和目的MAC进行端口选择汇聚 [SwitchA]link-aggregation Ethernet 0/1 to Ethernet 0/2 both 【SwitchB交换机配置】 [SwitchB]interface Ethernet 0/1 [SwitchB-Ethernet0/1]duplex full [SwitchB-Ethernet0/1]speed 100 [SwitchB]interface Ethernet 0/2 [SwitchB-Ethernet0/2]duplex full [SwitchB-Ethernet0/2]speed 100 [SwitchB]link-aggregation Ethernet 0/1 to Ethernet 0/2 both 【补充说明】 (1)同一个汇聚组中成员端口的链路类型与主端口的链路类型保持一致,即如果主端口为Trunk端口,则成员端口也为Trunk端口;如主端口的链路类型改为Access端口,则成员端口的链路类型也变为Access端口。 (2)不同的产品对端口汇聚时的起始端口号要求各有不同,请对照《操作手册》进行配置。 8、端口镜像配置 『环境配置参数』 (1)PC1接在交换机E0/1端口,IP地址1.1.1.1/24 (2)PC2接在交换机E0/2端口,IP地址2.2.2.2/24 (3)E0/24为交换机上行端口 (4)Server接在交换机E0/8端口,该端口作为镜像端口 『组网需求』 (1)通过交换机端口镜像的功能使用server对两台pc的业务报文进行监控。 根据Quidway交换机不同型号,镜像有不同方式进行配置: 基于端口的镜像 ——基于端口的镜像是把被镜像端口的进出数据报文完全拷贝一份到镜像端口,这样来进行流量观测或者故障定位。 基于流的镜像 ——基于流镜像的交换机针对某些流进行镜像,每个连接都有两个方向的数据流,对于交换机来说这两个数据流是要分开镜像的。 S2008/S2016/S2026/S2403H/S3026等交换机支持的都是基于端口的镜像 8016交换机支持基于端口的镜像 3500/3026E/3026F/3050支持基于流的镜像 5516/6506/6503/6506R支持对入端口流量进行镜像 数据配置步骤 以Quidway S3026C为例,通过基于二层流的镜像进行配置: (1)定义一个ACL [SwitchA]acl num 200 (2)定义一个规则从E0/1发送至其它所有端口的数据包 [SwitchA]rule 0 permit ingress interface Ethernet0/1 egress interface Ethernet0/2 (3)定义一个规则从其它所有端口到E0/1端口的数据包 [SwitchA]rule 1 permit ingress interface Ethernet0/2 egress interface Ethernet0/1 (4)将符合上述ACL的数据包镜像到E0/8 [SwitchA]mirrored-to link-group 200 interface e0/8 9、生成树STP配置 『配置环境参数』 (1)交换机SwitchA、SwitchB和SwitchC都通过GE接口互连 (2)SwitchB和SwitchC交换机是核心交换机,要求主备。 『组网需求』 要求整个网络运行STP协议 数据配置步骤 (1)【SwitchA交换机配置】 启动生成树协议: [SwitchA]stp enable (1)【SwitchB交换机配置】 启动生成树协议:[SwitchB]stp enable (3)配置本桥为根桥 [SwitchB]stp root primary (4)【SwitchC交换机配置】 a 启动生成树协议[SwitchC]stp enable b 配置本桥为备份根桥[SwitchC]stp root secondary (5)【SwitchD交换机配置】 a 启动生成树协议[SwitchD]stp enable 【补充说明】 (1)缺省情况下交换机的优先级都是32768,如果想人为指定某一台交换机为根交换机,也可以通过修改优先级来实现; (2)缺省情况下打开生成树后,所有端口都会开启生成树协议,请把接PC的端口改为边缘端口模式; (3)如果要控制某条链路的状态可以通过设置端口的cost值来实现。 测试验证 (1)使用display stp查看交换机STP运行状态 (2)查看端口STP状态display stp interface Ethernet XX是否正确 10、Quidway交换机维护 显示系统版本信息:display version 显示诊断信息:display diagnostic-information 显示系统当前配置:display current-configuration 显示系统保存配置: display saved-configuration 显示接口信息:display interface 显示路由信息:display ip routing-table 显示VLAN信息:display vlan 显示生成树信息:display stp 显示MAC地址表:display mac-address 显示ARP表信息:display arp 显示系统CPU使用率:display cpu 显示系统内存使用率:display memory 显示系统日志:display log 显示系统时钟:display clock 验证配置正确后,使用保存配置命令:save 删除某条命令,一般使用命令: undo S9306的入方向限速为: 首先需要定义acl: acl number 3000 [Quidway-acl-advanced-3000]rule permit ip 然后定义流分类,来匹配该acl: traffic classifier c1 [Quidway-classifier-c1]if-match acl 3000 定义流动作,动作里面做限速的配置,此处限速1000kbits/s:举例说明限速1M traffic behavior b1 [Quidway-behavior-b1] car cir 1000 定义策略,把流行为和流动作关联起来: traffic policy p1 [Quidway-trafficpolicy-p1]classifier c1 behavior b1 进入端口下下发该策略既可: interface GigabitEthernet 0/0/1 [Quidway-GigabitEthernet0/0/1] traffic-policy p1 inbound S9306的出方向限速为: [Quidway-Ethernet0/0/1] qos lr cir 1000 cbs 200000 注意:cbs=200*cir 2M速率模板(inbound) acl number 3001 [Quidway-acl-advanced-3001]rule permit ip traffic classifier 2m [Quidway-classifier-2m]if-match acl 3001 traffic behavior 2m [Quidway-behavior-2m] car cir 2000 traffic policy 2m classifier 2m behavior 2m 3M速率模板(inbound) acl number 3001 rule permit ip traffic classifier 3m if-match acl 3001 traffic behavior 3m car cir 3000 traffic policy 3m classifier 3m behavior 3m 4M速率模板(inbound) acl number 3003 [Quidway-acl-advanced-3003]rule permit ip traffic classifier 4m if-match acl 3001 traffic behavior 4m car cir 4000 traffic policy 4m classifier 4m behavior 4m 6M速率模板(inbound) acl number 3004 [Quidway-acl-advanced-3004]rule permit ip traffic classifier 6m if-match acl 3001 traffic behavior 6m car cir 6000 traffic policy 6m classifier 6m behavior 6m 10M速率模板(inbound) acl number 3005 [Quidway-acl-advanced-3005]rule permit ip traffic classifier 10m if-match acl 3001 traffic behavior 10m car cir 10000 traffic policy 10m classifier 10m behavior 10m 20M速率模板(inbound) acl number 3006 [Quidway-acl-advanced-3006]rule permit ip traffic classifier 20m if-match acl 3001 traffic behavior 20m car cir 20000 traffic policy 20m classifier 20m behavior 20m 30M速率模板(inbound) acl number 3007 [Quidway-acl-advanced-3007]rule permit ip traffic classifier 30m if-match acl 3001 traffic behavior 30m car cir 30000 traffic policy 30m classifier 30m behavior 30m 40M速率模板(inbound) acl number 3008 [Quidway-acl-advanced-3008]rule permit ip traffic classifier 40m [Quidway-classifier-40m]if-match acl 3008 traffic behavior 40m [Quidway-behavior-40m] car cir 40000 traffic policy 40m [Quidway-trafficpolicy-40m]classifier 40m behavior 40m 45M速率模板(inbound) acl number 3009 [Quidway-acl-advanced-3009]rule permit ip traffic classifier 45m [Quidway-classifier-45m]if-match acl 3009 traffic behavior 45m [Quidway-behavior-45m] car cir 45000 traffic policy 45m [Quidway-trafficpolicy-45m]classifier 45m behavior 45m 50M速率模板(inbound) acl number 3010 [Quidway-acl-advanced-3010]rule permit ip traffic classifier 50m if-match acl 3001 traffic behavior 50m car cir 50000 traffic policy 50m classifier 50m behavior 50m 100M速率模板(inbound) acl number 3011 [Quidway-acl-advanced-3011]rule permit ip traffic classifier 100m [Quidway-classifier-100m]if-match acl 3011 traffic behavior 100m [Quidway-behavior-100m] car cir 100000 traffic policy 100m [Quidway-trafficpolicy-100m]classifier 100m behavior 100m 下行端口入方向应用(例如10M速率) interface GigabitEthernet 0/0/1 [Quidway-GigabitEthernet0/0/1] traffic-policy 10m inbound 下行端口出方向 1M速率 [Quidway-Ethernet0/0/1] qos lr cir 1000 cbs 200000 2M速率 [Quidway-Ethernet0/0/1] qos lr cir 2000 cbs 400000 3M速率 [Quidway-Ethernet0/0/1] qos lr cir 3000 cbs 600000 4M速率 [Quidway-Ethernet0/0/1] qos lr cir 4000 cbs 800000 5M速率 [Quidway-Ethernet0/0/1] qos lr cir 5000 cbs 1000000 6M速率 [Quidway-Ethernet0/0/1] qos lr cir 6000 cbs 1200000 10M速率 [Quidway-Ethernet0/0/1] qos lr cir 10000 cbs 2000000 20M速率 [Quidway-Ethernet0/0/1] qos lr cir 20000 cbs 4000000 30M速率 [Quidway-Ethernet0/0/1] qos lr cir 30000 cbs 6000000 40M速率 [Quidway-Ethernet0/0/1] qos lr cir 40000 cbs 8000000 45M速率 [Quidway-Ethernet0/0/1] qos lr cir 45000 cbs 9000000 50M速率 [Quidway-Ethernet0/0/1] qos lr cir 50000 cbs 10000000 100M速率 [Quidway-Ethernet0/0/1] qos lr cir 100000 cbs 20000000 S9306: [S9306] display transceiver interface GigabitEthernet 1/0/1 verbose GigabitEthernet1/0/1 transceiver information: ------------------------------------------------------------- Common information: Transceiver Type :1000_BASE_SX_SFP Connector Type :LC Wavelength(nm) :850 Transfer Distance(m) :500(50um),300(62.5um) Digital Diagnostic Monitoring :YES Vendor Name :FINISAR CORP. Ordering Name : ------------------------------------------------------------- Manufacture information: Manu. Serial Number :PEH4HKB Manufacturing Date :2008-10-24 Vendor Name :FINISAR CORP. ------------------------------------------------------------- Alarm information: ------------------------------------------------------------- Diagnostic information: Temperature(°C) :36 Voltage(V) :3.33 Bias Current(mA) :6.82 Bias High Threshold(mA) :23.85 Bias Low Threshold(mA) :1.73 RX Power(dBM) :-4.40 RX Power High Threshold(dBM) :0.00 RX Power Low Threshold(dBM) :-16.99 TX Power(dBM) :-4.53 TX Power High Threshold(dBM) :0.00 TX Power Low Threshold(dBM) :-9.50 ------------------------------------------------------------- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ S8505: <S8505>dis transceiver alarm interface GigabitEthernet 2/1/1 GigabitEthernet2/1/1 transceiver current alarm information: RX Power Low <S8505>dis transceiver alarm interface GigabitEthernet 2/1/2 GigabitEthernet2/1/2 transceiver current alarm information: None <S8505>dis transceiver diagnosis interface GigabitEthernet 2/1/2 Error: The transceiver does not support this function. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ NE40E-X8 <NE40E-X8>dis interface GigabitEthernet 8/0/7 GigabitEthernet8/0/7 current state : DOWN Line protocol current state : DOWN Description:to_yanbuhengsheng_S9306_G6/0/0 Route Port,The Maximum Transmit Unit is 1500 Internet Address is 192.168.8.133/30 IP Sending Frames‘ Format is PKTFMT_ETHNT_2, Hardware address is 286e-d496-c271 The Vendor PN is PT7420-51-EW The Vendor Name is NEOPHOTONICS Port BW: 1G, Transceiver max BW: 1G, Transceiver Mode: SingleMode WaveLength: 1310nm, Transmission Distance: 40km Rx Power: -40.00dBm, Tx Power: -2.09dBm Loopback:none, full-duplex mode, negotiation: disable, Pause Flowcontrol:Receive Enable and Send Enable Last physical up time : - Last physical down time : 2010-10-21 17:12:33 Statistics last cleared:never Last 300 seconds input rate: 0 bits/sec, 0 packets/sec Last 300 seconds output rate: 0 bits/sec, 0 packets/sec Input: 0 bytes, 0 packets Output: 0 bytes, 0 packets Input: Unicast: 0 packets, Multicast: 0 packets Broadcast: 0 packets, JumboOctets: 0 packets CRC: 0 packets, Symbol: 0 packets Overrun: 0 packets, InRangeLength: 0 packets +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ NE40E(8&x8) <NE40E>dis interface GigabitEthernet 8/0/7 GigabitEthernet8/0/7 current state : UP Line protocol current state : UP Last line protocol up time : 2010-10-21 21:50:52 Description:to_yanbuhengsheng_S9306_G1/0/0 Route Port,The Maximum Transmit Unit is 1500 Internet Address is 192.168.8.65/30 IP Sending Frames‘ Format is PKTFMT_ETHNT_2, Hardware address is 286e-d496-c2fd The Vendor PN is PT7420-51-EW The Vendor Name is NEOPHOTONICS Port BW: 1G, Transceiver max BW: 1G, Transceiver Mode: SingleMode WaveLength: 1310nm, Transmission Distance: 40km Rx Power: -10.39dBm, Tx Power: -2.29dBm Loopback:none, full-duplex mode, negotiation: disable, Pause Flowcontrol:Receive Enable and Send Enable Last physical up time : 2010-10-21 21:50:52 Last physical down time : 2010-10-21 21:49:28 Statistics last cleared:never Last 300 seconds input rate: 0 bits/sec, 0 packets/sec Last 300 seconds output rate: 16 bits/sec, 0 packets/sec Input: 196 bytes, 3 packets Output: 1164 bytes, 17 packets Input: Unicast: 0 packets, Multicast: 0 packets Broadcast: 3 packets, JumboOctets: 0 packets CRC: 0 packets, Symbol: 0 packets Overrun: 0 packets, InRangeLength: 0 packets LongPacket: 0 packets, Jabber: 0 packets, Alignment: 0 packets Fragment: 0 packets, Undersized Frame: 0 packets RxPause: 0 packets Output: Unicast: 0 packets, Multicast: 0 packets Broadcast: 17 packets, JumboOctets: 0 packets Lost: 0 packets, Overflow: 0 packets, Underrun: 0 packets System: 0 packets, Overruns: 0 packets TxPause: 0 packets +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 华为交换机配置console口和telnet密码实例 sys 进入到系统视图 Enter system view, return to user view with Ctrl+Z. [Quidway]user-interface aux 0 [Quidway-ui-aux0]authentication-mode scheme Notice: Telnet or SSH user must be added , otherwise operator can‘t login! [Quidway-ui-aux0]qu [Quidway]local-user huawei 增加用户名 New local user added. [Quidway-luser-huawei]password simple huawei 配置密码,且密码不加密 [Quidway-luser-huawei]service-type telnet ssh level 3 服务类型为SSH和telnet,且用户登陆后权限为管理员权限 [Quidway-luser-huawei]qu [Quidway]user-interface vty 0 4 [Quidway-ui-vty0-4]authentication-mode scheme Notice: Telnet or SSH user must be added , otherwise operator can‘t login! [Quidway-ui-vty0-4] <Quidway>save
标签:
原文地址:http://www.cnblogs.com/sysk/p/4741381.html
