HP ProCurve Switch 5300xl Series Date 2/11/2003 Version 1.
HP ProCurve Switch 5300xl Series Reviewer’s Guide Table of Contents 1. BACKGROUND.................................................................................................................5 1.1 HP ProCurve Networking ......................................................................................................................................5 1.2 Hewlett-Packard 5300 Switch Products .............................................................................................................
HP ProCurve Switch 5300xl Series Reviewer’s Guide 2.5.1.2 Static Filters.............................................................................................................................................20 2.5.2 802.1x – Port-based access control / RADIUS Authentication .......................................................................20 2.5.2.1 RADIUS Server Accounting ...................................................................................................................21 2.5.2.
HP ProCurve Switch 5300xl Series Reviewer’s Guide 4.1 5. ProCurve Networking Web Site...........................................................................................................................33 PRICING ..........................................................................................................................35 © Hewlett-Packard Co. 2002, 2003 Rev 1.1 – 2/11/2003 http://www.hp.
HP ProCurve Switch 5300xl Series Reviewer’s Guide 1. Background This HP ProCurve Switch 5300xl Series Reviewer’s Guide will help network engineers at computer trade publications, resellers and end-user sites evaluate the merits of the HP ProCurve switches. 1.1 HP ProCurve Networking HP ProCurve Networking is an extensible line of products working together to provide the control network administrators need to deliver the network uptime and performance that their organizations require.
HP ProCurve Switch 5300xl Series Reviewer’s Guide • HP ProCurve Switch redundant power supply (J4839A) Pricing for each of these switches and modules is given in the Pricing section. 1.3 HP ProCurve Adaptive EDGE Architecture™ Networks are now being asked to carry many different types of data with differing delivery requirements. Traffic volumes are rising quickly. Security needs are more stringent. And the typical user is demanding a higher level of mobility than ever before.
HP ProCurve Switch 5300xl Series Reviewer’s Guide HP ProCurve product portfolio layer 3 and 4+ managed chassis layer 2 and 3* managed chassis and managed stackables layer 2 managed stackables and chassis unmanaged stackables hp procurve switch 2724 • 10/100/1000 • 24 ports new hp procurve switch 2708 • 10/100/1000 • 8 ports new hp procurve switch 2324 • 10/100 • 24 ports • 2 open 100/1000 transceiver slots hp procurve switch 2312 • 10/100 • 12 ports • 2 open 100/1000 transceiver slots hp procurve swi
HP ProCurve Switch 5300xl Series Reviewer’s Guide 1.4.1 Positioning for the HP ProCurve Switch 5308xl The HP ProCurve Switch 5308xl is a 5U wire speed Layer 2/3/4 eight slot chassis switch targeted primarily at high performance access tier applications where higher port density is needed. The HP ProCurve Switch 5308xl provides up to 32 Gigabit Ethernet ports or 192 10/100-TX with HP Auto-MDI-X ports.
HP ProCurve Switch 5300xl Series Reviewer’s Guide 2. Evaluation Features and Benefits 2.1 Feature Set Summary The HP ProCurve Switch 5300xl Series are store-and-forward Layer 2/3/4 routing switches. Features, discussed in more detail later in this section, include: 2.1.1 Architecture • A high speed Layer 3 architecture consisting of a full routing switch ASIC on each module, all interconnected via the backplane crossbar switch fabric ASIC. Both ASICs are HP designed.
HP ProCurve Switch 5300xl Series Reviewer’s Guide • Port security – MAC lockdown • SSHv2 – secure connection for telnet services • SSL – Secure Sockets Layer for secure interaction between a browser and the 5300’s management GUI interface • Management VLAN – Limit CLI/GUI/telnet access to the switch to a particular VLAN • Manager authorized list – limiting access to the Web services, telnet and tftp 2.1.5 Bandwidth Management • 802.
HP ProCurve Switch 5300xl Series Reviewer’s Guide 2.1.9 New Features in Software Release E.07.21 (released January 22, 2003) • • • • • • • ACLs SSHv2 IGMPv3 Debug/Logging XRRP SSL Meshing improvements • • • 100FX module software support SNMPv3 OSPF Route Authentication 2.2 Architecture 2.2.1 Hardware Architecture Summary The HP ProCurve Switch 5304xl has 4 identical slots, while the HP ProCurve Switch 5308xl has eight. Any of the Switch 5300xl modules can be put in any of the slots.
HP ProCurve Switch 5300xl Series Reviewer’s Guide 2.2.2.1 Classification and Lookup When a packet first comes in, the classifier section determines the packet characteristics, its addresses, VLAN affiliation, any priority specification, etc. The packet is stored in input memory, lookups into the table memory are done to determine routing information and a N-Chip specific packet header is created for this packet with this information. This header is then forwarded to the programmable section of the N-Chip.
HP ProCurve Switch 5300xl Series Reviewer’s Guide 2.2.3 F-Chip The fabric, or F-Chip, which is located on the backplane of the switch, provides the crossbar fabric for interconnecting the modules together. The use of a crossbar allows wire speed connections simultaneously from any module to any other module. As mentioned in the N-Chip section, the connection between the F-Chip and each N-Chip (module) in the chassis is through a 9.6Gbps full duplex link.
HP ProCurve Switch 5300xl Series Reviewer’s Guide • Static IP routes: 512 maximum per chassis • IRDP (ICMP Router Discovery Protocol) • Proxy ARP • Up to 10,000 network address routes – enough for a large local environment • Up to 65,536 Layer 3 host address routes • Bootp Relay Service • Encapsulation type: Ethernet II • 8 Subnets per VLAN: one primary subnet and up to 7 secondary subnets. Maximum 512 secondary subnets per chassis.
HP ProCurve Switch 5300xl Series Reviewer’s Guide 2.3.3 Switch Meshing (LAN Aggregation) The HP ProCurve Switch 5300xl Series family supports HP’s Switch Meshing, a way to interconnect these switches in a meshed topology at Layer 2. Meshed switch-to-switch links can all be used simultaneously to their full advantage, with traffic being load-balanced through redundant links based on dynamically determined latency on the different possible paths between switches.
HP ProCurve Switch 5300xl Series Reviewer’s Guide • Unlike a router, no packet modification is required as it travels through the switch. Other HP ProCurve switches that support Switch Meshing, such as the HP ProCurve Switch 4000M family, will work together in a mesh with the HP ProCurve Switch 5300xl Series. There are a few corner case caveats in this type of mixed environment that are covered in the HP ProCurve 5300xl documentation. The HP ProCurve 5300xl documentation can be found at: http://www.hp.
HP ProCurve Switch 5300xl Series Reviewer’s Guide • If a 5300 Management VLAN is enabled it cannot be defined as an XRRP interface – SNMP management requests to a particular 5300 need to go to that physical switch regardless of fail-over status. • XRRP does not interoperate with VRRP, but can coexist in a VRRP environment without interference. For more details see the HP ProCurve Switch 5300xl Series documentation located at: http://www.hp.com/go/hpprocurve under the Technical Support section. 2.
HP ProCurve Switch 5300xl Series Reviewer’s Guide that has 802.1Q tagging turned on. For diffserv, each of the diffserv code points (DSCP) can have a priority set for it. It is also possible to set a new DSCP and 802.1p priority based on the incoming DSCP, or set the 802.1p priority alone based on the incoming DSCP.
HP ProCurve Switch 5300xl Series Reviewer’s Guide 2.4.5 End-to-End QoS QoS capabilities in the switch allow it to deal with two different concerns that arise in Ethernet networks: congestion control and latency. In the past, controlling traffic congestion was viewed as the primary reason for QoS.
HP ProCurve Switch 5300xl Series Reviewer’s Guide ignored. If a packet does not match any of the conditions in the ACL, it is denied. This is in keeping with the typical use of ACLs as a security mechanism. If the automatic denial property is not wanted, the ACL should end with an ACE statement permitting ANY. To assist in writing and editing ACLs, the ACL file can be edited externally and downloaded into the 5300.
HP ProCurve Switch 5300xl Series Reviewer’s Guide can be given specific network access rights, such as assignment to a specific VLAN and some high level session accounting information can be maintained. (See the next section.) With a centralized RADIUS server doing the actual authentication, a user can log-in anywhere in the network that supports 802.1x and get access to his resources.
HP ProCurve Switch 5300xl Series Reviewer’s Guide • RFC-2868 - RADIUS Attributes for Tunnel Protocol Support • RFC-2618 - RADIUS Authentication Client MIB • RFC-2866 - RADIUS Accounting • RFC-2620 - RADIUS Accounting Client MIB 2.5.3 TACACS+ Authentication The HP ProCurve Switch 5300xl Series supports TACACS+ as an authentication means for switch telnet or console port access.
HP ProCurve Switch 5300xl Series Reviewer’s Guide 2.5.6 SSL – Secure Sockets Layer SSL can be used to encrypt the exchange between a web browser and the 5300 switch when using the HP ProCurve Switch 5300xl Series web GUI. A facility is provided on the GUI interface to generate a self-signed RSA certificate for use during a SSL browser session. 2.5.7 Management VLAN The HP ProCurve Switch 5300xl Series can be configured to designate one of the VLANs to be the management VLAN.
HP ProCurve Switch 5300xl Series Reviewer’s Guide 2.6 Bandwidth Management 2.6.1 Port Trunking – (Port Aggregation) Link Aggregation is the industry term for the ability to combine multiple coterminous links (links that begin at the same point and end at the same point) as one logical link. Link aggregation allows two HP ProCurve switches to be interconnected by 2-4 of the same type of links, with all links acting as one higher-speed link.
HP ProCurve Switch 5300xl Series Reviewer’s Guide To avoid this situation the HP ProCurve Switch 5300 Series uses the source and destination IP addresses to determine which link a particular packet flow uses. This will provide a good overall distribution of traffic across the different links in the trunk. 2.6.2 VLANs A Virtual LAN is a logical collection of ports or nodes that belong to a single broadcast/multicast domain.
HP ProCurve Switch 5300xl Series Reviewer’s Guide cases to be the maximum number of VLANs expected in the entire network environment supported by GVRP. This will provide space for dynamic VLAN definitions that come about through GVRP. 2.6.3 IGMP Internet Group Multicast Protocol (IGMP) is a multicast control protocol that builds delivery paths through the switch network. The switch eavesdrops on IGMP traffic so that it knows which ports are part of which multicast groups.
HP ProCurve Switch 5300xl Series Reviewer’s Guide • • • • • • • • • • IP Forwarding Table MIB (RFC 2096) SMON MIB (RFC 2613) RADIUS Client MIB (RFC 2618) RADIUS Client Accounting MIB (RFC 2620) Ethernet MIB (RFC 2665) 802.3 MAU MIB (RFC 2668) 802.1p and 802.
HP ProCurve Switch 5300xl Series Reviewer’s Guide The console interface is also available in-band through the network via the telnet service. The RS-232 port of the switch speed senses the RS-232 port on the terminal/PC interface up to 115,200 baud. Modems are also supported through the RS-232 port using a straight through cable. 2.8 Availability Availability is the measure of the ability for the switch to remain running over a period of time with minimal impact to the network environment. 2.8.
HP ProCurve Switch 5300xl Series Reviewer’s Guide 2.8.4.1 SysLog Capabilities As described in the previous section, local logging is a feature well suited for a small network. When a network becomes much larger than a few switches, having to go to each individual switch makes diagnosing a problem more difficult. Syslog functionality, growing out of the UNIX environment, is a method of sending log entries to a centralized server.
HP ProCurve Switch 5300xl Series Reviewer’s Guide Hewlett-Packard can also provide more broad-based services such as site surveys, installation services, and actual management of the network, depending on customer needs. More information can be found at http://www.hp.com/go/hpprocurve or by contacting a local HP sales office. © Hewlett-Packard Co. 2002, 2003 Rev 1.1 – 2/11/2003 http://www.hp.
HP ProCurve Switch 5300xl Series Reviewer’s Guide 3. Performance These numbers have been generated by Hewlett-Packard, using testers from Ixia Communications. Ixia testers are used by a number of network testing houses and the press to determine performance numbers for networking equipment. In these tests, 32 ports were used for Gigabit testing, 192 ports for 100 Mb testing. All ports were full duplex. Numbers presented here are condensed from Ixia reports in order to save space.
HP ProCurve Switch 5300xl Series Reviewer’s Guide 3.2.2 100BT Ports Port pairs active, full duplex: 192 All latencies in microseconds Frame Size 64 128 24.36 36.26 AvgLatency(µs) 256 42.38 512 81.44 1024 136.46 1280 166.42 1518 200.82 3.2.3 Latency Test Comments Latency is measured as the time it takes for a byte inside a packet to enter and then leave the switch.
HP ProCurve Switch 5300xl Series Reviewer’s Guide 4. Additional Information 4.1 ProCurve Networking Web Site Additional information, including the latest data sheets, design services, white papers, product documentation and support information can be obtained through the HP ProCurve Networking web site. HP ProCurve Networking can be reached at: http://www.hp.com/go/hpprocurve The information contained in this document is subject to change without notice. © Hewlett-Packard Co. 2002, 2003 Rev 1.
HP ProCurve Switch 5300xl Series Reviewer’s Guide 5. Pricing All managed HP switches ship with HP TopTools for Hubs & Switches. Prod No. US List Price February 1, 2003 Description J4819A HP ProCurve Switch 5308xl Chassis with 1 power supply, routing engine, and 8 open module slots $2,999 J4848A HP ProCurve Switch 5372xl Switch 5308xl pre-configured with 72 10/100 ports.
