WESM zl Management and Configuration Guide Supplement 2007-09

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

Wireless Edge Services zl Module Supplement

to the ProCurve zl Switch Management and Configuration Guide

This document provides supplemental information for the configuration, operation, and monitoring

of ProCurve Wireless Edge Services zl Modules (J9051A) and the ProCurve Redundant Wireless

Services zl Modules (J9052A) in ProCurve Series zl switches.

Related ProCurve zl Module publications include:

■ ProCurve Wireless Edge Services zl Modules Getting Started Guide

■ ProCurve Wireless Edge Services zl Modules Management and Configuration Guide

Related ProCurve zl Switch publications include:

ProCurve Networking periodically updates switch software and product manuals, and posts them

on the world-wide Web. For the latest software release and publications for your ProCurve

Networking product, visit www.procurve.com. Click on Software updates to check on the latest

software releases. To access latest product manuals, click on Technical support > Product manuals (all),

and then select the desired ProCurve product.

zl Switch Related Switch Publications

5400zl Series • ProCurve Switch zl Modules Installation Guide

• ProCurve Series 5400zl Switches Installation and Getting Started Guide

• ProCurve Series 5400zl Switches Management and Configuration Guide

• ProCurve Series 5400zl Switches Access Security Guide

• ProCurve Series 5400zl Switches Advanced Traffic Management Guide

• Power over Ethernet Planning and Implementation Guide

8200zl Series • ProCurve Switch zl Modules Installation Guide

• ProCurve Series 8212zl Switch Installation and Getting Started Guide

• ProCurve Series 8200zl Switches Management and Configuration Guide

• ProCurve Series 8200zl Switches Access Security Guide

• ProCurve Series 8200zl Switches Advanced Traffic Management Guide

• Power over Ethernet Planning and Implementation Guide

Summary of content (42 pages)

PAGE 1
Wireless Edge Services zl Module Supplement to the ProCurve zl Switch Management and Configuration Guide This document provides supplemental information for the configuration, operation, and monitoring of ProCurve Wireless Edge Services zl Modules (J9051A) and the ProCurve Redundant Wireless Services zl Modules (J9052A) in ProCurve Series zl switches.
PAGE 3
Contents Contents Applicable Switch Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Minimum Software Version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Related Publications . . . . . . . . . . . . .
PAGE 4
Contents Downloading New Software to the Module . . . . . . . . . . . . . . . . . . . . . . . . . 33 Resetting the Module to Factory Defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 Module Messages in the Event Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 5
Applicable Switch Models Applicable Switch Models The ProCurve Wireless Edge Services zl Module (J9051A) and the ProCurve Redundant Wireless Services zl Module (J9052A) described in this supplement operate in ProCurve zl Series switches. Minimum Software Version The zl series switch software must be version K.12.40 or later. This document describes a ProCurve Wireless Edge Services zl Module running software version number WT.01.03 or later.
PAGE 6
Introduction Licenses resident in the Wireless Edge Services zl Module, the primary Module, determine the number of radio ports supported by a wireless servicesenabled switch. The Redundant Wireless Services zl Module does not contain any licenses itself. As a redundant Module, it uses a primary Module’s licenses. A license for 12 radio ports is pre-installed at the factory. Additional license products can be purchased to increase the number of radio ports supported.
PAGE 7
Introduction Term Use in this Manual Auto-VLAN This is a special, automatically-created and configured, radio port VLAN (see radio port VLAN definition below) used by the zl switch to automatically enable communication between a zl Module's downlink port and a connected radio port. Only one radio port Auto-VLAN may exist on a zl switch.
PAGE 8
Introduction Term Use in this Manual Layer 2 adoption A radio port is adopted by a Module in the same Layer 2 domain (subnet). Software version WT.01.03 (or later) supports both Layer 2 and Layer 3 adoption. Layer 3 adoption A radio port is adopted by a Module in a different Layer 2 domain (subnet), separated from the radio port by a router or routing switch.
PAGE 9
Introduction Term Use in this Manual Radio Port VLAN When a radio port is placed in a Layer 2 domain different from the (Layer 3 Adoption) Module’s, and the domains are separated by a router or routing switch, Layer 3 Adoption must be used. For Layer 3 Adoption, a radio port must be able to acquire an IP address from a DHCP server. A VLAN with the Wireless Module’s IP address carries wireless traffic as well as management, control, and status information sent between the Module and radio ports.
PAGE 10
General Operating Rules with zl Switches Related Publications This supplement describes the setup and configuration of the ProCurve Wireless Edge Services zl Modules in a Wireless Services-Enabled ProCurve zl Switch. The focus is on Module operation as part of a zl switch. Other documentation describes the operation of these Modules in providing wireless services.
PAGE 11
Radio Ports Radio Ports Installing a ProCurve Wireless Edge Services zl Module or a ProCurve Redundant Wireless Services zl Module in a zl switch creates a wireless services-enabled switch that centrally configures and manages ProCurve Radio Ports, distributed throughout a network, to provide 802.11 wireless services. A Module has no visible external ports. It communicates with the wired (uplink) and wireless (downlink) sides of the network through the VLAN connectivity of its internal ports.
PAGE 12
Radio Ports To control a radio port, a Module must have network connectivity to it. A radio port VLAN supplies this connectivity. This VLAN contains the Module’s internal downlink port as a tagged member, and the downlink radio port (the port connected directly to the radio port on the local, or on an infrastructure, switch) as an untagged member. See Figure 1 for a summary of the VLAN configurations required to support Layer 2 radio port and the internal Module uplink and downlink port communications.
PAGE 13
Radio Ports Radio Ports as Layer 3 Devices You can configure the network to allow radio port adoption and communication over Layer 3. Note During radio port adoption, the Module automatically downloads a compatible bootloader code version into the radio port. However, to support Layer 3 adoption, a suitable bootloader code version must already be operating in the radio port.
PAGE 14
Radio Ports Figure 2.
PAGE 15
Using zl Switch Features for the Module Using zl Switch Features for the Module A zl switch provides support for the Wireless Edge Services zl Module in three major areas: ■ providing VLANs for network communication, critical for radio-port adoption and control; ■ initial Module set up; and ■ Module management interfaces These topics are covered in the following sections.
PAGE 16
Using zl Switch Features for the Module The following switch authentication applications take precedence over LLDP: ■ 8021.X ■ Web Authentication ■ MAC Authentication This means that if LLDP is currently overriding a port's static configuration, and 802.1X authentication is enabled on the port, LLDP's override can be superseded by an 802.1X override. All three of the above authentication schemes take precedence over LLDP.
PAGE 17
Using zl Switch Features for the Module Radio ports connected to infrastructure switches also can use the Auto-VLAN, but the infrastructure switches require manual configuration of the Auto-VLAN and port membership assignments. This includes the downlink radio ports (unless 802.1X RADIUS-assigned VLANs do so) and network uplink ports to the wireless services-enabled switch.
PAGE 18
Using zl Switch Features for the Module Switch State Auto-Provision No Auto-VLAN (initial default state) Auto-Provision Auto-VLAN No Auto-Provision Auto-VLAN No Auto-Provision No Auto-VLAN Wireless Edge Services zl Module Removed • No action taken • No action taken • No action taken • No action taken Radio Port Detected (LLDP enabled on switch and port) • Create Auto-VLAN • Adds DRP1 to Auto-VLAN from vlan-base (temporary • Adds DRP1 to Autooverride) VLAN (temporary VLAN override) New State: Auto
PAGE 19
Using zl Switch Features for the Module Switch State Auto-Provision No Auto-VLAN (initial default state) Auto-Provision Auto-VLAN No Auto-Provision Auto-VLAN User Enables AutoProvision • No action taken • No action taken • Enable Auto• Confirm that all DPs are Provision tagged members of • If Module installed: Auto-VLAN – Create New State: Auto-VLAN from Auto-Provision vlan-base Auto-VLAN – Add DP tagged to Auto-VLAN – Remove DP tagged from VLAN 1 – Add UP tagged t
PAGE 20
Using zl Switch Features for the Module An Auto-VLAN is created when: ■ a Wireless Edge Services zl Module or Redundant Module is first inserted into a zl switch, or ■ a radio port that is directly connected to a PoE-enabled port on the zl switch is detected. The Auto-VLAN is created with the first available VLAN ID, starting from the vlan-base (the default is 2100). There can be only one Auto-VLAN in a switch. If one exists already, a new one is not created.
PAGE 21
Using zl Switch Features for the Module LLDP Auto-Provisioning. By default, LLDP is enabled on the switch and all switch ports. The following command enables auto-provisioning. For auto-provisioning to operate, it must be in an enabled state. ProCurve (Config)# lldp auto-provision radio-ports The no form of this command disables auto-provisioning. Automatic RP VLAN Operation Using RADIUS-Assigned VLANs Using 802.
PAGE 22
Using zl Switch Features for the Module If auto-provisioning is disabled when a Module is installed: ■ the switch adds the Module’s uplink port to the DEFAULT_VLAN as a tagged member, and ■ the switch adds the Module’s downlink port, if not a member of any existing VLAN, to the DEFAULT_VLAN as a tagged member. This configuration will not support radio port adoption at Layer 2. Radio port adoption at Layer 2 uses the downlink port.
PAGE 23
zl Switch Features Not Supported zl Switch Features Not Supported As the Module uses internal ports and VLANs for wireless services to stations, not all of the features of the zl switch are applicable. For example, adding the internal downlink or uplink port to a trunk would not be compatible with the Module’s operation, and is prohibited. Some zl switch configurations are not allowed by the Command Line Interface (CLI). When a CLI command fails, a descriptive message is typically displayed.
PAGE 24
zl Switch Features Not Supported Radio Port VLANs Feature Downlink Port Downlink Radio Ports zl Switch Features Not Supported on a Module Uplink Port Table 2. 802.1X xa x Not allowed. GVRP x x GVRP cannot be enabled on a Module’s uplink or downlink port. Interface Monitoring (Port Mirroring) x x Cannot be used as a monitoring port. x x x x x x x x Fixed at 1000Mbps. Fixed at Full-Duplex. Not allowed. Not allowed. LLDP x x Set to off. MAC Auth x x Not allowed.
PAGE 25
Management Interfaces Management Interfaces To configure and manage the ProCurve Wireless Edge Services zl Module, you can use one of the following management interfaces: ■ Web browser interface — Accessed through a Web browser, this intuitive interface provides comprehensive information to help you manage and monitor your company’s wireless services. The menus and online help guide you through configuration steps.
PAGE 26
Web Browser Interface Once the Module’s IP address is know, you can open the Module’s Web browser interface by enter the IP address in your browser’s address field. Alternatively, you can access the zl switch’s Web browser interface to access the Module Web browser interface. Open a browser window, using the switch’s IP address. Go to the Configuration tab, then select the link displayed on the Module’s image. Figure 3.
PAGE 27
CLI (Command Line Interface) CLI (Command Line Interface) You must first access the switch CLI, in accordance with your switch manuals. You cannot access the Module CLI commands directly. Displaying the Module’s Software Version Use the show wireless-services command to display Module’s software version. The following example shows a Module running software version WT.01.
PAGE 28
CLI (Command Line Interface) Table 3.
PAGE 29
CLI (Command Line Interface) Operator (ProCurve>) Manager (ProCurve#) Description show show Show running system information support support Support commands – telnet Open a Telnet connection – terminal Set terminal line parameters – upgrade Upgrade software image – upgrade-abort Abort an ongoing upgrade write Write running configuration to memory or terminal write Configuring the Module on the Network By default, the Module uses DHCP to get an IP address.
PAGE 30
CLI (Command Line Interface) To display the Module’s IP address, you must first go to the wireless-services context in the zl switch CLI, using the following command: ProCurve# wireless-services To show the Module’s IP address, enter ProCurve(wireless-services-)# show ip interfaces The following example shows the IP address assigned by DHCP to a Module installed in Slot C of a zl switch: ProCurve(wireless-services-C)#show ip interface Interface IP-Address Status vlan1 10.100.50.
PAGE 31
CLI (Command Line Interface) ProCurve(config)# show lldp auto-provision radio-ports LLDP auto-provision Radio-Ports Support: LLDP LLDP LLDP LLDP Radio Radio Radio Radio Port Port Port Port Enable [Yes] : Yes suggested auto-vlan [2100] : 120 auto-vlan : 2100 assigned ports : C1,C23 LLDP Global Enable [Yes] : Yes ProCurve(config)# Creating or Changing the Radio Port Auto-VLAN You may wish to manually create or use another VLAN as the Auto-VLAN. This may be done using the following command.
PAGE 32
CLI (Command Line Interface) The no lldp auto-provision radio-ports auto-vlan may be used to delete the radio port Auto-VLAN. See Table 1, “Automatic VLAN Provisioning with LLDP,” on page 13 for information on the changes that occur, depending on the current state of the switch.
PAGE 33
CLI (Command Line Interface) Switch Config Context Commands and Syntax Syntax: [no] lldp auto-provision radio-ports Enables ports connecting to a radio port, discovered using LLDP, to be automatically placed into the AutoVLAN. LLDP must be enabled on the switch and the port. When enabled (the default) the Auto-VLAN (default 2100) is created when a Module or radio port is detected.
PAGE 34
CLI (Command Line Interface) Syntax: wireless-services Changes the CLI to the wireless-services context for the Wireless Edge Services zl Module in slot-id (a - h). The exit command returns the CLI to the switch configuration context. Syntax: wireless-services reload] Reboots the wireless services Module in slot-id with the current software version.
PAGE 35
Displaying zl Module Status from the Switch CLI Displaying zl Module Status from the Switch CLI Show commands are available in both the configuration context and the wireless server context of the zl switch CLI. The configuration context commands are shown below. For the wireless server context commands see the latest Management and Configuration Guide for your Wireless Edge Services Module.
PAGE 36
Displaying zl Module Status from the Switch CLI Switch Config Context Command Syntax Syntax: show lldp auto-provision radio-ports Displays the configuration and status of the following auto-provisioning elements. Items in [ ] are default values: LLDP Radio Port Enable [Yes] LLDP Radio Port suggested auto-vlan [2100] LLDP Radio Port auto-vlan LLDP Radio Port assigned ports LLDP Global Enable [Yes] Syntax: show modules Displays all Modules installed in the zl switch.
PAGE 37
Downloading New Software to the Module Syntax: show wireless-services radio-ports Displays the radio port VLANs’ 802.1Q VID and Name and member downlink radio ports associated with the specified wireless services Module, slot-id (a - h). Note: the Module’s downlink port does not display as a member. To explicitly see the VLANs containing a Module’s downlink port, use the show vlans ports dp command.
PAGE 38
Module Messages in the Event Log Module Messages in the Event Log The Module sends messages to the zl switch Event Log. Each log message contains the following elements: wsm : message Messages reporting the module’s status, sent by the zl switch, are included here.
PAGE 39
Module Messages in the Event Log # Message Severity Description 659 Wireless Services zl Module : excessive reboots detected major Communication has not been established with the switch. The module is not ready. 660 Wireless Services zl Module removed major before shutdown completed The module was removed before the shutdown process was completed. 661 Wireless Services zl Module is safe for removal info The module may be safely removed from the chassis.
PAGE 40
Module Messages in the Event Log # Message Severity Description 1503 Number of Radio Ports supported xx. info Indicates the number of radio port licenses present on a module when it begins or resumes operation. Redundant modules always report 0 licenses. 1504 This Version of Software xx.xx.xx cannot support x major number of Radio Ports. This message appears followed by message 1505. The number of licenses installed is not supported by the current software version.
PAGE 41
PAGE 42
© 2007 Hewlett-Packard Development Company, LP. The information contained herein is subject to change without notice.