ProCurve Series 6120 Switches Advanced Traffic Management Guide August 2009
© Copyright 2009 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. All Rights Reserved. Warranty This document contains proprietary information, which is protected by copyright. No part of this document may be photocopied, reproduced, or translated into another language without the prior written consent of HewlettPackard.
ii
Contents Product Documentation About Your Switch Manual Set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix Printed Publications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix Electronic Publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix Software Feature Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x 1 Getting Started Contents . . . . . . . . . . . . . . . . . . . . . . . . .
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4 General VLAN Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4 Types of Static VLANs Available in the Switch . . . . . . . . . . . . . . . . . . . 2-5 Port-Based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5 Protocol-Based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Deleting the Management VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . 2-53 Operating Notes for Management VLANs . . . . . . . . . . . . . . . . . . . 2-53 Voice VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-54 Operating Rules for Voice VLANs . . . . . . . . . . . . . . . . . . . . . . . . . 2-54 Components of Voice VLAN Operation . . . . . . . . . . . . . . . . . . . . . 2-55 Voice VLAN Access Security . . . . . . . . . . . . . . . . . . . . .
4 Multiple Instance Spanning-Tree Operation Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3 802.1s Multiple Spanning Tree Protocol (MSTP) . . . . . . . . . . . . . . . . 4-6 MSTP Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-7 How MSTP Operates . . . . . . . . . .
Displaying the MSTP Configuration . . . . . . . . . . . . . . . . . . . . . . . 4-54 Troubleshooting an MSTP Configuration . . . . . . . . . . . . . . . . . . . . . . 4-58 Displaying the Change History of Root Bridges . . . . . . . . . . . . . . . . . 4-58 Displaying Debug Counters for All MST Instances . . . . . . . . . . . . . . . 4-61 Displaying Debug Counters for One MST Instance . . . . . . . . . . . . . . 4-62 Displaying Debug Counters for Ports in an MST Instance . . . . . . . . .
QoS Source-Port Priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-27 Assigning a Priority Based on Source-Port . . . . . . . . . . . . . . . . . . 5-27 Assigning a DSCP Policy Based on the Source-Port . . . . . . . . . . 5-29 Differentiated Services Codepoint (DSCP) Mapping . . . . . . . . . . . 5-33 Default Priority Settings for Selected Codepoints . . . . . . . . . . . . . . . 5-34 Quickly Listing Non-Default Codepoint Settings . . . . . . . . . . . . .
Product Documentation About Your Switch Manual Set Note For the latest version of switch documentation, please visit any of the following websites: www.procurve.com/manuals www.hp.com/go/bladesystem/documentation h18004.www1.hp.com/products/blades/components/c-class-tech-installing.html Printed Publications The publication listed below is printed and shipped with your switch. The latest version is also available in PDF format, as described in the Note at the top of this page.
Software Feature Index This feature index indicates which manual to consult for information on a given software feature. Note This Index does not cover IPv6 capable software features. For information on IPv6 protocol operations and features (such as DHCPv6, DNS for IPv6, and Ping6), refer to the IPv6 Configuration Guide. Intelligent Edge Software Features. These features are automatically included on all switches.
Intelligent Edge Software Features Manual Management Advanced and Traffic Configuration Management Downloading Software X Event Log X Factory Default Settings X Flow Control (802.
Intelligent Edge Software Features Manual Management Advanced and Traffic Configuration Management Port Monitoring Multicast and Routing Access Security Guide X Port Security X Port Status X Port Trunking (LACP) X Port-Based Access Control (802.
Intelligent Edge Software Features Manual Management Advanced and Traffic Configuration Management VLANs Multicast and Routing Access Security Guide X Web Authentication RADIUS Support X Web-based Authentication X Web UI X xiii
1 Getting Started Contents Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Command Syntax Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Command Prompts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Screen Simulations . . . . . . . . . . . . . . . . .
1 Getting Started Contents Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Command Syntax Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Command Prompts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Screen Simulations . . . . . . . . . . . . . . . . .
Getting Started Introduction Introduction This guide is intended for use with the HP ProCurve 6120G/XG and 6120GX switches. It describes how to use the command line interface (CLI), Menu interface, and web browser to configure, manage, monitor, and troubleshoot switch operation. For an overview of product documentation for the above switches, refer to “Product Documentation” on page xiii. You can download documentation from the following web sites: www.procurve.com/manuals www.hp.
Getting Started Conventions Command Prompts In the default configuration, your switch displays a CLI prompt similar to the following examples: ProCurve 6120G/XG Blade Switch# ProCurve 6120XG Blade Switch# To simplify recognition, this guide uses ProCurve to represent command prompts. For example: ProCurve# (You can use the hostname command to change the text in the CLI prompt.) Screen Simulations Displayed Text.
Getting Started Sources for More Information Sources for More Information For information about switch operation and features not covered in this guide, consult the following sources: ■ Note Feature Index—For information on which manual to consult for a given software feature, refer to the “Software Feature Index” on page xiv.
Getting Started Sources for More Information • ■ ■ Advanced Traffic Management Guide—Use this guide for information on topics such as: • VLANs: Static port-based and protocol VLANs, and dynamic GVRP VLANs • spanning-Tree: 802.1D (STP), 802.1w (RSTP), and 802.
Getting Started Sources for More Information Getting Documentation From the Web To obtain the latest versions of documentation and release notes for your switch, go to any of the following web sites: www.procurve.com/manuals www.hp.com/go/bladesystem/documentation h18004.www1.hp.com/products/blades/components/c-class-tech-installing.html Online Help Menu Interface If you need information on specific parameters in the menu interface, refer to the online help provided in the interface.
Getting Started Need Only a Quick Start? The Help Button Figure 1-5. Button for Onboard Administrator Interface Online Help Need Only a Quick Start? IP Addressing If you just want to give the switch an IP address so that it can communicate on your network, or if you are not using VLANs, ProCurve recommends that you use the Switch Setup screen to quickly configure IP addressing. To do so, do one of the following: ■ Enter setup at the CLI Manager level prompt.
Getting Started To Set Up and Install the Switch in Your Network ■ Instructions for physically installing the switch in your network ■ Quickly assigning an IP address and subnet mask, set a Manager password, and (optionally) configure other basic features. ■ Interpreting LED behavior. For the latest version of the Installation and Getting Started Guide for your switch, refer to “Getting Documentation From the Web” on page 1-6.
2 Static Virtual LANs (VLANs) Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4 General VLAN Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4 Types of Static VLANs Available in the Switch . . . . . . . . . . . . . . . . . . . 2-5 Port-Based VLANs . . . . . . . . . . . . . . . .
Static Virtual LANs (VLANs) Contents 802.1Q VLAN Tagging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-40 Special VLAN Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-45 VLAN Support and the Default VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . 2-45 The Primary VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-45 The Secure Management VLAN . . . . . . . . . . . . . . . . . . . .
Static Virtual LANs (VLANs) Overview Overview This chapter describes how to configure and use static, port-based and protocol-based VLANs on the switches covered in this guide.
Static Virtual LANs (VLANs) Introduction Introduction VLAN Features Feature Default Menu CLI Web page 2-22 thru 2-27 page 2-28 page 2-39 default VLAN with page 2-22 VID = 1 thru 2-27 page 2-27 page 2-39 view existing VLANs n/a configuring static VLANs VLANs enable you to group users by logical function instead of physical location.
Static Virtual LANs (VLANs) Introduction Types of Static VLANs Available in the Switch Port-Based VLANs This type of static VLAN creates a specific layer-2 broadcast domain comprised of member ports that bridge IPv4 traffic among themselves. Port-Based VLAN traffic is routable on the switches covered in this guide.
Static Virtual LANs (VLANs) Terminology Note In a multiple-VLAN environment that includes some older switch models there may be problems related to the same MAC address appearing on different ports and VLANs on the same switch. In such cases the solution is to impose some cabling and VLAN restrictions. For more on this topic, refer to “Multiple VLAN Considerations” on page 2-17. Terminology Dynamic VLAN: An 802.
Static Virtual LANs (VLANs) Static VLAN Operation Static VLAN Operation A group of networked ports assigned to a VLAN form a broadcast domain that is separate from other VLANs that may be configured on the switch. On a given switch, packets are bridged between source and destination ports that belong to the same VLAN. Thus, all ports passing traffic for a particular subnet address should be configured to the same VLAN.
Static Virtual LANs (VLANs) Static VLAN Operation Port-Based VLANs Protocol-Based VLANs Tagged VLAN A port can be a tagged member of any port-based A port can be a tagged member of any protocolMembership VLAN. See above. based VLAN. See above.
Static Virtual LANs (VLANs) Static VLAN Operation VLAN Operation The Default VLAN. In figure 2-1, all ports belong to the default VLAN, and devices connected to these ports are in the same broadcast domain. Except for an IP address and subnet, no configuration steps are needed. A1 A8 A7 A2 VLAN 1 A6 A3 A5 A4 Figure 2-1. Example of a Switch in the Default VLAN Configuration Multiple Port-Based VLANs. In figure 2-2, routing within the switch is disabled (the default).
Static Virtual LANs (VLANs) Static VLAN Operation Protocol VLAN Environment. Figure 2-2 can also be applied to a protocol VLAN environment. In this case, VLANs “W” and “X” represent routable protocol VLANs. VLANs “Y” and “Z” can be any protocol VLAN. As noted for the discussion of multiple port-based VLANs, VLAN 1 is not shown. Enabling internal (IP) routing on the switch allows IP traffic to move between VLANs on the switch. However, routable, non-IP traffic always requires an external router.
Static Virtual LANs (VLANs) Static VLAN Operation Red Server Red VLAN The same link carries Red VLAN and Blue VLAN traffic. Blue Server Red VLAN Red VLAN ProCurve Switch ProCurve Switch Blue VLAN Blue VLAN Figure 2-4. Example of Connecting Multiple VLANs Through the Same Link Introducing Tagged VLAN Technology into Networks Running Legacy (Untagged) VLANs. You can introduce 802.1Q-compliant devices into networks that have built untagged VLANs based on earlier VLAN technology.
Static Virtual LANs (VLANs) Static VLAN Operation ■ “CLI: Configuring VLAN Parameters” (page 2-21) ■ “Web: Viewing and Configuring VLAN Parameters” (page 2-39) ■ “VLAN Tagging Information” (page 2-40) ■ “Effect of VLANs on Other Switch Features” (page 2-55) ■ “VLAN Restrictions” (page 2-57) Per-Port Static VLAN Configuration Options The following figure and table show the options you can use to assign individual ports to a static VLAN.
Static Virtual LANs (VLANs) VLAN Operating Rules Parameter No - or Auto Effect on Port Participation in Designated VLAN No: Appears when the switch is not GVRP-enabled; prevents the port from joining that VLAN. Auto: Appears when GVRP is enabled on the switch; allows the port to dynamically join any advertised VLAN that has the same VID Forbid Prevents the port from joining the VLAN, even if GVRP is enabled on the switch.
Static Virtual LANs (VLANs) VLAN Operating Rules protocol VLAN that does not already include the ARP VLAN protocol, the switch displays this message: Indicates a protocol VLAN configured with IPv4, but not ARP. 2-14 ■ Deleting Static VLANs: On the switches covered in this guide you can delete a VLAN regardless of whether there are currently any ports belonging to that VLAN. (The ports are moved to the default VLAN.
Static Virtual LANs (VLANs) VLAN Operating Rules Port “X” receives an inbound, untagged Packet. Is the port an untagged member of any VLANs? No Drop the packet. Yes Does the packet’s protocol match the protocol of an untagged VLAN membership on the port? Yes Forward the packet on that protocol VLAN. No Drop the packet. No Is the port a member of an untagged, port-based VLAN? Yes Forward the packet on the port-based VLAN. Figure 2-7.
Static Virtual LANs (VLANs) General Steps for Using VLANs tagged member must have the same VID as that carried by the inbound, tagged packets generated on that VLAN.) Port “X” receives an inbound, tagged Packet From VLAN “A”. Is port “X” a tagged member of VLAN “A”? No Drop the packet. Yes Forward the packet to any port “Y” on VLAN “A” for outbound transmission. Note that the outbound port can be either a tagged or untagged member of the VLAN. Figure 2-8.
Static Virtual LANs (VLANs) Multiple VLAN Considerations Multiple VLAN Considerations Switches use a forwarding database to maintain awareness of which external devices are located on which VLANs. Some switches, such as the switches covered in this guide, have a multiple forwarding database, which means the switch allows multiple database entries of the same MAC address, with each entry showing the (different) source VLAN and source port.
Static Virtual LANs (VLANs) Multiple VLAN Considerations drops the packet. This is not a problem for a switch with a multiple forwarding database because the switch allows multiple instances of a given MAC address; one for each valid destination. However, a switch with a single forwarding database allows only one instance of a given MAC address.
Static Virtual LANs (VLANs) Multiple VLAN Considerations Example of an Unsupported Configuration and How To Correct It The Problem. In figure 2-9, the MAC address table for Switch 6600 will sometimes record the switch as accessed on port A1 (VLAN 1), and other times as accessed on port B1 (VLAN 2): Switch VLAN 2 VLAN 1 PC “A” A1 B1 PC “B” This switch has a single forwarding database. C1 VLAN 1 D1 VLAN 2 6120 Switch (Same MAC address for all VLANs.) This switch has multiple forwarding databases.
Static Virtual LANs (VLANs) Multiple VLAN Considerations reason, the 6600 discards some packets directed through it for the 6120 switch, resulting in poor performance and the appearance of an intermittent or broken link. The Solution. To avoid the preceding problem, use only one cable or port trunk between the single-forwarding and multiple-forwarding database devices, and configure the link with multiple, tagged VLANs.
Static Virtual LANs (VLANs) Configuring VLANs Switch VLAN 2 VLAN 1 VLAN 1 VLAN 2 6120 Switch Both switches have multiple forwarding databases. Figure 2-11. Example of a Valid Topology for Devices Having Multiple Forwarding Databases in a Multiple VLAN Environment Configuring VLANs Menu: Configuring Port-Based VLAN Parameters The Menu interface enables you to configure and view port-based VLANs. Note The Menu interface configures and displays only port-based VLANs.
Static Virtual LANs (VLANs) Configuring VLANs To Change VLAN Support Settings This section describes: ■ Changing the maximum number of VLANs to support ■ Changing the Primary VLAN selection (See “Changing the Primary VLAN” on page 2-34.) ■ Enabling or disabling dynamic VLANs (Refer to chapter 3, “GVRP” .) 1. From the Main Menu select: 2. Switch Configuration 8. VLAN Menu … 1. VLAN Support You will then see the following screen: Figure 2-12. The Default VLAN Support Screen 2.
Static Virtual LANs (VLANs) Configuring VLANs If you changed the value for Maximum VLANs to support, you will see an asterisk next to the VLAN Support option (see below). An asterisk indicates you must reboot the switch to implement the new Maximum VLANs setting. Figure 2-13. VLAN Menu Screen Indicating the Need To Reboot the Switch 4. • If you changed the VLAN Support option, you must reboot the switch before the Maximum VLANs change can take effect.
Static Virtual LANs (VLANs) Configuring VLANs Default VLAN and VLAN ID Figure 2-14. The Default VLAN Names Screen 2. Press [A] (for Add). You will then be prompted for a new VLAN name and VLAN ID: 802.1Q VLAN ID : 1 Name : _ 3. Type in a VID (VLAN ID number). This can be any number from 2 to 4094 that is not already being used by another VLAN. (The switch reserves “1” for the default VLAN.) Remember that a VLAN must have the same VID in every switch in which you configure that same VLAN.
Static Virtual LANs (VLANs) Configuring VLANs Example of a New VLAN and ID Figure 2-15. Example of VLAN Names Screen with a New VLAN Added 6. Repeat steps 2 through 5 to add more VLANs. Remember that you can add VLANs until you reach the number specified in the Maximum VLANs to support field on the VLAN Support screen (see figure 2-12 on page 2-22). This includes any VLANs added dynamically due to GVRP operation. 7.
Static Virtual LANs (VLANs) Configuring VLANs Default: In this example, the “VLAN-22” has been defined, but no ports have yet been assigned to it. (“No” means the port is not assigned to that VLAN.) Using GVRP? If you plan on using GVRP, any ports you don’t want to join should be changed to “Forbid”. A port can be assigned to several VLANs, but only one of those assignments can be “Untagged”. Figure 2-16. Example of the Port-Based VLAN Port Assignment Screen in the Menu Interface 2.
Static Virtual LANs (VLANs) Configuring VLANs Ports A4 and A5 are assigned to both VLANs. Ports A6 and A7 are assigned only to VLAN-22. All other ports are assigned only to the Default VLAN. Figure 2-17. Example of Port-Based VLAN Assignments for Specific Ports For information on VLAN tags (“Untagged” and “Tagged”), refer to “802.1Q VLAN Tagging” on page 2-40. d. 3.
Static Virtual LANs (VLANs) Configuring VLANs VLAN Commands Page show vlans below show vlans < vid > 2-32 show vlans ports max-vlans <1-256> 2-33 primary-vlan < vid > 2-34 [no] vlan < vid > 2-35 auto < port-list > 2-37 (Available if GVRP enabled.) forbid 2-37 name < vlan-name > 2-37 protocol < protocol-list > 2-35 tagged < port-list > 2-37 untagged < port-list > 2-37 voice 2-54 static-vlan < vlan-id > 2-37 (Available if GVRP enabled.
Static Virtual LANs (VLANs) Configuring VLANs Status: Port-Based: Port-Based, static VLAN Protocol: Protocol-Based, static VLAN Dynamic: Port-Based, temporary VLAN learned through GVRP (Refer to chapter 3, “GVRP” .) Voice: Indicates whether a (port-based) VLAN is configured as a voice VLAN. Refer to “Voice VLANs” on page 2-54. Jumbo: Indicates whether a VLAN is configured for Jumbo packets.
Static Virtual LANs (VLANs) Configuring VLANs Descriptions of items displayed by the command are provided below. Port name: The user-specified port name, if one has been assigned. VLAN ID: The VLAN identification number, or VID. Name: The default or specified name assigned to the VLAN. For a static VLAN, the default name consists of VLAN-x where “x” matches the VID assigned to that VLAN. For a dynamic VLAN, the name consists of GVRP_x where “x” matches the applicable VID.
Static Virtual LANs (VLANs) Configuring VLANs Figure 2-20 is an example of the output when the detail option is used.
Static Virtual LANs (VLANs) Configuring VLANs Displaying the Configuration for a Particular VLAN . This command uses the VID to identify and display the data for a specific static or dynamic VLAN. Syntax: show vlans < vlan-id > 802.1Q VLAN ID: The VLAN identification number, or VID. Refer to “Terminology” on page 2-6. Name: The default or specified name assigned to the VLAN. For a static VLAN, the default name consists of VLAN-x where “x” matches the VID assigned to that VLAN.
Static Virtual LANs (VLANs) Configuring VLANs Figure 2-21. Example of “Show VLAN” for a Specific Static VLAN Show VLAN lists this data when GVRP is enabled and at least one port on the switch has dynamically joined the designated VLAN. Figure 2-22. Example of “Show VLAN” for a Specific Dynamic VLAN Changing the Number of VLANs Allowed on the Switch. In the default VLAN configuration, the switch allows a maximum of 256 VLANs. You can specify any value from 1 to 256.
Static Virtual LANs (VLANs) Configuring VLANs For example, to reconfigure the switch to allow 10 VLANs: Note that you can execute these three steps at another time. Figure 2-23. Example of Command Sequence for Changing the Number of VLANs Changing the Primary VLAN. In the default VLAN configuration, the portbased default VLAN (DEFAULT_VLAN) is the Primary VLAN. However, you can reassign the Primary VLAN to any port-based, static VLAN on the switch.
Static Virtual LANs (VLANs) Configuring VLANs Creating a New Static VLAN (Port-Based or Protocol-Based) Changing the VLAN Context Level. The vlan < vid > command operates in the global configuration context to either configure a static VLAN and/or take the CLI to the specified VLAN’s context. Syntax: vlan < vid | ascii-name-string > [no] vlan < vid > If < vid > does not exist in the switch, this command creates a port-based VLAN with the specified < vid >.
Static Virtual LANs (VLANs) Configuring VLANs name < ascii-name-string > When included in a vlan command for creating a new static VLAN, specifies a non-default VLAN name. Also used to change the current name of an existing VLAN. (Avoid spaces and the following characters in the entry: @, #, $, ^, &, *, (, and ). To include a blank space in a VLAN name, enclose the name in single or double quotes (‘...’ or “...”). [ voice] Designates a VLAN for VoIP use.
Static Virtual LANs (VLANs) Configuring VLANs Converting a Dynamic VLAN to a Static VLAN. Use this feature if you want to convert a dynamic, port-based VLAN membership to a static, portbased VLAN membership. This is necessary if you want to make the VLAN permanent on the switch. Syntax: static-vlan < vlan-id > Converts a dynamic, port-based VLAN membership to a static, port-based VLAN membership. (Allows port-based VLANs only). For this command, < vlan-id > refers to the VID of the dynamic VLAN membership.
Static Virtual LANs (VLANs) Configuring VLANs forbid < port-list > Used in port-based VLANs to configures < port-list > as “forbidden” to become a member of the specified VLAN, as well as other actions. Does not operate with protocol VLANs. The “no” version sets the port(s) to either No or (if GVRP is enabled) to Auto. Refer to chapter 3, “GVRP”, in this guide. auto < port-list > Available if GVRP is enabled on the switch. Returns the perport settings for the specified VLAN to Auto operation.
Static Virtual LANs (VLANs) Configuring VLANs Web: Viewing and Configuring VLAN Parameters In the web browser interface you can do the following: ■ Add VLANs ■ Rename VLANs ■ Remove VLANs ■ Configure VLAN tagging mode per-port ■ Configure GVRP mode ■ Select a new Primary VLAN To configure other static VLAN port parameters, you will need to use either the CLI or the menu interface (available by Telnet from the web browser interface). 1. Click on the Configuration tab. 2.
Static Virtual LANs (VLANs) 802.1Q VLAN Tagging 802.1Q VLAN Tagging General Applications: ■ The switch requires VLAN tagging on a given port if more than one VLAN of the same type uses the port. When a port belongs to two or more VLANs of the same type, they remain as separate broadcast domains and cannot receive traffic from each other without routing.
Static Virtual LANs (VLANs) 802.1Q VLAN Tagging Blue Server Red VLAN 5 4 Red Server 6 Green VLAN: Tagged 2 Green Server 7 White VLAN 4 Red VLAN: Untagged Switch “X” 3 White Server Blue VLAN 5 Switch “Y” 1 1 Green VLAN Red VLAN 3 2 Green VLAN Ports 1 - 6: Untagged Ports 1 - 4: Untagged Port 7: Red VLAN Untagged Green VLAN Tagged Port 5: Red VLAN Untagged Green VLAN Tagged Figure 2-26.
Static Virtual LANs (VLANs) 802.1Q VLAN Tagging Note Each 802.1Q-compliant VLAN must have its own unique VID number, and that VLAN must be given the same VID in every device in which it is configured. That is, if the Red VLAN has a VID of 10 in switch X, then 10 must also be used for the Red VID in switch Y. VID Numbers Figure 2-27.
Static Virtual LANs (VLANs) 802.1Q VLAN Tagging If all end nodes on a port comply with the 802.1Q standard and are configured to use the correct VID, then, you can configure all VLAN assignments on a port as “Tagged” if doing so either makes it easier to manage your VLAN assignments, or if the authorized, inbound traffic for all VLANs on the port will be tagged.
Static Virtual LANs (VLANs) 802.1Q VLAN Tagging ■ The VLANs assigned to ports X4 - X6, Y2 - Y5 can all be untagged because there is only one VLAN assigned per port. ■ Port X1 has two AppleTalk VLANs assigned, which means that one VLAN assigned to this port can be untagged and the other must be tagged. ■ Ports X2 and Y1 have two port-based VLANs assigned, so one can be untagged and the other must be tagged on both ports. ■ Ports X3 and Y6 have two port-based VLANs and one protocol-based VLAN assigned.
Static Virtual LANs (VLANs) Special VLAN Types Special VLAN Types VLAN Support and the Default VLAN In the factory default configuration, VLAN support is enabled and all ports on the switch belong to the port-based, default VLAN (named DEFAULT_VLAN). This places all ports in the switch into one physical broadcast domain. In the factory-default state, the default VLAN is also the Primary VLAN.
Static Virtual LANs (VLANs) Special VLAN Types ■ Any ports not specifically assigned to another VLAN will remain assigned to the Default VLAN, regardless of whether it is the Primary VLAN. Candidates for Primary VLAN include any static, port-based VLAN currently configured on the switch. (Protocol-Based VLANs and dynamic—GVRPlearned—VLANs that have not been converted to a static VLAN cannot be the Primary VLAN.) To display the current Primary VLAN, use the CLI show vlan command.
Static Virtual LANs (VLANs) Special VLAN Types • Switches “A”, “B”, and “C” are connected by ports belonging to the management VLAN. • Hub “X” is connected to a switch port that belongs to the management VLAN. As a result, the devices connected to Hub X are included in the management VLAN. • Other devices connected to the switches through ports that are not in the management VLAN are excluded from management traffic.
Static Virtual LANs (VLANs) Special VLAN Types Links with Ports Configured as Members of the Management VLAN and other VLANs Switch A Switch B Switch C 3 Port A1 Port A3 Port A6 Port A7 Port B2 Port B4 Port B5 Port B9 Port C2 Port C3 Port C6 Port C8 4 Server Server System Server (on the DEFAULT_VLAN) Marketing Links Not Belonging to the Management VLAN 1 System Management Workstation Shipping Server 2 Figure 2-30. Example of Management VLAN Control in a LAN Table 2-5.
Static Virtual LANs (VLANs) Special VLAN Types 4. Note Test the management VLAN from all of the management stations authorized to use the Management VLAN, including any SNMP-based network management stations. Ensure that you include testing any Management VLAN links between switches.
Static Virtual LANs (VLANs) Special VLAN Types Using DHCP to Obtain an IP Address You can use DHCP to obtain an IPv4 address for your Management VLAN or a client on that VLAN. The following examples illustrate when an IP address will be received from the DHCP server. 1. If Blue_VLAN is configured as the Management VLAN and the DHCP server is also on Blue_VLAN, Blue_VLAN receives an IP address.
Static Virtual LANs (VLANs) Special VLAN Types 2. If Red_VLAN is configured as the Management VLAN and the DHCP server is on Blue_VLAN, Blue_VLAN receives an IP address but Red_VLAN does not. See figure 2-33. DHCP Server Red_VLAN is Management VLAN - does not receive IP address Blue_VLAN receives IP address Red_VLAN Blue_VLAN Figure 2-33. Example of DHCP Server on Different VLAN from the Management VLAN 3. If no Management VLAN is configured, both Blue_VLAN and Red_VLAN receive IP addresses.
Static Virtual LANs (VLANs) Special VLAN Types 4. If Red_VLAN is configured as the Management VLAN and the client is on Red_VLAN, but the DHCP server is on Blue_VLAN, the client will not receive an IP address. See figure 2-35. DHCP Server Red_VLAN is the Management VLAN and the client is on Red_VLAN. The DHCP server is on Blue_VLAN. The client does not receive an IP address. Red_VLAN Client Blue_VLAN Figure 2-35. Example of Client on Different Management VLAN from DHCP Server 5.
Static Virtual LANs (VLANs) Special VLAN Types Deleting the Management VLAN You can disable the Secure Management feature without deleting the VLAN itself. For example, either of the following commands disables the Secure Management feature in the above example: ProCurve (config)# no management-vlan 100 ProCurve (config)# no management-vlan my_vlan Operating Notes for Management VLANs Note ■ Use only a static, port-based VLAN for the Management VLAN.
Static Virtual LANs (VLANs) Special VLAN Types ■ Monitoring Shared Resources: The Management VLAN feature shares internal switch resources with several other features. The switch provides ample resources for all features. However, if the internal resources become fully subscribed, the Management VLAN feature cannot be configured until the necessary resources are released from other uses.
Static Virtual LANs (VLANs) Effect of VLANs on Other Switch Features Components of Voice VLAN Operation ■ Voice VLAN(s): Configure one or more voice VLANs on the switch.
Static Virtual LANs (VLANs) Effect of VLANs on Other Switch Features instance operation, physically redundant links belonging to different VLANs can remain open. Refer to chapter 4, “Multiple Instance Spanning-Tree Operation” . Note that Spanning Tree operates differently in different devices. For example, in the (obsolete, non-802.1Q) ProCurve Switch 2000 and the ProCurve Switch 800T, Spanning Tree operates on a per-VLAN basis, allowing redundant physical links as long as they are in separate VLANs.
Static Virtual LANs (VLANs) VLAN Restrictions monitor port is assigned, refer to the section titled “VLAN-Related Problems” in the “Troubleshooting” appendix of the Management and Configuration Guide for your switch. Jumbo Packet Support Jumbo packet support is enabled per-VLAN and applies to all ports belonging to the VLAN. For more information, refer to the chapter titled “Port Traffic Controls” in the Management and Configuration Guide for your switch.
3 GVRP Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3 General Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4 Per-Port Options for Handling GVRP “Unknown VLANs” . . . . . . . . 3-7 Per-Port Options for Dynamic VLAN Advertising and Joining . . . .
GVRP Overview Overview This chapter describes GVRP and how to configure it with the switch’s builtin interfaces, and assumes an understanding of VLANs, which are described in chapter 2, “Static Virtual LANs (VLANs)” .
GVRP Introduction Introduction Feature Default view GVRP configuration n/a list static and dynamic VLANs on a GVRP-enabled switch n/a Menu CLI Web page 3-13 page 3-14 page 3-18 page 3-16 page 3-18 page 3-18 — enable or disable GVRP disabled page 3-13 page 3-15 enable or disable GVRP on individual ports enabled page 3-13 page 3-15 control how individual ports handle advertisements for new VLANs Learn page 3-13 page 3-15 convert a dynamic VLAN to a static VLAN n/a configure stati
GVRP General Operation convert it to a static VLAN or allow it to continue as a dynamic VLAN for as long as needed. You can also use GVRP to dynamically enable port membership in static VLANs configured on a switch. Note: On the switches covered in this guide, GVRP can be enabled only if max vlans is set to no more than 256 VLANs.
GVRP General Operation Operating Note: When a GVRP-aware port on a switch learns a VID through GVRP from another device, the switch begins advertising that VID out all of its ports except the port on which the VID was learned. 2. Port 1 receives advertiseCore switch with static VLANs (VID= 1, 2, & 3). Port 2 ment of VIDs 1, 2, & 3 AND is a member of VIDs 1, 2, & 3. becomes a member of VIDs 1, 2, & 3. 1. Port 2 advertises VIDs 1, 2, 3. Port 3 advertises VIDs 1, 2, & 3.
GVRP General Operation Switch “C” GVRP On Switch “A” GVRP On 1 5 Tagged VLAN 22 11 Tagged VLAN 33 Switch “B” (No GVRP) Switch “C”: Port 5 dynamically joins VLAN 22. Ports 11 and 12 belong to Tagged VLAN 33. Switch “D” GVRP On Tagged VLAN 22 2 12 3 6 Switch “E” GVRP On 7 Switch “E”: Port 2 dynamically joins VLANs 22 and 33. Port 7 dynamically joins VLANs 33 and 22. Switch “D”: Port 3 dynamically joins VLANs 22 and 33. Port 6 dynamically joins VLAN 22 and 33. Figure 3-2.
GVRP Per-Port Options for Handling GVRP “Unknown VLANs” ■ Send VLAN advertisements, and also receive advertisements for VLANs on other ports and dynamically join those VLANs. ■ Send VLAN advertisements, but ignore advertisements received from other ports. ■ Avoid GVRP participation by not sending advertisements and dropping any advertisements received from other devices. IP Addressing. A dynamic VLAN does not have an IP address, and moves traffic on the basis of port membership in VLANs.
GVRP Per-Port Options for Handling GVRP “Unknown VLANs” Table 3-1. Options for Handling “Unknown VLAN” Advertisements: Unknown VLAN Operation Mode Learn (the Default) Enables the port to become a member of any unknown VLAN for which it receives an advertisement. Allows the port to advertise other VLANs that have at least one other port on the same switch as a member. Block Prevents the port from joining any new dynamic VLANs for which it receives an advertisement.
GVRP Per-Port Options for Dynamic VLAN Advertising and Joining Per-Port Options for Dynamic VLAN Advertising and Joining Initiating Advertisements. As described in the preceding section, to enable dynamic joins, GVRP must be enabled and a port must be configured to Learn (the default). However, to send advertisements in your network, one or more static (Tagged, Untagged, or Auto) VLANs must be configured on one or more switches (with GVRP enabled), depending on your topology.
GVRP Per-Port Options for Dynamic VLAN Advertising and Joining Table 3-2. Controlling VLAN Behavior on Ports with Static VLANs Per-Port Static VLAN Options—Per VLAN Specified on Each Port 1 “Unknown VLAN” Port Activity: Port Activity: Port Activity: Forbid (Per VLAN)2 2 2 (GVRP) (Per VLAN) Auto Tagged or Untagged (Per VLAN) Configuration Learn (the Default) The port: • Belongs to specified VLAN. • Advertises specified VLAN. • Can become a member of dynamic VLANs for which it receives advertisements.
GVRP GVRP and VLAN Access Control As the preceding table indicates, when you enable GVRP, a port that has a Tagged or Untagged static VLAN has the option for both generating advertisements and dynamically joining other VLANs. Note In table 3-2, above, the Unknown VLAN parameters are configured on a perport basis using the CLI. The Tagged, Untagged, Auto, and Forbid options are configured per static VLAN on every port, using either the menu interface or the CLI.
GVRP Planning for GVRP Operation ■ Disable GVRP ■ Reboot the switch The time-to-live for dynamic VLANs is 10 seconds. That is, if a port has not received an advertisement for an existing dynamic VLAN during the last 10 seconds, the port removes itself from that dynamic VLAN. Planning for GVRP Operation These steps outline the procedure for setting up dynamic VLANs for a segment. 3-12 1. Determine the VLAN topology you want for each segment (broadcast domain) on your network. 2.
GVRP Configuring GVRP On a Switch Configuring GVRP On a Switch The procedures in this section describe how to: ■ View the GVRP configuration on a switch ■ Enable and disable GVRP on a switch ■ Specify how individual ports will handle advertisements To view or configure static VLANs for GVRP operation, refer to “Per-Port Static VLAN Configuration Options” on page 2-12. Menu: Viewing and Configuring GVRP 1. From the Main Menu, select: 2. Switch Configuration … 8. VLAN Menu … 1.
GVRP Configuring GVRP On a Switch ===========================-TELNET- MANAGER MODE -============================ The Unknown VLAN Switch Configuration - VLAN - VLAN Support fields enable you to configure each port to: Maximum VLANs to support [8] : 8 – Learn - Dynamically Primary VLAN : DEFAULT_VLAN join any advertised GVRP Enabled [No] : Yes VLAN and advertise all VLANs learned Port Type Unknown VLAN Join Leave Leaveall through other ports.
GVRP Configuring GVRP On a Switch ProCurve (config)# show gvrp GVRP support Maximum VLANs to support [8] : 8 Primary VLAN : DEFAULT_VLAN GVRP Enabled [No] : No Figure 3-6. Example of “Show GVRP” Listing with GVRP Disabled ProCurve (config)# show gvrp GVRP support Maximum VLANs to support [8] : 8 Primary VLAN : DEFAULT_VLAN GVRP Enabled [No] : Yes Port ---D1 D2 D3 D4 . . . X2 C1 Type --------1000X 1000X 1000X 1000X . . .
GVRP Configuring GVRP On a Switch Syntax: interface < port-list > unknown-vlans < learn | block | disable > Changes the Unknown VLAN field setting for the specified port(s). For example, to change and view the configuration for ports A1-A2 to Block: ProCurve (config)# interface d1-d2 unknown-vlans block ProCurve (config)# show gvrp GVRP support Maximum VLANs to support [8] : 8 Primary VLAN : DEFAULT_VLAN GVRP Enabled [No] : Yes Port ---D1 D2 . . . X2 C1 Type --------1000X 1000X . . .
GVRP Configuring GVRP On a Switch Switch “A” Switch “B” GVRP enabled. GVRP enabled. 1 Static VLANs: 3 Static VLANs: Port 1: Set to “Learn” Mode – DEFAULT_VLAN – VLAN-100 – VLAN-200 – DEFAULT_VLAN The show vlans command lists the dynamic (and static) VLANs in switch “B” after it has learned and joined VLAN-100 and VLAN-200.
GVRP GVRP Operating Notes Web: Viewing and Configuring GVRP To view, enable, disable, or reconfigure GVRP: 1. Click on the Configuration tab. 2. Click on [VLAN Configuration] and do the following: • To enable or disable GVRP, click on GVRP Enabled. • To change the Unknown VLAN field for any port: i. Click on [GVRP Security] and make the desired changes. ii. Click on [Apply] to save and implement your changes to the Unknown VLAN fields.
GVRP GVRP Operating Notes ■ Rebooting a switch on which a dynamic VLAN exists deletes that VLAN. However, the dynamic VLAN re-appears after the reboot if GVRP is enabled and the switch again receives advertisements for that VLAN through a port configured to add dynamic VLANs. ■ By receiving advertisements from other devices running GVRP, the switch learns of static VLANs on those other devices and dynamically (automatically) creates tagged VLANs on the links to the advertising devices.
4 Multiple Instance Spanning-Tree Operation Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3 802.1s Multiple Spanning Tree Protocol (MSTP) . . . . . . . . . . . . . . . . 4-6 MSTP Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-7 How MSTP Operates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-9 MST Regions . . . . . . . . . . . . . . . . .
Multiple Instance Spanning-Tree Operation Contents How to Save Your Current Configuration . . . . . . . . . . . . . . . . . . . 4-47 Displaying MSTP Statistics and Configuration . . . . . . . . . . . . . . . . . 4-49 Displaying Global MSTP Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-50 Displaying Detailed Port Information . . . . . . . . . . . . . . . . . . . . . . 4-52 Displaying Status for a Specific MST Instance . . . . . . . . . . . . . . .
Multiple Instance Spanning-Tree Operation Overview Overview The switches covered in this guide, use the IEEE 802.1s Multiple Spanning Tree Protocol (MSTP) standard. MSTP Features 802.
Multiple Instance Spanning-Tree Operation Overview Multiple-Instance spanning tree operation (802.1s) ensures that only one active path exists between any two nodes in a spanning-tree instance. A spanning-tree instance comprises a unique set of VLANs, and belongs to a specific spanning-tree region. A region can comprise multiple spanning-tree instances (each with a different set of VLANs), and allows one active path among regions in a network.
Multiple Instance Spanning-Tree Operation Overview The logical and physical topologies resulting from these VLAN/Instance groupings result in blocking on different links for different VLANs: Region “A”: Logical Topology Path blocked for VLANs in instance 2.
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) 802.1s Multiple Spanning Tree Protocol (MSTP) The 802.1D and 802.1w spanning tree protocols operate without regard to a network’s VLAN configuration, and maintain one common spanning tree throughout a bridged network. Thus, these protocols map one loop-free, logical topology on a given physical topology. The 802.
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) In a mesh environment, the default MSTP timer settings (Hello Time and Forward Delay) are usually adequate for MSTP operation. Because a packet crossing a mesh may traverse several links within the mesh, using smallerthan-default settings for the MSTP Hello Time and Forward Delay timers can cause unnecessary topology changes and end-node connectivity problems.
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Common and Internal Spanning Tree (CIST): The CIST identifies the regions in a network and administers the CIST root bridge for the network, the root bridge for each region, and the root bridge for each spanning-tree instance in each region. Common Spanning Tree (CST): The CST administers the connectivity among the MST regions, STP LANs, and RSTP LANs in a bridged network.
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) MSTI must initially exist in the IST instance of the same MST region. When you assign a static VLAN to an MSTI, the switch removes the VLAN from the IST instance. (Thus, you can assign a VLAN to only one MSTI in a given region.) All VLANs in an MSTI operate as part of the same single spanning tree topology. (The switch does not allow dynamic VLANs in an MSTI.
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Between regions there is a single, active spanning-tree topology. How Separate Instances Affect MSTP Operation. Assigning different groups of VLANs to different instances ensures that those VLAN groups use independent forwarding paths. For example, in figure 4-3 each instance has a different forwarding path.
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Within a region, traffic routed between VLANs in separate instances can take only one physical path. To ensure that traffic in all VLANs within a region can travel between regions, all of the boundary ports for each region should belong to all VLANs configured in the region. Otherwise, traffic from some areas within a region could be blocked from moving to other regions.
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) MSTP Operation with 802.1Q VLANs As indicated in the preceding sections, within a given MST instance, a single spanning tree is configured for all VLANs included in that instance. This means that if redundant physical links exist in separate VLANs within the same instance, MSTP blocks all but one of those links.
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Terminology BPDU — Acronym for bridge protocol data unit. BPDUs are data messages that are exchanged between the switches within an extended LAN that use a spanning tree protocol topology. BPDU packets contain information on ports, addresses, priorities and costs and ensure that the data ends up where it was intended to go. BPDU messages are exchanged across bridges to detect loops in a network topology.
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) MSTP BPDU (MSTP Bridge Protocol Data Unit): These BPDUs carry region-specific information, such as the region identifier (region name and revision number). If a switch receives an MSTP BPDU with a region identifier that differs from its own, then the port on which that BPDU was received is on the boundary of the region in which the switch resides. MSTP Bridge: In this manual, an MSTP bridge is a switch (or another 802.
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Operating Rules ■ All switches in a region must be configured with the same set of VLANs, as well as the same MST configuration name and MST configuration number. ■ Within a region, a VLAN can be allocated to either a single MSTI or to the region’s IST instance. ■ All switches in a region must have the same VID-to-MST instance assignment. ■ There is one root MST switch per configured MST instance.
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) ■ If a port on a switch configured for MSTP receives a legacy (STP/802.1D or RSTP/802.1w) BPDU, it automatically operates as a legacy port. In this case, the MSTP switch interoperates with the connected STP or RSTP switch as a separate MST region. ■ Within an MST region, there is one logical forwarding topology per instance, and each instance comprises a unique set of VLANs.
Multiple Instance Spanning-Tree Operation Configuring MSTP Note on Path Cost RSTP and MSTP implement a greater range of path costs than 802.1D STP, and use different default path cost values to account for higher network speeds. These values are shown below. Port Type 802.1D STP Path Cost RSTP and MSTP Path Cost 10 Mbps 100 2 000 000 100 Mbps 10 200 000 1 Gbps 5 20 000 Because the maximum value for the path cost allowed by 802.
Multiple Instance Spanning-Tree Operation Configuring MSTP ■ Plan individual regions based on VLAN groupings. That is, plan on all MSTP switches in a given region supporting the same set of VLANs. Within each region, determine the VLAN membership for each spanning-tree instance. (Each instance represents a single forwarding path for all VLANs in that instance.
Multiple Instance Spanning-Tree Operation Configuring MSTP MSTP Configuration Overview This section describes the general steps for configuring MSTP via the CLI, assuming that you have already determined the VLANs you want MSTP to use (see “Planning an MSTP Application” on page 4-17). A description of each MSTP command syntax is provided in the following sections. 1. Configure MSTP global parameters.
Multiple Instance Spanning-Tree Operation Configuring MSTP 3. Configure MST instances. • Configure one instance for each VLAN group that you want to operate as an active topology within the region to which the switch belongs. When you create the instance, you must include a minimum of one VID. You can add more VIDs later if desired.
Multiple Instance Spanning-Tree Operation Configuring MSTP Configuring MSTP Operation Mode and Global Settings The commands in this section apply at the switch (global) level. For details of how to configure spanning tree settings on individual ports, see “Configuring MSTP Per-Port Parameters” on page 4-26.
Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: spanning-tree config-revision < revision-number > This command configures the revision number you designate for the MST region in which you want the switch to reside. This setting must be the same for all switches residing in the same region.
Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: spanning-tree forward-delay Sets time the switch waits between transitioning from listening to learning and from learning to forwarding states. (Range: 4 - 30; Default: 15.) Syntax: spanning-tree legacy-mode Sets spanning-tree protocol to operate in 802.1D legacy mode (STP-compatible). (Default: MSTP-operation.) The no form of the command returns the switch to the default 802.1s native mode (MSTP-operation).
Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: spanning-tree pending < apply | config-name | config-revision | instance | reset > Manipulates the pending MSTP configuration. The command is useful in test or debug applications, and enables rapid reconfiguration of the switch for changes in spanning-tree operation. apply: Apply pending MSTP configuration (swaps active and pending configurations).
Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: spanning-tree priority < priority-multiplier > Every switch running an instance of MSTP has a Bridge Identifier, which is a unique identifier that helps distinguish this switch from all others. The switch with the lowest Bridge Identifier is elected as the root for the tree. The Bridge Identifier is composed of a configurable Priority component (2 bytes) and the bridge’s MAC address (6 bytes).
Multiple Instance Spanning-Tree Operation Configuring MSTP Configuring MSTP Per-Port Parameters In an MSTP topology, you configure per-port parameters in the global configuration context. In most cases, ProCurve recommends that you use the default settings for these parameters and apply changes on a per-port basis only where a non-default setting is clearly indicated by the circumstances of individual links.
Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: [no] spanning-tree < port-list > auto-edge-port Supports the automatic identification of edge ports. The port will look for BPDUs for 3 seconds; if there are none it begins forwarding packets. If admin-edge-port is enabled for a port, the setting for auto-edge-port is ignored whether set to yes or no.
Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: spanning-tree < port-list > path-cost < auto | 1..200000000 > Assigns an individual port cost that the switch uses to determine which ports are forwarding ports in a given spanning tree. In the default configuration ( auto ) the switch determines a port’s path cost by the port’s type: – 10 Mbps: 2000000 – 100 Mbps: 200000 – 1 Gbps: 20000 Refer to “Note on Path Cost” on page 4-17 for information on compatibility with devices running 802.
Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: spanning-tree < port-list > priority < priority-multiplier > MSTP uses this parameter to determine the port(s) to use for forwarding. The port with the lowest priority number has the highest priority for use. The range is 0 to 240, and is configured by specifying a multiplier from 0 - 15.
Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: spanning-tree < port-list > tcn-guard When tcn-guard is enabled for a port, it causes the port to stop propagating received topology change notifications and topology changes to other ports. (Default: No - disabled) Configuring BPDU Filtering The STP BPDU filter feature allows control of spanning-tree participation on a per-port basis. It can be used to exclude specific ports from becoming part of spanning tree operations.
Multiple Instance Spanning-Tree Operation Configuring MSTP For example, to configure BPDU filtering on port a9, enter: ProCurve(config)# spanning-tree a9 bpdu-filter Viewing BPDU Filtering. The spanning-tree show < port> configuration command displays the BPDU’s filter state. ProCurve(config)# show spanning-tree a9 config ...
Multiple Instance Spanning-Tree Operation Configuring MSTP STP Domain SNMP Trap Management Station SNMP Trap SNMP Trap Switch Event Log: port X is disable by STP BPDU protection Fake STP BPDU End User Figure 4-7. Example of BPDU Protection Enabled at the Network Edge The following commands allow you to configure BPDU protection.
Multiple Instance Spanning-Tree Operation Configuring MSTP Example. To configure BPDU protection on ports 1 to 10 with SNMP traps enabled, enter: ProCurve(config)# spanning-tree 1-10 bpdu protection ProCurve(config)# spanning-tree trap errant-bpdu The following steps will then be set in process: Note 1. When an STP BPDU packet is received on ports 1-10, STP treats it as an unauthorized transmission attempt and shuts down the port that the BPDU came in on. 2.
Multiple Instance Spanning-Tree Operation Configuring MSTP BPDU protected ports are displayed as separate entries of the spanning tree category within the configuration file. ProCurve(config)# show configuration . . . Rows showing ports with BPDU protection enabled spanning-tree spanning-tree A1 bpdu-protection spanning-tree C7 bpdu-protection spanning-tree Trk2 priority 4 . . . Figure 4-9.
Multiple Instance Spanning-Tree Operation Configuring MSTP Configuring MST Instance Parameters When you enable MSTP on the switch, a spanning tree instance is enabled automatically. The switch supports up to sixteen configurable MST instances for each VLAN group that you want to operate as an active topology within the region to which the switch belongs. When creating an instance, you must include a minimum of one VID. You can add more VIDs later if desired. Command Page [no] spanning-tree instance < 1..
Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: [no] spanning-tree instance < 1..16 > vlan < vid [ vid..vid ] > no spanning-tree instance < 1..16 > — Continued — Note: The valid VLAN IDs that you can map to a specified MSTI are from 1 to 4094. The VLAN ID-to-MSTI mapping does not require a VLAN to be already configured on the switch. The MSTP VLAN enhancement allows you to preconfigure MSTP topologies before the VLAN IDs associated with each instance exist on a switch.
Multiple Instance Spanning-Tree Operation Configuring MSTP Configuring MST Instance Per-Port Parameters Command Page spanning-tree instance < 1..16 > < port-list > path-cost < auto | 1..200000000 > 4-37 spanning-tree instance < 1..16 > < port-list > priority < priority-multiplier > 4-38 spanning-tree < port-list > priority < priority-multiplier > 4-39 Syntax: spanning-tree instance < 1..16 > < port-list > path-cost < auto | 1..
Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: spanning-tree instance < 1..16 >< port-list > priority This command sets the priority for the specified port(s) in the specified MST instance. (For a given port, the priority setting can be different for different MST instances to which the port may belong.) The priority range for a port in a given MST instance is 0-255. However, this command specifies the priority as a multiplier (0 - 15 ) of 16.
Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: spanning-tree < port-list > priority < priority-multiplier > This command sets the priority for the specified port(s) for the IST (that is, Instance 0) of the region in which the switch resides. The “priority” component of the port’s “Port Identifier” is set. The Port Identifier is a unique identifier that helps distinguish this switch’s ports from all others.
Multiple Instance Spanning-Tree Operation Configuring MSTP Enabling or Disabling Spanning Tree Operation This command enables or disables spanning tree operation for any spanning tree protocol enabled on the switch. Before using this command to enable spanning tree, ensure that the version you want to use is active on the switch.
Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: [no] spanning-tree pending < apply | config-name | config-revision | instance | reset > This command exchanges the currently active MSTP configuration with the current pending MSTP configuration. Options are as follows: apply: Exchanges the currently active MSTP configuration with the pending MSTP configuration. config-name: Specifies the pending MST region name. Must be the same for all MSTP switches in the region.
Multiple Instance Spanning-Tree Operation Configuring MSTP 7. To review your pending configuration, use the show spanning-tree pending command (see page 4-57). 8. To exchange the currently active MSTP configuration with the pending MSTP configuration, use the spanning-tree pending apply command.
Multiple Instance Spanning-Tree Operation Configuring MSTP ■ Flexibility: By preconfiguring identical VLAN ID-to-MSTI mappings on all switches in an MST region, you can combine switches that support different maximum numbers of VLANs. ■ Network stability: You can reduce the interruptions in network connectivity caused by the regeneration of spanning trees in the entire network each time a configuration change in VLAN-to-MSTI mapping is detected on a switch.
Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: [no] spanning-tree instance < 1..16 > vlan < vid [ vid..vid ] > no spanning-tree instance < 1..16 > Configuring MSTP on the switch automatically configures the IST instance and places all statically and dynamically configured VLANs on the switch into the IST instance. This command creates a new MST instance (MSTI) and moves the VLANs you specify from the IST to the MSTI. You must map at least one VLAN to an MSTI when you create it.
Multiple Instance Spanning-Tree Operation Configuring MSTP On other ProCurve switches, only the VLANs that are present will be included, that is, only VLANs 1, 5, and 7 would be included. The switch will map these VLANs to MSTP Instance 1, which results in a Configuration Digest that is not the same as the Configuration Digest for the switches running this enhancement. (See Figure 4-10 and Figure 4-11) Figure 4-10 shows an example of an MSTP instance configured with the VLAN range option.
Multiple Instance Spanning-Tree Operation Configuring MSTP Operating Notes for the VLAN Configuration Enhancement ■ Configuring MSTP on the switch automatically configures the Internal Spanning Tree (IST) instance and places all statically and dynamically configured VLANs on the switch into the IST instance. The spanning-tree instance vlan command creates a new MST instance and moves the VLANs you specify from the IST to the MSTI. You must map a least one VLAN ID to an MSTI when you create it.
Multiple Instance Spanning-Tree Operation Configuring MSTP How to Save Your Current Configuration You can save your current configuration before updating to a new version of software by following these steps: 1. Enter the show config files command to display your current configuration files, as shown in Figure 4-12. ProCurve(config)# show config files Configuration files: id | act pri sec | name ---+-------------+-------------------1 | * * * | config1 2 | | config2 3 | | Figure 4-12.
Multiple Instance Spanning-Tree Operation Configuring MSTP ProCurve(config)# show flash Image Size(Bytes) Date Version -------------- -------- ------Primary Image : 6771179 04/17/08 Z.13.09 Secondary Image : 7408949 11/06/08 Z.14.01 Boot Rom Version: Z.12.12 Default Boot : Primary Build # ------304 123 Figure 4-14. Show Flash Command after Upgrading the Switch to a New Version of the Software (Z.12.51) 5. If you want to run the prior software version, Z.12.
Multiple Instance Spanning-Tree Operation Displaying MSTP Statistics and Configuration Displaying MSTP Statistics and Configuration Command Page MSTP Statistics: show spanning-tree [< port-list >] below show spanning-tree [< port-list >] detail 4-52 show spanning-tree instance < ist | 1..16 > 4-53 MSTP Configuration show spanning-tree [ port-list ] config 4-54 show spanning-tree [ port-list ] config instance < ist | 1..
Multiple Instance Spanning-Tree Operation Displaying MSTP Statistics and Configuration Displaying Global MSTP Status The following commands display the MSTP statistics for the connections between MST regions in a network. Syntax: show spanning-tree This command displays the switch’s global and regional spanning-tree status, plus the per-port spanning-tree operation at the regional level.
Multiple Instance Spanning-Tree Operation Displaying MSTP Statistics and Configuration ProCurve(config)# show spanning-tree Multiple Spanning Tree (MST) Information STP Enabled : Yes Force Version : MSTP-operation IST Mapped VLANs : 1,66 Switch MAC Address : 0004ea-5e2000 Switch Priority : 32768 Max Age : 20 Max Hops : 20 Forward Delay : 15 Topology Change Count : 0 Time Since Last Change : 2 hours CST CST CST CST Root Root Root Root MAC Address Priority Path Cost Port : : : : 00022d-47367f 0 4000000 A
Multiple Instance Spanning-Tree Operation Displaying MSTP Statistics and Configuration Displaying Detailed Port Information The following commands display the MSTP statistics for the connections between MST regions in a network. Syntax: show spanning-tree detail This command displays additional parameters concerning the common spanning tree (CST) ports. Syntax: show spanning-tree < port-list > detail This command displays detailed spanning-tree status for the designated port(s). .
Multiple Instance Spanning-Tree Operation Displaying MSTP Statistics and Configuration Displaying Status for a Specific MST Instance The following commands display the MSTP statistics for a specified MST instance. Syntax: show spanning-tree instance < ist | 1..16 > This command displays the MSTP statistics for either the IST instance or a numbered MST instance running on the switch. Syntax: show spanning-tree instance < ist | 1..
Multiple Instance Spanning-Tree Operation Displaying MSTP Statistics and Configuration Displaying the MSTP Configuration Displaying the Global MSTP Configuration. This command displays the switch’s basic and MST region spanning-tree configuration, including basic port connectivity settings. Syntax: show spanning-tree config The upper part of this output shows the switch’s global spanning-tree configuration that applies to the MST region.
Multiple Instance Spanning-Tree Operation Displaying MSTP Statistics and Configuration Displaying Per-Instance MSTP Configurations. These commands displays the per-instance port configuration and current state, along with instance identifiers and regional root data. Syntax: show spanning-tree config instance < ist | 1..16 > The upper part of this output shows the instance data for the specified instance. The lower part of the output lists the spanning-tree port settings for the specified instance.
Multiple Instance Spanning-Tree Operation Displaying MSTP Statistics and Configuration Displaying the Region-Level Configuration in Brief. This command output is useful for quickly verifying the allocation of VLANs in the switch’s MSTP configuration and for viewing the configured region identifiers. Syntax: show spanning-tree mst-config This command displays the switch’s regional configuration.
Multiple Instance Spanning-Tree Operation Displaying MSTP Statistics and Configuration Displaying the Pending MSTP Configuration. This command displays the MSTP configuration the switch will implement if you execute the spanning-tree pending apply command (Refer to “Enabling an Entire MST Region at Once or Exchanging One Region Configuration for Another” on page 4-40.) Syntax: show spanning-tree pending < instance | mst-config > instance < 1..16 | ist > Lists region, instance I.D.
Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration Troubleshooting an MSTP Configuration Command Page show spanning-tree root-history 4-58 show spanning-tree debug counters 4-61 show spanning-tree debug-counters instance < instance-id > 4-62 show spanning-tree debug-counters instance < instance-id > ports 4-64 This section describes the show spanning-tree commands that you can use to monitor, troubleshoot, and debug the operation of a multiple-instance spa
Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration ■ MST Instance (mst): Connects all static and (starting from release 13.x.x) dynamic VLANs assigned to a multiple spanning-tree instance. Syntax: show spanning-tree root-history > This command displays the change history for the root bridge in the specified MSTP topology.
Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration ProCurve(config)# show spanning-tree root-history cst Status and Counters - CST Root Changes History MST Instance ID : 0 Root Changes Counter : 2 Current Root Bridge ID : 32768:000883-024500 Root Bridge ID ------------------32768:000883-024500 36864:001279-886300 Date -------02/09/07 02/09/07 Time -------17:40:59 17:40:22 Identifies the root bridge of the common spanning tree in a bridged network that connects different MST
Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration Displaying Debug Counters for All MST Instances The show spanning-tree debug-counters command allows you to display the aggregate values of all MSTP debug counters that are maintained on a switch. These aggregate values are a summary of the information collected from all ports and from all spanning-tree instances that forward traffic on switch ports.
Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration Displaying Debug Counters for One MST Instance The show spanning-tree debug-counters instance command allows you to display the aggregate values of all MSTP debug counters maintained on a switch for a specified spanning-tree instance. These aggregate values are a summary of information collected from all ports that have VLANs assigned to the specified instance.
Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration ProCurve(config)# show spanning-tree debug-counters instance 0 Status and Counters - CIST Common Debug Counters Information MST Instance ID : 0 Counter Name --------------------------------Invalid BPDUs Errant BPDUs MST Config Error BPDUs Looped-back BPDUs Starved BPDUs Exceeded Max Age BPDUs Exceeded Max Hops BPDUs Topology Changes Detected Topology Changes Tx Topology Changes Rx Topology Change ACKs Tx Topology Change ACKs Rx
Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration Displaying Debug Counters for Ports in an MST Instance The show spanning-tree debug-counters instance ports command allows you to display the aggregate values of all MSTP debug counters maintained on one or more ports used by a specified spanning-tree instance. These aggregate values are a summary of information collected from the specified ports that have VLANs assigned to the specified instance.
Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration ProCurve(config)# show spanning-tree debug-counters instance 0 ports a15 Status and Counters - CIST Port(s) Debug Counters Information MST Instance ID : 0 Port : A15 Counter Name --------------------------Invalid BPDUs Errant BPDUs MST Config Error BPDUs Looped-back BPDUs Starved BPDUs Exceeded Max Age BPDUs Exceeded Max Hops BPDUs Topology Changes Detected Topology Changes Tx Topology Changes Rx Topology Change ACKs Tx Topolog
Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration ProCurve(config)# show spanning-tree debug-counters instance 2 ports a15 Status and Counters - MSTI Port(s) Debug Counters Information MST Instance ID : 2 Port : A15 Counter Name --------------------------Starved MSTI MSGs Exceeded Max Hops MSTI MSGs Topology Changes Detected Topology Changes Tx Topology Changes Rx MSTI MSGs Tx MSTI MSGs Rx Value ---------0 0 1 3 2 5 173489 Last Updated ----------------02/09/07 02/09/07 02/09
Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration Field Description MST Config Error BPDUs Number of BPDUs received from a neighbor bridge with inconsistent MST configuration information.
Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration Field Description Exceeded Max Hops MSTI MSGs Number of times that an MSTI MSG packet is received from a bridge internal to the MST region with an MSTI Remaining Hops value less than or equal to 1.
Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration Field Description RST BPDUs Tx Number of (802.1w) RST BPDUs that are transmitted through the port. This counter is maintained by the CIST (default MST instance 0) on a per-port basis. RST BPDUs Rx Number of (802.1w) RST BPDUs that are received on the port. This counter is maintained by the CIST (default MST instance 0) on a per-port basis. MST BPDUs Tx Number of (802.1s) MST BPDUs that are transmitted through the port.
Multiple Instance Spanning-Tree Operation Loop Protection Loop Protection In cases where spanning tree cannot be used to prevent loops at the edge of the network, loop protection may provide a suitable alternative. Unlike spanning tree, however, loop protection is not a comprehensive loop detection feature and should only be enabled on untagged edge ports, that is, ports that connect to unmanaged switches and/or clients at the edge of the network.
Multiple Instance Spanning-Tree Operation Loop Protection Configuring Loop Protection Loop protection provides protection against loops by transmitting loop protocol packets out of ports on which loop protection has been enabled. When the switch sends out a loop protocol packet and then receives the same packet on a port that has a receiver-action of send-disable configured, it shuts down the port from which the packet was sent. To enable loop protection: 1.
Multiple Instance Spanning-Tree Operation Loop Protection Notes ■ The receiver-action option can be configured on a per-port basis and can only be enabled after loop protection has been enabled on the port. All other configuration options (disable-timer, trap loop-detected, and transmit interval) are global. ■ The trap option refers to a SNMP trap. ■ Regardless of how the receiver-action and trap options are configured, all detected loops will be logged in the switch’s event log.
5 Quality of Service (QoS): Managing Bandwidth More Effectively Contents Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7 Classifiers for Prioritizing Outbound Packets . . . . . . . . . . . . . . . . . . .
Quality of Service (QoS): Managing Bandwidth More Effectively Contents Error Messages caused by DSCP Policy Changes . . . . . . . . . . . . 5-36 Example of Changing the Priority Setting on a Policy When One or More Classifiers Are Currently Using the Policy . 5-37 QoS Queue Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-40 QoS Operating Notes and Restrictions . . . . . . . . . . . . . . . . . . . . . . . . 5-41 IP Multicast (IGMP) Interaction with QoS . . . . . . .
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Introduction QoS Feature Default Page Reference IP Type-of-Service Priority Disabled page 5-15 Source-Port Priority Disabled page 5-27 DSCP Policy Table Various page 5-33 Queue Configuration 4 Queues page 5-40 As the term suggests, network policy refers to the network-wide controls you can implement to: ■ Ensure uniform and efficient traffic handling throughout your network, while keeping the most important traffic m
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Edge Switch Classify inbound traffic on these Class-ofService (CoS) types: • IP-device (address) • Source-Port Apply 802.1p priority to selected outbound traffic on tagged VLANs. ■ Upgrade or downgrade traffic from various servers. ■ Control the priority of traffic from dedicated VLANs or applications. ■ Change the priorities of traffic from various segments of your network as your business needs change.
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction QoS is implemented in the form of rules or policies that are configured on the switch. While you can use QoS to prioritize only the outbound traffic while it is moving through the switch, you derive the maximum benefit by using QoS in an 802.1Q VLAN environment (with 802.
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Terminology Term Use in This Document 802.1p priority A traffic priority setting carried by a VLAN-tagged packet moving from one device to another through ports that are tagged members of the VLAN to which the packet belongs. This setting can be from 0 7. The switch handles an outbound packet on the basis of its 802.1p priority.
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Term Use in This Document outbound port queue For any port, a buffer that holds outbound traffic until it can leave the switch through that port. By default, there are eight outbound queues for each port in the switch. Queue 8 is the highest priority queue; queue 1 is the lowest priority queue. Traffic in a port’s high priority queue leaves the switch before any traffic in the port’s medium or low priority queues.
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction A QoS configuration enables you to set the outbound priority queue to which a packet is sent. (In an 802.1Q VLAN environment with VLANtagged ports, if QoS is not configured on the switch, but is configured on an upstream device, the priorities carried in the packets determine the forwarding queues in the switch.
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction You can configure a QoS priority of 0 through 3 for an outbound packet. When the packet is then sent to a port, the QoS priority determines which outbound queue the packet uses: Table 5-2.
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Classifiers for Prioritizing Outbound Packets Note On Using Multiple Criteria ProCurve recommends that you configure a minimum number of the available QoS classifiers for prioritizing any given packet type. Increasing the number of active classifier options for a packet type increases the complexity of the possible outcomes and consumes switch resources.
Quality of Service (QoS): Managing Bandwidth More Effectively Preparation for Configuring QoS Preparation for Configuring QoS Preserving 802.1p Priority QoS operates in VLAN-tagged and VLAN-untagged environments. If your network does not use multiple VLANs, you can still implement the 802.1Q VLAN capability for packets to carry their 802.1p priority to the next downstream device. To do so, configure ports as VLAN-tagged members on the links between switches and routers in your network infrastructure.
Quality of Service (QoS): Managing Bandwidth More Effectively Preparation for Configuring QoS 2. Select the QoS option you want to use. Table 5-6 lists the traffic types (QoS classifiers) and the QoS options you can use for prioritizing or setting a policy on these traffic types: Table 5-6. Applying QoS Options to Traffic Types Defined by QoS Classifiers QoS Options for Prioritizing Outbound Traffic QoS Classifiers IP-ToS IPSource Precedence DiffServ -Port Option 1: Configure80 2.
Quality of Service (QoS): Managing Bandwidth More Effectively Preparation for Configuring QoS Viewing the QoS Configuration The following show commands are available on the switches covered in this guide. Examples of the show qos output are included with the example for each priority type. Syntax: show qos < priority-classifier > dscp-map Show mappings between DSCP policy and 802.1p priority. port-priority Displays the current source-port priority configuration. Refer to figure 5-11 on page 5-28.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic Using QoS Classifiers to Configure Quality of Service for Outbound Traffic QoS Feature Note 5-14 Default Reference IP Type-of-Service Priority Disabled page 5-15 Source-Port Priority Disabled page 5-27 In addition to the information in this section on the various QoS classifiers, refer to “QoS Operating Notes and Restrictions” on page 5-41.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic QoS IP Type-of-Service (ToS) Policy and Priority QoS Classifier Precedence: 1 This feature applies only to IPv4 traffic and performs either of the following: ■ ToS IP-Precedence Mode: All IP packets generated by upstream devices and applications include precedence bits in the ToS byte.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic Assigning an 802.1p Priority to IPv4 Packets on the Basis of the ToS Precedence Bits If a device or application upstream of the switch sets the precedence bits in the ToS byte of IPv4 packets, you can use this feature to apply that setting for prioritizing packets for outbound port queues. If the outbound packets are in a tagged VLAN, this priority is carried as an 802.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic Assigning an 802.1p Priority to IPv4 Packets on the Basis of Incoming DSCP One of the best uses for this option is on an interior switch where you want to honor (continue) a policy set on an edge switch. That is, it enables you to select incoming packets having a specific DSCP and forward these packets with the desired 802.1p priority.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic Operating Notes Different applications may use the same DSCP in their IP packets. Also, the same application may use multiple DSCPs if the application originates on different clients, servers, or other devices.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic Disables direct 802.1p priority assignment to packets carrying the < codepoint > by reconfiguring the codepoint priority assignment in the DSCP table to No-override. Note that if this codepoint is in use as a DSCP policy for another diffserv codepoint, you must disable or redirect the other diffserv codepoint’s DSCP policy before you can disable or change the codepoint.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic Outbound IP packets with a DSCP of 000110 will have a priority of 7. Notice that codepoints 000000 and 001001 are named as DSCP policies by other codepoints (000001 and 000110 respectively). This means they are not available for changing to a different 802.1p priority. Figure 5-6. Example of a Type-of-Service Configuration Enabling Both Direct 802.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic Assigning a DSCP Policy on the Basis of the DSCP in IPv4 Packets Received from Upstream Devices The preceding section describes how to forward a policy set by an edge (or upstream) switch. This option changes a DSCP policy in an IPv4 packet by changing its IP ToS codepoint and applying the priority associated with the new codepoint.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic Disables all ToS classifier operation. Current ToS DSCP policies and priorities remain in the configuration and will become available if you re-enable ToS diff-services. Syntax: no qos type-of-service [diff-services < codepoint >] Deletes the DSCP policy assigned to the < codepoint > and returns the < codepoint > to the 802.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic The DSCPs for this example have not yet been assigned an 802.1p priority level. Figure 5-7. Display the Current DSCP-Map Configuration 2. Configure the policies in the DSCP table: Figure 5-8.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic 3. Assign the policies to the codepoints in the selected packet types. The specified DSCP policies overwrite the original DSCPs on the selected packets, and use the 802.1p priorities previously configured in the DSCP policies in step 2. Figure 5-9.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic a. Configure a specific DSCP with a specific priority in an edge switch. b. Configure the switch to mark a specific type of inbound traffic with that DSCP (and thus create a policy for that traffic type). c. Configure the internal switches in your LAN to honor the policy.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic Table 5-7. How the Switch Uses the ToS Configuration ToS Option: Outbound Port 802.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic QoS Source-Port Priority QoS Classifier Precedence: 2 The QoS source-port option enables you to use a packet’s source-port on the switch as a QoS classifier.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic Syntax: no interface < port-list > qos Disables use of the specified source-port(s) for QoS classifier(s) and resets the priority for the specified source-port(s) to No-override. Syntax: show qos port-priority Lists the QoS port-priority classifiers with their priority data.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic If you then decided to remove port A1 from QoS prioritization: In this instance, No-override indicates that port A1 is not prioritized by QoS. Figure 5-12. Returning a QoS-Prioritized VLAN to “No-override” Status Assigning a DSCP Policy Based on the Source-Port This option assigns a previously configured DSCP policy (codepoint and 802.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic 3. Note Configure the DSCP policy by using qos dscp-map to configure the priority for each codepoint. (For details, refer to the example later in this section and to “Differentiated Services Codepoint (DSCP) Mapping” on page 5-33.) A codepoint must have an 802.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic For example, suppose you wanted to assign this set of priorities: Source-Port DSCP Priority A2 000111 7 B1-B3 000101 5 B4, C2 000010 1 1. Determine whether the DSCPs already have priority assignments, which could indicate use by existing applications.
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers to Configure Quality of Service for Outbound Traffic 3. Assign the DSCP policies to the selected source-ports and display the result. Figure 5-15. The Completed Source-Port DSCP-Priority Configuration Radius Override Field. During a client session authenticated by a RADIUS server, the server can impose a port priority that applies only to that client session.
Quality of Service (QoS): Managing Bandwidth More Effectively Differentiated Services Codepoint (DSCP) Mapping Differentiated Services Codepoint (DSCP) Mapping The DSCP Policy Table associates an 802.1p priority with a specific ToS byte codepoint in an IPv4 packet. This enables you to set a LAN policy that operates independently of 802.1Q VLAN-tagging. In the default state, most of the 64 codepoints do not assign an 802.1p priority, as indicated by No-override in table 5-9 on page 5-34.
Quality of Service (QoS): Managing Bandwidth More Effectively Differentiated Services Codepoint (DSCP) Mapping Table 5-9. The Default DSCP Policy Table DSCP Policy 802.1p Priority DSCP Policy 802.
Quality of Service (QoS): Managing Bandwidth More Effectively Differentiated Services Codepoint (DSCP) Mapping For example, in the default configuration, the following codepoint settings are true: Codepoint Default Priority 001100 1 001101 No-override 001110 2 If you change all three settings to a priority of 3, and then execute write memory, the switch will reflect these changes in the show config listing: ProCurve (config)# qos dscp-map 001100 priority 3 ProCurve ProCurve ProCurve ProCurve (con
Quality of Service (QoS): Managing Bandwidth More Effectively Differentiated Services Codepoint (DSCP) Mapping Notes on Changing a Priority Setting If a QoS classifier is using a policy (codepoint and associated priority) in the DSCP Policy table, you must delete or change this usage before you can change the priority setting on the codepoint. Otherwise the switch blocks the change and displays this message: Cannot modify DSCP Policy < codepoint > - in use by other qos rules.
Quality of Service (QoS): Managing Bandwidth More Effectively Differentiated Services Codepoint (DSCP) Mapping Message Meaning Cannot modify DSCP Policy < codepoint > - in You have attempted to map a QoS classifier to use by other qos rules. a codepoint that is already in use by other QoS classifiers. Before remapping the codepoint to a new priority, you must reconfigure the other QoS classifiers so that they do not use this codepoint.
Quality of Service (QoS): Managing Bandwidth More Effectively Differentiated Services Codepoint (DSCP) Mapping These classifiers use the codepoint that is to be changed. ProCurve (config)# show qos dscp-map DSCP -> 802.p priority mappings NOTE: 'qos type-of- service diff-services' must be configured before DSCP is honored on inbound traffic. DSCP CodePoint -------------000000 000001 000010 000011 000100 000101 000110 000111 001000 DSCP Value ---------0 1 2 3 4 5 6 7 8 802.
Quality of Service (QoS): Managing Bandwidth More Effectively Differentiated Services Codepoint (DSCP) Mapping 2. Change the classifier configurations by assigning them to a different DSCP policy, or to an 802.1p priority, or to No-override. For example: a. Delete the policy assignment for the dscp-map classifier. (That is, assign it to No-override.) ProCurve(config)# no qos dscp-map 5 b. Create a new DSCP policy to use for re-assigning the remaining classifiers.
Quality of Service (QoS): Managing Bandwidth More Effectively QoS Queue Configuration QoS Queue Configuration By default, there are four priority queues or traffic classes. These are shared across all ports. This number cannot be reconfigured.
Quality of Service (QoS): Managing Bandwidth More Effectively QoS Operating Notes and Restrictions QoS Operating Notes and Restrictions QoS support based on packet type is shown below. Table 5-11. Details of Packet Criteria and Restrictions for QoS Support Packet Criteria or Restriction QoS Classifiers Device IP Type-of- Source Port Priority (IP Service Address) Incoming 802.
Quality of Service (QoS): Managing Bandwidth More Effectively QoS Operating Notes and Restrictions Table 5-12. Maximum QoS Entries. Switch Switch 6120 Software Version Maximum QoS Entries 250* Notes • Each device (IP address) QoS configuration uses two entries. • Each TCP/UDP port QoS configuration uses two entries. • All other classifier configurations use one entry each. *Configuring device (IP address) or TCP/UDP QoS entries reduces this maximum. See the “Notes” column.
Quality of Service (QoS): Managing Bandwidth More Effectively QoS Operating Notes and Restrictions IP Multicast (IGMP) Interaction with QoS IGMP high-priority-forward causes the switch to service the subscribed IP multicast group traffic at high priority, even if QoS on the switch has relegated the traffic to a lower priority. This does not affect any QoS priority settings, so the QoS priority is honored by downstream devices. However, QoS does take precedence over IGMP normal-priority traffic.
Index Numerics 802.1p priority (QoS) definition … 5-6 802.1Q VLAN tagging … 3-3 802.1w as a region … 4-16 A advertisement, GVRP definition … 3-3 B bandwidth effect of QoS … 5-1 bandwidth loss, spanning tree … 4-12 blocked link from STP operation … 4-12 blocked port from STP operation … 4-10 Bootp gateway ignored … 2-46 BPDU … 3-3 BPDU port protection See spanning-tree, 802.1s.
for menu interface … 1-6 for web browser interface … 1-7 G GARP See GVRP.
message VLAN already exists … 2-38 MSTI, configuration … 4-35 MSTP instance mapping … 4-43 preconfigure benefits … 4-42 preconfigure topology … 4-42 preconfigure vlans in instance … 4-43 saving current configuration … 4-47 See spanning-tree, 802.1s. vlan range option … 4-44 multiple forwarding database … 2-17 N non-routable VLAN … 2-53 O outbound port (QoS) definition … 5-6 outbound port queue (QoS) definition … 5-7 P path costs 802.1D STP versus RSTP and MSTP … 4-17 configuring 802.
blocked link … 4-12 blocked port … 4-10 broadcast storm … 4-3 enabling MSTP … 4-40 MSTP See spanning-tree, 802.1s VLAN effect on … 2-55 spanning-tree config-name … 4-43 config-revision … 4-43 instance vlan … 4-42, 4-43 root-history … 4-58 spanning-tree, 802.1s … 4-4, 4-6 802.1D and 802.1w connections … 4-16 802.1D as a region … 4-13, 4-16 802.1Q VLANs … 4-12 802.1s standard-compliant … 4-6 802.
MIB … 4-49 MST region See region. MSTI … 4-8, 4-15 MSTI root … 4-10 MSTI root, display change history … 4-58 MSTI, view status … 4-53 MSTP … 4-9 MSTP operation … 4-9 MSTP, view global configuration … 4-54 multiple spanning tree instance See MSTI override hello-time … 4-15 path cost, effect on 802.
definition … 5-7 V VID See VLAN.
VID, default VLAN … 2-45 voice … 2-5, 2-29, 2-30, 2-32, 2-55 voice, configuration … 2-36 voice, configuring … 2-28 voice, VLAN type … 2-13 web browser configuration … 2-39 See also GVRP. VLANs static, 802.1s spanning tree … 4-8 voice VLAN See VLAN. VoIP operating rules … 2-13 See also VLAN, voice.
and Technology for better business outcomes To learn more, visit www.hp.com/go/bladesystem/documentation/ © Copyright 2009 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty.