HP ProCurve Switch Software Management and Configuration Guide 2520 Switches Software version S.14.
HP ProCurve 2520 Switches November 2009 S.14.
© Copyright 2009 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change with out notice. All Rights Reserved. Disclaimer This document contains proprietary information, which is protected by copyright. No part of this document may be photocopied, reproduced, or translated into another language without the prior written consent of HewlettPackard.
Contents Product Documentation About Your Switch Manual Set . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix Printed Publications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix Electronic Publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix Software Feature Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xx 1 Getting Started Contents . . . . . . . . . . . . . . . . . . . . . . . . . . .
2 Selecting a Management Interface Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2 Understanding Management Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . 2-2 Advantages of Using the Menu Interface . . . . . . . . . . . . . . . . . . . . . . . . 2-3 Advantages of Using the CLI . . . . . . . . . . . . . .
4 Using the Command Line Interface (CLI) Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2 Accessing the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2 Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Security: Creating Usernames and Passwords in the Browser Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-8 Entering a User Name and Password . . . . . . . . . . . . . . . . . . . . . . 5-10 Using a User Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10 If You Lose the Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10 Online Help for the Web Browser Interface . . . . . . . . . . . . . . . . . . . .
Local Switch Software Replacement and Removal . . . . . . . . . . . . . . 6-16 Rebooting the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-18 Operating Notes about Booting . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-18 Boot and Reload Command Comparison . . . . . . . . . . . . . . . . . . . 6-19 Setting the Default Flash . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-20 Booting from the Default Flash (Primary or Secondary) . . . . . .
7 Interface Access and System Information Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2 Interface Access: Console/Serial Link, Web, and Inbound Telnet . 7-3 Menu: Modifying the Interface Access . . . . . . . . . . . . . . . . . . . . . . . . . . 7-4 CLI: Modifying the Interface Access . . . . . . . . . . . . . . . .
9 Time Protocols Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2 TimeP Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2 SNTP Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Flow Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-5 Broadcast Limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-5 Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-6 Configuring Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-7 CLI: Viewing Port Status and Configuring Port Parameters . . . . . . .
How Is Power Allocation Prioritized? . . . . . . . . . . . . . . . . . . . . . . 11-5 Configuring PoE Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-6 Disabling or Re-Enabling PoE Port Operation . . . . . . . . . . . . . . . . . . 11-6 Enabling Support for Pre-Standard Devices . . . . . . . . . . . . . . . . . . . . 11-6 Configuring the PoE Port Priority Level . . . . . . . . . . . . . . . . . . . . . . . 11-8 Controlling PoE Allocation . . . . . . . . . . . . . . . . . .
Trunk Group Operation Using the “Trunk” Option . . . . . . . . . . . . 12-26 How the Switch Lists Trunk Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-27 Outbound Traffic Distribution Across Trunked Links . . . . . . . . . 12-27 13 Configuring for Network Management Applications Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-1 Using SNMP Tools To Manage the Switch . . . . . . . . . . . . . . . . . . . . . .
LLDP-MED . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-37 Packet Boundaries in a Network Topology . . . . . . . . . . . . . . . . . . . . 13-37 Configuration Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-38 Options for Reading LLDP Information Collected by the Switch . . 13-40 LLDP and LLDP-MED Standards Compatibility . . . . . . . . . . . . . . . . 13-41 LLDP Operating Rules . . . . . . . . . . . . . . . . . . . . . . . . . .
Menu: TFTP Download from a Server to Primary Flash . . . . . . . A-4 CLI: TFTP Download from a Server to Flash . . . . . . . . . . . . . . . . A-7 Using Secure Copy and SFTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-9 How It Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-10 The SCP/SFTP Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-10 Disable TFTP and Auto-TFTP for Enhanced Security . . . . . . .
Copying Crash Data Content to a Destination Device . . . . . . . A-29 Copying Crash Log Data Content to a Destination Device . . . . A-30 B Monitoring and Analyzing Switch Operation Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-3 Status and Counters Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Web: Configuring Port Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . B-28 Locating a Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-28 C Troubleshooting Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-4 Troubleshooting Approaches . . . . . . . . . . . . . . .
Debug/Syslog Destination Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . C-32 Debug/Syslog Configuration Commands . . . . . . . . . . . . . . . . . . . . . . C-33 Configuring Debug/Syslog Operation . . . . . . . . . . . . . . . . . . . . . . . . . C-35 Displaying a Debug/Syslog Configuration . . . . . . . . . . . . . . . . . . C-36 Debug Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-38 Debug Messages . . . . . . . . . . . . . . . . . . . . . . .
DNS Resolver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-71 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-71 Basic Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-71 Configuring and Using DNS Resolution with DNS-Compatible Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . C-73 Configuring a DNS Entry . . . . . . . . . . . . . . . . . . . . . .
Product Documentation About Your Switch Manual Set Note For the latest version of all ProCurve switch documentation, including Release Notes covering recently added features, please visit the ProCurve Networking Web site at www.procurve.com, click on Support, and then click on Manuals. Printed Publications The publications listed below are printed and shipped with your switch. The latest version is also available in PDF format on the ProCurve Web site, as described in the Note at the top of this page.
Software Feature Index For the software manual set supporting your series 2520 switch models, this feature index indicates which manual to consult for information on a given software feature. Feature Management and Configuration Advanced Traffic Management Access Security Guide 802.1Q VLAN Tagging - X - 802.1p Priority X - - 802.
Feature Management and Configuration Advanced Traffic Management Access Security Guide File Transfers X - - Friendly Port Names X GVRP - X - IGMP - X - Interface Access (Telnet, Console/Serial, Web) X - - IP Addressing X - - LACP X - - Link X - - LLDP X - - LLDP-MED X Loop Protection X MAC Address Management X - - MAC Lockdown - - X MAC Lockout - - X MAC-based Authentication - - X Monitoring and Analysis X - - Multicast Filtering - X - Networ
Feature Management and Configuration Advanced Traffic Management Access Security Guide Quality of Service (QoS) - X - RADIUS Authentication and Accounting - - X Secure Copy X - - SFTP X - - SNMP X - - Software Downloads (SCP/SFTP, TFTP, Xmodem) X - - Spanning Tree (MSTP) - X - SSH (Secure Shell) Encryption - - X SSL (Secure Socket Layer) - - X Stack Management (Stacking) - X - Syslog X - - System Information X - - TACACS+ Authentication - - X Telnet Ac
1 Getting Started Contents Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Command Syntax Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Command Prompts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3 Screen Simulations . . . . . . . . . . . . . . . . .
Getting Started Introduction Introduction This guide is intended for use with the following switches: ■ HP ProCurve 2520-8-PoE Switch ■ HP ProCurve 2520-24-PoE Switch It describes how to use the command line interface (CLI), Menu interface, and web browser to configure, manage, monitor, and troubleshoot switch opera tion. For an overview of other product documentation for the above switches, refer to “Product Documentation” on page xi.
Getting Started Conventions ■ Braces within square brackets ( [ < > ] ) indicate a required element within an optional choice. ■ Boldface indicates use of a CLI command, part of a CLI command syntax, or other displayed element in general text. For example: “Use the copy tftp command to download the key from a TFTP server.” ■ Italics indicate variables for which you must supply a value when execut ing the command.
Getting Started Sources for More Information Keys Simulations of actual keys use a bold, sans-serif typeface with square brackets. For example, the Tab key appears as [Tab] and the “Y” key appears as [Y]. Sources for More Information For information about switch operation and features not covered in this guide, consult the following sources: ■ Note Feature Index—For information on which manual to consult for a given software feature, refer to the “Software Feature Index” on page xii.
Getting Started Sources for More Information • • • ■ Advanced Traffic Management Guide—Use this guide for information on topics such as: • ■ ■ port configuration, trunking, traffic control, and PoE operation SNMP, LLDP, and other network management topics file transfers, switch monitoring, troubleshooting, and MAC address management VLANs: Static port-based and protocol VLANs, and dynamic GVRP VLANs • spanning-Tree: 802.1D (STP), 802.1w (RSTP), and 802.
Getting Started Sources for More Information Getting Documentation From the Web To obtain the latest versions of documentation and release notes for your switch: 1. Go to the ProCurve Networking web site at www.procurve.com 2. Click on Support. 3. Click on Manuals. 4. Click on the product for which you want to view or download a manual. If you need further information on ProCurve switch technology, visit the ProCurve Networking web site at: www.procurve.
Getting Started Sources for More Information Command Line Interface If you need information on a specific command in the CLI, type the command name followed by help. For example: Figure 1-3. Example of CLI Help Web Browser Interface If you need information on specific features in the ProCurve Web Browser Interface (hereafter referred to as the “web browser interface”), use the online Help. You can access the Help by clicking on the Help text on top right side of any of the web browser interface screens.
Getting Started Need Only a Quick Start? Need Only a Quick Start? IP Addressing If you just want to give the switch an IP address so that it can communicate on your network, or if you are not using VLANs, ProCurve recommends that you use the Switch Setup screen to quickly configure IP addressing. To do so, do one of the following: ■ Enter setup at the CLI Manager level prompt. Procurve# setup ■ In the Main Menu of the Menu interface, select 8.
2 Selecting a Management Interface Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2 Understanding Management Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . 2-2 Advantages of Using the Menu Interface . . . . . . . . . . . . . . . . . . . . . . . . 2-3 Advantages of Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4 General Benefits . . . . . . . . . . . . . . . . . . . . . . . . .
Selecting a Management Interface Overview Overview This chapter describes the following: ■ Management interfaces for the switches covered in this guide ■ Advantages of using each interface Understanding Management Interfaces Management interfaces enable you to reconfigure the switch and to monitor switch status and performance.
Selecting a Management Interface Advantages of Using the Menu Interface To use ProCurve Manager or ProCurve Manager Plus, refer to the Getting Started Guide and the Administrator’s Guide, which are available electron ically with the software for these applications. For more information, visit the ProCurve Networking web site at www.procurve.com. Advantages of Using the Menu Interface Figure 2-1.
Selecting a Management Interface Advantages of Using the CLI ■ Enables Telnet (in-band) access to the menu functionality. ■ Allows faster navigation, avoiding delays that occur with slower display of graphical objects over a web browser interface. ■ Provides more security; configuration information and passwords are not seen on the network.
Selecting a Management Interface Advantages of Using the Web Browser Interface ■ To perform specific procedures (such as configuring IP addressing or VLANs), use the Contents listing at the front of the manual to locate the information you need. ■ For monitoring and analyzing switch operation, refer to Appendix B. ■ For information on individual CLI commands, refer to the Index or to the online Help provided in the CLI interface. Advantages of Using the Web Browser Interface Figure 2-3.
Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus ■ More visual cues, using colors, status bars, device icons, and other graphical objects instead of relying solely on alphanumeric values ■ Display of acceptable ranges of values available in configuration list boxes Advantages of Using ProCurve Manager or ProCurve Manager Plus You can operate ProCurve Manager and ProCurve Manager Plus (PCM and PCM+) from a PC on the network to monitor traffic, manage your hub
Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus • In-Depth Traffic Analysis: An integrated, low-overhead traffic mon itor interface shows detailed information on traffic throughout the network. Using enhanced traffic analysis protocols such as Extended RMON, users can monitor overall traffic levels, segments with the highest traffic, or even the top users within a network segment.
Selecting a Management Interface Custom Login Banners for the Console and Web Browser Interfaces Custom Login Banners for the Console and Web Browser Interfaces You can now configure the switch to display a login banner of up to 3070 characters when an operator initiates a management session with the switch through any of the following methods: ■ Telnet ■ serial connection ■ SSHv2 ■ Web browser The default banner displays product registration information; the copyright splash is no longer displayed
Selecting a Management Interface Custom Login Banners for the Console and Web Browser Interfaces or if the switch is using the factory-default banner shown in figure 2-5, then the banner page does not appear in the Web browser when an operator initiates a login session with the switch. Configuring and Displaying a Non-Default Banner You can enable or disable banner operation using either the switch’s CLI or an SNMP application. The steps include: 1.
Selecting a Management Interface Custom Login Banners for the Console and Web Browser Interfaces This is a private system maintained by the Allied Widget Corporation. Unauthorized use of this system can result in civil and criminal penalties! In this case, the operator will use the [Enter] key to create line breaks, blank spaces for line centering, and the % symbol to terminate the banner message. Figure 2-4.
Selecting a Management Interface Custom Login Banners for the Console and Web Browser Interfaces ProCurve(config)# show running Running configuration: ; J9137A Configuration Editor; Created on release #S.14.XX hostname "ProCurve Switch" console baud-rate 9600 module 1 type JXXXXA snmp-server community "public" Operator vlan 1 name "DEFAULT_VLAN" untagged 1-5,9-24,Trk2 ip address 15.255.128.86 255.255.248.
Selecting a Management Interface Custom Login Banners for the Console and Web Browser Interfaces Figure 2-8. Example of Web Browser Interface Result of the Login Banner Configuration Operating Notes ■ The default banner appears only when the switch is in the factory default configuration. Using no banner motd deletes the currently configured banner text and blocks display of the default banner. The default banner is restored only if the switch is reset to its factorydefault configuration.
3 Using the Menu Interface Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2 Starting and Ending a Menu Session . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3 How To Start a Menu Interface Session . . . . . . . . . . . . . . . . . . . . . . . . . 3-4 How To End a Menu Session and Exit from the Console: . . . . . . . . . . 3-5 Main Menu Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Using the Menu Interface Overview Overview This chapter describes the following features: ■ Overview of the Menu Interface (page 3-2) ■ Starting and ending a Menu session (page 3-3) ■ The Main Menu (page 3-7) ■ Screen structure and navigation (page 3-9) ■ Rebooting the switch (page 3-12) The menu interface operates through the switch console to provide you with a subset of switch commands in an easy-to-use menu format enabling you to: ■ Perform a “quick configuration” of basic parameters, such a
Using the Menu Interface Starting and Ending a Menu Session Note If the switch has neither a Manager nor an Operator password, anyone having access to the console interface can operate the console with full manager privileges. Also, if you configure only an Operator password, entering the Operator password enables full manager privileges. For more information on passwords, refer to the Access Security Guide for your switch. Menu Interaction with Other Interfaces.
Using the Menu Interface Starting and Ending a Menu Session How To Start a Menu Interface Session In its factory default configuration, the switch console starts with the CLI prompt. To use the menu interface with Manager privileges, go to the Manager level prompt and enter the menu command. 1. 2. 3. Use one of these methods to connect to the switch: • A PC terminal emulator or terminal • Telnet Do one of the following: • If you are using Telnet, go to step 3.
Using the Menu Interface Starting and Ending a Menu Session Figure 3-1. Example of the Main Menu with Manager Privileges For a description of Main Menu features, see “Main Menu Features” on page 3 7. Note To configure the switch to start with the menu interface instead of the CLI, go to the Manager level prompt in the CLI, enter the setup command, and in the resulting display, change the Logon Default parameter to Menu.
Using the Menu Interface Starting and Ending a Menu Session Asterisk indicates a configuration change that requires a reboot to activate. Figure 3-2. Example Indication of a Configuration Change Requiring a Reboot 1. In the current session, if you have not made configuration changes that require a switch reboot to activate, return to the Main Menu and press [0] (zero) to log out. Then just exit from the terminal program, turn off the terminal, or quit the Telnet session. 2.
Using the Menu Interface Main Menu Features Main Menu Features ProCurve Switch 2-Jan-2009 0:00:44 ===========================- TELNET - MANAGER MODE -========================= Main Menu 1. 2. 3. 4. 5. 6. 7. 8. 9. 0. Status and Counters... Switch Configuration... Console Passwords... Event Log Command Line (CLI) Reboot Switch Download OS Run Setup Stacking... Logout Provides the menu to display configuration, status, and counters.
Using the Menu Interface Main Menu Features 3-8 ■ Command Line (CLI): Selects the Command Line Interface at the same level (Manager or Operator) that you are accessing in the Menu interface. (Refer to Chapter 4, “Using the Command Line Interface (CLI)”.) ■ Reboot Switch: Performs a “warm” reboot of the switch, which clears most temporary error conditions, resets the network activity counters to zero, and resets the system up-time to zero.
Using the Menu Interface Screen Structure and Navigation Screen Structure and Navigation Menu interface screens include these three elements: ■ Parameter fields and/or read-only information such as statistics ■ Navigation and configuration actions, such as Save, Edit, and Cancel ■ Help line to describe navigation options, individual parameters, and readonly data For example, in the following System Information screen: Screen title – identifies the location within the menu structure Parameter fields
Using the Menu Interface Screen Structure and Navigation Table 3-5. 3-10 How To Navigate in the Menu Interface Task: Actions: Execute an action from the “Actions –>” list at the bottom of the screen: Use either of the following methods: • Use the arrow keys ([<], or [>]) to highlight the action you want to execute, then press [Enter]. • Press the key corresponding to the capital letter in the action name.
Using the Menu Interface Screen Structure and Navigation To get Help on individual parameter descriptions. In most screens there is a Help option in the Actions line. Whenever any of the items in the Actions line is highlighted, press [H], and a separate help screen is displayed. For example: Pressing [H] or highlighting Help and pressing [Enter] displays Help for the parameters listed in the upper part of the screen Highlight on any item in the Actions line indicates that the Actions line is active.
Using the Menu Interface Rebooting the Switch Rebooting the Switch Rebooting the switch from the menu interface ■ Terminates all current sessions and performs a reset of the operating system ■ Activates any menu interface configuration changes that require a reboot ■ Resets statistical counters to zero (Note that statistical counters can be reset to zero without rebooting the switch.) To Reboot the switch, use the Reboot Switch option in the Main Menu.
Using the Menu Interface Rebooting the Switch Rebooting To Activate Configuration Changes. Configuration changes for most parameters in the menu interface become effective as soon as you save them. However, you must reboot the switch in order to implement a change in the Maximum VLANs to support parameter. (To access this parameter, go to the Main Menu and select: 2. Switch Configuration 8. VLAN Menu 1. VLAN Support.
Using the Menu Interface Menu Features List Menu Features List Status and Counters • General System Information • Switch Management Address Information • Port Status • Port Counters • VLAN Address Table • Port Address Table Switch Configuration • System Information • Port/Trunk Settings • Network Monitoring Port • IP Configuration • SNMP Community Names • IP authorized Managers • VLAN Menu Console Passwords Event Log Command Line (CLI) Reboot Switch Download OS (Download Switch So
Using the Menu Interface Where To Go From Here Where To Go From Here This chapter provides an overview of the menu interface and how to use it. The following table indicates where to turn for detailed information on how to use the individual features available through the menu interface. Option: Turn to: To use the Run Setup option Refer to the Installation and Getting Started Guide for your switch, available on the Procurve web site at www.procurve.com.
Using the Menu Interface Where To Go From Here 3-16
4 Using the Command Line Interface (CLI) Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2 Accessing the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2 Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2 Privilege Levels at Logon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Using the Command Line Interface (CLI) Overview Overview The CLI is a text-based command interface for configuring and monitoring the switch. The CLI gives you access to the switch’s full set of commands while providing the same password protection that is used in the web browser interface and the menu interface. Accessing the CLI Like the menu interface, the CLI is accessed through the switch console, and in the switch’s factory default state, is the default interface when you start a console session.
Using the Command Line Interface (CLI) Using the CLI When you use the CLI to make a configuration change, the switch writes the change to the Running-Config file in volatile memory. This allows you to test your configuration changes before making them permanent. To make changes permanent, you must use the write memory command to save them to the Startup-Config file in non-volatile memory.
Using the Command Line Interface (CLI) Using the CLI Caution ProCurve strongly recommends that you configure a Manager password. If a Manager password is not configured, then the Manager level is not passwordprotected, and anyone having in-band or out-of-band access to the switch may be able to reach the Manager level and compromise switch and network security. Note that configuring only an Operator password does not prevent access to the Manager level by intruders who have the Operator password.
Using the Command Line Interface (CLI) Using the CLI Manager Privileges Manager privileges give you three additional levels of access: Manager, Global Configuration, and Context Configuration. A “#” character delimits any Man ager prompt. For example: ProCurve#_ ■ Example of the Manager prompt. Manager level: Provides all Operator level privileges plus the ability to perform system-level actions that do not require saving changes to the system configuration file.
Using the Command Line Interface (CLI) Using the CLI Table 4-1. Privilege Level Hierarchy Privilege Level Example of Prompt and Permitted Operations Operator Privilege Operator Level ProCurve> show < command > setup View status and configuration information. ping < argument > link-test < argument > Perform connectivity tests. enable Move from the Operator level to the Manager level. menu Move from the CLI interface to the menu interface.
Using the Command Line Interface (CLI) Using the CLI How To Move Between Levels Change in Levels Example of Prompt, Command, and Result Operator level to Manager level ProCurve> enable Password:_ After you enter enable, the Password prompt appears.
Using the Command Line Interface (CLI) Using the CLI For example, if you use the menu interface to configure an IP address of “X” for VLAN 1 and later use the CLI to configure a different IP address of “Y” for VLAN 1, then “Y” replaces “X” as the IP address for VLAN 1 in the running config file. If you subsequently execute write memory in the CLI, then the switch also stores “Y” as the IP address for VLAN 1 in the startup-config file.
Using the Command Line Interface (CLI) Using the CLI Typing ? at the Manager level produces this listing: When - - MORE - - appears, use the Space bar or [Return] to list additional commands. Figure 4-4.Example of the Manager-Level Command Listing When - - MORE - - appears, there are more commands in the listing. To list the next screenfull of commands, press the Space bar. To list the remaining commands one-by-one, repeatedly press [Enter].
Using the Command Line Interface (CLI) Using the CLI As mentioned above, if you type part of a command word and press [Tab], the CLI completes the current word (if you have typed enough of the word for the CLI to distinguish it from other possibilities), including hyphenated exten sions. For example: ProCurve(config)# port-[Tab] ProCurve(config)# port-security _ Pressing [Tab] after a completed command word lists the further options for that command.
Using the Command Line Interface (CLI) Using the CLI Displaying CLI “Help” CLI Help provides two types of context-sensitive information: ■ Command list with a brief summary of each command’s purpose ■ Detailed information on how to use individual commands Displaying Command-List Help. Syntax: help Displays a listing of command Help summaries for all commands available at the current privilege level.
Using the Command Line Interface (CLI) Using the CLI Figure 4-7.Example of How To Display Help for a Specific Command Note that trying to list the help for an individual command from a privilege level that does not include that command results in an error message.
Using the Command Line Interface (CLI) Using the CLI Configuration Commands and the Context Configuration Modes You can execute any configuration command in the global configuration mode or in selected context modes. However, using a context mode enables you to execute context-specific commands faster, with shorter command strings. The switch offers interface (port or trunk group) and VLAN context configu ration modes: Port or Trunk-Group Context.
Using the Command Line Interface (CLI) Using the CLI In the port context, the first block of commands in the “?” listing show the context-specific commands that will affect only ports C3-C6. The remaining commands in the listing are Manager, Operator, and context commands. Figure 4-8.
Using the Command Line Interface (CLI) Using the CLI VLAN Context . Includes VLAN-specific commands that apply only to the selected VLAN, plus Manager and Operator commands. The prompt for this mode includes the VLAN ID of the selected VLAN. For example, if you had already configured a VLAN with an ID of 100 in the switch: ProCurve(config)# vlan 100 Command executed at configuration level to enter VLAN 100 context. ProCurve(vlan-100)# Resulting prompt showing VLAN 100 context.
Using the Command Line Interface (CLI) CLI Control and Editing CLI Control and Editing Executing a Prior Command—Redo The redo command executes a prior command in the history list. Syntax: redo [number | command-str] Re-executes a command from history. Executes the last command by default. number: The position of the command to execute in the history list. When number is specified, the nth command starting from the most recent command in the history is executed.
Using the Command Line Interface (CLI) CLI Control and Editing Syntax: repeat [cmdlist] [count] [delay] Repeats execution of a previous command. Repeats the last command by default until a key is pressed. cmdlist: If a number or range of numbers is specified, the command repeats the nth most recent commands (where “n” is the position in the history list). count: Repeats the command for the number of times specified. delay: The command repeats execution after a delay for the number of seconds specified.
Using the Command Line Interface (CLI) CLI Control and Editing Using a Command Alias You can create a simple command alias to use in place of a command name and its options. Choose an alias name that is not an existing CLI command already. Existing CLI commands are searched before looking for an alias command; an alias that is identical to an existing command will not be executed. The alias command is executed from the current configuration context (oper ator, manager, or global).
Using the Command Line Interface (CLI) CLI Control and Editing ProCurve(config)# show int custom 1-4 port name:4 type vlan intrusion speed enabled mdi Status and Counters - Custom Port Status Port ---1 2 3 4 Name ---------Acco Huma Deve Lab1 Type ---------10/100T 10/100T 10/100T 10/100T VLAN ----1 1 1 1 Intrusion Alert --------No No No No Speed ------100FDx 100FDx 100FDx 100FDx Enabled ------Yes Yes Yes Yes MDI-mode ------Auto Auto Auto Auto ProCurve(config)# alias sic “show int custom 1-4 port na
Using the Command Line Interface (CLI) CLI Control and Editing ProCurve(config)# show alias Name -------------- ----sc sic Command -----------------------------show config show int custom 1-4 port name:4 type vlan intrusion speed enabled mdi Figure 4-13.
Using the Command Line Interface (CLI) CLI Editing Shortcuts CLI Editing Shortcuts Keystrokes Function [Ctrl] [A] Jumps to the first character of the command line. [Ctrl] [B] or [<] Moves the cursor back one character. [Ctrl] [C] Terminates a task and displays the command prompt. [Ctrl] [D] Deletes the character at the cursor. [Ctrl] [E] Jumps to the end of the current command line. [Ctrl] [F] or [>] Moves the cursor forward one character.
Using the Command Line Interface (CLI) CLI Editing Shortcuts 4-22
5 Using the ProCurve Web Browser Interface Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2 General Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3 Starting a Web Browser Interface Session with the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4 Using a Standalone Web Browser in a PC or UNIX Workstation . . . .
Using the ProCurve Web Browser Interface Overview Overview The ProCurve web browser interface built into the switch lets you easily access the switch from a browser-based PC on your network. This lets you do the following: ■ Optimize your network uptime by using the Alert Log and other diagnostic tools ■ Make configuration changes to the switch ■ Maintain security by configuring usernames and passwords This chapter covers the following: ■ General features (page 5-3).
Using the ProCurve Web Browser Interface General Features General Features The web browser interface includes these features: Switch Identity and Status: • General system data • Software version • IP address • Status Overview • Port utilization • Port counters • Port status • Alert log Switch Configuration: • Device view • Port configuration • VLAN configuration • Fault detection • Quality of service (QoS) • Port monitoring (mirroring) • System information • IP configuration • Support and management server
Using the ProCurve Web Browser Interface Starting a Web Browser Interface Session with the Switch Starting a Web Browser Interface Session with the Switch You can start a web browser session in the following ways: ■ ■ Using a standalone web browser on a network connection from a PC or UNIX workstation: • Directly connected to your network • Connected through remote access to your network Using a network management station running ProCurve Manager on your network Using a Standalone Web Browser in a P
Using the ProCurve Web Browser Interface Starting a Web Browser Interface Session with the Switch Using ProCurve Manager (PCM) or ProCurve Manager Plus (PCM+) ProCurve Manager and ProCurve Manager Plus are designed for installation on a network management workstation. For this reason, the system require ments are different from the system requirements for accessing the switch’s web browser interface from a non-management PC or workstation.
Using the ProCurve Web Browser Interface Starting a Web Browser Interface Session with the Switch First time install alert Figure 5-1.
Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session Tasks for Your First ProCurve Web Browser Interface Session The first time you access the web browser interface, there are three tasks you should perform: ■ Review the “First Time Install” window ■ Set Manager and Operator passwords ■ Set access to the web browser interface online help Viewing the “First Time Install” Window When you access the switch’s web browser interface for the first time, the Al
Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session This window is the launching point for the basic configuration you need to perform to set web browser interface passwords for maintaining security and a fault detection policy, which determines the types of messages that the Alert Log displays. To set web browser interface passwords, click on secure access to the device to display the Device Passwords screen, and then go to the next page.
Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session Figure 5-3.The Device Passwords Window To set the passwords: 1. 2. Access the Device Passwords screen by one of the following methods: • If the Alert Log includes a “First Time Install” event entry, double click on this event, then, in the resulting display, click on the secure access to the device link. • Select the Security tab.
Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session Entering a User Name and Password Figure 5-4. Example of the Password Prompt in the Web Browser Interface The manager and operator passwords are used to control access to all switch interfaces. Once set, you will be prompted to supply the password every time you try to access the switch through any of its interfaces.
Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session The Clear button is provided for your convenience, but its presence means that if you are concerned with the security of the switch configuration and operation, you should make sure the switch is installed in a secure location, such as a locked wiring closet.
Using the ProCurve Web Browser Interface Support/Mgmt URLs Feature Support/Mgmt URLs Feature The Support/Mgmt URLs window enables you to change the World Wide Web Universal Resource Locator (URL) for two functions: ■ Support URL – A support information site for your switch ■ Management Server URL – The web site for web browser online Help 1. Click Here 2. Click Here 3.
Using the ProCurve Web Browser Interface Support/Mgmt URLs Feature Support URL This is the site the switch accesses when you click on the Support tab on the web browser interface. The default URL is: www.procurve.com which is the World Wide Web site for ProCurve networking products. Click on technical support on that page to get support information regarding your switch, including white papers, software updates, and more.
Using the ProCurve Web Browser Interface Support/Mgmt URLs Feature In the default configuration, the switch uses the URL for accessing the web browser interface help files on the ProCurve World Wide Web site. Figure 5-7. How To Access Web Browser Interface Online Help Using the PCM Server for Switch Web Help For ProCurve devices that support the “Web Help” feature, you can use the PCM server to host the switch help files for devices that do not have HTTP access to the ProCurve Support Web site. 1.
Using the ProCurve Web Browser Interface Support/Mgmt URLs Feature 3. Add an entry, or edit the existing entry in the Discovery portion of the global properties (globalprops.prp) in PCM to redirect the switches to the help files on the PCM server. For example: Global { TempDir=data/temp ... Discovery{ ... ... DeviceHelpUrlRedirect=http://15.29.37.12.8040/rnd/device_help ... } } You will enter the IP address for your PCM server. 8040 is the standard port number to use. 4.
Using the ProCurve Web Browser Interface Status Reporting Features Status Reporting Features Browser elements covered in this section include: ■ The Overview window (below) ■ Port utilization and status (page 5-17) ■ The Alert log (page 5-20) The Overview Window The Overview Window is the home screen for any entry into the web browser interface.The following figure identifies the various parts of the screen.
Using the ProCurve Web Browser Interface Status Reporting Features The Port Utilization and Status Displays The Port Utilization and Status displays show an overview of the status of the switch and the amount of network activity on each port. The following figure shows a sample reading of the Port Utilization and Port Status. Port Utilization Bar Graphs Bandwidth Display Control Port Status Indicators Legend Figure 5-9.
Using the ProCurve Web Browser Interface Status Reporting Features ■ Maximum Activity Indicator: As the bars in the graph area change height to reflect the level of network activity on the corresponding port, they leave an outline to identify the maximum activity level that has been observed on the port. Utilization Guideline. A network utilization of 40% is considered the maximum that a typical Ethernet-type network can experience before encoun tering performance difficulties.
Using the ProCurve Web Browser Interface Status Reporting Features Port Status Port Status Indicators Legend Figure 5-12. The Port Status Indicators and Legend The Port Status indicators show a symbol for each port that indicates the general status of the port. There are four possible statuses: ■ Port Connected – the port is enabled and is properly connected to an active network device. ■ Port Not Connected – the port is enabled but is not connected to an active network device.
Using the ProCurve Web Browser Interface Status Reporting Features The Alert Log The web browser interface Alert Log, shown in the lower half of the screen, shows a list of network occurrences, or alerts, that were detected by the switch. Typical alerts are Broadcast Storm, indicating an excessive number of broadcasts received on a port, and Problem Cable, indicating a faulty cable. A full list of alerts is shown in the table on page 5-21. Figure 5-13.
Using the ProCurve Web Browser Interface Status Reporting Features Alert Types and Detailed Views As of June, 2007, the web browser interface generates the following alert types: • • • • • • • • • Note Auto Partition Backup Transition Excessive broadcasts Excessive CRC/alignment errors Excessive jabbering Excessive late collisions First Time Install Full-Duplex Mismatch Half-Duplex Mismatch • • • • • • • • High collision or drop rate Loss of Link Mis-Configured SQE Network Loop Polarity Reversal Securi
Using the ProCurve Web Browser Interface Status Reporting Features Figure 5-14.
Using the ProCurve Web Browser Interface Status Reporting Features Setting Fault Detection Policy One of the powerful features in the web browser interface is the Fault Detection facility. For your switch, this feature controls the types of alerts reported to the Alert Log based on their level of severity. Set this policy in the Fault Detection window (figure 5-15). Figure 5-15.
Using the ProCurve Web Browser Interface Status Reporting Features To provide the most information on network problems in the Alert Log, the recommended sensitivity level for Log Network Problems is High Sensitivity. The Fault Detection settings are: ■ High Sensitivity. This policy directs the switch to send all alerts to the Alert Log. This setting is most effective on networks that have none or few problems. ■ Medium Sensitivity.
6 Switch Memory and Configuration Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-3 Configuration File Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-3 Using the CLI To Implement Configuration Changes . . . . . . . . . . . . 6-6 Using the Menu and Web Browser Interfaces To Implement Configuration Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Switch Memory and Configuration Contents Changing or Overriding the Reboot Configuration Policy . . . . . . . . . 6-28 Managing Startup-Config Files in the Switch . . . . . . . . . . . . . . . . . . . 6-30 Renaming an Existing Startup-Config File . . . . . . . . . . . . . . . . . . 6-31 Creating a New Startup-Config File . . . . . . . . . . . . . . . . . . . . . . . . 6-31 Erasing a Startup-Config File . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Switch Memory and Configuration Overview Overview This chapter describes: ■ How switch memory manages configuration changes ■ How the CLI implements configuration changes ■ How the menu interface and web browser interface implement configu ration changes ■ How the switch provides software options through primary/secondary flash images ■ How to use the switch’s primary and secondary flash options, including displaying flash information, booting or restarting the switch, and other topics Configura
Switch Memory and Configuration Configuration File Management ■ Running Config File: Exists in volatile memory and controls switch operation. If no configuration changes have been made in the CLI since the switch was last booted, the running-config file is identical to the startup-config file. ■ Startup-config File: Exists in flash (non-volatile) memory and is used to preserve the most recently-saved configuration as the “permanent” configuration.
Switch Memory and Configuration Configuration File Management “permanent”. When you are satisfied that the change is satisfactory, you can make it permanent by executing the write memory command. For example, suppose you use the following command to disable port 5: ProCurve(config)# interface ethernet 5 disable The above command disables port 5 in the running-config file, but not in the startup-config file. Port 5 remains disabled only until the switch reboots.
Switch Memory and Configuration Using the CLI To Implement Configuration Changes Using the CLI To Implement Configuration Changes The CLI offers these capabilities: ■ Access to the full set of switch configuration features ■ The option of testing configuration changes before making them perma nent How To Use the CLI To View the Current Configuration Files. Use show commands to view the configuration for individual features, such as port status or Spanning Tree Protocol.
Switch Memory and Configuration Using the CLI To Implement Configuration Changes 3. Observe the switch’s performance with the new parameter settings to verify the effect of your changes. 4. When you are satisfied that you have the correct parameter settings, use the write memory command to copy the changes to the startup-config file. Syntax: write memory Saves the running configuration file to the startup-config. The saved configuration becomes the boot-up configuration of the switch on the next boot.
Switch Memory and Configuration Using the CLI To Implement Configuration Changes If you use the CLI to change a parameter setting, and then execute the boot command without first executing the write memory command to save the change, the switch prompts you to specify whether to save the changes in the current running-config file. For example: Disables port 1 in the running configuration, which causes port 1 to block all traffic.
Switch Memory and Configuration Using the Menu and Web Browser Interfaces To Implement Configuration Changes value will appear in the menu interface display for that parameter. However, as indicated above, unless you also make a configuration change in the menu interface, only the write memory command in the CLI will actually save the change to the startup-config file. How To Reset the startup-config and running-config Files to the Factory Default Configuration.
Switch Memory and Configuration Using the Menu and Web Browser Interfaces To Implement Configuration Changes Menu: Implementing Configuration Changes You can use the menu interface to simultaneously save and implement a subset of switch configuration changes without having to reboot the switch. That is, when you save a configuration change in the menu interface, you simultane ously change both the running-config file and the startup-config file.
Switch Memory and Configuration Using the Menu and Web Browser Interfaces To Implement Configuration Changes the switch discards the configuration changes made while using the CLI. To ensure that changes made while using the CLI are saved, execute write memory in the CLI before rebooting the switch.
Switch Memory and Configuration Using the Menu and Web Browser Interfaces To Implement Configuration Changes If configuration changes requiring a reboot have been made, the switch displays an asterisk (*) next to the menu item in which the change has been made.
Switch Memory and Configuration Using Primary and Secondary Flash Image Options Using Primary and Secondary Flash Image Options The switches covered in this guide feature two flash memory locations for storing switch software image files: ■ Primary Flash: The default storage for a switch software image. ■ Secondary Flash: The additional storage for an alternate switch software image.
Switch Memory and Configuration Using Primary and Secondary Flash Image Options For example, if the switch is using a software version of S.14.XX stored in Primary flash, show version produces the following: ProCurve(config)# show version Image stamp: Boot Image: Figure 6-7. /su/code/build/info(s01) Jun 01 2009 10:50:26 S.14.XX 1223 Primary Example Showing the Identity of the Current Flash Image Determining Whether the Flash Images Are Different Versions.
Switch Memory and Configuration Using Primary and Secondary Flash Image Options 1. In this example show version indicates the switch has version W.14.02 in primary flash. 2. After the boot system command, show version indicates that version W.14.01 is in secondary flash. Figure 6-9. ProCurve(config)# show version Image stamp: /sw/code/build/info(s02) Sept 01 2008 14.03.06 W.14.
Switch Memory and Configuration Using Primary and Secondary Flash Image Options flash and you can either copy the secondary image into primary or download another image to primary from an external source. Refer to Appendix A, “File Transfers”. Local Switch Software Replacement and Removal This section describes commands for erasing a software version and copying an existing software version between primary and secondary flash.
Switch Memory and Configuration Using Primary and Secondary Flash Image Options Syntax: copy flash flash where: destination flash = primary or secondary: For example, to copy the image in secondary flash to primary flash: 1. Verify that there is a valid flash image in the secondary flash location. The following figure indicates that a software image is present in secondary flash.
Switch Memory and Configuration Using Primary and Secondary Flash Image Options 2. Then erase the software image in the selected flash (in this case, primary): The prompt shows which flash location will be erased. Figure 6-11. Example of Erase Flash Prompt 3. Type y at the prompt to complete the flash erase. 4.
Switch Memory and Configuration Using Primary and Secondary Flash Image Options factory-default values to the parameters controlling the new features. Simi larly, If you create a startup-config file while using a version “Y” of the switch software, and then reboot the switch with an earlier software version “X” that does not include all of the features found in “Y”, the software simply ignores the parameters for any features that it does not support. Scheduled Reload.
Switch Memory and Configuration Using Primary and Secondary Flash Image Options Setting the Default Flash You can specify the default flash to boot from on the next boot by entering the boot set-default flash command. Syntax: boot set-default flash [primary |secondary] Upon booting, set the default flash for the next boot to primary or secondary.
Switch Memory and Configuration Using Primary and Secondary Flash Image Options ProCurve(config)# boot system flash secondary System will be rebooted from secondary image. Do you want to continue [y/n]? Figure 6-13. Example of Boot Command with Secondary Flash Option In the above example, typing either a y or n at the second prompt initiates the reboot operation. Using the Fastboot feature.
Switch Memory and Configuration Using Primary and Secondary Flash Image Options Scheduled Reload. Additional parameters have been added to the reload command to allow for a scheduled reboot of the switch via the CLI. Syntax: [no] reload [after <[dd:]hh:]mm> | at []] Enables a scheduled warm reboot of the switch. The switch boots up with the same startup config file and using the same flash image as before the reload.
Switch Memory and Configuration Multiple Configuration Files Multiple Configuration Files Action Page Listing and Displaying Startup-Config Files 6-27 Changing or Overriding the Reboot Configuration Policy 6-28 Managing Startup-Config Files Renaming Startup-Config Files 6-31 Copying Startup-Config Files 6-31 Erasing Startup-Config Files 6-32 Effect of Using the Clear + Reset Buttons 6-34 Copying Startup-Config Files to or from a Remote Server 6-35 This method of operation means that you can
Switch Memory and Configuration Multiple Configuration Files ■ Transitions from one software release to another can be performed while maintaining a separate configuration for the different software release versions.
Switch Memory and Configuration Multiple Configuration Files 1. Reboot the switch through the Primary boot path using the startup-config file named backupConfig. 2. Use the CLI to make configuration changes in the running-config file, and then execute write mem. The result is that the startup-config file used to reboot the switch is modified by the actions in step 2.
Switch Memory and Configuration Multiple Configuration Files Transitioning to Multiple Configuration Files At the first reboot with a software release supporting multiple configuration, the switch: ■ Assigns the filename oldConfig to the existing startup-config file (which is stored in memory slot 1). ■ Saves a copy of the existing startup-config file in memory slot 2 with the filename workingConfig.
Switch Memory and Configuration Multiple Configuration Files Listing and Displaying Startup-Config Files Command Page show config files show config < filename > Below 6-28 Viewing the Startup-Config File Status with Multiple Configuration Enabled Rebooting the switch automatically enables the multiple configuration fea ture. Syntax: show config files This command displays the available startup-config files on the switch and the current use of each file.
Switch Memory and Configuration Multiple Configuration Files Displaying the Content of A Specific Startup-Config File With Multiple Configuration enabled, the switch can have up to three startup config files. Because the show config command always displays the content of the currently active startup-config file, the command extension shown below is needed to allow viewing the contents of any other startup-config files stored in the switch.
Switch Memory and Configuration Multiple Configuration Files Syntax: startup-default [ primary | secondary ] config < filename > Specifies a boot configuration policy option: [ primary | secondary ] config < filename >: Designates the startup-config file to use in a reboot with the software version stored in a specific flash location. Use this option to change the reboot policy for either primary or secondary flash, or both.
Switch Memory and Configuration Multiple Configuration Files ProCurve(config)# startup-default pri config minconfig ProCurve(config) # startup-default sec config newconfig. Overriding the Default Reboot Configuration Policy. This command provides a method for manually rebooting with a specific startup-config file other than the file specified in the default reboot configuration policy.
Switch Memory and Configuration Multiple Configuration Files Renaming an Existing Startup-Config File Syntax: rename config < current-filename > < newname-str > This command changes the name of an existing startup config file. A file name can include up to 63, alphanumeric characters. Blanks are allowed in a file name enclosed in quotes (“ “ or ‘ ‘). (File names are not case-sensitive.) Creating a New Startup-Config File The switch allows up to three startup-config files.
Switch Memory and Configuration Multiple Configuration Files Figure 6-17. Example of Using One Startup-Config File for Both Primary and Secondary Flash If you wanted to experiment with configuration changes to the software version in secondary flash, you could create and assign a separate startup config file for this purpose. The first two commands copy the config1 startup-config file to config2, and then make config2 the default startup-config file for booting from secondary flash. Figure 6-18.
Switch Memory and Configuration Multiple Configuration Files Syntax: erase < config < filename >> | startup-config > config < filename >: This option erases the specified startup config file. If the specified file is not the currently active startup-config file, then the file is simply deleted from the memory slot it occupies.
Switch Memory and Configuration Multiple Configuration Files Figure 6-19 illustrates using erase config < filename > to remove a startup-config file. Figure 6-19. Example of Erasing a Non-Active Startup-Config File With the same memory configuration as is shown in the bottom portion of figure 6-19, executing erase startup-config boots the switch from primary flash, resulting in a new file named minconfig in the same memory slot.
Switch Memory and Configuration Multiple Configuration Files ProCurve(config)# show config files Pressing Clear + Reset: – Replaces all startup-config files with a single file named config1 that contains the default configuration for the software version in id | act pri sec | name primary flash. ---+-------------+----------------------------------------------– Resets the Active, Primary, and Secondary 1 | * * * | config1 assignments as shown here. Configuration files: 2 | 3 | | | Figure 6-20.
Switch Memory and Configuration Multiple Configuration Files TFTP: Copying a Configuration File from a Remote Host Syntax: copy tftp config < dest-file > < ip-addr > < remote-file > < pc | unix > This is an addition to the copy tftp command options. Use this command to download a configuration file from a TFTP server to the switch. Note: This command requires an empty memory slot in the switch.
Switch Memory and Configuration Automatic Configuration Update with DHCP Option 66 Xmodem: Copying a Configuration from a Serially Connected Host Syntax: copy xmodem config < dest-file > < pc | unix > This is an addition to the copy xmodem command options. Use this command to download a configuration file from an Xmodem host to the switch.
Switch Memory and Configuration Automatic Configuration Update with DHCP Option 66 CLI Command The command to enable the configuration update using Option 66 is: Syntax: [no] dhcp config-file-update Enables configuration file update using Option 66. Default: Enabled ProCurve(config)# dhcp config-file-update Figure 6-21.
Switch Memory and Configuration Automatic Configuration Update with DHCP Option 66 Scenario Behavior Multiple Servers serving Multiple VLANs • Each DHSP-enabled VLAN interface initiates DHCPDISCOVER and receives one or more DHCPOFFER messages. • Each interface accepts the best offer. • Option 66 is processed only for the interface belonging to the primary VLAN. Multi-homed Server serving Multiple VLANs • The switch perceives the multi-homed server as multiple separate servers.
Switch Memory and Configuration Automatic Configuration Update with DHCP Option 66 6-40
7 Interface Access and System Information Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2 Interface Access: Console/Serial Link, Web, and Inbound Telnet . 7-3 Menu: Modifying the Interface Access . . . . . . . . . . . . . . . . . . . . . . . . . . 7-4 CLI: Modifying the Interface Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-5 Denying Interface Access by Terminating Remote Management Sessions . . . . . . . . .
Interface Access and System Information Overview Overview This chapter describes how to: ■ View and modify the configuration for switch interface access ■ Use the CLI kill command to terminate a remote session ■ View and modify switch system information For help on how to actually use the interfaces built into the switch, refer to: ■ Chapter 3, “Using the Menu Interface” ■ Chapter 4, “Using the Command Line Interface (CLI)” ■ Chapter 5, “Using the ProCurve Web Browser Interface” Why Configure I
Interface Access and System Information Interface Access: Console/Serial Link, Web, and Inbound Telnet Interface Access: Console/Serial Link, Web, and Inbound Telnet Interface Access Features Feature Inactivity Time Inbound Telnet Access Outbound Telnet Access Web Browser Interface Access Terminal type Event Log event types to list (Displayed Events) Baud Rate Flow Control Default Menu CLI Web 0 Minutes (disabled) page 7-4 page 7-8 — Enabled page 7-4 page 7-5 — n/a — page 7-6 — Enabled pa
Interface Access and System Information Interface Access: Console/Serial Link, Web, and Inbound Telnet Menu: Modifying the Interface Access The menu interface enables you to modify these parameters: ■ Inactivity Timeout ■ Inbound Telnet Enabled ■ Web Agent Enabled To Access the Interface Access Parameters: 1. From the Main Menu, Select... 2. Switch Configuration... 1. System Information Interface Access Parameters Figure 7-1.
Interface Access and System Information Interface Access: Console/Serial Link, Web, and Inbound Telnet 3. Use the arrow keys ([v], [^], [<], [>]) to move to the parameters you want to change. Refer to the online help provided with this screen for further information on configuration options for these features. 4. When you have finished making changes to the above parameters, press [Enter], then press [S] (for Save).
Interface Access and System Information Interface Access: Console/Serial Link, Web, and Inbound Telnet To disable inbound Telnet access: ProCurve(config)# no telnet-server To re-enable inbound Telnet access: ProCurve(config)# telnet-server Outbound Telnet to Another Device. This feature operates indepen dently of the telnet-server status and enables you to Telnet to another device that has an IP address.
Interface Access and System Information Interface Access: Console/Serial Link, Web, and Inbound Telnet ProCurve(config)# show telnet Telnet Activity ------------------------------------------------------Session : ** 1 Privilege: Manager From : Console To : ------------------------------------------------------Session : ** 2 Privilege: Manager From : 12.13.14.10 To : 15.33.66.
Interface Access and System Information Interface Access: Console/Serial Link, Web, and Inbound Telnet Reconfigure the Console/Serial Link Settings. You can reconfigure one or more console parameters with one console command.
Interface Access and System Information Denying Interface Access by Terminating Remote Management Sessions You can also execute a series of console commands and then save the configuration and boot the switch. For example: ProCurve(config)# console baud-rate speed-sense Command will take effect after saving configuration and reboot ProCurve(config)# console flow-control xon/xoff Command will take effect after saving configuration and reboot Configure the individual parameters.
Interface Access and System Information Denying Interface Access by Terminating Remote Management Sessions Session Session 22 is is an an active active Telnet Telnet session. session. The kill 2 command terminates session 2. Figure 7-6.
Interface Access and System Information System Information System Information System Information Features Feature Default Menu CLI Web System Name switch product name page 7-12 page 7-14 page 7-17 System Contact n/a page 7-12 page 7-14 page 7-17 System Location n/a page 7-12 page 7-14 page 7-17 MAC Age Time 300 seconds page 7-12 page 7-16 — Time Sync Method None See Chapter 9, “Time Protocols”.
Interface Access and System Information System Information Time Zone: The number of minutes your time zone location is to the West (+) or East (-) of Coordinated Universal Time (formerly GMT). The default 0 means no time zone is configured. For example, the time zone for Berlin, Germany is + 60 (minutes) and the time zone for Vancouver, Canada is - 480 (minutes). Daylight Time Rule: Specifies the daylight savings time rule to apply for your location. The default is None.
Interface Access and System Information System Information 2. Press [E] (for Edit). The cursor moves to the System Name field. 3. Refer to the online help provided with this screen for further information on configuration options for these features. 4. When you have finished making changes to the above parameters, press [Enter], then press [S] (for Save) and return to the Main Menu.
Interface Access and System Information System Information Configure a System Name, Contact, and Location for the Switch. To help distinguish one switch from another, configure a plain-language identity for the switch. Syntax: hostname < name-string > snmp-server [contact ] [location ] Each field allows up to 255 characters.
Interface Access and System Information System Information MENU ProCurve-Switch-2520 24-May-2009 12:41:47 ===========================- TELNET - MANAGER MODE =========================== Switch Configuration - System Information System Name : Green System Contact : Ext-4475 System Location : + characters of the location are missing. It’s too long.
Interface Access and System Information System Information Reconfigure the MAC Age Time for Learned MAC Addresses. This command corresponds to the MAC Age Interval in the menu interface, and is expressed in seconds. Syntax: mac-age-time < 60 - 999960> (seconds) Allows you to set the MAC address table’s age-out interval. An address is aged out if the switch does not receive traffic from that MAC address for the age-out interval, measured in seconds. Default: 300 seconds.
Interface Access and System Information System Information Note Executing reload or boot resets the time and date to their default startup values. Web: Configuring System Parameters In the web browser interface, you can enter the following system information: ■ System Name ■ System Location ■ System Contact For access to the MAC Age Interval and the Time parameters, use the menu interface or the CLI. Configure System Parameters in the Web Browser Interface. 1. Click on the Configuration tab. 2.
Interface Access and System Information System Information 7-18
8 Configuring IP Addressing Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2 IP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2 Just Want a Quick Start with IP Addressing? . . . . . . . . . . . . . . . . . . . . 8-3 IP Addressing with Multiple VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring IP Addressing Overview Overview You can configure IP addressing through all of the switch’s interfaces. You can also: ■ Easily edit a switch configuration file to allow downloading the file to multiple switches without overwriting each switch’s unique gateway and VLAN 1 IP addressing. ■ Assign up to 8 IP addresses to a VLAN (multinetting).
Configuring IP Addressing IP Configuration use the menu interface or the CLI to manually configure the initial IP values. After you have network access to a device, you can use the web browser interface to modify the initial IP configuration if needed. For information on how IP addressing affects switch operation, refer to “How IP Addressing Affects Switch Operation” on page 8-11. Multinetting: Assigning Multiple IP Addresses to a VLAN. For a given VLAN you can assign up to 8 IP addresses.
Configuring IP Addressing IP Configuration For more on using the Switch Setup screen, refer to the Installation and Getting Started Guide you received with the switch. IP Addressing with Multiple VLANs In the factory-default configuration, the switch has one, permanent default VLAN (named DEFAULT_VLAN) that includes all ports on the switch.
Configuring IP Addressing IP Configuration Menu: Configuring IP Address, Gateway, and Time-ToLive (TTL) Do one of the following: ■ To manually enter an IP address, subnet mask, set the IP Config parameter to Manual and then manually enter the IP address and subnet mask values you want for the switch. ■ To use DHCP or Bootp, use the menu interface to ensure that the IP Config parameter is set to DHCP/Bootp, then refer to “DHCP/Bootp Operation” on page 8-12. To Configure IP Addressing. 1.
Configuring IP Addressing IP Configuration 3. If the switch needs to access a router, for example, to reach off-subnet destinations, select the Default Gateway field and enter the IP address of the gateway router. 4. If you need to change the packet Time-To-Live (TTL) setting, select Default TTL and type in a value between 2 and 255. 5.
Configuring IP Addressing IP Configuration (You can also use the show management command to display the IP addressing and time server IP addressing configured on the switch. Refer to figure 9-6 on page 9-10.) For example, in the factory-default configuration (no IP addressing assigned), the switch’s IP addressing appears as: The Default IP Configuration Figure 8-2.
Configuring IP Addressing IP Configuration Note The default IP address setting for the DEFAULT_VLAN is DHCP/Bootp. On additional VLANs you create, the default IP address setting is Disabled. Syntax: [ no ] vlan < vlan-id > ip address or [ no ] vlan < vlan-id > ip address < ip-address > < mask-bits > or vlan < vlan-id > ip address dhcp-bootp This example configures IP addressing on the default VLAN with the subnet mask specified in mask bits.
Configuring IP Addressing IP Configuration 1. Go to VLAN 20. 2. Configure two additional IP addresses on VLAN 20. 3. Display IP addressing. Figure 8-4. Example of Configuring and Displaying a Multinetted VLAN If you then wanted to multinet the default VLAN, you would do the following: Figure 8-5. Example of Multinetting on the Default VLAN Note The Internet (IP) Service screen in the Menu interface (figure 8-1 on page 8-5) displays the first IP address for each VLAN.
Configuring IP Addressing IP Configuration Removing or Replacing IP Addresses in a Multinetted VLAN. To remove an IP address from a multinetted VLAN, use the no form of the IP address command shown on page 8-8. Generally, to replace one IP address with another, you should first remove the address you want to replace, and then enter the new address. Configure the Optional Default Gateway. Using the Global configura tion level, you can manually assign one default gateway to the switch.
Configuring IP Addressing IP Configuration How IP Addressing Affects Switch Operation Without an IP address and subnet mask compatible with your network, the switch can be managed only through a direct terminal device connection to the Console RS-232 port. You can use direct-connect console access to take advantage of features that do not depend on IP addressing.
Configuring IP Addressing IP Configuration DHCP/Bootp Operation Overview. DHCP/Bootp is used to provide configuration data from a DHCP or Bootp server to the switch. This data can be the IP address, subnet mask, default gateway, Timep Server address, and TFTP server address. If a TFTP server address is provided, this allows the switch to TFTP a previously saved configuration file from the TFTP server to the switch.
Configuring IP Addressing IP Configuration DHCP Operation. A significant difference between a DHCP configuration and a Bootp configuration is that an IP address assignment from a DHCP server is automatic. Depending on how the DHCP server is configured, the switch may receive an IP address that is temporarily leased. Periodically the switch may be required to renew its lease of the IP configuration.
Configuring IP Addressing IP Configuration gw=10.66.77.1:\ lg=10.22.33.44:\ T144=”switch.cfg”:\ vm=rfc1048 where: Note 2520switch is a user-defined symbolic name to help you find the correct section of the bootptab file. If you have multiple switches that will be using Bootp to get their IP configuration, you should use a unique symbolic name for each switch. ht is the “hardware type”. For the switches covered in this guide, enter ether (for Ethernet). This tag must precede the ha tag.
Configuring IP Addressing IP Configuration Note Designating a primary VLAN other than the default VLAN affects the switch’s use of information received via DHCP/Bootp. For more on this topic, refer to the chapter describing VLANs in the Advanced Traffic Management Guide for your switch.
Configuring IP Addressing IP Preserve: Retaining VLAN-1 IP Addressing Across Configuration File Downloads IP Preserve: Retaining VLAN-1 IP Addressing Across Configuration File Downloads For the switches covered in this guide, IP Preserve enables you to copy a configuration file to multiple switches while retaining the individual IP address and subnet mask on VLAN 1 in each switch, and the Gateway IP address assigned to the switch.
Configuring IP Addressing IP Preserve: Retaining VLAN-1 IP Addressing Across Configuration File Downloads ; J9137A Configuration Editor; Created on release #S.14.XX hostname “ProCurve” time daylight-time-rule None . . . password manager password operator ip preserve Entering “ip preserve” in the last line of a configuration file implements IP Preserve when the file is downloaded to the switch and the switch reboots. Figure 8-6.
Configuring IP Addressing IP Preserve: Retaining VLAN-1 IP Addressing Across Configuration File Downloads ProCurve(config)# show run Running configuration: ; J9137A Configuration Editor; Created on release #S.14.XX hostname "ProCurve" trunk A11-A12 Trk1 Trunk ip default-gateway 10.10.10.
Configuring IP Addressing IP Preserve: Retaining VLAN-1 IP Addressing Across Configuration File Downloads ProCurve# show run Running configuration: ; J9137A Configuration Editor; Created on release #S.14.XX hostname "ProCurve" trunk A11-A12 Trk1 Trunk ip default-gateway 10.10.10.1 snmp-server community "public" Unrestricted vlan 1 name "DEFAULT_VLAN" untagged A1,A7-A10,A13-A24,B1-B24,Trk1 ip address 10.10.10.5 255.255.255.
Configuring IP Addressing IP Preserve: Retaining VLAN-1 IP Addressing Across Configuration File Downloads 8-20
9 Time Protocols Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2 TimeP Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2 SNTP Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2 Selecting a Time Synchronization Protocol or Turning Off Time Protocol Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Time Protocols Overview Overview This chapter describes: ■ SNTP Time Protocol Operation ■ Timep Time Protocol Operation Using time synchronization ensures a uniform time among interoperating devices. This helps you to manage and troubleshoot switch operation by attaching meaningful time data to event and error messages. The switch offers TimeP and SNTP (Simple Network Time Protocol) and a timesync command for changing the time protocol selection (or turning off time protocol operation).
Time Protocols Selecting a Time Synchronization Protocol or Turning Off Time Protocol Operation Note To use Broadcast mode, the switch and the SNTP server must be in the same subnet. ■ Unicast Mode: The switch requests a time update from the config ured SNTP server. (You can configure one server using the menu interface, or up to three servers using the CLI sntp server command.
Time Protocols SNTP: Viewing, Selecting, and Configuring ■ In the System Information screen of the Menu interface, set the Time Synch Method parameter to None, then press [Enter], then [S] (for Save). ■ In the Global config level of the CLI, execute no timesync. SNTP: Viewing, Selecting, and Configuring SNTP Feature Default CLI Web view the SNTP time synchronization configuration n/a page 9-5 page 9-8 — select SNTP as the time synchronization method timep page 9-6 page 9-10 ff.
Time Protocols SNTP: Viewing, Selecting, and Configuring Table 9-1. SNTP Parameters SNTP Parameter Operation Time Sync Method Used to select either SNTP, TIMEP, or None as the time synchronization method. SNTP Mode Disabled The Default. SNTP does not operate, even if specified by the Menu interface Time Sync Method parameter or the CLI timesync command. Unicast Directs the switch to poll a specific server for SNTP time synchronization. Requires at least one server address.
Time Protocols SNTP: Viewing, Selecting, and Configuring ==========================- CONSOLE - MANAGER MODE -======================== Switch Configuration - System Information System Name : ProCurve System Contact : System Location : Inactivity Timeout (min) [0] : 0 Inbound Telnet Enabled [Yes] : Yes Time Sync Method [None] : TIMEP TimeP Mode [Disabled] : Disabled MAC Age Time (sec) [300] : 300 Web Agent Enabled [Yes] : Yes Tftp-enable [Yes] : Yes Time Zone [0] : 0 Daylight Time Rule [None] : None Actio
Time Protocols SNTP: Viewing, Selecting, and Configuring Note: This step replaces any previously configured server IP address. If you will be using backup SNTP servers (requires use of the CLI), then refer to “SNTP Unicast Time Polling with Multiple SNTP Servers” on page 9-25. iii. Press [v] to move the cursor to the Server Version field. Enter the value that matches the SNTP server version running on the device you specified in the preceding step (step ii).
Time Protocols SNTP: Viewing, Selecting, and Configuring CLI: Viewing and Configuring SNTP CLI Commands Described in this Section SNTP Command show sntp Page 9-8 [no] timesync 9-10 and ff., 9-14 sntp broadcast 9-11 sntp unicast 9-12 sntp server 9-12 and ff. Protocol Version 9-10 9-12 Priority 9-10 9-12 poll-interval 9-14 no sntp 9-15 This section describes how to use the CLI to view, enable, and configure SNTP parameters.
Time Protocols SNTP: Viewing, Selecting, and Configuring ProCurve(config)# show sntp SNTP Configuration Time Sync Mode: Sntp SNTP Mode : Unicast Poll Interval (sec) [720] : 719 Priority -------1 2 3 SNTP Server Address ---------------------------------------------2001:db8::215:60ff:fe79:8980 10.255.5.24 fe80::123%vlan10 Protocol Version --------------7 3 3 Figure 9-4.
Time Protocols SNTP: Viewing, Selecting, and Configuring ProCurve(config)# show management Status and Counters - Management Address Information Time Server Address : fe80::215:60ff:fe7a:adc0%vlan10 Priority -------1 2 3 SNTP Server Address ---------------------------------------------2001:db8::215:60ff:fe79:8980 10.255.5.24 fe80::123%vlan10 Default Gateway VLAN Name -----------DEFAULT_VLAN VLAN10 Protocol Version --------------7 3 3 : 10.0.9.
Time Protocols SNTP: Viewing, Selecting, and Configuring Enabling SNTP in Broadcast Mode. Because the switch provides an SNTP polling interval (default: 720 seconds), you need only these two commands for minimal SNTP broadcast configuration: Syntax: timesync sntp Selects SNTP as the time synchronization method. Syntax: sntp broadcast Configures broadcast as the SNTP mode.
Time Protocols SNTP: Viewing, Selecting, and Configuring Enabling SNTP in Unicast Mode. Like broadcast mode, configuring SNTP for unicast mode enables SNTP. However, for Unicast operation, you must also specify the IPv4 or IPv6 address and priority (1 - 3) of at least one SNTP server. The switch allows up to three unicast servers. You can use the Menu interface or the CLI to configure one IPv4 server address or to replace an existing IPv4 Unicast server address with another.
Time Protocols SNTP: Viewing, Selecting, and Configuring . ProCurve(config)# show sntp SNTP Configuration Time Sync Mode: Sntp SNTP Mode : Unicast Poll Interval (sec) [720] : 720 Priority -------1 2 3 In this example, the Poll Interval and the Protocol Version appear at their default settings. Both IPv4 and IPv6 addresses are displayed. Note: Protocol Version appears only when there is an IP address configured for an SNTP server.
Time Protocols SNTP: Viewing, Selecting, and Configuring Changing the SNTP Poll Interval. Syntax: sntp < 30..720 > Specifies how long the switch waits between time polling intervals. The default is 720 seconds and the range is 30 to 720 seconds. (This parameter is separate from the poll inter val parameter used for Timep operation.) For example, to change the poll interval to 300 seconds: ProCurve(config)# sntp poll-interval 300 Disabling Time Synchronization Without Changing the SNTP Configuration.
Time Protocols SNTP: Viewing, Selecting, and Configuring Disabling the SNTP Mode. If you want to prevent SNTP from being used even if selected by timesync (or the Menu interface’s Time Sync Method param eter), configure the SNTP mode as disabled. Syntax: no sntp Disables SNTP by changing the SNTP mode configuration to Disabled.
Time Protocols TimeP: Viewing, Selecting, and Configuring TimeP: Viewing, Selecting, and Configuring TimeP Feature Default Menu CLI Web view the Timep time synchronization configuration n/a page 9-17 page 9-19 — select Timep as the time synchronization method TIMEP page 9-15 pages 9-21 ff.
Time Protocols TimeP: Viewing, Selecting, and Configuring Menu: Viewing and Configuring TimeP To View, Enable, and Modify the TimeP Protocol: 1. From the Main Menu, select: 2. Switch Configuration... 1.
Time Protocols TimeP: Viewing, Selecting, and Configuring ii. Enter the IP address of the TimeP server you want the switch to use for time synchronization. Note: This step replaces any previously configured TimeP server IP address. iii. Press [>] to move the cursor to the Poll Interval field, then go to step 6. 5. In the Poll Interval field, enter the time in minutes that you want for a TimeP Poll Interval.
Time Protocols TimeP: Viewing, Selecting, and Configuring Viewing the Current TimeP Configuration Using different show commands, you can display either the full TimeP config uration or a combined listing of all TimeP, SNTP, and VLAN IP addresses configured on the switch. Syntax: show timep This command lists both the time synchronization method (TimeP, SNTP, or None) and the TimeP configuration, even if SNTP is not the selected time protocol.
Time Protocols TimeP: Viewing, Selecting, and Configuring ProCurve(config)# show management Status and Counters - Management Address Information Time Server Address : 10.10.28.100 Priority -------1 2 3 SNTP Server Address ---------------------------------------------10.10..28.101 10.255.5.24 fe80::123%vlan10 Default Gateway VLAN Name -----------DEFAULT_VLAN VLAN10 Protocol Version ---------------3 3 3 : 10.0.9.
Time Protocols TimeP: Viewing, Selecting, and Configuring Enabling TimeP in DHCP Mode. Because the switch provides a TimeP polling interval (default: 720 minutes), you need only these two commands for a minimal TimeP DHCP configuration: Syntax: timesync timep Selects TimeP as the time synchronization method. Syntax: ip timep dhcp Configures DHCP as the TimeP mode. For example, suppose: ■ Time synchronization is configured for SNTP. ■ You want to: 1. View the current time synchronization. 2.
Time Protocols TimeP: Viewing, Selecting, and Configuring Enabling Timep in Manual Mode. Like DHCP mode, configuring TimeP for Manual mode enables TimeP. However, for manual operation, you must also specify the IP address of the TimeP server. (The switch allows only one TimeP server.) To enable the TimeP protocol: Syntax: timesync timep Selects Timep. Syntax: ip timep manual < ip-addr > Activates TimeP in Manual mode with a specified TimeP server. Syntax: no ip timep Disables TimeP.
Time Protocols TimeP: Viewing, Selecting, and Configuring Changing the TimeP Poll Interval. This command lets you specify how long the switch waits between time polling intervals. The default is 720 minutes and the range is 1 to 9999 minutes. (This parameter is separate from the poll interval parameter used for SNTP operation.
Time Protocols TimeP: Viewing, Selecting, and Configuring For example, if the switch is running TimeP in DHCP mode, no ip timep changes the TimeP configuration as shown below, and disables time synchronization. Even though the Time Sync Mode is set to Timep, time synchronization is disabled because no ip timep has disabled the TimeP Mode parameter. Figure 9-19.
Time Protocols SNTP Unicast Time Polling with Multiple SNTP Servers SNTP Unicast Time Polling with Multiple SNTP Servers When running SNTP unicast time polling as the time synchronization method, the switch requests a time update from the server you configured with either the Server Address parameter in the menu interface, or the primary server in a list of up to three SNTP servers configured using the CLI.
Time Protocols SNTP Messages in the Event Log Adding and Deleting SNTP Server Addresses Adding Addresses. As mentioned earlier, you can configure one SNTP server address using either the Menu interface or the CLI. To configure a second and third address, you must use the CLI. To configure the remaining two addresses, you would do the following: ProCurve(config)# sntp server 2001:db8::215:60ff:fe79:8980 ProCurve(config)# sntp server 10.255.5.24 Figure 9-21.
10 Port Status and Configuration Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-3 Viewing Port Status and Configuring Port Parameters . . . . . . . . . . 10-3 Menu: Port Status and Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 10-4 Port Type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-4 Status of Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Port Status and Configuration Contents Configuring Transceivers and Modules That Haven’t Been Inserted . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-28 Transceivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Port Status and Configuration Overview Overview This chapter describes how to view the current port configuration and how to configure ports to non-default settings, including ■ Enable/Disable ■ Mode (speed and duplex) ■ Flow Control ■ Broadcast Limit ■ Friendly Port Names Viewing Port Status and Configuring Port Parameters Port Status and Configuration Features Feature Menu CLI Web viewing port status n/a page 10-4 page 10-8 page 10-22 viewing transceiver status n/a n/a page 10-14 p
Port Status and Configuration Viewing Port Status and Configuring Port Parameters Menu: Port Status and Configuration From the menu interface, you can view and change the port configuration. Using the Menu To View Port Configuration. The menu interface dis plays the configuration for ports and (if configured) any trunk groups. From the Main Menu, select: 1. Status and Counters 3.
Port Status and Configuration Viewing Port Status and Configuring Port Parameters Status of Ports A port can be enabled or disabled: ■ Yes: Enabled, the default. This indicates the port is ready for a network connection. ■ No: Disabled, the port will not operate, even if properly connected to a network. Use the setting, for example, to shut the port down for diagnostic purposes or while you are making topology changes. The status of a port can be up or down (Read-only): Up: The port senses a link beat.
Port Status and Configuration Viewing Port Status and Configuring Port Parameters Modes The mode is the port’s speed and duplex (date transfer operation) setting. Table 10-1 shows possible modes available, depending on the port type (copper or fiber) and port speed. Table 10-1. Supported Modes Mode Speed and Duplex Settings Auto-MDIX Senses speed and negotiates with the port at the other end of the link for port operation (MDI-X or MDI).
Port Status and Configuration Viewing Port Status and Configuring Port Parameters Table 10-2. Protocols and Modes Supported for Copper Ports 10/100 Mbps Gigabit 10/100 TX 10/100/1000-T Modes Settings Modes Settings Auto 10HDx 100HDx 10FDx 100FDx Auto-10 100FDx 10HDx 100HDx 10FDx 100FDX 10FDX Auto Auto-10 Auto-100 Auto-10-100 Auto-1000 10HDx 100HDX 1000FDx 10HDx 100FDx 100FDx 1000FDx 10HDx 100HDx Table 10-3.
Port Status and Configuration Viewing Port Status and Configuring Port Parameters ==========================- CONSOLE - MANAGER MODE -============================ Switch Configuration - Port/Trunk Settings Port ---1 2 3 4 5 6 7 8 9 10 Type --------10/100TX 10/100TX 10/100TX 10/100TX 10/100TX 10/100TX 10/100TX 10/100TX 1000T 1000T + | | | | | | | | | | Enabled ------Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Mode -----------Auto Auto Auto Auto Auto Auto Auto Auto Auto Auto Flow Ctrl --------Disable Disabl
Port Status and Configuration Viewing Port Status and Configuring Port Parameters broadcast-limit page 10-19 auto-mdix page 10-19 Viewing Port Status and Configuration Use the following commands to display port status and configuration data. Syntax: show interfaces [ brief | config | < port-list >] brief: Lists the current operating status for all ports on the switch.
Port Status and Configuration Viewing Port Status and Configuring Port Parameters ProCurve(config)# show interfaces config Port Settings Port ----1 2 3 4 5 6 Type --------10/100TX 10/100TX 10/100TX 10/100TX 10/100TX 10/100TX | + | | | | | | Enabled ------Yes Yes Yes Yes Yes Yes Mode -----------Auto-10-100 Auto Auto Auto Auto Auto Flow Ctrl --------Disable Disable Disable Disable Disable Disable MDI --Auto Auto Auto Auto Auto Auto Figure 10-4.
Port Status and Configuration Viewing Port Status and Configuring Port Parameters Status and Counters - Port Counters Port ----1 2 3 4 5 6 7 8 9 10 Total Bytes -------------1,121,436,946 0 0 0 0 0 1,078,679,873 0 0 0 Actions-> Back Total Frames -------------10,610,556 0 0 0 0 0 10,528,968 0 0 0 Show details Errors Rx -----------0 0 0 0 0 0 0 0 0 0 Reset Drops Rx -----------0 0 0 0 0 0 0 0 0 0 Flow Ctrl ----off off off off off off off off off off Bca* Lim* ---* 0 0 0 0 0 0 0 0 0 0 Help Return to
Port Status and Configuration Viewing Port Status and Configuring Port Parameters Parameter Column Displays Examples port Port identifier A2 type Port type 100/1000T status Port status up or down speed Connection speed and duplex 1000FDX mode Configured mode auto, auto-100, 100FDX mdi MDI mode auto, MDIX flow Flow control on or off name Friendly port name vlanid The vlan id this port belongs to, 4 or “tagged” if it belongs to more tagged than one vlan enabled port is or is not
Port Status and Configuration Viewing Port Status and Configuring Port Parameters Note Each field has an fixed minimum width to be displayed. If you specify a field width smaller than the minimum width, the information is displayed at the minimum width. For example, if the minimum width for the Name field is 4 characters and you specify Name:2, the Name field displays 4 characters. Parameters can be entered in any order.
Port Status and Configuration Viewing Port Status and Configuring Port Parameters Viewing Port Utilization Statistics Use the show interface port-utilization command to view a real-time rate display for all ports on the switch. The following shows a sample output from this command.
Port Status and Configuration Viewing Port Status and Configuring Port Parameters ■ Display real-time status information about all installed transceivers, including non-operational transceivers. Figure 10-8 shows sample output from the show tech transceivers command.
Port Status and Configuration Viewing Port Status and Configuring Port Parameters • Transceiver type not supported in this software version. • Not a ProCurve Transceiver. Please go to: www.hp.com/rnd/device_help/2_inform for more info. Enabling or Disabling Ports and Configuring Port Mode You can configure one or more of the following port parameters. Syntax: [no] interface < port-list > [< disable | enable >] Disables or enables the port for network traffic. Does not use the no form of the command.
Port Status and Configuration Viewing Port Status and Configuring Port Parameters ProCurve(config)# int 8 enable ProCurve(config)# int 8 speed-duplex 100-full ProCurve(config)# int 8 flow-control ProCurve(config)# int 8 ProCurve(eth-8)# enable ProCurve(eth-8)# speed-duplex 100-full These commands enable and configure port 8 from the config level: These commands select the port 8 context level and then apply the subsequent configuration commands to port 8: Figure 10-9.
Port Status and Configuration Viewing Port Status and Configuring Port Parameters ProCurve(config)# int 5-6 flow-control ProCurve(config)# show int brief Status and Counters - Port Status Port ----1 2 3 4 5 6 7 8 9 10 Type --------10/100TX 10/100TX 10/100TX 10/100TX 10/100TX 10/100TX 10/100TX 10/100TX 100/1000T 100/1000T | | + | | | | | | | | | | Intrusion Alert --------No No No No No No No No No No Enabled ------Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Status -----Up Down Down Down Up Up Up Down Down
Port Status and Configuration Viewing Port Status and Configuring Port Parameters Configuring a Broadcast Limit on the Switch Broadcast-Limit on switches covered in this guide is configured on a per-port basis. You must be at the port context level for this command to work, for example: ProCurve(config)#int B1 ProCurve(int B1)# broadcast-limit 1 Broadcast-Limit. Syntax: broadcast-limit <0-99> Enables or disables broadcast limiting for outbound broadcasts on a selected port on the switch.
Port Status and Configuration Viewing Port Status and Configuring Port Parameters This means you can use a “straight-through” twisted-pair cable or a “cross over” twisted-pair cable for any of the connections—the port makes the necessary adjustments to accommodate either one for correct operation. The following port types on your switch support the IEEE 802.
Port Status and Configuration Viewing Port Status and Configuring Port Parameters Table 10-4.
Port Status and Configuration Viewing Port Status and Configuring Port Parameters ProCurve(config)# show interfaces config Per-Port MDI Configuration Port Settings Port ------1 2 3 4 5 6 Type --------100/100T 100/100T 100/100T 100/100T 100/100T 100/100T | + | | | | | | Enabled ------Yes Yes Yes Yes Yes Yes Mode -----------Auto Auto Auto Auto Auto Auto Flow Ctrl --------Disable Disable Disable Disable Disable Disable MDI --Auto MDI MDIX Auto Auto Auto Figure 10-12.
Port Status and Configuration Using Friendly (Optional) Port Names Using Friendly (Optional) Port Names Feature Configure Friendly Port Names Display Friendly Port Names Default Menu CLI Web Standard Port Numbering n/a page 24 n/a n/a n/a page 25 n/a This feature enables you to assign alphanumeric port names of your choosing to augment automatically assigned numeric port names.
Port Status and Configuration Using Friendly (Optional) Port Names ■ In a port listing, not assigned indicates that the port does not have a name assignment other than its fixed port number. ■ To retain friendly port names across reboots, you must save the current running-configuration to the startup-config file after entering the friendly port names. (In the CLI, use the write memory command.
Port Status and Configuration Using Friendly (Optional) Port Names Configuring the Same Name for Multiple Ports. Suppose that you want to use ports A5 through A8 as a trunked link to a server used by a drafting group. In this case you might configure ports A5 through A8 with the name “Draft-Server:Trunk”. Figure 10-15.
Port Status and Configuration Using Friendly (Optional) Port Names Syntax: show name [ port-list ] Lists the friendly port name with its corresponding port number and port type. The show name command without a port list shows this data for all ports on the switch. For example: Ports Without “Friendly” Friendly port names assigned in previous examples. Figure 10-16.
Port Status and Configuration Using Friendly (Optional) Port Names Syntax: show interface < port-number > Includes the friendly port name with the port’s traffic statistics listing. For example, if you configure port 5 with the name “O’Connor_10.25.101.43”, the show interface output for this port appears similar to the following: ProCurve(config)# show int 5 Status and Counters - Port Counters for port 5 Name Friendly Port Name : O’Connor@10.25.101.
Port Status and Configuration Using Friendly (Optional) Port Names Syntax: show config Includes friendly port names in a listing of all interfaces (ports) configured with non-default settings. Excludes ports that have neither a friendly port name nor any other non-default configuration settings. For example, if you configure port A1 with a friendly port name: This command sequence saves the friendly port name for port A1 in the startup config file.
11 Power Over Ethernet (PoE) Operation Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2 Configuration Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2 Related Publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-3 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-3 PoE Operation . . . . . .
Power Over Ethernet (PoE) Operation Contents Planning and Implementing a PoE Configuration . . . . . . . . . . . . . . 11-20 Assigning PoE Ports to VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-20 Applying Security Features to PoE Configurations . . . . . . . . . . . . . 11-20 PoE Event Log Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Power Over Ethernet (PoE) Operation Overview Overview Power Over Ethernet (PoE) technology allows IP telephones, wireless LAN access points, and other powered devices (PDs) to receive power and transfer data over existing LAN cabling.
Power Over Ethernet (PoE) Operation Overview Related Publications This chapter introduces general PoE operation, PoE configuration and monitoring commands, and event log messages related to PoE operation on the HP ProCurve Series 2520 and 2520G switches. The following two manuals provide further information: ■ For information on installation, refer to the HP ProCurve Series 2520 Switches Installation and Reference Guide provided with the switch.
Power Over Ethernet (PoE) Operation PoE Operation Term Use in this Manual priority class Refers to the type of power prioritization that uses Low (the default), High, and Critical priority assignments to determine which groups of ports will receive power. Note that power priority rules apply only if PoE provisioning becomes oversubscribed. PSE Power-Sourcing Equipment. A PSE provides power to IEEE 802.3af-compliant or IEEE 802.3at-compliant PDs directly connected to the ports on the module.
Power Over Ethernet (PoE) Operation PoE Operation Note Depending on power demands, lower-priority ports on a switch with high PoE power demand may occasionally lose power due to the demands of higherpriority ports. (Refer to “Power Priority Operation” for further details.) Power Priority Operation In the default configuration PoE power priority is determined by port number, with the lowest numbered port having the highest priority.
Power Over Ethernet (PoE) Operation Configuring PoE Operation Configuring PoE Operation In the default configuration, PoE support is enabled on the PoE ports. The default priority for all ports is Low and the default power notification threshold is 80 (%).
Power Over Ethernet (PoE) Operation Configuring PoE Operation For a current listing of PDs supported by this feature, visit the ProCurve Networking website at www.procurve.com. Click on Technical support, and then on FAQs, and then select the switch model. PoE for pre-802.3af-standard powered devices is disabled by default. Syntax: [no] power pre-std-detect The above command enables PoE for pre-802.3af-standard powered devices. The no form of the command sequence disables PoE for pre-802.
Power Over Ethernet (PoE) Operation Configuring PoE Operation Configuring the PoE Port Priority Level Syntax: interface < port-list > power-over-ethernet [ critical | high | low ] Reconfigures the PoE priority level on . For a given level, ports are prioritized by port number in ascending order. For example, if ports 1-24 have a priority level of critical, port 1 has priority over ports 2-24.
Power Over Ethernet (PoE) Operation Configuring PoE Operation Priority Setting Configuration Command and Resulting Operation Low This priority class receives power only if all PDs on ports with High and Critical priority settings are receiving power. If there is enough power to provision PDs on only some Low priority ports, then power is allocated to the ports in ascending order, beginning with the lowest-numbered port in the class until all available power is in use.
Power Over Ethernet (PoE) Operation Configuring PoE Operation Table 11-1. Power Classes and Their Values Power Class Value 0 Depends on cable type and PoE architecture. Maximum power level output of 15.4 watts at the PSE. This is the default class; if there isn’t enough information about the load for a specific classification, the PSE classifies the load as class 0 (zero). 1 Requires at least 4 watts at the PSE. 2 Requires at least 7 watts at the PSE. 3 15.
Power Over Ethernet (PoE) Operation Configuring PoE Operation ProCurve(config)# show power-over-ethernet 6 Status and Counters - Port Power Status for port 6 Power Enable : Yes Priority : low AllocateBy : value Detection Status : Delivering LLDP Detect Configured Type Value Power Class : enabled : : 15 W : 2 Over Current Cnt Power Denied Cnt : 0 : 0 MPS Absent Cnt Short Cnt : 0 : 0 Voltage Power : 49.1 V : 8.4 W Current : 154 mA Maximum power delivered Figure 11-2.
Power Over Ethernet (PoE) Operation Configuring PoE Operation Changing the Threshold for Generating a Power Notice By default, PoE support is enabled on the switch’s 10/100Base-TX ports, with the power priority set to Low and the power threshold set to 80 (%). The following commands allow you to adjust these settings. Syntax: power threshold < 1 - 99 > The power threshold is a configurable percentage of the total PoE power available on the switch.
Power Over Ethernet (PoE) Operation Configuring PoE Operation Cycling Power on a Port Simply disabling a PoE port does not affect power delivery through that port. To cycle the power on a PD receiving power from a PoE port on the switch, disable, then re-enable the power to that port. Syntax: [no] interface [e] < port-list > power Re-enables PoE operation on < port-list > and restores the priority setting in effect when PoE was disabled on < port-list >.
Power Over Ethernet (PoE) Operation PoE/PoE+ Allocation Using LLDP Information PoE/PoE+ Allocation Using LLDP Information LLDP with PoE When using PoE, enabling poe-lldp-detect allows automatic power configura tion if the link partner supports PoE. When LLDP is enabled, the information about the power usage of the PD is available and the switch can then comply with or ignore this information. You can configure PoE on each port according to the PD (IP phone, wireless device, etc.
Power Over Ethernet (PoE) Operation Viewing PoE Configuration and Status Viewing PoE Configuration and Status Displaying the Switch’s Global PoE Power Status Syntax: show power-over-ethernet Displays the switch’s global PoE power status, including: • Pre-standard Detect: Shows whether PoE for pre-802.3af-standard powered devices is enabled on the switch. (Default: Off; shows On when PoE for pre-802.3af-standard powered devices has been enabled.
Power Over Ethernet (PoE) Operation Viewing PoE Configuration and Status ProCurve(config)# show power-over-ethernet Status and Counters - System Power Status Pre-standard Detect : On Operational Status : On Usage Threshold (%) : 80 Chassis power-over-ethernet: Total Available Power: Total used Power: Total Remaining Power: 67 W 0 W +/- 6W 67 W Figure 11-4.
Power Over Ethernet (PoE) Operation Viewing PoE Configuration and Status For example, show power-over-ethernet brief displays this output: ProCurve(config)# show power-over-ethernet brief Status and Counters - Port Power Status PoE Port ----1 2 3 4 5 6 7 8 | | + | | | | | | | | Power Enable ------Yes Yes Yes Yes Yes Yes Yes Yes LLDP Detect -------disabled disabled disabled disabled disabled disabled disabled disabled Power Priority --------critical critical high high low low low low Alloc By ----usag
Power Over Ethernet (PoE) Operation Viewing PoE Configuration and Status Displaying the PoE Status on Specific Ports Syntax: show power-over-ethernet Displays the following PoE status and statistics (since the last reboot) for each port in < port-list >: • Power Enable: Shows Yes for ports enabled to support PoE (the default) and No for ports on which PoE is disabled. • Priority: Lists the power priority (Low, High, and Critical) configured on ports enabled for PoE.
Power Over Ethernet (PoE) Operation Viewing PoE Configuration and Status For example, if you wanted to view the PoE status of port 5, you would use show power-over-ethernet 5 to display the data: ProCurve(config)# show power-over-ethernet 5 Status and Counters - Port Power Status for port 5 Power Enable : Yes Priority : low AllocateBy : usage Detection Status : Searching LLDP Detect Configured Type Value Power Class : disabled : : 17 W : 0 Over Current Cnt Power Denied Cnt : 0 : 0 MPS Absent Cnt Sh
Power Over Ethernet (PoE) Operation Planning and Implementing a PoE Configuration Planning and Implementing a PoE Configuration This section provides an overview of some considerations for planning a PoE application. For additional information, refer to the HP ProCurve PoE Planning and Implementation Guide. Assigning PoE Ports to VLANs If your network includes VLANs, you may want to assign various PoE configured ports to specific VLANs.
Power Over Ethernet (PoE) Operation PoE Event Log Messages PoE Event Log Messages PoE operation generates these Event Log messages. You can also configure the switch to send these messages to a configured debug destination (terminal device or Syslog server). I 1MM/DD/YY HH:MM:SS chassis: Message header, with severity, date, system time, and system module type. For more information on Event Log operation, refer to the “Troubleshooting” appendix in the Management and Configuration Guide for your switch.
Power Over Ethernet (PoE) Operation PoE Event Log Messages W MM/DD/YY HH:MM:SS chassis: Message header, with severity, date, system time, and system module type. For more information on Event Log operation, refer to the “Troubleshooting” appendix in the Management and Configuration Guide for your switch. Ext Power Supply connected but not responding. The switch detects an external power supply, but is not receiving power from the device.
Power Over Ethernet (PoE) Operation PoE Event Log Messages Port < port-# > PD MPS Absent indication. The switch no longer detects a device on < port-# >. The device may have been disconnected, powered down, or stopped functioning. Port < port-# > PD Other Fault indication. There is a problem with the PD connected to the port. Port < port-# > PD Over Current indication. The PD connected to < port-# > has requested more than 15.4 watts of power. This may indicate a short-circuit or other problem in the PD.
12 Port Trunking Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-2 Port Trunk Features and Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-4 Trunk Configuration Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-4 Menu: Viewing and Configuring a Static Trunk Group . . . . . . . . . . 12-9 CLI: Viewing and Configuring Port Trunk Groups . . . . . . . . . . . . .
Port Trunking Overview Overview This chapter describes creating and modifying port trunk groups. This includes non-protocol trunks and LACP (802.3ad) trunks.
Port Trunking Overview Port Connections and Configuration: All port trunk links must be pointto-point connections between a switch and another switch, router, server, or workstation configured for port trunking. No intervening, non-trunking devices are allowed. It is important to note that ports on both ends of a port trunk group must have the same mode (speed and duplex) and flow control settings. Note Link Connections.
Port Trunking Port Trunk Features and Operation Port Trunk Features and Operation The switches covered in this guide offer these options for port trunking: ■ LACP: IEEE 802.3ad—page 12-18 ■ Trunk: Non-Protocol—page 12-26 Up to 24 trunk groups are supported on the switches covered in this guide. The actual maximum depends on the number of ports available on the switch and the number of links in each trunk.
Port Trunking Trunk Configuration Methods ProCurve(config) int c1-c4 lacp active Note that the preceding example works if the ports are not already operating in a trunk. To change the LACP option on ports already operating as a trunk, you must first remove them from the trunk. For example, if ports C1 - C4 were LACP-active and operating in a trunk with another device, you would do the following to change them to LACP-passive: ProCurve(config)# no int c1-c4 lacp Removes the ports from the trunk.
Port Trunking Trunk Configuration Methods Table 12-2. Trunk Configuration Protocols Protocol Trunking Options LACP (802.3ad) Provides dynamic and static LACP trunking options. • Dynamic LACP — Use the switch-negotiated dynamic LACP trunk when: – The port on the other end of the trunk link is configured for Active or Passive LACP. – You want fault-tolerance for high-availability applications.
Port Trunking Trunk Configuration Methods Table 12-3. General Operating Rules for Port Trunks Media: For proper trunk operation, all ports on both ends of a trunk group must have the same media type and mode (speed and duplex). (For the switches covered in this guide, ProCurve recommends leaving the port Mode setting at Auto or, in networks using Cat 3 cabling, Auto-10.
Port Trunking Trunk Configuration Methods Spanning Tree: 802.1D (STP) and 802.1w (RSTP) Spanning Tree operate as a global setting on the switch (with one instance of Spanning Tree per switch). 802.1s (MSTP) Spanning Tree operates on a per-instance basis (with multiple instances allowed per switch). For each SpanningTree instance, you can adjust Spanning Tree parameters on a per-port basis.
Port Trunking Menu: Viewing and Configuring a Static Trunk Group Menu: Viewing and Configuring a Static Trunk Group Important Configure port trunking before you connect the trunked links to another switch, routing switch, or server. Otherwise, a broadcast storm could occur. (If you need to connect the ports before configuring them for trunking, you can temporarily disable the ports until the trunk is configured. Refer to “Enabling or Disabling Ports and Configuring Port Mode” on page 10-16.
Port Trunking Menu: Viewing and Configuring a Static Trunk Group • For proper trunk operation, all ports in a trunk must have the same media type and mode (such as 10/100TX set to 100FDx, or 100FX set to 100FDx). The flow control settings must also be the same for all ports in a given trunk. To verify these settings, refer to “Viewing Port Status and Configuring Port Parameters” on page 10-3. • You can configure the trunk group with up to eight ports per trunk.
Port Trunking CLI: Viewing and Configuring Port Trunk Groups 8. Connect the trunked ports on the switch to the corresponding ports on the opposite device. If you previously disabled any of the trunked ports on the switch, enable them now. (Refer to “Viewing Port Status and Configuring Port Parameters” on page 10-3.) Check the Event Log (“Using the Event Log for Troubleshooting Switch Problems” on page C-22) to verify that the trunked ports are operating prop erly.
Port Trunking CLI: Viewing and Configuring Port Trunk Groups Using a port list specifies, for switch ports in a static trunk group, only the ports you want to view. In this case, the command specifies ports A5 through A7. However, because port A6 is not in a static trunk group, it does not appear in the resulting listing: Port A5 appears with an example of a name that you can optionally assign using the Friendly Port Names feature. (Refer to “Using Friendly (Optional) Port Names” on page 10-23.
Port Trunking CLI: Viewing and Configuring Port Trunk Groups Listing Static LACP and Dynamic LACP Trunk Data. Syntax: show lacp Lists data for only the LACP-configured ports.. In the following example, ports A1 and A2 have been previously configured for a static LACP trunk. (For more on the “Active” parameter, see table 12-5 on page 12-21.) Figure 12-8. Example of a Show LACP Listing (For a description of each of the above-listed data types, refer to table 12-5, “LACP Port Status Data” on page 12-21.
Port Trunking CLI: Viewing and Configuring Port Trunk Groups “Up” Links Standby Link Figure 12-9. Example of a Dynamic LACP Trunk with One Standby Link Using the CLI To Configure a Static or Dynamic Trunk Group Important Configure port trunking before you connect the trunked links between switches. Otherwise, a broadcast storm could occur. (If you need to connect the ports before configuring them for trunking, you can temporarily disable the ports until the trunk is configured.
Port Trunking CLI: Viewing and Configuring Port Trunk Groups Configuring a Static Trunk or Static LACP Trunk Group. Syntax: trunk < port-list > < trk1 ... trk24 > < trunk | lacp > Configures the specified static trunk type. This example uses ports C4 - C6 to create a non-protocol static trunk group with the group name of Trk2. ProCurve(config)# trunk c4-c6 trk2 trunk Removing Ports from a Static Trunk Group. This command removes one or more ports from an existing Trkx trunk group.
Port Trunking CLI: Viewing and Configuring Port Trunk Groups Switch “A” with ports set to LACP passive. Switch “B” with ports set to LACP passive. Dynamic LACP trunk cannot automatically form because both ends of the links are LACP passive. (In this case spanning-tree blocking is needed to prevent a loop. Switch “A” with ports set to LACP active. Switch “B” with ports set to LACP passive. Dynamic LACP trunk automatically forms because both ends of the links are LACP and at least one end is LACP active.
Port Trunking Web: Viewing Existing Port Trunk Groups Caution Unless spanning tree is running on your network, removing a port from a trunk can result in a loop. To help prevent a broadcast storm when you remove a port from a trunk where spanning tree is not in use, ProCurve recommends that you first disable the port or disconnect the link on that port. Syntax: no interface < port-list > lacp Removes < port-list > from any dynamic LACP trunk and returns the ports in < port-list > to passive LACP.
Port Trunking Trunk Group Operation Using LACP Trunk Group Operation Using LACP The switch can automatically configure a dynamic LACP trunk group or you can manually configure a static LACP trunk group. Note LACP requires full-duplex (FDx) links of the same media type (10/100Base-T, 100FX, etc.) and the same speed, and enforces speed and duplex conformance across a trunk group. For most installations, ProCurve recommends that you leave the port Mode settings at Auto (the default).
Port Trunking Trunk Group Operation Using LACP Table 12-4. LACP Trunk Types LACP Port Trunk Operation Configuration Dynamic LACP This option automatically establishes an 802.3ad-compliant trunk group, with LACP for the port Type parameter and DynX for the port Group name, where X is an automatically assigned value from 1 to 24, depending on how many dynamic and static trunks are currently on the switch. (The switch allows a maximum of 24 trunk groups in any combination of static and dynamic trunks.
Port Trunking Trunk Group Operation Using LACP LACP Port Trunk Operation Configuration Static LACP 12-20 Provides a manually configured, static LACP trunk to accommodate these conditions: • The port on the other end of the trunk link is configured for a static LACP trunk. • You want to configure non-default spanning tree or IGMP parameters on an LACP trunk group. • You want an LACP trunk group to operate in a VLAN other than the default VLAN and GVRP is disabled.
Port Trunking Trunk Group Operation Using LACP Default Port Operation In the default configuration, LACP is disabled for all ports. If LACP is not configured as Active on at least one end of a link, then the port does not try to detect a trunk configuration and operates as a standard, untrunked port. Table 12-5 lists the elements of per-port LACP operation. To display this data for a switch, execute the following command in the CLI: ProCurve> show lacp Table 12-5.
Port Trunking Trunk Group Operation Using LACP Status Name Meaning LACP Partner Yes: LACP is enabled on both ends of the link. No: LACP is enabled on the switch, but either LACP is not enabled or the link has not been detected on the opposite device. LACP Status Success: LACP is enabled on the port, detects and synchronizes with a device on the other end of the link, and can move traffic across the link.
Port Trunking Trunk Group Operation Using LACP The switch will not allow you to configure LACP on a port on which port security is enabled. For example: ProCurve(config)# int a17 lacp passive Error configuring port A17: LACP and port security cannot be run together. ProCurve(config)# To restore LACP to the port, you must remove port security and re-enable LACP active or passive. Changing Trunking Methods. To convert a trunk from static to dynamic, you must first eliminate the static trunk.
Port Trunking Trunk Group Operation Using LACP Blocked Ports with Older Devices. Some older devices are limited to four ports in a trunk. When eight LACP-enabled ports are connected to one of these older devices, four ports connect, but the other four ports are blocked. The LACP status of the blocked ports is shown as “Failure”. If one of the other ports becomes disabled, a blocked port will replace it (Port Status becomes “Up”).
Port Trunking Trunk Group Operation Using LACP ■ If there are ports that you do not want on the default VLAN, ensure that they cannot become dynamic LACP trunk members. Otherwise a traffic loop can unexpectedly occur.
Port Trunking Trunk Group Operation Using the “Trunk” Option Dynamic/Static LACP Interoperation: A port configured for dynamic LACP can properly interoperate with a port configured for static (TrkX) LACP, but any ports configured as standby LACP links will be ignored. Trunk Group Operation Using the “Trunk” Option This method creates a trunk group that operates independently of specific trunking protocols and does not use a protocol exchange with the device on the other end of the trunk.
Port Trunking How the Switch Lists Trunk Data How the Switch Lists Trunk Data Static Trunk Group: Appears in the menu interface and the output from the CLI show trunk and show interfaces commands. Dynamic LACP Trunk Group: Appears in the output from the CLI show lacp command.
Port Trunking Outbound Traffic Distribution Across Trunked Links The load-balancing is done on a per communication basis. Otherwise, traffic is transmitted across the same path as shown in figure 12-13. That is, if Client A attached to Switch 1 sends five packets of data to Server A attached to Switch 2, the same link is used to send all five packets. The SA/DA address pair for the traffic is the same.
Port Trunking Outbound Traffic Distribution Across Trunked Links Table 12-6.
Port Trunking Outbound Traffic Distribution Across Trunked Links 12-30
13 Configuring for Network Management Applications Contents Using SNMP Tools To Manage the Switch . . . . . . . . . . . . . . . . . . . . . . 13-3 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-3 SNMP Management Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-4 Configuring for SNMP version 1 and 2c Access to the Switch . . . . . 13-4 Configuring for SNMP Version 3 Access to the Switch . . . . . . . . . . .
Configuring for Network Management Applications Contents Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-35 General LLDP Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-37 LLDP-MED . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-37 Packet Boundaries in a Network Topology . . . . . . . . . . . . . . . . . . . . 13-37 Configuration Options . . . . . . . . . . . . . . . . . .
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Using SNMP Tools To Manage the Switch Overview You can manage the switch via SNMP from a network management station running an application such as ProCurve Manager (PCM) or ProCurve Manager Plus (PCM+). For more on PCM and PCM+, visit the ProCurve Networking web site at: www.procurve.com Click on products index in the sidebar, then click on the appropriate link appearing under the Network Management heading.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch SNMP Management Features SNMP management features on the switch include: ■ SNMP version 1, version 2c, or version 3 over IP ■ Security via configuration of SNMP communities (page 13-11) ■ Security via authentication and privacy for SNMP Version 3 access ■ Event reporting via SNMP • Version 1 traps • RMON: groups 1, 2, 3, and 9 ■ ProCurve Manager/Plus support ■ Standard MIBs, such as the Bridge MIB (RFC 1493)
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch If you want to restrict access to one or more specific nodes, you can use the switch’s IP Authorized Manager feature. (Refer to the Access Security Guide for your switch.) Caution For ProCurve Manager (PCM) version 1.5 or earlier (or any TopTools version), deleting the “public” community disables some network management functions (such as traffic monitoring, SNMP trap generation, and threshold setting).
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch SNMP Version 3 Commands SNMP version 3 (SNMPv3) adds some new commands to the CLI for configuring SNMPv3 functions. To enable SMNPv3 operation on the switch, use the snmpv3 enable command. An initial user entry will be generated with MD5 authentication and DES privacy. You may (optionally) restrict access to only SNMPv3 agents by using the snmpv3 only command.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Enabling SNMPv3 The snmpv3 enable command allows the switch to: ■ Receive SNMPv3 messages. ■ Configure initial users. ■ Restrict non-version 3 messages to “read only” (optional). Figure 13-1 shows an example of how to use the snmpv3 enable command. Note: SNMP Ve r s i o n 3 Initial Users To create new users, most SNMPv3 management software requires an initial user record to clone.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Caution 1. Configure users in the User Table with the snmpv3 user command. To view the list of configured users, enter the show snmpv3 user command (see “Adding Users” on page 13-8). 2. Assign users to Security Groups based on their security model with the snmpv3 group command (see “Assigning Users to Groups” on page 13-10).
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch SNMPv3 User Commands Syntax: [no] snmpv3 user Adds or deletes a user entry for SNMPv3. Authorization and privacy are optional, but to use privacy, you must use authorization. When you delete a user, only the is required. [auth ] With authorization, you can set either MD5 or SHA authentication.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Assigning Users to Groups. Then you must set the group access level for the user by assigning the user to a group. This is done with the snmpv3 group command. For more details on the MIBs access for a given group refer to “Group Access Levels” on page 13-11.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Group Access Levels The switch supports eight predefined group access levels. There are four levels for use with version 3 users and four are used for access by version 2c or version 1 management applications.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Syntax: [no] snmpv3 community This command maps or removes a mapping of a community name to a group access level. To remove a mapping you, only need to specify the index_name parameter. index This is an index number or title for the mapping. The values of 1-5 are reserved and can not be mapped. name This is the community name that is being mapped to a group access level.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch SNMP Community Features Feature Default show SNMP communities configure identity information Menu CLI n/a page 13-13 page 13-15 none — page 13-16 public configure community names MIB view for a community name manager (operator, manager) write access for default community name unrestricted page 13-13 “ “ “ page 13-16 “ “ “ “ Web — — Use SNMP communities to restrict access to the switch by SNMP management st
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Note: This screen gives an overview of the SNMP communities that are currently configured. All fields in this screen are readonly. Add and Edit options are used to modify the SNMP options. See Figure 8-2. Figure 13-6. The SNMP Communities Screen (Default Values) 2. Press [A] (for Add) to display the following screen: If you are adding a community, the fields in this screen are blank.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch CLI: Viewing and Configuring SNMP Community Names Community Name Commands Page show snmp-server [] 13-15 [no] snmp-server 13-16 [community ] 13-16 [host ] [] 13-19 [enable traps 13-27 [enable traps link-change ] 13-28 Listing Community Names and Values.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Configuring Community Names and Values. The snmp-server command enables you to add SNMP communities with either default or specific access attributes, and to delete specific communities. Syntax: [no] snmp-server community < community-name > Configures a new community name. If you do not also specify operator or manager, the switch automatically assigns the community to the operator MIB view.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch SNMP Notifications The switches covered in this guide support: ■ SNMP version 1 or SNMP version 2c traps ■ SNMPv2c informs ■ SNMPv3 notification process, including traps This section describes how to configure a switch to send network security and link-change notifications to configured trap receivers.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch ■ ■ Advance Traffic Management Guide: • Loop protection • Spanning Tree (STP, RSTP, MSTP) Access Security Guide: • MAC lockdown • MAC lockout General Steps for Configuring SNMP Notifications To configure SNMP notifications, follow these general steps: 1. Determine the versions of SNMP notifications that you want to use in your network.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch SNMPv1 and SNMPv2c Traps The switches covered in this guide support the following functionality from earlier SNMP versions (SNMPv1 and SNMPv2c): ■ Trap receivers: A trap receiver is a management station to which the switch sends SNMP traps and (optionally) event log messages sent from the switch. From the CLI you can configure up to ten SNMP trap receivers to receive SNMP traps from the switch.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Syntax: snmp-server host Configures a destination network management station to receive SNMPv1/v2c traps, and (optionally) event log messages sent as traps from the switch, using the specified community name and destination IPv4 or IPv6 address. You can specify up to ten trap receivers (network management stations). The default community name is public.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch For example, to configure a trap receiver in a community named "red-team" with an IP address of 10.28.227.130 to receive only "critical" event log messages, you can enter the following command: ProCurve(config)# snmp-server host 10.28.227.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Note The retries and timeout values are not used to send trap requests. To verify the configuration of SNMPv2c informs, enter the show snmp-server command: ProCurve(config)# show snmp-server SNMP Communities Community Name MIB View Write Access ---------------- -------- ----------public Manager Unrestricted Trap Receivers Link-Change Traps Enabled on Ports [All] : All ...
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Configuring SNMPv3 Notifications The SNMPv3 notification process allows messages that are passed via SNMP between the switch and a network management station to be authenticated and encrypted. To configure SNMPv3 notifications, follow these steps: 1. Enable SNMPv3 operation on the switch by entering the snmpv3 enable command (see “SNMP Version 3 Commands” on page 13-6).
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch 5. Configure the target address of the SNMPv3 management station to which SNMPv3 informs and traps are sent by entering the snmpv3 targetaddress command. Syntax: [no] snmpv3 targetaddress < ipv4-addr | ipv6-addr> < name > Configures the IPv4 or IPv6 address, name, and configuration filename of the SNMPv3 management station to which notification messages are sent.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Syntax: [no] snmpv3 targetaddress < ipv4-addr | ipv6-addr> < name > —Continued— [timeout < value >] (Optional) Time (in millisecond increments) allowed to receive a response from the target before notification packets are retransmitted. Range: 0-2147483647. Default: 1500 (15 seconds). [max-msg-size] (Optional) Maximum number of bytes supported in a notification message to the specified target. Default: 1472 6.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch An example of how to configure SNMPv3 notification is shown here: Params _name value in the snmpv3 targetaddress command matches the params _name value in the snmpv3 params command. The tag _name value in snmpv3 notify command matches the tag _name value in the snmpv3 targetaddress command. Configuring the security model ver3 requires you to configure message processing ver3 and a security service level. Figure 13-10.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch To enable or disable notification/traps for network security failures and other security events, enter the snmp-server enable traps command. Syntax: [no] snmp-server enable traps [snmp-auth | password-change-mgr | loginfailure-mgr | port-security | auth-server-fail | link-change] Enables or disables sending one of the security notification types listed below to configured trap receivers.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch ProCurve(config)# show snmp-server traps Link-change trap setting Trap Receivers Link-Change Traps Enabled on Ports [All] : A1-A24 Traps Category -----------------------------SNMP Authentication Password change Login failures Port-Security Authorization Server Contact Address ---------------------15.255.5.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Configuring the Source IP Address for SNMP Notifications The switch uses an interface IP address as the source IP address in IP headers when sending SNMP notifications (traps and informs) or responses to SNMP requests. For multi-netted interfaces, the source IP address is the IP address of the outbound interface of the SNMP reply, which may differ from the destination IP address in the IP header of the received request.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch To configure the switch to use a specified source IP address in generated trap PDUs, enter the snmp-server trap-source command. Syntax: [no] snmp-server trap-source [] Specifies the source IP address to be used for a trap PDU. The no form of the command resets the switch to the default behavior (compliant with rfc-1517). Default: Use the interface IP address in generated trap PDUs.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch ProCurve(config)# show snmp-server SNMP Communities Community Name MIB View Write Access ---------------- -------- ----------public Manager Unrestricted Trap Receivers Link-Change Traps Enabled on Ports [All] : All ... Excluded MIBs Snmp Response Pdu Source-IP Information Selection Policy : dstIpOfRequest Trap Pdu Source-IP Information Selection Policy : Configured IP Ip Address : 10.10.10.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch In the following example, the show snmp-server command output shows that the switch has been configured to send SNMP traps and notifications to management stations that belong to the “public”, “red-team”, and “blue-team” communities.
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Advanced Management: RMON The switch supports RMON (Remote Monitoring) on all connected network segments. This allows for troubleshooting and optimizing your network. The following RMON groups are supported: ■ ■ ■ ■ Ethernet Statistics (except the numbers of packets of different frame sizes) Alarm History (of the supported Ethernet statistics) Event The RMON agent automatically runs in the switch.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) LLDP (Link-Layer Discovery Protocol) To standardize device discovery on all ProCurve switches, LLDP will be implemented while offering limited read-only support for CDP as documented in this manual. For the latest information on your switch model, consult the Release Notes (available on the ProCurve Networking web site).
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) LLDP-MED (LLDP Media Endpoint Discovery): Provides an extension to LLDP and is designed to support VoIP deployments. Note LLDP-MED is an extension for LLDP, and the switch requires that LLDP be enabled as a prerequisite to LLDP-MED operation. An SNMP utility can progressively discover LLDP devices in a network by: 1.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) LLDP Neighbor: An LLDP device that is either directly connected to another LLDP device or connected to that device by another, non-LLDP Layer 2 device (such as a hub) Note that an 802.1D-compliant switch does not forward LLDP data packets even if it is not LLDP-aware. LLDPDU (LLDP Data Unit): LLDP data packet are transmitted on active links and include multiple TLVs containing global and per-port switch information.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) TLV (Type-Length-Value): A data unit that includes a data type field, a data unit length field (in bytes), and a field containing the actual data the unit is designed to carry (as an alphanumeric string, a bitmap, or a subgroup of information). Some TLVs include subelements that occur as separate data points in displays of information maintained by the switch for LLDP advertisements.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Configuration Options Enable or Disable LLDP on the Switch. In the default configuration, LLDP is globally enabled on the switch. To prevent transmission or receipt of LLDP traffic, you can disable LLDP operation (page 13-38) Enable or Disable LLDP-MED. In the default configuration for the switches covered in this guide, LLDP-MED is enabled by default. (Requires that LLDP is also enabled.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) SNMP Notification. You can enable the switch to send a notification to any configured SNMP trap receiver(s) when the switch detects a remote LLDP data change on an LLDP-enabled port (page 13-48). Per-Port (Outbound) Data Options. The following table lists the information the switch can include in the per-port, outbound LLDP packets it generates.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Data Type System capabilities enabled5, 6 Configuration Options Default Enable/Disable Enabled Description Identifies the primary switch functions that are enabled. 1 The Packet Time-to-Live value is included in LLDP data packets. (Refer to “Changing the Time-to-Live for Transmitted Advertisements” on page 13-46.) 2Subelement of the Chassis ID TLV. 3Subelement of the Port ID TLV.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) LLDP and LLDP-MED Standards Compatibility The operation covered by this section is compatible with these standards: ■ IEEE P802.1AB ■ RFC 2922 (PTOPO, or Physical Topology MIB) ■ RFC 2737 (Entity MIB) ■ RFC 2863 (Interfaces MIB) ■ ANSI/TIA-1057/D6 (LLDP-MED; refer to “LLDP-MED (Media-EndpointDiscovery)” on page 13-53.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) advertisements. Attempting to use the CLI to configure LLDP with an IP address that is either not configured on a VLAN, or has been acquired by DHCP or Bootp results in the following error message. xxx.xxx.xxx.xxx: This IP address is not configured or is a DHCP address. Spanning-Tree Blocking. Spanning tree does not prevent LLDP packet transmission or receipt on STP-blocked links. 802.1X Blocking. Ports blocked by 802.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Viewing the Current Configuration Displaying the Global LLDP, Port Admin, and SNMP Notification Status. This command displays the switch’s general LLDP configuration status, including some per-port information affecting advertisement traffic and trap notifications. Syntax show lldp config Displays the LLDP global configuration, LLDP port status, and SNMP notification status.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Displaying Port Configuration Details. This command displays the portspecific configuration, including. Syntax show lldp config < port-list > Displays the LLDP port-specific configuration for all ports in < port-list >, including which optional TLVs and any non-default IP address that are included in the port’s outbound advertisements.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Enabling or Disabling LLDP Operation on the Switch. Enabling LLDP operation (the default) causes the switch to: ■ Use active, LLDP-enabled ports to transmit LLDP packets describing itself to neighbor devices. ■ Add entries to its neighbors table based on data read from incoming LLDP advertisements. Syntax [ no ] lldp run Enables or disables LLDP operation on the switch.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Changing the Time-to-Live for Transmitted Advertisements. The Time-to-Live value (in seconds) for all LLDP advertisements transmitted from a switch is controlled by the switch that generates the advertisement, and determines how long an LLDP neighbor retains the advertised data before discarding it. The Time-to-Live value is the result of multiplying the refreshinterval by the holdtime-multiplier described below.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Syntax setmib lldpTxDelay.0 -i < 1 - 8192 > Uses setmib to change the minimum time (delay-interval) any LLDP port will delay advertising successive LLDP advertisements due to a change in LLDP MIB content. (Default: 2; Range: 1 - 8192) Note: The LLDP refresh-interval (transmit interval) must be greater than or equal to (4 x delay-interval).
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) delay interval delays the port’s ability to reinitialize and generate LLDP traffic following an LLDP disable/enable cycle. Syntax setmib lldpReinitDelay.0 -i < 1 - 10 > Uses setmib to change the minimum time (reinitialization delay interval) an LLDP port will wait before reinitializing after receiving an LLDP disable command followed closely by a txonly or tx_rx command.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Changing the Minimum Interval for Successive Data Change Notifications for the Same Neighbor. If LLDP trap notification is enabled on a port, a rapid succession of changes in LLDP information received in advertisements from one or more neighbors can generate a high number of traps. To reduce this effect, you can globally change the interval between successive notifications of neighbor data change.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Configuring Basic LLDP Per-Port Advertisement Content In the default LLDP configuration, outbound advertisements from each port on the switch include both mandatory and optional data. Mandatory Data. An active LLDP port on the switch always includes the mandatory data in its outbound advertisements.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) For example, if port 3 belongs to a subnetted VLAN that includes an IP address of 10.10.10.100 and you wanted port 3 to use this secondary address in LLDP advertisements, you would need to execute the following command: ProCurve(config)# lldp config 3 ipAddrEnable 10.10.10.100 Optional Data. You can configure an individual port or group of ports to exclude one or more of these data types from outbound LLDP advertisements.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) system_cap For outbound advertisements, this TLV includes a bitmask of supported system capabilities (device functions). Also includes information on whether the capabilities are enabled.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Syntax: [ no ] lldp config < port-list > dot3TlvEnable macphy_config For outbound advertisements, this TLV includes the (local) switch port’s current speed and duplex settings, the range of speed and duplex settings the port supports, and the method required for reconfiguring the speed and duplex settings on the device (auto-negotiation during link initialization, or manual configuration).
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) ■ Power over Ethernet (PoE) status and troubleshooting support via SNMP ■ support for IP telephony network troubleshooting of call quality issues via SNMP This section describes how to configure and use LLDP-MED features in the switches to support VoIP network edge devices (Media Endpoint Devices) such as: ■ IP phones ■ voice/media gateways ■ media servers ■ IP communications controllers ■ other VoIP devices or
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) ■ able to use the following network policy elements configured on the client port • voice VLAN ID • 802.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) ■ Class 3 (Communication Devices): These devices are typically IP phones or end-user devices that otherwise support IP media and offer all Class 1 and Class 2 features, plus location identification and emergency 911 capability, Layer 2 switch support, and device infor mation management. LLDP-MED Operational Support.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Syntax: lldp top-change-notify < port-list > Topology change notification, when enabled on an LLDP port, causes the switch to send an SNMP trap if it detects LLDP-MED endpoint connection or disconnection activity on the port, or an age-out of the LLDP-MED neighbor on the port.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) LLDP-MED Fast Start Control Syntax: lldp fast-start-count < 1 - 10 > An LLDP-MED device connecting to a switch port may use the data contained in the MED TLVs from the switch to configure itself. However, the lldp refresh-interval setting (default: 30 seconds) for transmitting advertisements can cause an unacceptable delay in MED device configuration.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Note LLDP-MED operation requires the macphy_config TLV subelement—enabled by default—that is optional for IEEE 802.1AB LLDP operation. Refer to the dot3TlvEnable macphy_config command on page 13-53. Network Policy Advertisements. Network policy advertisements are intended for real-time voice and video applications, and include these TLV subelements: ■ Layer 2 (802.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Notes A codepoint must have an 802.1p priority before you can configure it for use in prioritizing packets by VLAN-ID. If a codepoint you want to use shows No Override in the Priority column of the DSCP policy table (display with show qos dscp map, then use qos-dscp map < codepoint > priority < 0 - 7 > to configure a priority before proceeding.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) network-policy This TLV enables the switch port to advertise its configured network policies (voice VLAN, Layer 2 QoS, Layer 3 QoS), and allows LLDP-MED endpoint devices to auto-configure the voice network policy advertised by the switch. This also enables the use of SNMP applications to troubleshoot statically configured endpoint network policy mismatches.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) PoE Advertisements. These advertisements inform an LLDP-MED endpoint of the power (PoE) configuration on switch ports. Similar advertisements from an LLDP-MED endpoint inform the switch of the endpoint’s power needs and provide information that can be used to identify power priority mismatches.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) ■ ELIN (Emergency Location Identification Number): an emergency number typically assigned to MLTS (Multiline Telephone System Opera tors) in North America ■ coordinate-based location: attitude, longitude, and altitude informa tion (Requires configuration via an SNMP application.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) — Continued— Type/Value Pairs (CA-TYPE and CA-VALUE): This is a series of data pairs, each composed of a location data “type” specifier and the corresponding location data for that type. That is, the first value in a pair is expected to be the civic address “type” number (CA TYPE), and the second value in a pair is expected to be the corresponding civic address data (CA-VALUE).
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Note: A switch port allows one instance of any given CA TYPE. For example, if a type/value pair of 6 Atlantic (to specify “Atlantic” as a street name) is configured on port A5 and later another type/value pair of 6 Pacific is configured on the same port, then Pacific replaces Atlantic in the civic address location configured for port A5.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Table 13-4.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Figure 13-18 shows the commands for configuring and displaying the above data. Figure 13-18.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Displaying Switch Information Available for Outbound Advertisements These commands display the current switch information that will be used to populate outbound LLDP advertisements. Syntax show lldp info local-device [ port-list ] Without the [ port-list ] option, this command displays the global switch information and the per-port information currently available for populating outbound LLDP advertisements.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) The Management Address field displays only the LLDP-configurable IP addresses on the switch. (Only manually-configured IP addresses are LLDP-configurable.) If the switch has only an IP address from a DHCP or Bootp server, then the Management Address field is empty (because there are no LLDP configurable IP addresses available). For more on this topic, refer to “Remote Management Address” on page 13-40. Figure 13-19.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) information on displaying the currently configured port speed and duplex on an LLDP-MED endpoint, refer to “Displaying the Current Port Speed and Duplex Configuration on a Switch Port” on page 13-69. Syntax: show interfaces brief < port-list > Includes port speed and duplex configuration in the Mode column of the resulting display. Displaying Advertisements Currently in the Neighbors MIB.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Figure 13-21. Example of a Global Listing of Discovered Devices Indicates the policy configured on the telephone. A configuration mismatch occurs if the supporting port is configured differently. Figure 13-22.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Displaying LLDP Statistics LLDP statistics are available on both a global and a per-port levels. Rebooting the switch resets the LLDP statistics counters to zero. Disabling the transmit and/or receive capability on a port “freezes” the related port counters at their current values.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) — Continued — Per-Port LLDP Counters: NumFramesRecvd: Shows the total number of valid, inbound LLDP advertisements received from any neighbor(s) on < portlist >. Where multiple neighbors are connected to a port through a hub, this value is the total number of LLDP advertisements received from all sources. NumFramesSent: Shows the total number of LLDP advertisements sent from < port-list >.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Counters showing frames sent on a port but no frames received on that port indicates an active link with a device that either has LLDP disabled on the link or is not LLDPaware. Figure 13-23. Example of a Global LLDP Statistics Display Figure 13-24. Example of a Per-Port LLDP Statistics Display LLDP Operating Notes Neighbor Maximum.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) LLDP Packet Forwarding: An 802.1D-compliant switch does not forward LLDP packets, regardless of whether LLDP is globally enabled or disabled on the switch. One IP Address Advertisement Per-Port: LLDP advertises only one IP address per-port, even if multiple IP addresses are configured by lldp config < port-list > ipAddrEnable on a given port. 802.1Q VLAN Information. LLDP packets do not include 802.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) ProCurve# walkmib ifDescr ifDescr.1 = A1 ifDescr.2 = A2 ifDescr.3 = A3 . . . ifDescr.23 = A23 ifDescr.24 = A24 ifDescr.27 = B1 ifDescr.28 = B2 ifDescr.29 = B3 . . . ifDescr.48 = B22 ifDescr.49 = B23 ifDescr.50 = B24 . . . Beginning and Ending of Port Number Listing for Slot A Beginning and Ending of Port Number Listing for Slot B Figure 13-25.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Note ■ If the switch receives both LLDP and CDP advertisements on the same port from the same neighbor the switch stores this information as two separate entries if the advertisements have differences chassis ID and port ID information. ■ If the chassis and port ID information are the same, the switch stores this information as a single entry.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Protocol State Packet Generation Inbound Data Management Inbound Packet Forwarding CDP Enabled1 n/a Store inbound CDP data. CDP Disabled n/a No storage of CDP data from Floods inbound CDP packets neighbor devices. from connected devices to outbound ports. No forwarding of inbound CDP packets. LLDP Enabled1 Generates and Store inbound LLDP data. transmits LLDP packets out all ports on the switch.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Note Command Page show cdp 13-79 show cdp neighbors [< port-list > detail] [detail < port-list >] 13-80 [no] cdp run 13-81 [no] cdp enable < port-list > 13-81 For details on how to use an SNMP utility to retrieve information from the switch’s CDP Neighbors table maintained in the switch’s MIB (Management Information Base), refer to the documentation provided with the particular SNMP utility.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Viewing the Switch’s Current CDP Neighbors Table. Devices are listed by the port on which they were detected. Syntax: show cdp neighbors Lists the neighboring CDP devices the switch detects, with a subset of the information collected from the device’s CDP packet. [ [e] port-num [detail] ] Lists the CDP device connected to the specified port. (Allows only one port at a time.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Disabling CDP Operation. Disabling CDP operation clears the switch’s CDP Neighbors table and causes the switch to drop inbound CDP packets from other devices without entering the data in the CDP Neighbors table. Syntax: [no] cdp run Enables or disables CDP read-only operation on the switch.
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) 13-82
A File Transfers Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-3 Downloading Switch Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-3 General Software Download Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-3 Using TFTP To Download Switch Software from a Server . . . . . . . . A-4 Menu: TFTP Download from a Server to Primary Flash . . . . . . .
File Transfers Contents TFTP: Copying a Configuration File to a Remote Host . . . . . . . A-24 TFTP: Copying a Configuration File from a Remote Host . . . . A-24 TFTP: Copying a Customized Command File to a Switch . . . . A-25 Xmodem: Copying a Configuration File to a Serially Connected PC or UNIX Workstation . . . . . . . . . . . . . . . . . . . . . . A-26 Xmodem: Copying a Configuration File from a Serially Connected PC or UNIX Workstation . . . . . . . . . . . . . . . . . . . . . .
File Transfers Overview Overview The switches covered in this guide support several methods for transferring files to and from a physically connected device, or via the network, including TFTP and Xmodem. This appendix explains how to download new switch software, upload or download switch configuration files and software images.
File Transfers Downloading Switch Software Note Downloading new switch software does not change the current switch con figuration. The switch configuration is contained in separate files that can also be transferred. Refer to “Transferring Switch Configurations” on page A-22. In most cases, if a power failure or other cause interrupts a flash image download, the switch reboots with the image previously stored in primary flash.
File Transfers Downloading Switch Software Figure A-1. Example of a Download OS (Software) Screen (Default Values) 2. Press [E] (for Edit). 3. Ensure that the Method field is set to TFTP (the default). 4. In the TFTP Server field, type in the IP address of the TFTP server in which the software file has been stored. 5. In the Remote File Name field, type the name of the software file. If you are using a UNIX system, remember that the filename is case-sensitive. 6.
File Transfers Downloading Switch Software 7. After the primary flash memory has been updated with the new software, you must reboot the switch to implement the newly downloaded software. Return to the Main Menu and press [6] (for Reboot Switch). You will then see this prompt: Continue reboot of system? : No Press the space bar once to change No to Yes, then press [Enter] to begin the reboot.
File Transfers Downloading Switch Software To find more information on the cause of a download failure, examine the messages in the switch’s Event Log by executing the show log tftp command from the CLI. Also: ■ For more on the Event Log, see “Using the Event Log for Troubleshooting Switch Problems” on page C-22. ■ For descriptions of individual Event Log messages, refer to the latest version of the Event Log Message Reference Guide for your switch, available on the ProCurve website.
File Transfers Downloading Switch Software For example, to download a switch software file named k0800.swi from a TFTP server with the IP address of 10.28.227.103 to primary flash: 1. Execute copy as shown below: Dynamic counter continually displays the number of bytes transferred. Figure A-4. 2. This message means that the image you want to upload will replace the image currently in primary flash.
File Transfers Downloading Switch Software Using Secure Copy and SFTP For some situations you may want to use a secure method to issue commands or copy files to the switch. By opening a secure, encrypted SSH session you can then use a third-party software application to take advantage of Secure Copy (SCP) and Secure ftp (SFTP). SCP and SFTP provide a secure alternative to TFTP for transferring information that may be sensitive (like switch con figuration files) to and from the switch.
File Transfers Downloading Switch Software Protocol major versions differ: 1 vs. 2 Connection closed Received disconnect from < ip-addr >: /usr/local/ libexec/sftp-server: command not supported Connection closed SCP (secure copy) is an implementation of the BSD rcp (Berkeley UNIX remote copy) command tunneled through an SSH connection. SCP is used to copy files to and from the switch when security is required. SCP works with both SSH v1 and SSH v2.
File Transfers Downloading Switch Software Disable TFTP and Auto-TFTP for Enhanced Security Using the ip ssh filetransfer command to enable Secure FTP (SFTP) automat ically disables TFTP and auto-TFTP (if either or both are enabled). ProCurve(config)# ip ssh filetransfer Tftp and auto-tftp have been disabled. ProCurve(config)# sho run Enabling SFTP automatically disables TFTP and auto-tftp and displays this message. Running configuration: ; J9137A Configuration Editor; Created on release #S.14.
File Transfers Downloading Switch Software Enables/Disables TFTP. Note: If SFTP is enabled, this field will be set to No. You cannot use this field to enable TFTP if SFTP is enabled. Attempting to do so produces an Inconsistent value message in the banner below the Actions line. Figure A-6. Using the Menu Interface To Disable TFTP ■ While SFTP is enabled, TFTP and auto-TFTP cannot be enabled from the CLI.
File Transfers Downloading Switch Software Syntax: no tftp-enable This command disables all TFTP operation on the switch except for the auto-TFTP feature. To re-enable TFTP opera tion, use the tftp-enable command. When TFTP is disabled, the instances of tftp in the CLI copy command and the Menu interface “Download OS” screen become unavailable. Note: This command does not disable auto-TFTP operation.
File Transfers Downloading Switch Software Authentication Switch memory allows up to ten public keys. This means the authentication and encryption keys you use for your third-party client SCP/SFTP software can differ from the keys you use for the SSH session, even though both SCP and SFTP use a secure SSH tunnel. Note SSH authentication is mutually exclusive with RADIUS servers. Some clients such as PSCP (PuTTY SCP) automatically compare switch host keys for you.
File Transfers Downloading Switch Software ■ The switch supports one SFTP session or one SCP session at a time. ■ All files have read-write permission. Several SFTP commands, such as create or remove, are not allowed and return an error message.
File Transfers Downloading Switch Software Troubleshooting SSH, SFTP, and SCP Operations You can verify secure file transfer operations by checking the switch’s event log, or by viewing the error messages sent by the switch that most SCP and SFTP clients will print out on their console. Note Messages that are sent by the switch to the client depend on the client software in use to display them on the user console. Broken SSH Connection.
File Transfers Downloading Switch Software Received disconnect from 10.0.12.31: 2: Wait for previous session to complete lost connection Attempt to Start a Second Session. The switch supports only one SFTP session or one SCP session at a time. If a second session is initiated (for example, an SFTP session is running and then an SCP session is attempted), then the following error message may appear on the client console: Received disconnect from 10.0.12.
File Transfers Downloading Switch Software 5. Press [Enter] and then execute the terminal emulator command(s) to begin Xmodem binary transfer. For example, using HyperTerminal: a. Click on Transfer, then Send File. b. Type the file path and name in the Filename field. c. In the Protocol field, select Xmodem. d. Click on the [Send] button. The download will then commence. It can take several minutes, depend ing on the baud rate set in the switch and in your terminal emulator. 6.
File Transfers Downloading Switch Software 2. Execute the terminal emulator commands to begin the Xmodem transfer. For example, using HyperTerminal: a. Click on Transfer, then Send File. b. Type the file path and name in the Filename field. c. In the Protocol field, select Xmodem. d. Click on the [Send] button. The download can take several minutes, depending on the baud rate used in the transfer. 3.
File Transfers Downloading Switch Software 3. In the TFTP Server field, enter the IP address of the remote switch contain ing the software file you want to download. 4. For the Remote File Name, enter one of the following: • To download the software in the primary flash of the source switch, type “flash” in lowercase characters. • To download the software in the secondary flash of the source switch, type /os/secondary. 5. Press [Enter], then [X] (for eXecute) to begin the software download. 6.
File Transfers Downloading Switch Software Downloading from Primary Only. Syntax: copy tftp flash < ip-addr > flash [ primary | secondary ] This command (executed in the destination switch) downloads the software flash in the source switch’s primary flash to either the primary or secondary flash in the destination switch. If you do not specify either a primary or secondary flash location for the destination, the download automatically goes to primary flash.
File Transfers Copying Software Images Figure A-8. Switch-to-Switch, from Either Flash in Source to Either Flash in Destination Using PCM+ to Update Switch Software ProCurve Manager Plus includes a software update utility for updating on ProCurve switch products. For further information, refer to the Getting Started Guide and the Administrator’s Guide, provided electronically with the application.
File Transfers Transferring Switch Configurations Xmodem: Copying a Software Image from the Switch to a Serially Connected PC or UNIX Workstation To use this method, the switch must be connected via the serial port to a PC or UNIX workstation. Syntax: copy flash xmodem < pc | unix > Uses Xmodem to copy a designated configuration file from the switch to a PC or Unix workstation. For example, to copy the primary flash image to a serially connected PC: 1.
File Transfers Transferring Switch Configurations Note For greater security, you can perform all TFTP operations using SFTP as described in the section on Using Secure Copy and SFTP on page A-9. The include-credentials command can also be used to save passwords, secret keys, and other security credentials in the running config file. For more information, see the section on “Saving Security Credentials in a Config File” in the Access Security Guide for your switch.
File Transfers Transferring Switch Configurations TFTP: Copying a Customized Command File to a Switch Using the copy tftp command with the show-tech option provides the ability to copy a customized command file to the switch. When the show tech custom command is executed, the commands in the custom file are executed instead of the hard-coded list of commands. If no custom file is found, the current hard-coded list is executed.
File Transfers Transferring Switch Configurations Xmodem: Copying a Configuration File to a Serially Connected PC or UNIX Workstation To use this method, the switch must be connected via the serial port to a PC or UNIX workstation. You will need to: ■ Determine a filename to use. ■ Know the directory path you will use to store the configuration file.
File Transfers Transferring Switch Configurations Syntax: copy xmodem startup-config < pc | unix > copy xmodem config < filename > < pc | unix > Copies a configuration file from a serially connected PC or UNIX workstation to a designated configuration file on the switch. For more on multiple configuration files, refer to “Multiple Configuration Files” on page 6-23. For example, to copy a configuration file from a PC serially connected to the switch: 1. Execute the following command: 2.
File Transfers Copying Diagnostic Data to a Remote Host, PC or UNIX Workstation Copying Diagnostic Data to a Remote Host, PC or UNIX Workstation You can use the CLI to copy the following types of switch data to a text file in a destination device: ■ Command Output: Sends the output of a switch CLI command as a file on the destination device. ■ Event Log: Copies the switch’s Event Log into a file on the destination device.
File Transfers Copying Diagnostic Data to a Remote Host, PC or UNIX Workstation At this point, press [Enter] and start the Xmodem command sequence in your terminal emulator. Indicates the operation is finished. Figure A-11. Example of Sending Command Output to a File on an Attached PC Note The command you specify must be enclosed in double-quote marks.
File Transfers Copying Diagnostic Data to a Remote Host, PC or UNIX Workstation Syntax: copy crash-data [ | master] tftp copy crash-data [| mm] xmodem where: slot-id = mm a - h, and retrieves the crash log or crash data from the processor on the module in the specified slot. Retrieves crash log or crash data from the switch’s chassis processor. When “mm” is specified, crash files from both management modules are copied.
B Monitoring and Analyzing Switch Operation Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-3 Status and Counters Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-4 Menu Access To Status and Counters . . . . . . . . . . . . . . . . . . . . . . . . . B-5 General System Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-6 Menu Access . . . . . . . . . . . . . . . . . . . . . .
Monitoring and Analyzing Switch Operation Contents Interface Monitoring Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-23 Menu: Configuring Port and Static Trunk Monitoring . . . . . . . . . . . B-24 CLI: Configuring Port and Static Trunk Monitoring . . . . . . . . . . . . . B-25 Web: Configuring Port Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . B-28 Locating a Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Monitoring and Analyzing Switch Operation Overview Overview The switches covered in this guide have several built-in tools for monitoring, analyzing, and troubleshooting switch and network operation: Note ■ Status: Includes options for displaying general switch information, man agement address data, port status, port and trunk group statistics, MAC addresses detected on each port or VLAN, and STP, IGMP, and VLAN data (page B-4).
Monitoring and Analyzing Switch Operation Status and Counters Data Status and Counters Data This section describes the status and counters screens available through the switch console interface and/or the web browser interface. Note Status or Counters Type You can access all console screens from the web browser interface via Telnet to the console. Telnet access to the switch is available in the Device View window under the Configuration tab.
Monitoring and Analyzing Switch Operation Status and Counters Data Menu Access To Status and Counters Beginning at the Main Menu, display the Status and Counters menu by select ing: 1. Status and Counters Figure B-1. The Status and Counters Menu Each of the above menu items accesses the read-only screens described on the following pages. Refer to the online help for a description of the entries displayed in these screens.
Monitoring and Analyzing Switch Operation Status and Counters Data General System Information Menu Access From the console Main Menu, select: 1. Status and Counters 1. General System Information ProCurve Switch 2-Jan-2009 22:14:32 ===========================- TELNET - MANAGER MODE -========================== Status and Counters - General System Information System Contact System Location :George :Buiding A Software revision ROM Version : S.14.XX : S.14.
Monitoring and Analyzing Switch Operation Status and Counters Data CLI Access to System Information The show system command displays general system information about the switch. Syntax: show system [information] ] Displays global system information and operational parameters for the switch. information Displays global system information and operational parameters for the switch.
Monitoring and Analyzing Switch Operation Status and Counters Data When the task-monitor command is enabled, the show cpu command summa rizes the processor usage by protocol and system functions. Syntax: [no] task-monitor cpu Allows the collection of processor utilization data. Only manager logins can execute this command. The settings are not persistent, that is, there are no changes to the configura tion.
Monitoring and Analyzing Switch Operation Status and Counters Data Figure B-5. Example of Management Address Information with VLANs Configured This screen displays addresses that are important for management of the switch. If multiple VLANs are not configured, this screen displays a single IP address for the entire switch. Refer to the online Help for details. Note As shown in figure B-5, all VLANs on the switches use the same MAC address.
Monitoring and Analyzing Switch Operation Status and Counters Data Port Status The web browser interface and the console interface show the same port status data. Menu: Displaying Port Status From the Main Menu, select: 1. Status and Counters … 4. Port Status Figure B-6. Example of Port Status on the Menu Interface CLI Access Syntax: show interfaces brief Web Access B-10 1. Click on the Status tab. 2. Click on [Port Status].
Monitoring and Analyzing Switch Operation Status and Counters Data Viewing Port and Trunk Group Statistics and Flow Control Status Feature Default Menu CLI Web viewing port and trunk statistics for all ports, and flow control status n/a page B-12 page B-13 page B-13 viewing a detailed summary for a particular port or trunk n/a page B-12 page B-13 page B-13 resetting counters n/a page B-12 page B-13 page B-13 These features enable you to determine the traffic patterns for each port since
Monitoring and Analyzing Switch Operation Status and Counters Data Menu Access to Port and Trunk Statistics To access this screen from the Main Menu, select: 1. Status and Counters … 4. Port Counters Figure B-7. Example of Port Counters on the Menu Interface To view details about the traffic on a particular port, use the [v] key to highlight that port number, then select Show Details. For example, selecting port A2 displays a screen similar to figure B-8, below. Figure B-8.
Monitoring and Analyzing Switch Operation Status and Counters Data CLI Access To Port and Trunk Group Statistics To Display the Port Counter Summary Report. Syntax: show interfaces This command provides an overview of port activity for all ports on the switch. To Display a Detailed Traffic Summary for Specific Ports. Syntax: show interfaces < port-list > This command provides traffic details for the port(s) you specify To Reset the Port Counters for a Specific Port.
Monitoring and Analyzing Switch Operation Status and Counters Data Viewing the Switch’s MAC Address Tables Feature Default Menu CLI Web viewing MAC addresses on all ports on a specific VLAN n/a page B-14 page B-17 — viewing MAC addresses on a specific port n/a page B-16 page B-17 — searching for a MAC address n/a page B-16 page B-17 — These features help you to view: ■ The MAC addresses that the switch has learned from network devices attached to the switch ■ The port on which each M
Monitoring and Analyzing Switch Operation Status and Counters Data Figure B-9. Example of the Address Table To page through the listing, use Next page and Prev page. Finding the Port Connection for a Specific Device on a VLAN. This feature uses a device’s MAC address that you enter to identify the port used by that device. 1. Proceeding from figure B-9, press [S] (for Search), to display the following prompt: Enter MAC address: _ 2. Type the MAC address you want to locate and press [Enter].
Monitoring and Analyzing Switch Operation Status and Counters Data Port-Level MAC Address Viewing and Searching. This feature displays and searches for MAC addresses on the specified port instead of for all ports on the switch. 1. From the Main Menu, select: 1. Status and Counters 7. Port Address Table Prompt for Selecting the Port To Search Figure B-11. Listing MAC Addresses for a Specific Port 2.
Monitoring and Analyzing Switch Operation Status and Counters Data CLI Access for MAC Address Views and Searches Syntax: show mac-address [ vlan < vlan-id >] [< port-list >] [< mac-addr >] To List All Learned MAC Addresses on the Switch, with The Port Number on Which Each MAC Address Was Learned. ProCurve> show mac-address To List All Learned MAC Addresses on one or more ports, with Their Corresponding Port Numbers.
Monitoring and Analyzing Switch Operation Status and Counters Data Spanning Tree Protocol (MSTP) Information CLI Access to MSTP Data This option lists the MSTP configuration, root data, and per-port data (cost, priority, state, and designated bridge). Syntax: show spanning-tree This command displays the switch’s global and regional spanning-tree status, plus the per-port spanning-tree operation at the regional level.
Monitoring and Analyzing Switch Operation Status and Counters Data Internet Group Management Protocol (IGMP) Status The switch uses the CLI to display the following IGMP status on a per-VLAN basis: Show Command Output show ip igmp Global command listing IGMP status for all VLANs configured in the switch: • VLAN ID (VID) and name • Active group addresses per VLAN • Number of report and query packets per group • Querier access port per VLAN show ip igmp Per-VLAN command listing above IGMP stat
Monitoring and Analyzing Switch Operation Status and Counters Data VLAN Information The switch uses the CLI to display the following VLAN status: Show Command Output show vlan Lists: • Maximum number of VLANs to support • Existing VLANs • Status (static or dynamic) • Primary VLAN show vlan For the specified VLAN, lists: • Name, VID, and status (static/dynamic) • Per-Port mode (tagged, untagged, forbid, no/auto) • “Unknown VLAN” setting (Learn, Block, Disable) • Port status (up/down) For ex
Monitoring and Analyzing Switch Operation Status and Counters Data Because ports A1 and A2 are not members of VLAN 44, it does not appear in this listing. Figure B-15. Example of VLAN Listing for Specific Ports Figure B-16.
Monitoring and Analyzing Switch Operation Status and Counters Data Web Browser Interface Status Information The “home” screen for the web browser interface is the Status Overview screen, as shown below. As the title implies, it provides an overview of the status of the switch, including summary graphs indicating the network utili zation on each of the switch ports, symbolic port status indicators, and the Alert Log, which informs you of any problems that may have occurred on the switch.
Monitoring and Analyzing Switch Operation Interface Monitoring Features Interface Monitoring Features Port Monitoring Features Feature Default Menu CLI Web display monitoring configuration disabled page B-24 page B-26 page B-28 configure the monitor port(s) ports: none page B-24 page B-26 page B-28 selecting or removing ports page B-24 page B-27 page B-28 none selected You can designate monitoring of inbound and outbound traffic on ports and static trunks.
Monitoring and Analyzing Switch Operation Interface Monitoring Features Menu: Configuring Port and Static Trunk Monitoring This procedure describes configuring the switch for monitoring when moni toring is disabled. (If monitoring has already been enabled, the screens will appear differently than shown in this procedure.) 1. From the Console Main Menu, Select: 2. Switch Configuration... 3. Network Monitoring Port Enable monitoring by setting this parameter to “Yes”. Figure B-18.
Monitoring and Analyzing Switch Operation Interface Monitoring Features Move the cursor to the Monitoring Port parameter. Inbound Port and Trunk Monitoring (Only) on the Switch Figure B-19. How To Select a Monitoring Port 5. Use the Space bar to select the port to use for monitoring. 6. Use the down arrow key to move the cursor to the Action column for the individual ports and position the cursor at a port you want to monitor. 7.
Monitoring and Analyzing Switch Operation Interface Monitoring Features You must use the following configuration sequence to configure port and static trunk monitoring in the CLI: 1. Assign a monitoring (mirror) port. 2. Designate the port(s) and/or static trunk(s) to monitor. Displaying the Monitoring Configuration. Syntax: show monitor This command lists the port assigned to receive monitored traffic and the ports and/or trunks being monitored.
Monitoring and Analyzing Switch Operation Interface Monitoring Features Selecting or Removing Monitoring Source Interfaces. After you con figure a monitor port you can use either the global configuration level or the interface context level to select ports or static trunks as monitoring sources. You can also use either level to remove monitoring sources. Syntax: [no] interface < monitor-list > monitor where: < monitor-list > Includes port numbers and static trunk names such as a4,c7, b5-b8, trk1.
Monitoring and Analyzing Switch Operation Locating a Device Web: Configuring Port Monitoring To enable port monitoring: 1. Click on the Configuration tab. 2. Click on [Monitor Port]. 3. To monitor one or more ports. 4. a. Click on the radio button for Monitor Selected Ports. b. Select the port(s) to monitor. Click on [Apply Changes]. To remove port monitoring: 1. Click on the [Monitoring Off] radio button. 2. Click on [Apply Changes].
Monitoring and Analyzing Switch Operation Locating a Device ProCurve(config)# chassislocate blink <1-1440> Blink the chassis locate led (default 30 minutes). off Turn the chassis locate led off. on <1-1440> Turn the chassis locate led on (default 30 minutes). ProCurve(config)# chassislocate Figure B-23.
Monitoring and Analyzing Switch Operation Locating a Device B-30
C Troubleshooting Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-4 Troubleshooting Approaches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-5 Browser or Telnet Access Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . C-6 Unusual Network Activity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-8 General Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Troubleshooting Contents Debug/Syslog Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-32 Debug/Syslog Messaging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-32 Debug/Syslog Destination Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . C-32 Debug/Syslog Configuration Commands . . . . . . . . . . . . . . . . . . . . . . C-33 Configuring Debug/Syslog Operation . . . . . . . . . . . . . . . . . . . . . . . . .
Troubleshooting Contents Clear/Reset: Resetting to the Factory-Default Configuration . . . . . C-67 Restoring a Flash Image . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-68 DNS Resolver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-71 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-71 Basic Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Troubleshooting Overview Overview This appendix addresses performance-related network problems that can be caused by topology, switch configuration, and the effects of other devices or their configurations on switch operation. (For switch-specific information on hardware problems indicated by LED behavior, cabling requirements, and other potential hardware-related problems, refer to the Installation Guide you received with the switch.
Troubleshooting Troubleshooting Approaches Troubleshooting Approaches Use these approaches to diagnose switch problems: ■ Check the ProCurve Networking web site for software updates that may have solved your problem: www.procurve.com ■ Check the switch LEDs for indications of proper switch operation: • Each switch port has a Link LED that should light whenever an active network device is connected to the port.
Troubleshooting Browser or Telnet Access Problems Browser or Telnet Access Problems Cannot access the web browser interface: ■ Access may be disabled by the Web Agent Enabled parameter in the switch console. Check the setting on this parameter by selecting: 2. Switch Configuration … 1. System Information ■ The switch may not have the correct IP address, subnet mask or gateway. Verify by connecting a console to the switch’s Console port and selecting: 2. Switch Configuration … 5.
Troubleshooting Browser or Telnet Access Problems Cannot Telnet into the switch console from a station on the network: ■ Telnet access may be disabled by the Inbound Telnet Enabled parameter in the System Information screen of the menu interface: 2. Switch Configuration 1. System Information ■ The switch may not have the correct IP address, subnet mask, or gateway. Verify by connecting a console to the switch’s Console port and selecting: 2. Switch Configuration 5.
Troubleshooting Unusual Network Activity Unusual Network Activity Network activity that fails to meet accepted norms may indicate a hardware problem with one or more of the network components, possibly including the switch. Such problems can also be caused by a network loop or simply too much traffic for the network as it is currently designed and implemented.
Troubleshooting Unusual Network Activity This can also happen, for example, if the server is first configured to issue IP addresses with an unlimited duration, then is subsequently configured to issue IP addresses that will expire after a limited duration. One solution is to configure “reservations” in the DHCP server for specific IP addresses to be assigned to devices having specific MAC addresses. For more information, refer to the documentation for the DHCP server.
Troubleshooting Unusual Network Activity IP Multicast Traffic Floods Out All Ports; IGMP Does Not Appear To Filter Traffic. The IGMP feature does not operate if the switch or VLAN does not have an IP address configured manually or obtained through DHCP/Bootp. To verify whether an IP address is configured for the switch or VLAN, do either of the following: ■ Try Using the Web Browser Interface: If you can access the web browser interface, then an IP address is configured.
Troubleshooting Unusual Network Activity The switch does not receive a response to RADIUS authentication requests. In this case, the switch will attempt authentication using the secondary method configured for the type of access you are using (console, Telnet, or SSH). There can be several reasons for not receiving a response to an authentication request. Do the following: ■ Use ping to ensure that the switch has access to the configured RADIUS servers.
Troubleshooting Unusual Network Activity The supplicant statistics listing shows multiple ports with the same authenticator MAC address. The link to the authenticator may have been moved from one port to another without the supplicant statistics having been cleared from the first port. Refer to “Note on Supplicant Statistics” in the chapter on Port-Based and User-Based Access Control in the Access Security Guide for your switch.
Troubleshooting Unusual Network Activity Global RADIUS Encryption Key Unique RADIUS Encryption Key for the RADIUS server at 10.33.18.119 Figure C-2. Displaying Encryption Keys Also, ensure that the switch port used to access the RADIUS server is not blocked by an 802.1X configuration on that port. For example, show portaccess authenticator < port-list > gives you the status for the specified ports. Also, ensure that other factors, such as port security or any 802.
Troubleshooting Unusual Network Activity Radius-Related Problems The switch does not receive a response to RADIUS authentication requests. In this case, the switch will attempt authentication using the secondary method configured for the type of access you are using (console, Telnet, or SSH). There can be several reasons for not receiving a response to an authentication request. Do the following: ■ Use ping to ensure that the switch has access to the configured RADIUS server.
Troubleshooting Unusual Network Activity Spanning-Tree Protocol (MSTP) and Fast-Uplink Problems Caution If you enable MSTP, it is recommended that you leave the remainder of the MSTP parameter settings at their default values until you have had an oppor tunity to evaluate MSTP performance in your network. Because incorrect MSTP settings can adversely affect network performance, you should avoid making changes without having a strong understanding of how MSTP oper ates.
Troubleshooting Unusual Network Activity SSH-Related Problems Switch access refused to a client. Even though you have placed the client’s public key in a text file and copied the file (using the copy tftp pub-key file command) into the switch, the switch refuses to allow the client to have access. If the source SSH client is an SSHv2 application, the public key may be in the PEM format, which the switch (SSHv1) does not interpret.
Troubleshooting Unusual Network Activity The public key file you are trying to download has one of the following problems: ■ A key in the file is too long. The maximum key length is 1024 characters, including spaces. This could also mean that two or more keys are merged together instead of being separated by a . ■ There are more than ten public keys in the key file. ■ One or more keys in the file is corrupted or is not a valid rsa public key.
Troubleshooting Unusual Network Activity ■ Disconnect the switch from network access to any TACACS+ servers and then log in to the switch using either Telnet or direct console port access. Because the switch cannot access a TACACS+ server, it will default to local authentication. You can then use the switch’s local Operator or Manager username/password pair to log on. ■ As a last resort, use the Clear/Reset button combination to reset the switch to its factory default boot-up configuration.
Troubleshooting Unusual Network Activity For more help, refer to the documentation provided with your TACACS+ server application. Unknown Users Allowed to Login to the Switch. Your TACACS+ appli cation may be configured to allow access to unknown users by assigning them the privileges included in a default user profile. Refer to the documentation provided with your TACACS+ server application. System Allows Fewer Login Attempts than Specified in the Switch Configuration.
Troubleshooting Unusual Network Activity Link supporting VLAN_1 and VLAN_2 Switch “X” Port X-3 Switch “Y” Port Y- 7 VLAN Port Assignment VLAN Port Assignment Port VLAN_1 Port VLAN_1 X-3 VLAN_2 Untagged Tagged Y-7 VLAN_2 Untagged Tagged Figure C-4. Example of Correct VLAN Port Assignments on a Link 1. If VLAN_1 (VID=1) is configured as “Untagged” on port 3 on switch “X”, then it must also be configured as “Untagged” on port 7 on switch “Y”.
Troubleshooting Unusual Network Activity Server MAC Address “A”; VLAN 1 MAC Address “A”; VLAN 2 8212zl Switch (Multiple Forwarding Database) VLAN 1 VLAN 2 Switch with Single Forwarding Database Problem: This switch detects continual moves of MAC address “A” between ports. Figure C-5. Example of Duplicate MAC Address Fan Failure When two or more fans fail, a two-minute timer starts. After two minutes, the switch is powered down and must be rebooted to restart it.
Troubleshooting Using the Event Log for Troubleshooting Switch Problems Using the Event Log for Troubleshooting Switch Problems The Event Log records operating events in single- or double-line entries and serves as a tool to isolate and troubleshoot problems. Entries are listed in chronological order, from the oldest to the most recent. Once the log has received 2000 entries, it discards the oldest message each time a new message is received. The Event Log window contains 14 log entry lines.
Troubleshooting Using the Event Log for Troubleshooting Switch Problems Date is the date in the format mm/dd/yy when an entry is recorded in the log. Time is the time in the format hh:mm:ss when an entry is recorded in the log. Event Number is the number assigned to an event. You can turn event numbering on and off with the [no] log-number command. System Module is the internal module (such as “ports:” for port manager) that generated a log entry.
Troubleshooting Using the Event Log for Troubleshooting Switch Problems System Module Description Documented in ProCurve Hardware/ Software guide cos Class of Service (CoS): Provides priority handling of packets Advanced Traffic Management Guide traversing the switch, based on the IEEE 802.1p priority carried by each packet. CoS messages also include Quality of Service (QoS) events.
Troubleshooting Using the Event Log for Troubleshooting Switch Problems System Module Description Documented in ProCurve Hardware/ Software guide ip IP addressing: Configures the switch with an IP address and Management and Configuration Guide subnet mask to communicate on the network and support remote management access; configures multiple IP addresses on a VLAN.
Troubleshooting Using the Event Log for Troubleshooting Switch Problems System Module Description Documented in ProCurve Hardware/ Software guide netinet Network Internet: Monitors the creation of a route or an Address Resolution Protocol (ARP) entry and sends a log message in case of failure. Advanced Traffic Management Guide pagp Ports Aggregation Protocol (PAgP): Obsolete. Replaced by LACP (802.3ad). Not used for logging messages in software release K.13.xx.
Troubleshooting Using the Event Log for Troubleshooting Switch Problems System Module Description Documented in ProCurve Hardware/ Software guide stp Advanced Traffic Management Guide Multiple-instance spanning tree protocol/MSTP (802.1s): Ensures that only one active path exists between any two nodes in a group of VLANs in the network. MSTP operation is designed to avoid loops and broadcast storms of duplicate messages that can bring down the network.
Troubleshooting Using the Event Log for Troubleshooting Switch Problems Menu: Displaying and Navigating in the Event Log To display the Event Log from the Main Menu, select Event Log. Figure C-7 shows a sample event log display. ProCurve Switch 25-Oct-2007 18:02:52 ==========================-CONSOLE - MANAGER MODE -============================ M 10/25/07 16:30:02 sys: 'Operator cold reboot from CONSOLE session.
Troubleshooting Using the Event Log for Troubleshooting Switch Problems CLI: Displaying the Event Log To display messages recorded in the event log from the CLI, enter the show logging command. Keyword searches are supported. Syntax: show logging [-a, -r] [] By default, the show logging command displays the log messages recorded since the last reboot in chronological order. -a displays all recorded log messages, including those before the last reboot.
Troubleshooting Using the Event Log for Troubleshooting Switch Problems CLI: Turning Event Numbering On Syntax: [no] log-numbers Turns event numbering on and off Using Log Throttling to Reduce Duplicate Event Log and SNMP Messages A recurring event can generate a series of duplicate Event Log messages and SNMP traps in a relatively short time. As a result, the Event Log and any configured SNMP trap receivers may be flooded with excessive, exactly identical messages.
Troubleshooting Using the Event Log for Troubleshooting Switch Problems Log Throttle Periods The length of the log throttle period differs according to an event’s severity level: Severity Level Log Throttle Period I (Information) 6000 Seconds W (Warning) 600 Seconds D (Debug) 60 Seconds M (Major) 6 Seconds Example of Event Counter Operation Suppose the switch detects the following after a reboot: ■ Three duplicate instances of a “Send error” during the first log throttle period for this event ■
Troubleshooting Debug/Syslog Operation Debug/Syslog Operation While the Event Log records switch-level progress, status, and warning messages on the switch, the Debug/System Logging (Syslog) feature provides a way to record Event Log and debug messages on a remote device. For example, you can send messages about misconfigurations and other network protocol details to an external device, and later use them to debug networklevel problems.
Troubleshooting Debug/Syslog Operation Debug/Syslog Configuration Commands Event Notification Logging logging Command — facility priority-desc debug Command Automatically sends switch-level event messages to the switch’s Event Log. Debug and Syslog do not affect this operation, but add the capability of directing Event Log messaging to an external device. Enables Syslog messaging to be sent to the specified IP address.
Troubleshooting Debug/Syslog Operation lldp Sends LLDP debug logging to the debug destination(s). ssh Sends SSH debug messages at the specified level to the debug destination. The levels are fatal, error, info, verbose, debug, debug2, and debug3. Figure C-8. Summary of Debug/Syslog Configuration Commands Using the Debug/Syslog feature, you can perform the following operations: ■ Note Configure the switch to send Event Log messages to one or more Syslog servers.
Troubleshooting Debug/Syslog Operation ■ Display the current debug configuration. If Syslog logging is currently active, the list f configured Syslog servers is displayed. ■ Display the current Syslog server list when Syslog logging is disabled. Configuring Debug/Syslog Operation 1. To use a Syslog server as the destination device for debug messaging, follow these steps: a.
Troubleshooting Debug/Syslog Operation To display a list of valid values for each command, enter logging severity or logging system-module followed by ? or pressing the Tab key. The severity levels in order from the highest to lowest severity are: major, error, warning, info, debug. For a list of valid values for the logging systemmodule command, refer to Table C-1 on page C-23. 5.
Troubleshooting Debug/Syslog Operation ProCurve(config)# show debug Debug Logging Destination: Logging 10.28.38.164 Facility=kern Severity=warning System module=all-pass Enabled debug types: event Figure C-9. Sample Output of show debug Command Example: In the following example, no Syslog servers are configured on the switch (default setting). When you configure a Syslog server, debug logging is enabled to send Event Log messages to the server.
Troubleshooting Debug/Syslog Operation As shown at the top of Figure C-10, if you enter the show debug command when no Syslog server IP address is configured, the configuration settings for Syslog server facility, Event Log severity level and system module are not displayed. However, after you configure a Syslog server address and enable Syslog logging, all debug and logging settings are displayed with the show debug command.
Troubleshooting Debug/Syslog Operation event Configures the switch to send Event Log messages to config ured debug destinations. Note: This value does not affect the reception of event notification messages in the Event Log on the switch.
Troubleshooting Debug/Syslog Operation Debug Destinations Use the debug destination command to enable (and disable) Syslog messaging on a Syslog server or to a CLI session for specified types of debug and Event Log messages. Syntax: [no] debug destination < logging | session | buffer > logging Enables Syslog logging to configured Syslog servers so that the debug message types specified by the debug command (see “Debug Messages” on page C-38) are sent.
Troubleshooting Debug/Syslog Operation Logging Command At the global configuration level, the logging command allows you to enable debug logging on specified Syslog servers and select a subset of Event Log messages to send for debugging purposes according to: ■ Severity level ■ System module By specifying both a severity level and system module, you can use both configured settings to filter the Event Log messages you want to use to troubleshoot switch or network error conditions.
Troubleshooting Debug/Syslog Operation When you configure a Syslog server, Event Log messages are automatically enabled to be sent to the server. To reconfigure this setting, use the following commands: ■ Use debug command to specify additional debug message types (see “Debug Messages” on page C-38).
Troubleshooting Debug/Syslog Operation Syntax: [no] logging < syslog-ip-addr > Enables or disables Syslog messaging to the specified IP address. You can configure up to six addresses. If you configure an address when none are already configured, this command enables destination logging (Syslog) and the Event debug type. Therefore, at a minimum, the switch begins sending Event Log messages to configured Syslog servers. (Refer to “Debug Messages” on page C-38.
Troubleshooting Debug/Syslog Operation Syntax: [no] logging facility < facility-name > The logging facility specifies the destination subsystem used in a configured Syslog server. (All configured Syslog servers must use the same subsystem.) ProCurve recommends the default (user) subsystem unless your application specifically requires another subsystem.
Troubleshooting Debug/Syslog Operation The CLI command is: Syntax: logging control-descr ] no logging [control-descr] An optional user-friendly description that can be associated with a server IP address. If no description is entered, this is blank. If contains white space, use quotes around the string. IPv4 addresses only. Use the no form of the command to remove the description.
Troubleshooting Debug/Syslog Operation ProCurve(config)# logging priority-descr severe-pri Figure C-12. Example of the Logging Command with a Priority Description Note A notification is sent to the SNMP agent if there are any changes to the syslog parameters either through the CLI or with SNMP.
Troubleshooting Debug/Syslog Operation Configuring the System Module Used to Select the Event Log Messages Sent to a Syslog Server Event Log messages contain the name of the system module that reported the event. Using the logging system-module command, you can select a set of Event Log messages according to the originating system module and send them to a Syslog server. To configure a Syslog server, see “Configuring a Syslog Server” on page C-41.
Troubleshooting Debug/Syslog Operation ■ Debug Option Effect of a Reboot or Reset event (debug type) If a Syslog server IP address is configured in the startup config file, the sending of Event Log messages is reset to enabled, regardless of the last active setting. If no Syslog server is configured, the sending of Event Log messages is disabled. IP (debug type) Disabled. Debug commands do not affect normal message output to the Event Log.
Troubleshooting Diagnostic Tools Diagnostic Tools Diagnostic Features Feature Default Menu CLI Web Port Auto negotiation n/a — — — Ping test n/a — page C-52 page C-51 Link test n/a — page C-52 page C-51 Traceroute operation n/a — page C-54 View switch configuration files n/a — page C-58 View switch (show tech) operation n/a — page C-59 — View crash information and command history n/a — page C-62 — View system information and software version n/a — page C-62 — Usef
Troubleshooting Diagnostic Tools Port Auto-Negotiation When a link LED does not light (indicating loss of link between two devices), the most common reason is a failure of port auto-negotiation between the connecting ports. If a link LED fails to light when you connect the switch to a port on another device, do the following: 1. Ensure that the switch port and the port on the attached end-node are both set to Auto mode. 2.
Troubleshooting Diagnostic Tools Web: Executing Ping or Link Tests 1. Click here. 2. Click here. 3. Select Ping Test (the default) or Link Test 4. For a Ping test, enter the IP address of the target device. For a Link test, enter the MAC address of the target device. 6. Click on Start to begin the test. 5. Select the number of tries (packets) and the timeout for each try from the drop-down menus. Figure C-13.
Troubleshooting Diagnostic Tools Timeout in Seconds is the number of seconds to allow per attempt to test a connection before determining that the current attempt has failed. To halt a Link or Ping test before it concludes, click on the Stop button. To reset the screen to its default settings, click on the Defaults button. CLI: Ping Test The Ping (Packet InterNet Groper) test uses Internet Control Message Protocol (ICMP) echo requests and ICMP echo replies to determine if another device is alive.
Troubleshooting Diagnostic Tools data-size <0-65471> Size of packet sent. Default: 0 (zero) data-fill <0-1024> The data pattern in the packet. Default: Zero length string Basic Ping Operation Ping with Repetitions Ping with Repetitions and Timeout Ping Failure Figure C-14. Examples of Ping Tests To halt a ping test before it concludes, press [Ctrl] [C]. Note To use the ping (or traceroute) command with host names or fully qualified domain names, refer to “DNS Resolver” on page C-71.
Troubleshooting Diagnostic Tools Basic Link Test Link Test with Repetitions Link Test with Repetitions and Timeout Link Test Over a Specific VLAN Link Test Over a Specific VLAN; Test Fail Figure C-15. Example of Link Tests Traceroute Command The traceroute command enables you to trace the route from the switch to a host address. This command outputs information for each (router) hop between the switch and the destination address.
Troubleshooting Diagnostic Tools The IP address or hostname of the device to which to send the traceroute. [minttl < 1-255 >] For the current instance of traceroute, changes the minimum number of hops allowed for each probe packet sent along the route. If minttl is greater than the actual number of hops, then the output includes only the hops at and above the minttl threshold. (The hops below the threshold are not listed.
Troubleshooting Diagnostic Tools Intermediate router hops with the time taken for the switch to receive acknowledgement of each probe reaching each router. Destination IP Address Figure C-16. Example of a Completed Traceroute Enquiry Continuing from the previous example (Figure C-16, above), executing traceroute with an insufficient maxttl for the actual hop count produces an output similar to this: Traceroute does not reach destination IP address because of low maxttl setting.
Troubleshooting Diagnostic Tools If A Network Condition Prevents Traceroute from Reaching the Destination. Common reasons for Traceroute failing to reach a destination include: ■ Timeouts (indicated by one asterisk per probe, per hop; refer to Figure C-17, above.
Troubleshooting Viewing Switch Configuration and Operation Viewing Switch Configuration and Operation In some troubleshooting scenarios, you may need to view the switch config uration to diagnose a problem. The complete switch configuration is con tained in a file that you can browse from either the web browser interface or the CLI using the commands described in this section.
Troubleshooting Viewing Switch Configuration and Operation CLI: Viewing a Summary of Switch Operational Data Syntax: show tech By default, the show tech command displays a single output of switch operat ing and running-configuration data from several internal switch sources, including: ■ Image stamp (software version data) ■ Running configuration ■ Event Log listing ■ Boot History ■ Port settings ■ Status and counters — port status ■ IP routes ■ Status and counters — VLAN information ■
Troubleshooting Viewing Switch Configuration and Operation Figure C-19 shows sample output from the show tech command. ProCurve# show tech show system Status and Counters - General System Information System Name System Contact System Location : ProCurve : : MAC Age Time (sec) : 300 Time Zone : 0 Daylight Time Rule : None Software revision ROM Version : S.14.XX : S.12.
Troubleshooting Viewing Switch Configuration and Operation The following example uses the Microsoft Windows terminal emulator. If you are using a different terminal emulator application, refer to the documentation provided with the application. To save show tech command output from your terminal emulator to a text file, follow these steps: 1. In Hyperterminal, click on Transfer | Capture Text... Figure C-20. Capture Text window of the Hyperterminal Application 2.
Troubleshooting Viewing Switch Configuration and Operation 5. Click on Transfer | Capture Text | Stop in HyperTerminal to stop copying data and save the text file. If you do not stop HyperTerminal from copying command output into the text file, additional unwanted data can be copied from the HyperTerminal screen. 6. To access the file, open it in Microsoft Word, Notepad, or a similar text editor.
Troubleshooting Viewing Switch Configuration and Operation Syntax: show boot-history Displays the same information as the show interfaces command and dynamically updates the output every three seconds. Press Ctrl + C to stop the dynamic updates of system information. Use the Arrow keys to view information that is off the screen. Pattern Matching When Using the Show Command The pattern matching option with the show command provides the ability to do searches for specific text.
Troubleshooting Viewing Switch Configuration and Operation ProCurve(config)# show run | exclude ipv6 Running configuration: ; J9146A Configuration Editor; Created on release #W.14.06 hostname "ProCurve Switch" module 1 type J8702A module 2 type J8705A snmp-server community "notpublic" Unrestricted vlan 1 name "DEFAULT_VLAN" untagged A1-A24,B1-B20 Displays all lines that don’t contain “ipv6”.
Troubleshooting Viewing Switch Configuration and Operation ProCurve(config)# show run | begin ipv6 ipv6 enable no untagged B21-B24 Displays the running config beginning at the first line that contains “ipv6”. exit vlan 20 name "VLAN20" untagged B21-B24 ipv6 enable no ip address exit policy qos "michael" exit ipv6 access-list "EH-01" sequence 10 deny tcp 2001:db8:255::/48 2001:db8:125::/48 exit no autorun password manager ProCurve(config)# Figure C-24.
Troubleshooting Viewing Switch Configuration and Operation CLI: Useful Commands for Troubleshooting Sessions Use the following commands in a troubleshooting session to more accurately display the information you need to diagnose a problem. For more information on other these CLI practices, refer to chapter Chapter 4, “Using the Command Line Interface (CLI)”. Syntax: alias Creates a shortcut alias name for commonly used commands and command options.
Troubleshooting Restoring the Factory-Default Configuration Restoring the Factory-Default Configuration As part of your troubleshooting process, it may become necessary to return the switch configuration to the factory default settings.
Troubleshooting Restoring a Flash Image 2. Continue to press the Clear button while releasing the Reset button. 3. When the Self Test LED begins to flash, release the Clear button. The switch will then complete its self test and begin operating with the configuration restored to the factory default settings.
Troubleshooting Restoring a Flash Image 3. Use the Reset button to reset the switch. The following prompt should then appear in the terminal emulator: Enter h or ? for help. => 4. Since the OS file is large, you can increase the speed of the download by changing the switch console and terminal emulator baud rates to a high speed. For example: a. Change the switch baud rate to 115,200 Bps. => sp 115200 b. 5. Change the terminal emulator baud rate to match the switch speed: i.
Troubleshooting Restoring a Flash Image Figure C-26. Example of Xmodem Download in Progress 8. C-70 When the download completes, the switch reboots from primary flash using the OS image you downloaded in the preceding steps, plus the most recent startup-config file.
Troubleshooting DNS Resolver DNS Resolver The Domain Name System (DNS) resolver is designed for use in local network domains where it enables use of a host name or fully qualified domain name with DNS-compatible switch CLI commands. DNS operation supports both IPv4 and IPv6 DNS resolution and multiple, prioritized DNS servers. (For information on IPv6 DNS resolution, refer to the latest IPv6 Configuration Guide for your switch.
Troubleshooting DNS Resolver ■ When the switch is configured with both of the following: • the IP address of a DNS server available to the switch • the domain suffix of a domain available to the configured DNS server then: • A DNS-compatible command that includes the host name of a device in the same domain as the configured domain suffix can reach that device.
Troubleshooting DNS Resolver Note that if the target host is in a domain other than the domain configured on the switch, then: ■ The host’s domain must be reachable from the switch. This requires that the DNS server for the switch must be able to communicate with the DNS server(s) in the path to the domain in which the target host operates.
Troubleshooting DNS Resolver operating in the selected domain. Refer to “Terminology” on page C 71.) Note that if a domain suffix is not configured, fully qualified domain names can be used to resolve DNS-compatible commands. d. the host names assigned to target IP addresses in the DNS server for the specified domain 2. Use the data from steps 1a through 1c to configure the DNS entry on the switch. 3. Use a DNS-compatible command with the host name to reach the target devices.
Troubleshooting DNS Resolver Syntax: [no] ip dns domain-name < domain-name-suffix > This optional DNS command configures the domain suffix that is automatically appended to the host name entered with a DNS-compatible command. When the domain suffix and the IP address for a DNS server that can access that domain are both configured on the switch, you can execute a DNS-compatible command using only the host name of the desired target. (For an example, refer to Figure C-27 on page C-72.
Troubleshooting DNS Resolver Configuring switch “A” with the domain name and the IP address of a DNS server for the domain enables the switch to use host names assigned to IP addresses in the domain to perform ping and traceroute actions on the devices in the domain. To summarize: Entity: Identity: DNS Server IP Address 10.28.229.10 Domain Name (and Domain Suffix for Hosts in the Domain) pubs.outdoors.com Host Name Assigned to 10.28.229.
Troubleshooting DNS Resolver As mentioned under “Basic Operation” on page C-71, if the DNS entry config ured in the switch does not include the domain suffix for the desired target, then you must use the target host’s fully qualified domain name with DNScompatible commands. For example, using the document server in Figure C 29 as a target: ProCurve# ping docservr.pubs.outdoors.com 10.28.229.219 is alive, time = 1 ms Target’s Fully Qualified Domain Name ProCurve# traceroute docservr.pubs.outdoors.
Troubleshooting DNS Resolver Operating Notes C-78 ■ Configuring another IP address for a priority that has already been assigned to an IP address is not allowed. To replace one IP address at a given priority level with another address having the same priority, you must first use the no form of the command to remove the unwanted address. Also, only one instance of a given server address is allowed in the server list.
Troubleshooting DNS Resolver Event Log Messages Message Meaning DNS server address not configured The switch does not have an IP address configured for the DNS server. DNS server not responding The DNS server failed to respond or is unreachable. An incorrect server IP address can produce this result. Unknown host < host-name > The host name did not resolve to an IP address. Some reasons for this occurring include: • The host name was not found. • The named domain was not found.
Troubleshooting DNS Resolver C-80
D MAC Address Management Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . D-2 Determining MAC Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . D-3 Menu: Viewing the Switch’s MAC Addresses . . . . . . . . . . . . . . . . . . . . D-4 CLI: Viewing the Port and VLAN MAC Addresses . . . . . . . . . . . . . . . . D-5 Viewing the MAC Addresses of Connected Devices . . . . . . . . . . . . .
MAC Address Management Overview Overview The switch assigns MAC addresses in these areas: ■ For management functions, one Base MAC address is assigned to the default VLAN (VID = 1). (All VLANs on the switches covered in this guide use the same MAC address.) ■ For internal switch operations: One MAC address per port (Refer to “CLI: Viewing the Port and VLAN MAC Addresses” on page D-5.) MAC addresses are assigned at the factory.
MAC Address Management Determining MAC Addresses Determining MAC Addresses MAC Address Viewing Methods Feature Menu CLI Web view switch’s base (default vlan) MAC address n/a and the addressing for any added VLANs D-4 D-5 — view port MAC addresses (hexadecimal format) n/a — D-5 — ■ Note Default Use the menu interface to view the switch’s base MAC address and the MAC address assigned to any VLAN you have configured on the switch.
MAC Address Management Determining MAC Addresses Menu: Viewing the Switch’s MAC Addresses The Management Address Information screen lists the MAC addresses for: ■ Base switch (default VLAN; VID = 1) ■ Any additional VLANs configured on the switch. Also, the Base MAC address appears on a label on the back of the switch. Note The Base MAC address is used by the first (default) VLAN in the switch.
MAC Address Management Determining MAC Addresses CLI: Viewing the Port and VLAN MAC Addresses The MAC address assigned to each switch port is used internally by such features as Flow Control and the spanning-tree protocol. Using the walkmib command to determine the MAC address assignments for individual ports can sometimes be useful when diagnosing switch operation. The switch’s base MAC address is assigned to VLAN (VID) 1 and appears in the walkmib listing after the MAC addresses for the ports.
MAC Address Management Viewing the MAC Addresses of Connected Devices Viewing the MAC Addresses of Connected Devices Syntax: show mac-address [ | mac-addr | Lists the MAC addresses of the devices the switch has detected, along with the number of the specific port on which each MAC address was detected. [ port-list ] Lists the MAC addresses of the devices the switch has detected, on the specified port(s). [ mac-addr ] Lists the port on which the switch detects the specified MAC address.
E Daylight Savings Time on ProCurve Switches This information applies to the following ProCurve switches: • • • • • • • 212M 224M 1600M 2400M 2424M 4000M 8000M • • • • • • • • • • Series 2500 Series 2520 Series 2600 Series 2800 Series 2900 Series 2910al Series 3400cl Series 3500 Series 3500yl Series 4100gl • • • • • • • • • Series 4200vl Series 5300xl Series 5400zl Switch 6108 Switch 6200yl Series 6400cl Series 6600 Series 8200zl ProCurve AdvanceStack Switches • ProCurve AdvanceStack Routers ProCurve
Daylight Savings Time on ProCurve Switches Canada and Continental US: • Begin DST at 2am on the second Sunday in March. • End DST at 2am on the first Sunday in November. Middle Europe and Portugal: • Begin DST at 2am the first Sunday on or after March 25th. • End DST at 2am the first Sunday on or after September 24th. Southern Hemisphere: • Begin DST at 2am the first Sunday on or after October 25th. • End DST at 2am the first Sunday on or after March 1st.
Daylight Savings Time on ProCurve Switches Before configuring a “User defined” Daylight Time Rule, it is important to understand how the switch treats the entries. The switch knows which dates are Sundays, and uses an algorithm to determine on which date to change the system clock, given the configured “Beginning day” and “Ending day”: ■ If the configured day is a Sunday, the time changes at 2am on that day.
Daylight Savings Time on ProCurve Switches E-4
F Power-Saving Features Contents Configuring Power-Saving for LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . F-2 Show Savepower Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Power-Saving Features Configuring Power-Saving for LEDs Configuring Power-Saving for LEDs The savepower led command provides the ability to turn off the switch link, mode, and activity LEDs and turn them on again. When power-saving is turned off, it will turn on again automatically after 10 minutes. Syntax: [no] savepower led Turns power-saving option on or off for the LEDs ProCurve(config)# savepower led Figure F-1.
Index Symbols => prompt … C-68 Numerics 802.1X effect, LLDP … 13-75 LLDP blocked … 13-42 802.1X access control authentication failure, SNMP notification … 13-26 SNMP notification of authentication failure … 13-26 A access manager … 13-13 operator … 13-13 out-of-band … 2-3 ACL debug messages … C-33 See also debug command.
broadcast limit … 10-19 broadcast storm … 12-3, C-15 broadcast traffic IPX … 10-19 RIP … 10-19 browser interface See web browser interface.
power cycle … 6-29 primary boot path … 6-27 reboot policy options … 6-24 reboot policy, override … 6-28 reboot process … 6-25 reload … 6-30 rename config file … 6-31 reset … 6-29 running-config file … 6-25 running-config file operation … 6-24 secondary boot path … 6-27 show config file content … 6-28 show multiple files … 6-27 startup-config … 6-24 startup-config file … 6-25 transition to multiple files … 6-26 unable to copy … 6-31 workingConfig … 6-24, 6-26 xmodem from host … 6-37 xmodem to host … 6-36 con
Device Passwords window … 5-8 DHCP address problems … C-8 Best Offer … 6-39 Bootp operation … 8-12 effect of no reply … C-8 manual gateway precedence … 8-12 Option 66 … 6-37, 6-38 DHCP snooping SNMP notification … 13-17, 13-26 DHCP/Bootp differences … 8-13 DHCP/Bootp process … 8-12 DHCP/Bootp, LLDP … 13-50 DHCPv6 debug messages … C-33 dhcpv6-client … C-33 diagnostics tools … C-49 browsing the configuration file … C-58 displaying switch operation … C-59 ping and link tests … C-50 traceroute … C-54 viewing sw
F facility logging … C-33 factory default configuration restoring … 6-9, C-67 failure, switch software download … A-7 fastboot command … 6-21 fault detection policy … 5-8, 5-23 fault-tolerance … 12-4 firmware version … B-6 flash memory … 3-10, 6-3 flow control constraints … 10-17 global … 10-17 per-port … 10-17 terminal … 7-3 flow control, status … B-11 friendly port names See port names, friendly.
network number … B-9 K kill command … 7-9 L LACP 802.
optional data, configuring … 13-51 outbound packet options … 13-39 packet boundaries … 13-37 packet dropped … 13-37 packet time-to-live … 13-40 packet-forwarding … 13-37, 13-75 packets not forwarded … 13-36 per-port counters … 13-73 port description … 13-51 port ID … 13-50 port speed … 13-52 port trunks … 13-41 port type … 13-50 refresh interval … 13-45 reinitialization delay … 13-47 remote management address … 13-40 remote manager address … 13-50 reset counters … 13-72 rxonly … 13-49 setmib, delay interval
MDI/MDI-X configuration, display … 10-21 operation … 10-19 port mode, display … 10-21 media type, port trunk … 12-3 memory flash … 3-10, 6-3 startup configuration … 3-10 menu interface configuration changes, saving … 3-10 moving to or from the CLI … 4-7 See also console. MIB HP proprietary … 13-4 listing … 13-4 standard … 13-4 mirroring See port monitoring. MLTS … 13-36 monitoring See port monitoring.
configuring port priority … 11-8 disabling a port … 11-13 enable or disable operation … 11-6 event log messages … 11-21 fault … 11-11 LLDP detection, enabling or disabling … 11-14 manually configuring power levels … 11-10 operation on ProCurve switches … 11-2 oversubscribed … 11-3 planning and implementation … 11-20 poe-lldp-detect command … 11-14 port-number priority … 11-5 power supplies … 11-3 pre standard detect … 11-15 pre-std-detect … 11-7 priority class … 11-3, 11-4, 11-5 setting allocation … 11-10 s
LACP not allowed … 12-22 troubleshooting … C-10 port-utilization and status displays … 10-14 power levels, configuring … 11-10 power over ethernet See PoE.
secure FTP See SCP/SFTP.
disabling … 9-12 enabling and disabling … 9-10 event log messages … 9-26 manual config priority … 8-12 menu interface operation … 9-26 operating modes … 9-2 poll interval See TimeP. selecting … 9-3 show management … 9-9 unicast mode … 9-3, 9-12 unicast time polling … 9-25 unicast, deleting addresses … 9-26 unicast, replacing servers … 9-26 viewing … 9-4, 9-8 software See switch software. software image See switch software.
T TACACS SSH exclusion … A-14 task monitor … B-7 taskusage -d … B-7 taskUsageShow … B-7 Telnet connecting to switch … 3-4 enable/disable … 7-4 outbound … 7-6 terminate session, kill command … 7-9 troubleshooting access … C-7 telnet domain name address … 7-6 hostname … 7-6 ipv6 address … 7-6 show command … 7-6 switch-num … 7-6 terminal access, lose connectivity … 7-8 terminal type … 7-3 terminate remote session … 7-9 TFTP copy command output … A-28 copy crash data … A-29 copy crash log … A-30 copy event log
approaches … C-5 browsing the configuration file … C-58 configuring debug destinations … C-32 console access problems … C-6 diagnosing unusual network activity … C-8 diagnostics tools … C-49 displaying switch operation … C-59 DNS See DNS.
W walkmib … 13-40, D-5 warranty … -ii web agent advantages … 2-5 disabling access … 5-2 enable/disable … 7-4 enabled parameter … 5-2 Web authentication SNMP notification … 13-26 web browser interface access configuration … 7-3 access parameters … 5-8 access security … 7-3 alert log … 5-20 alert log details … 5-21 bandwidth adjustment … 5-18 bar graph adjustment … 5-18 disable access … 5-2 enabling … 5-4 error packets … 5-17 fault detection policy … 5-8, 5-23 fault detection window … 5-23 features … 2-5 firs
16 – Index
ProCurve 5400zl Switches Installation and Getting Startd Guide Technology for better business outcomes To learn more, visit www.hp.com/go/procurve/ © Copyright 2009 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty.
