HP GbE2c Ethernet Blade Switch for c-Class BladeSystem Command Reference Guide Part number: 418118-003a Third edition: December 2006
Legal notices © 2004, 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Microsoft®, Windows®, and Windows NT® are U.S.
Contents Command line interface Introduction ............................................................................................................................................. 9 Additional references ............................................................................................................................... 9 Connecting to the switch ...........................................................................................................................
Rapid Spanning Tree and Multiple Spanning Tree information ..................................................................... 39 Common Internal Spanning Tree information ............................................................................................. 41 Trunk group information.......................................................................................................................... 42 VLAN information ...........................................................................
ICMP statistics .................................................................................................................................. 74 TCP statistics..................................................................................................................................... 75 UDP statistics .................................................................................................................................... 76 IGMP Multicast Group statistics.............................
802.1x Port configuration ..................................................................................................................... 111 Rapid Spanning Tree Protocol / Multiple Spanning Tree Protocol configuration............................................ 112 Common Internal Spanning Tree configuration......................................................................................... 113 CIST bridge configuration ............................................................................
ACL IP Version 4 Filter configuration.................................................................................................. 148 ACL TCP/UDP Filter configuration ..................................................................................................... 149 ACL Meter configuration .................................................................................................................. 150 ACL Re-mark configuration ................................................................
Command line interface 8
Command line interface Introduction The HP GbE2c switch is ready to perform basic switching functions right out of the box. Some of the more advanced features, however, require some administrative configuration before they can be used effectively. This guide provides a command reference for the HP GbE2c Ethernet Blade Switch and the HP GbE2c Layer 2/3 Ethernet Blade Switch.
To establish a console connection with the switch: 1. Connect the terminal to the console port using the null modem cable. 2. Power on the terminal. 3. Press the Enter key a few times on the terminal to establish the connection. 4. You will be required to enter a password for access to the switch. (For more information, see the “Setting passwords” section in the “First-time configuration” chapter.
The supported SSH encryption and authentication methods are listed below. • Server Host Authentication—Client RSA authenticates the switch in the beginning of every connection • Key Exchange—RSA • Encryption: • • AES256-CBC • AES192-CBC • AES128-CBC • 3DES-CBC • 3DES • ARCFOUR User Authentication—Local password authentication; Remote Authentication Dial-in User Service (RADIUS) The following SSH clients are supported: • SSH 3.0.1 for Linux (freeware) • SecureCRT® 4.1.
Table 2 User access levels User account Description and tasks performed User The user has no direct responsibility for switch management. He or she can view all switch status information and statistics, but cannot make any configuration changes to the switch. The user account is enabled by default, and the default password is user. Oper The operator manages all functions of the switch. The operator can reset ports or the entire switch. By default, the operator account is disabled and has no password.
Typographical conventions The following table describes the typographic styles used in this guide: Table 3 Typographic conventions Typeface or symbol Meaning Example AaBbCc123 This type depicts onscreen computer output and prompts. Main# AaBbCc123 This type displays in command examples and shows text that must be typed in exactly as shown. Main# sys This italicized type displays in command examples as a parameter placeholder.
Menu basics Introduction The AOS CLI is used for viewing switch information and statistics. In addition, the administrator can use the CLI for performing all levels of switch configuration. To make the CLI easy to use, the various commands have been logically grouped into a series of menus and submenus. Each menu displays a list of commands and/or submenus that are available, along with a summary of what each command will do.
Global commands Some basic commands are recognized throughout the menu hierarchy. These commands are useful for obtaining online Help, navigating through menus, and for applying and saving configuration changes. For help on a specific command, type help. The following screen displays: Global Commands: [can be issued from any menu] help up print lines verbose exit diff apply save ping traceroute telnet pushd popd who pwd quit revert history The following are used to navigate the menu structure: .
Table 4 Global commands Command Action verbose n Sets the level of information displayed on the screen: • 0 = Quiet: Nothing displays except errors, not even prompts. • 1 = Normal: Prompts and requested output are shown, but no menus. • 2 = Verbose: Everything is shown. This is the default. • When used without a value, the current setting is displayed. telnet This command is used to Telnet out of the switch.
Command line interface shortcuts The following shortcuts allow you to enter commands quickly and easily. Command stacking As a shortcut, you can type multiple commands on a single line, separated by forward slashes (/). You can connect as many commands as required to access the menu option that you want.
First-time configuration Introduction This chapter describes how to perform first-time configuration and how to change system passwords. To begin first-time configuration of the switch, perform the following steps. 1. Connect to the switch console. After connecting, the login prompt displays. GbE2c Ethernet Blade Switch for HP c-Class Blade System. Copyright(C)2006 Hewlett-Packard Development Company, L.P. Password: 2. Enter admin as the default administrator password.
>> System# apply >> System# save Setting passwords HP recommends that you change all passwords after initial configuration and as regularly as required under the network security policies. See the “Accessing the switch” section in the “Command line interface” chapter for a description of the user access levels. To change the user, operator, or administrator password, you must log in using the administrator password. Passwords cannot be modified from the user or operator command mode.
3. From the Configuration Menu, use the following command to select the System Menu: >> Configuration# sys The System Menu is displayed.
System# access/user/usrpw 5. Enter the current administrator password at the prompt. Only the administrator can change the user password. Entering the administrator password confirms your authority. Changing USER password; validation required... Enter current administrator password: 6. Enter the new user password at the prompt: Enter new user password: 7. Enter the new user password, again, at the prompt: Re-enter new user password: 8.
Information Menu Introduction You can view configuration information for the switch in the user, operator, and administrator command modes. This chapter discusses how to use the CLI to display switch information.
System Information Menu Command: /info/sys [System Menu] snmpv3 general log user dump - SNMPv3 Information Menu Show general system information Show last 100 syslog messages Show current user status Dump all system information The following table describes the System Information Menu options. Table 7 System Information Menu options Command Usage snmpv3 Displays the SNMP v3 Menu.
The following table describes the SNMPv3 Information Menu options. Table 8 SNMPv3 Information Menu options Command Usage usm Displays User Security Model (USM) table information. view Displays information about view name, subtrees, mask and type of view. access Displays View-based Access Control information. group Displays information about the group that includes the security model, user name, and group name. comm Displays information about the community table.
SNMPv3 View Table information Command: /info/sys/snmpv3/view View Name Subtree ------------------ ---------------------------- Mask Type ------------- -------- iso 1 included v1v2only 1 included v1v2only 1.3.6.1.6.3.15 excluded v1v2only 1.3.6.1.6.3.16 excluded v1v2only 1.3.6.1.6.3.
The following table describes the SNMPv3 Access Table information. Table 11 Access Table parameters Field Description Group Name Displays the name of group. Prefix Displays the prefix that is configured to match the values. Model Displays the security model used, for example, SNMPv1, or SNMPv2 or USM. Level Displays the minimum level of security required to gain rights of access. For example, noAuthNoPriv, authNoPriv, or auth-Priv. Match Displays the match for the contextName.
The following table describes the SNMPv3 Community Table information. Table 13 Community Table parameters Field Description Index Displays the unique index value of a row in this table. Name Displays the community string, which represents the configuration. User Name Displays the User Security Model (USM) user name. Tag Displays the community tag.
The following table describes the SNMPv3 Target Parameters Table information. Table 15 Target Parameters Table Field Description Name Displays the locally arbitrary, but unique identifier associated with this snmpTargeParamsEntry. MP Model Displays the Message Processing Model used when generating SNMP messages using this entry. User Name Displays the securityName, which identifies the entry on whose behalf SNMP messages will be generated using this entry.
SNMPv3 dump Command: /info/sys/snmpv3/dump Engine ID = 80:00:07:50:03:00:0F:6A:F8:EF:00 usmUser Table: User Name Protocol -------------------------------- -------------------------------admin NO AUTH, NO PRIVACY adminmd5 HMAC_MD5, DES PRIVACY adminsha HMAC_SHA, DES PRIVACY v1v2only NO AUTH, NO PRIVACY vacmAccess Table: Group Name Prefix Model ---------- ------ ------admin usm v1v2grp snmpv1 admingrp usm Level -----------noAuthNoPriv noAuthNoPriv authPriv Match -----exact exact exact ReadV ------org org o
System information Command: /info/sys/gen System Information at 6:56:22 Thu Jan 11, 2006 Time zone: America/US/Pacific GbE2c Ethernet Blade Switch for HP c-Class Blade System sysName: sysLocation: RackId: Default RUID RackName: Default Rack Name EnclosureSerialNumber: -noneEnclosureName: Default Chassis Name BayNumber: 1 Switch is up 0 days, 14 hours, 56 minutes and 22 seconds. Last boot: 17:25:38 Mon Jan 8, 2006 (software reset) MAC address: 00:10:00:01:00:01 IP (If 1) address: 10.14.4.
Show last 100 syslog messages Command: /info/sys/log Date ---Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Time ---17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:42 17:25:42 17:25:42 17:25:42 17:25:42 17:25:42 Severity level ----------------NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTIC
The following table describes the User Name information. Table 17 User Name Information menu Field Usage user Displays the status of the user access level. oper Displays the status of the oper (operator) access level. admin Displays the status of the admin (administrator) access level. Current User ID Table Displays the status of configured user IDs. To configure new user IDs, use the /cfg/sys/access/user/uid command.
Table 18 Layer 2 Information Menu options Command Usage trunk When trunk groups are configured, you can view the state of each port in the various trunk groups. vlan Displays VLAN configuration information, including: • VLAN Number • VLAN Name • Status • Port membership of the VLAN gen Displays general Layer 2 configuration information. dump Dumps all switch information available from the Layer 2 menu (10K or more, depending on your configuration).
Show all FDB information Command: /info/l2/fdb/dump MAC address ----------------00:02:01:00:00:00 00:02:01:00:00:01 00:02:01:00:00:02 00:02:01:00:00:03 00:02:01:00:00:04 00:02:01:00:00:05 00:02:01:00:00:06 00:02:01:00:00:07 00:02:01:00:00:08 00:02:01:00:00:09 00:02:01:00:00:0a 00:02:01:00:00:0b 00:02:01:00:00:0c VLAN ---300 300 300 300 300 300 300 300 300 300 300 300 300 Port ---- Trnk ---1 23 23 23 23 23 23 23 23 23 23 23 23 State ----TRK FWD FWD FWD FWD FWD FWD FWD FWD FWD FWD FWD FWD An address th
LACP dump Command: /info/l2/lacp/dump >> LACP# dump port lacp adminkey operkey selected prio attached trunk aggr ---------------------------------------------------------------------1 off 1 1 n 32768 --2 off 2 2 n 32768 --3 off 3 3 n 32768 --4 off 4 4 n 32768 --5 off 5 5 n 32768 --6 off 6 6 n 32768 --7 off 7 7 n 32768 --8 off 8 8 n 32768 --… LACP dump includes the following information for each port in the GbE2c: • lacp—Displays the port’s LACP mode (active, passive, or off) • adminkey—Displays the
802.
The following table describes the IEEE 802.1x parameters. Table 21 802.1x information Field Description Port Displays each port’s name. Auth Mode Displays the Access Control authorization mode for the port. The Authorization mode can be one of the following: • force-unauth • auto • force-auth Auth Status Displays the current authorization status of the port, either authorized or unauthorized. Authenticator PAE State Displays the Authenticator Port Access Entity State.
The switch software uses the IEEE 802.1d Spanning Tree Protocol (STP). If RSTP/MSTP is turned on, see the “Rapid Spanning Tree information” section for Spanning Tree Group information.
Table 22 STP parameters Parameter Description Designated port The port ID of the port on the Designated Bridge to which this port is connected. This information includes the port priority (hex) and the port number (hex).
The following table describes the STP parameters in RSTP or MSTP mode. Table 23 Rapid Spanning Tree parameter descriptions Parameter Description Current Root Shows information about the root bridge for the Spanning Tree. Information includes the priority (hex) and MAC address of the root. Path-Cost Path-cost is the total path cost to the root bridge. It is the summation of the path cost between bridges (up to the root bridge).
Common Internal Spanning Tree information Command: /info/l2/cist Mstp Digest: 0xac36177f50283cd4b83821d8ab26de62 Common Internal Spanning Tree: VLANs: 1 3-4094 Current Root: 8000 00:03:42:fa:3b:80 Path-Cost 11 Port 1 MaxAge 20 FwdDel 15 CIST Regional Root: Path-Cost 8000 00:03:42:fa:3b:80 11 Parameters: Port ---1 2 3 4 5 6 7 8 9 10 11 12 Priority 32768 MaxAge 20 FwdDel 15 Hops 20 Prio Cost State Role Designated Bridge Des Port Hello Type ---- ---- ------ ---- --------------------- -------- ----- -
Table 24 Common Internal Spanning Tree parameter descriptions Parameter Description MaxAge The maximum age parameter specifies, in seconds, the maximum time the bridge waits without receiving a configuration bridge protocol data unit before it reconfigures the STP network. FwdDel The forward delay parameter specifies, in seconds, the amount of time that a bridge port has to wait before it changes from learning state to forwarding state.
VLAN information Command: /info/l2/vlan VLAN ---1 2 7 11 14 15 16 17 18 19 20 21 22 24 300 4000 4095 Name Status -------------------------------- -----Default VLAN ena pc03p ena pc07f ena pc04u ena 8600-14 ena 8600-15 ena 8600-16 ena 8600-17 ena 35k-1 ena 35k-2 ena 35k-3 ena 35k-4 ena pc07z ena redlan ena ixiaTraffic ena bpsports ena Mgmt VLAN dis Ports ---------------4 5 2 7 11 14 15 16 17 18 19 20 21 22 24 1 12 13 23 3-6 8-10 empty This information display includes all configured VLANs and all member p
The following table describes the Layer 3 Information Menu options. Table 26 Layer 3 information menu options Command Usage route Displays the IP Routing Menu.
Show all IP Route information Command: /info/l3/route/dump Status code: * Destination --------------* 11.0.0.0 * 11.0.0.1 * 11.255.255.255 * 12.0.0.0 * 12.0.0.1 * 12.255.255.255 * 13.0.0.0 * 47.0.0.0 * 47.133.88.0 * 172.30.52.223 * 224.0.0.0 * 224.0.0.5 best Mask --------------255.0.0.0 255.255.255.255 255.255.255.255 255.0.0.0 255.255.255.255 255.255.255.255 255.0.0.0 255.0.0.0 255.255.255.0 255.255.255.255 224.0.0.0 255.255.255.255 Gateway --------------11.0.0.1 11.0.0.1 11.255.255.255 12.0.0.1 12.0.0.
ARP information Command: /info/arp [Address Resolution Protocol Menu] find - Show a single ARP entry by IP address port - Show ARP entries on a single port vlan - Show ARP entries on a single VLAN dump - Show all ARP entries addr - Show ARP address list The Address Resolution Protocol (ARP) information includes IP address and MAC address of each entry, address status flags, VLAN, and port for the address, and port referencing information.
OSPF information Command: /info/l3/ospf [OSPF Information Menu] general - Show general information aindex - Show area(s) information if - Show interface(s) information virtual - Show details of virtual links nbr - Show neighbor(s) information dbase - Database Menu sumaddr - Show summary address list nsumadd - Show NSSA summary address list routes - Show OSPF routes dump - Show OSPF information NOTE: This menu is available only on the GbE2c Layer 2/3 Ethernet Blade Switch.
OSPF general information NOTE: OSPF commands are available only on the GbE2c Layer 2/3 Ethernet Blade Switch. Command: /info/l3/ospf/general OSPF Version 2 Router ID: 10.10.10.
Command Usage advrtr Takes advertising router as a parameter. Displays all the Link State Advertisements (LSAs) in the LS database that have the advertising router with the specified router ID, for example: 20.1.1.1. asbrsum | | Displays ASBR summary LSAs. The usage of this command is as follows: a. asbrsum adv-rtr 20.1.1.1 displays ASBR summary LSAs having the advertising router 20.1.1.1. b. asbrsum link_state_id 10.1.1.
OSPF route codes information NOTE: OSPF commands are available only on the GbE2c Layer 2/3 Ethernet Blade Switch. Command: /info/l3/ospf/routes Codes: IA - OSPF inter area, N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 IA 10.10.0.0/16 via 200.1.1.2 IA 40.1.1.0/28 via 20.1.1.2 IA 80.1.1.0/24 via 200.1.1.2 IA 100.1.1.0/24 via 20.1.1.2 IA 140.1.1.0/27 via 20.1.1.2 IA 150.1.1.0/28 via 200.1.1.2 E2 172.18.1.1/32 via 30.1.1.2 E2 172.18.1.
RIP user configuration NOTE: RIP commands are available only on the GbE2c Layer 2/3 Ethernet Blade Switch. Command: /info/l3/rip/dump <1-255> RIP USER CONFIGURATION : RIP on updat 30 RIP Interface 2 : 102.1.1.1, enabled version 2, listen enabled, supply enabled, default none poison disabled, trigg enabled, mcast enabled, metric 1 auth none,key none RIP Interface 3 : 103.1.1.
Command Usage mrouter Displays the Multicast Router Menu. find Displays a single IGMP multicast group by its IP address. vlan <1-4095> Displays all IGMP multicast groups on a single VLAN. port Displays all IGMP multicast groups on a single port. trunk <1-12> Displays all IGMP multicast groups on a single trunk group. dump Displays information for all multicast groups.
init identifies that the virtual router is waiting for a startup event. Once it receives a startup event, it transitions to master if its priority is 255, (the IP address owner), or transitions to backup if it is not the IP address owner. • • Server status. The server state identifies virtual routers. • Proxy status. The proxy state identifies virtual proxy routers, where the virtual router shares the same IP address as a proxy IP address.
Table 39 802.1p Port Priority information Field Description Port Displays the port number. Priority Displays the 802.1p Priority level. Cosq Displays the Class of Service queue. Weight Displays the scheduling weight. ACL information Command: /info/acl Current ACL information: -----------------------Filter 1 profile: Ethernet - VID : 1/0xfff Actions : Set COS to 0 Filter 2 profile: Ethernet - VID : 1/0xfff Actions : Permit No ACL groups configured.
RMON history information Command: /info/rmon/hist RMON History group configuration: Index ----1 2 3 4 5 IFOID -----------------------------1.3.6.1.2.1.2.2.1.1.24 1.3.6.1.2.1.2.2.1.1.24 1.3.6.1.2.1.2.2.1.1.18 1.3.6.1.2.1.2.2.1.1.19 1.3.6.1.2.1.2.2.1.1.24 Interval -------30 30 30 30 1800 Rbnum ----5 5 5 5 5 Gbnum ----5 5 5 5 5 The following table describes the RMON History Information parameters.
RMON alarm information Command: /info/rmon/alarm RMON Alarm group configuration: Index ----1 2 3 4 5 8 10 11 15 18 100 Interval -------30 900 300 1800 1800 1800 1800 1800 1800 1800 1800 Type ---abs abs abs abs abs abs abs abs abs abs abs rLimit -------10 0 10 10 10 10 10 10 10 10 10 fLimit -------0 10 20 0 0 0 0 0 0 0 0 Index ----1 2 3 4 5 8 10 11 15 18 100 OID -----------------------------1.3.6.1.2.1.2.2.1.10.257 1.3.6.1.2.1.2.2.1.11.258 1.3.6.1.2.1.2.2.1.12.259 1.3.6.1.2.1.2.2.1.13.260 1.3.6.1.2.
RMON Event group configuration: Index ----1 2 3 4 5 10 11 15 100 Type ---both none log trap both both both both both Last Sent ---------------0D: 0H: 1M:20S 0D: 0H: 0M: 0S 0D: 0H: 0M: 0S 0D: 0H: 0M: 0S 0D: 0H: 0M: 0S 0D: 0H: 0M: 0S 0D: 0H: 0M: 0S 0D: 0H: 0M: 0S 0D: 0H: 0M: 0S Description --------------------------------Event_1 Event_2 Event_3 Event_4 Log and trap event for Link Down Log and trap event for Link Up Send log and trap for icmpInMsg Send log and trap for icmpInEchos Event_100 The following t
Use this command to display link status information about each port on a switch, including: • Port number • Port speed (10 Mb/s, 100 Mb/s, 1000 Mb/s, or any) • Duplex mode (half, full, or any) • Flow control for transmit and receive (no, yes, or any) • Link status (up or down) Port information Command: /info/port Port Tag RMON PVID NAME ---- --- ---- ---- -------------1 n d 1 Downlink1 2 n d 1 Downlink2 3 n d 1 Downlink3 4 n d 1 Downlink4 5 n d 1 Downlink5 6 n d 1 Downlink6 7 n d 1 Downlink7 8 n d
Logical Port to GEA Port mapping Command: /info/geaport Logical Port -----------1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 GEA Port(0-based) ----------------1 2 4 7 8 12 13 14 0 3 5 6 9 10 11 15 16 17 18 19 23 22 21 20 GEA Unit --------0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 This display correlates the logical port number to the GEA unit on which each port resides.
Information dump Command: /info/dump Use the dump command to dump all switch information available from the Information Menu (10K or more, depending on your configuration). This data is useful for tuning and debugging switch performance. If you want to capture dump data to a file, set the communication software on your workstation to capture session data prior to issuing the dump commands.
Statistics Menu Introduction You can view switch performance statistics in the user, operator, and administrator command modes. This chapter discusses how to use the CLI to display switch statistics.
Port Statistics Menu Command: /stats/port [Port Statistics Menu] 8021x - Show 802.1x stats brg - Show bridging ("dot1") stats ether - Show Ethernet ("dot3") stats if - Show interface ("if") stats ip - Show Internet Protocol ("IP") stats link - Show link stats rmon - Show RMON stats clear - Clear all port stats This menu displays traffic statistics on a port-by-port basis.
802.
Table 46 802.1x statistics for port Statistics Description authEapStartsWhileAuthenticating Total number of times that the state machine transitions from AUTHENTICATING to ABORTING, as a result of an EAPOL-Start message being received from the Supplicant. authEapLogoffWhileAuthenticating Total number of times that the state machine transitions from AUTHENTICATING to ABORTING, as a result of an EAPOL-Logoff message being received from the Supplicant.
The following table describes the bridging statistics for a selected port: Table 47 Bridging statistics for port Statistics Description dot1PortInFrames The number of frames that have been received by this port from its segment. A frame received on the interface corresponding to this port is counted by this object, if and only if, it is for a protocol being processed by the local bridging function, including bridge management frames.
Table 48 Ethernet statistics for port Statistics Description dot3StatsFCSErrors A count of frames received on a particular interface that are an integral number of octets in length but do not pass the Frame Check Sequence (FCS) check. The count represented by an instance of this object is incremented when the frameCheckError status is returned by the MAC service to the LLC (or other MAC user). Received frames for which multiple error conditions obtained are, according to the conventions of IEEE 802.
Table 48 Ethernet statistics for port Statistics Description dot3StatsInternalMacReceiveErrors A count of frames for which reception on a particular interface fails due to an internal MAC sublayer receive error. A frame is only counted by an instance of this object if it is not counted by the corresponding instance of the dot3StatsFrameTooLongs object, the dot3StatsAlignmentErrors object, or the dot3StatsFCSErrors object.
Table 49 Interface statistics for port Statistics Description MulticastPkts—IfHCOut The total number of packets that higher-level protocols requested to be transmitted, and which were addressed to a multicast address at this sublayer, including those that were discarded or not sent. For a MAC layer protocol, this includes both group and functional addresses. This object is a 64-bit version of ifOutMulticastPkts.
Port RMON statistics Command: /stats/port /rmon RMON statistics for port 2: etherStatsDropEvents: etherStatsOctets: etherStatsPkts: etherStatsBroadcastPkts: etherStatsMulticastPkts: etherStatsCRCAlignErrors: etherStatsUndersizePkts: etherStatsOversizePkts: etherStatsFragments: etherStatsJabbers: etherStatsCollisions: etherStatsPkts64Octets: etherStatsPkts65to127Octets: etherStatsPkts128to255Octets: etherStatsPkts256to511Octets: etherStatsPkts64Octets: etherStatsPkts1024to1518Octets: NA 0 0 0 0
Table 52 RMON statistics Statistic Description etherStatsPkts64 Octets The total number of packets (including bad packets) received that were less than or equal to 64 octets in length (excluding framing bits but including FCS octets). etherStatsPkts65to127 Octets The total number of packets (including bad packets) received that were greater than 64 octets in length (excluding framing bits but including FCS octets).
LACP statistics Command: /stats/l2/lacp Valid LACPDUs received Valid Marker PDUs received Valid Marker Rsp PDUs received Unknown version/TLV type Illegal subtype received LACPDUs transmitted Marker PDUs transmitted Marker Rsp PDUs transmitted - 0 0 0 0 0 0 0 0 Layer 3 statistics Command: /stats/l3 [Layer 3 Statistics Menu] geal3 - GEA Layer 3 Stats Menu ip - Show IP stats route - Show route stats arp - Show ARP stats dns - Show DNS stats icmp - Show ICMP stats tcp - Show TCP stats udp - Sho
Table 55 Layer 3 Statistics Menu options Command Usage ipclear Clears IP statistics. Use this command with caution as it will delete all the IP statistics. dump Displays all Layer 3 statistics. * indicates menus that are available only on the GbE2c Layer 2/3 Ethernet Blade Switch.
Table 57 IP statistics Statistics Description ipInAddrErrors The number of input datagrams discarded because the IP address in their IP header destination field was not a valid address to be received at this switch. This count includes invalid addresses (for example, 0.0.0.0) and addresses of unsupported classes (for example, Class E).
The following table describes the Address Resolution Protocol (ARP) statistics: Table 59 ARP statistics Statistic Description arpEntriesCur The total number of outstanding ARP entries in the ARP table. arpEntriesHighWater The highest number of ARP entries ever recorded in the ARP table.
Table 61 ICMP statistics Statistics Description icmpInTimestamps The number of ICMP Timestamp (request) messages received. icmpInTimestampReps The number of ICMP Timestamp Reply messages received. icmpInAddrMasks The number of ICMP Address Mask Request messages received. icmpInAddrMaskReps The number of ICMP Address Mask Reply messages received. icmpOutMsgs The total number of ICMP messages which this switch attempted to send. Note that this counter includes all those counted by icmpOutErrors.
Table 62 TCP statistics Statistics Description tcpRtoMax The maximum value permitted by a TCP implementation for the retransmission timeout, measured in milliseconds. More refined semantics for objects of this type depend upon the algorithm used to determine the retransmission timeout. In particular, when the timeout algorithm is rsre(3), an object of this type has the semantics of the UBOUND quantity described in RFC 793.
IGMP Multicast Group statistics Command: /stats/l3/igmp Enter VLAN number: (1-4095) 1 -----------------------------------------------------------IGMP Snoop vlan 1 statistics: -----------------------------------------------------------rxIgmpValidPkts: 0 rxIgmpInvalidPkts: 0 rxIgmpGenQueries: 0 rxIgmpGrpSpecificQueries: 0 rxIgmpLeaves: 0 rxIgmpReports: 0 txIgmpReports: 0 txIgmpGrpSpecificQueries: 0 txIgmpLeaves: 0 This menu option enables you to display statistics regarding the use of the IGMP Multicast Group
OSPF global statistics NOTE: OSPF commands are available only on the GbE2c Layer 2/3 Ethernet Blade Switch.
Table 66 OSPF global statistics Statistic Description Tx ls Updates The sum total of all Link State Update packets transmitted on all OSPF areas and interfaces. Nbr change stats: hello The sum total of all Hello packets received from neighbors on all OSPF areas and interfaces. Start The sum total number of neighbors in this state (that is, an indication that Hello packets should now be sent to the neighbor at intervals of HelloInterval seconds) across all OSPF areas and interfaces.
Table 66 OSPF global statistics Statistic Description Timers Kickoff: hello The sum total number of times the Hello timer has been fired (which triggers the send of a Hello packet) across all OPSF areas and interfaces. retransmit The sum total number of times the Retransmit timer has been fired across all OPSF areas and interfaces. lsa lock The sum total number of times the Link State Advertisement (LSA) lock timer has been fired across all OSPF areas and interfaces.
Table 67 VRRP statistics Field Description vrrpBadInterval The total number of VRRP advertisements that had a bad interval. RIP statistics NOTE: RIP commands are available only on the GbE2c Layer 2/3 Ethernet Blade Switch.
The following table describes the packet statistics. Table 69 MP specific packet statistics Description Example statistic allocs Total number of packet allocations from the packet buffer pool by the TCP/IP protocol stack. frees Total number of times the packet buffers are freed (released) to the packet buffer pool by the TCP/IP protocol stack. mediums Total number of packet allocations with size between 128 to 1536 bytes from the packet buffer pool by the TCP/IP protocol stack.
UDP statistics Command: /stats/mp/ucb All UDP allocated control blocks: 161: listen The following table describes the User Datagram Protocol (UDP) control block (UCB) statistics shown in this example: Table 71 UDP statistics Description Example Statistic Control block 161 State listen CPU statistics Command: /stats/mp/cpu CPU utilization: cpuUtil1Second: cpuUtil4Seconds: cpuUtil64Seconds: 8% 9% 8% The following table describes the management port CPU utilization statistics: Table 72 CPU statistics S
SNMP statistics Command: /stats/snmp SNMP statistics: snmpInPkts: snmpInBadC'tyNames: snmpInASNParseErrs: snmpOutPkts: snmpInTooBigs: snmpInBadValues: snmpInGenErrs: snmpInTotalSetVars: snmpInGetNexts: snmpInGetResponses: snmpOutTooBigs: snmpOutBadValues: snmpOutGenErrs: snmpOutGetNexts: snmpOutGetResponses: snmpSilentDrops: 54 0 0 54 0 0 0 0 52 0 0 0 0 0 54 0 snmpInBadVersions: snmpInBadC'tyUses: snmpEnableAuthTraps: snmpInBadTypes: snmpInNoSuchNames: snmpInReadOnlys: snmpInTotalReqVars: snmpInGetRequest
Table 74 SNMP statistics Statistics Description snmpInReadOnlys The total number of valid SNMP Protocol Data Units (PDUs), which were delivered to the SNMP protocol entity and for which the value of the error-status field is readonly. It should be noted that it is a protocol error to generate an SNMP PDU, which contains the value read-only in the error-status field. As such, this object is provided as a means of detecting incorrect implementations of the SNMP.
Table 74 SNMP statistics Statistics Description snmpProxyDrops The total number of GetRequest-PDUs, GetNextRequest-PDUs,GetBulkRequest-PDUs, SetRequest-PDUs, and InformRequest-PDUs delivered to the SNMP entity which were silently dropped because the transmission of the message to a proxy target failed in a manner (other than a time-out) such that no Response-PDU could be returned.
Uplink Failure Detection statistics This menu option allows you to display Uplink Failure Detection (UFD) statistics. To reset UFD statistics, follow the command /cfg/ufd with the following argument: clear.
Configuration Menu Introduction The Configuration Menu is only available from an administrator login. It includes submenus for configuring every aspect of the switch. Changes to configuration are not active until explicitly applied. Changes can be saved to nonvolatile memory (NVRAM).
Viewing, applying, reverting, and saving changes As you use the configuration menus to set switch parameters, the changes you make do not take effect immediately. All changes are considered pending until you explicitly apply them. Also, any changes are lost the next time the switch boots unless the changes are explicitly saved.
You can view all pending configuration changes that have been applied but not saved to flash memory using the diff flash command. It is a global command that can be executed from any prompt. For instructions on selecting the configuration to run at the next system reset, see the “Selecting a configuration block” section in the “Boot Options Menu” chapter. Reminders CLI reminders prompt users to complete configuration tasks that require multiple steps. The default setting for CLI reminders is enabled.
Table 78 System Configuration Menu options Command Usage date Prompts the user for the system date. time Configures the system time using a 24-hour clock format. timezone Configures the time zone where the switch resides. You are prompted to select your location (continent, country, region) by the timezone wizard. Once a region is selected, the switch updates the time to reflect local changes to Daylight Savings Time, etc. idle <1-60> Sets the idle timeout for CLI sessions, from 1 to 60 minutes.
Table 79 Syslog Configuration Menu options Command Description sever2 <1-7> Sets the severity level of the second syslog host displayed. The default is 7, which means log all the severity levels. facil <1-7> This option sets the facility level of the first syslog host displayed. The range is 0-7. The default is 0. facil2 <1-7> This option sets the facility level of the second syslog host displayed. The range is 0-7. The default is 0.
The following table describes the SSHD Configuration Menu options. Table 80 SSHD Configuration Menu options Command Description intrval <0-24> Defines interval for auto-generating the RSA server key. The switch will auto-generate the RSA server key at the interval defined in this command. The value of zero (0) means the RSA server key auto-generation is disabled.
The following table describes the RADIUS Server Configuration Menu options. Table 81 RADIUS Server Configuration Menu options Command Description prisrv Sets the primary RADIUS server address. secsrv Sets the secondary RADIUS server address. secret <1-32 characters> This is the shared secret between the switch and the RADIUS server(s). secret2 <1-32 characters> This is the secondary shared secret between the switch and the RADIUS server(s).
TACACS+ (Terminal Access Controller Access Control System) is an authentication protocol that allows a remote access server to forward a user's logon password to an authentication server to determine whether access can be allowed to a given system. TACACS+ and Remote Authentication Dial-In User Service (RADIUS) protocols are more secure than the TACACS encryption protocol. TACACS+ is described in RFC 1492.
NTP server configuration Command: /cfg/sys/ntp [NTP Server Menu] prisrv - Set primary NTP server address secsrv - Set secondary NTP server address intrval - Set NTP server resync interval tzone - Set NTP timezone offset from GMT dlight - Enable/Disable daylight savings time on - Turn NTP service ON off - Turn NTP service OFF cur - Display current NTP configuration This menu enables you to synchronize the switch clock to a Network Time Protocol (NTP) server. By default, this option is disabled.
• SNMP parameters that can be modified include: • System name • System location • System contact • Use of the SNMP system authentication trap function • Read community string • Write community string The following table describes the System SNMP Configuration Menu options. Table 84 System SNMP Configuration Menu options Command Description snmpv3 Displays SNMPv3 menu. name <1-64 characters> Configures the name for the system. The name can have a maximum of 64 characters.
SNMP version 3 (SNMPv3) is an extensible SNMP Framework that supplements the SNMPv2 Framework by supporting the following: • a new SNMP message format • security for messages • access control • remote configuration of SNMP parameters For more details on the SNMPv3 architecture please see RFC2271 to RFC2275. The following table describes the SNMPv3 Configuration Menu options.
Table 86 User Security Model Configuration Menu options Command Description name <1-32 characters> Configures a string up to 32 characters long that represents the name of the user. This is the login name that you need in order to access the switch. auth md5|sha|none Configures the authentication protocol between HMAC-MD5-96 or HMAC-SHA-96. The default algorithm is none. authpw Configures your password for authentication.
View-based Access Control Model configuration Command: /cfg/sys/ssnmp/snmpv3/access [SNMPv3 vacmAccess 1 Menu] name - Set group name model - Set security model level - Set minimum level of security rview - Set read view index wview - Set write view index nview - Set notify view index del - Delete vacmAccess entry cur - Display current vacmAccess configuration The view-based Access Control Model defines a set of services that an application can use for checking access rights of the user.
The following table describes the SNMPv3 Group Configuration Menu options. Table 89 SNMPv3 Group Configuration Menu options Command Description model usm|snmpv1|snmpv2 Defines the security model. uname <1-32 characters> Sets the user name as defined in /cfg/sys/ssnmp/snmpv3/usm/name. The user name can have a maximum of 32 characters. gname <1-32 characters> Configures the name for the access group as defined in /cfg/sys/ssnmp/snmpv3/access/name. The group name can have a maximum of 32 characters.
SNMPv3 Target Address Table configuration Command: /cfg/sys/ssnmp/snmpv3/taddr [SNMPv3 snmpTargetAddrTable 1 Menu] name - Set target address name addr - Set target transport address IP port - Set target transport address port taglist - Set tag list pname - Set targetParams name del - Delete targetAddrTable entry cur - Display current targetAddrTable configuration This menu allows you to set passwords and display current user statistics. Passwords can be a maximum of 15 characters.
The following table describes the SNMPv3 Target Parameters Table Configuration Menu options. Table 92 SNMPv3 Target Parameters Table Configuration Menu options Command Description name <1-32 characters> Configures the locally arbitrary, but unique identifier that is associated with this entry. mpmodel Configures the message processing model that is used to generate SNMP messages. snmpv1|snmpv2c|snmp v3 model usm|snmpv1|snmpv2 Selects the security model to be used when generating the SNMP messages.
System Access configuration Command: /cfg/sys/access [System Access Menu] mgmt - Management Network Definition Menu user - User Access Control Menu (passwords) http - Enable/disable HTTP (Web) access https - HTTPS Web Access Menu wport - Set HTTP (Web) server port number snmp - Set SNMP access control tnport - Set Telnet server port number tport - Set the TFTP Port for the system cur - Display current system access configuration The following table describes the System Access Configuration menu options.
User Access Control configuration Command: /cfg/sys/access/user [User Access Control Menu] uid - User ID Menu eject - Eject user usrpw - Set user password (user) opw - Set operator password (oper) admpw - Set administrator password (admin) cur - Display current user status The following table describes the User Access Control menu options. Table 96 User Access Control Configuration menu options Command Description uid <1-10> Displays the User ID Menu for the selected user.
HTTPS Access configuration Command: /cfg/sys/access/https [https Menu] access port generate certSave cur - Enable/Disable HTTPS Web access HTTPS WebServer port number Generate self-signed HTTPS server certificate save HTTPS certificate Display current SSL Web Access configuration The following table describes the HTTPS Access Configuration Menu options. Table 98 HTTPS Access Configuration Menu options Command Description access enable|disable Enables or disables BBI access (Web access) using HTTPS.
Table 99 Port Configuration Menu options Command Description gig Displays the Gigabit Ethernet Physical Link Menu. aclqos Displays the Access Control List (ACL)/Quality of Service (QoS) configuration menu. 8021ppri Configures the port’s 802.1p priority level. pvid <1-4095> Sets the default VLAN number which will be used to forward frames which are not VLAN tagged. The default number is 1. Note: VLAN 4095 is reserved for switch management.
Temporarily disabling a port To temporarily disable a port without changing its stored configuration attributes, enter the following command at any prompt: Main# /oper/port /dis Because this configuration sets a temporary state for the port, you do not need to use apply or save. The port state will revert to its original configuration when the switch is reset. See the “Menu information” section in the “Operations Menu” chapter for other operations-level commands.
Port ACL/QoS configuration Command: /cfg/port /aclqos [Port 20 ACL Menu] add - Add ACL or ACL group to this port rem - Remove ACL or ACL group from this port cur - Display current ACLs for this port The following table describes the port ACL/QoS Configuration Menu options. Table 101 Port ACL/QoS Configuration Menu options Command Description add acl <1-762>| grp <1-762> Assigns an ACL or ACL Group to the port. rem acl <1-762>| grp <1-762> Removes an ACL or ACL Group from the port.
[802.1x Configuration Menu] global - Global 802.1x configuration menu port - Port 802.1x configuration menu ena - Enable 802.1x access control dis - Disable 802.1x access control cur - Show 802.1x configuration This feature allows you to configure the GbE2c as an IEEE 802.1x Authenticator, to provide port-based network access control. The following table describes the 802.1x Configuration Menu options. Table 103 802.1x Configuration Menu options Command Description global Displays the global 802.
Table 104 802.1x Global Configuration Menu options Command Description maxreq <1-10> Sets the maximum number of times the authenticator retransmits an EAP-Request packet to the supplicant (client). The default value is 2. raperiod <1-604800> Sets the time, in seconds, the authenticator waits before re-authenticating a supplicant (client) when periodic re-authentication is enabled. The default value is 3600 seconds. reauth on|off Sets the re-authentication status to on or off.
Table 105 802.1x Global Configuration Menu options Command Description raperiod <1-604800> Sets the time, in seconds, the authenticator waits before re-authenticating a supplicant (client) when periodic re-authentication is enabled. The default value is 3600 seconds. reauth on|off Sets the re-authentication status to on or off. The default value is off. default Resets the global 802.1x parameters to their default values. cur Displays current global 802.1x parameters.
NOTE: • • • • IEEE 802.1w standard-based RSTP implementation runs on one STG (i.e. same as one spanning tree instance) only. As a result, if ‘rstp’ mode is selected under the /cfg/mrst/mode command, then only a single RSTP instance (default for STG 1) is supported for all VLANs, including the Default VLAN 1. If multiple spanning tree instances are required, then select ‘mstp’ mode so that multiple VLANs are handled by multiple spanning tree instances, as specified by IEEE 802.
CIST bridge configuration Command: /cfg/l2/mrst/cist/brg [CIST Bridge Menu] prior - Set CIST bridge mxage - Set CIST bridge fwd - Set CIST bridge cur - Display current Priority (0-65535) Max Age (6-40 secs) Forward Delay (4-30 secs) CIST bridge parameters CIST bridge parameters are used only when the switch is in MSTP mode. CIST parameters do not affect operation of STP/PVST. The following table describes the commands used to configure CIST Bridge Configuration Menu options parameters.
• Current port configuration The port option of MRST is turned on by default. The following table describes the commands used to configure CIST Port Configuration Menu options. Table 109 CIST Port Configuration Menu options Command Description prior <0-240> Configures the CIST port priority. The port priority helps determine which bridge port becomes the designated port.
The following table describes the Spanning Tree Configuration Menu options. Table 110 Spanning Tree Configuration Menu options Command Description brg Displays the Bridge Spanning Tree Menu. port Displays the Spanning Tree Port Menu. add <1-4095> Associates a VLAN with a spanning tree and requires an external VLAN ID as a parameter. remove <1-4095> Breaks the association between a VLAN and a spanning tree and requires an external VLAN ID as a parameter.
Table 111 Bridge Spanning Tree Configuration Menu options Command Description mxage <6-40> Configures the bridge maximum age. The maximum age parameter specifies the maximum time the bridge waits without receiving a configuration bridge protocol data unit before it reconfigures the STP network. The range is 6 to 40 seconds, and the default is 20 seconds. This command does not apply to MSTP. See the “Common Internal Spanning Tree configuration” section for more information.
Table 112 Spanning Tree Port Configuration Menu options Command Description link auto|p2p|shared Defines the type of link connected to the port, as follows: auto: Configures the port to detect the link type, and automatically match its settings. p2p: Configures the port for Point-To-Point protocol. shared: Configures the port to connect to a shared medium (usually a hub). This command only applies when RSTP is turned on. See the “Common Internal Spanning Tree configuration” section for more information.
The following table describes the Static FDB Configuration Menu options. Table 114 Static FDB Configuration Menu options Command Description add Adds a static entry to the forwarding database. del Deletes a static entry from the forwarding database.
IP Trunk Hash configuration Command: /cfg/l2/thash [IP Trunk Hash Menu] set - IP Trunk Hash Settings Menu cur - Display current IP trunk hash configuration The following table describes the IP Trunk Hash Configuration Menu options. Table 116 IP Trunk Hash Configuration Menu options Command Description set Displays the Trunk Hash Settings menu. cur Display current trunk hash configuration.
The following table describes the LACP Configuration Menu options. Table 118 LACP Configuration Menu options Command Description sysprio <1-65535> Defines the priority value (1 through 65535) for the switch. Lower numbers provide higher priority. The default value is 32768. timeout short|long Defines the timeout period before invalidating LACP data from a remote partner. Choose short (3 seconds) or long (90 seconds). The default value is long.
The commands in this menu configure VLAN attributes, change the status of the VLAN, delete the VLAN, and change the port membership of the VLAN. By default, the VLAN menu option is disabled except VLAN 1, which is always enabled. The GbE2c supports a maximum of 1,000 VLANs. VLAN 4095 is reserved for switch management. NOTE: See the HP GbE2c Ethernet Blade Switch for c-Class BladeSystem Application Guide for information on VLANs. The following table describes the VLAN Configuration Menu options.
Table 121 L3 Configuration Menu options Command Description *frwd Displays the IP Forwarding Menu. *nwf <1-256> Displays the Network Filter Configuration Menu. *rmap <1-32> Displays the Route Map Menu. *rip Displays the Routing Interface Protocol Menu. *ospf Displays the OSPF Menu. igmp Displays the IGMP Menu. dns Displays the IP Domain Name System Menu. *bootp Displays the Bootstrap Protocol Menu. *vrrp Displays the Virtual Router Redundancy Configuration Menu.
Default Gateway configuration Command: /cfg/l3/gw <1-4> [Default gateway 1 Menu] addr - Set IP address intr - Set interval between ping attempts retry - Set number of failed attempts to declare gateway DOWN arp - Enable/disable ARP only health checks ena - Enable default gateway dis - Disable default gateway del - Delete default gateway cur - Display current default gateway configuration The switch supports up to four gateways. By default, no gateways are configured on the switch.
Address Resolution Protocol configuration Command: /cfg/l3/arp [ARP Menu] rearp cur - Set re-ARP period in minutes - Display current ARP configuration Address Resolution Protocol (ARP) is the TCP/IP protocol that resides within the Internet layer. ARP resolves a physical address from an IP address. ARP queries machines on the local network for their physical addresses. ARP also maintains IP to physical address pairs in its cache memory.
The following table describes the Network Filter Configuration Menu options. Table 127 Network Filter Configuration Menu options Command Description addr Sets the starting IP address for this filter. The default address is 0.0.0.0 mask Sets the IP subnet mask that is used with /cfg/l3/nwf/addr to define the range of IP addresses that will be accepted by the peer when the filter is enabled. The default value is 0.0.0.0 enable Enables the Network Filter configuration.
Table 128 Route Map Configuration Menu options Command Description enable Enables the route map. disable Disables the route map. delete Deletes the route map. cur Displays the current route configuration.
The rmap number (1-32) and the path number (1-8) represent the AS path you wish to configure. The following table describes the Autonomous System Path Configuration Menu options. Table 130 Autonomous System Path Configuration Menu options Command Description as <1-65535> Sets the Autonomous System filter’s path number. action permit|deny Permits or denies Autonomous System filter action. enable Enables the Autonomous System filter. disable Disables the Autonomous System filter.
RIP Interface configuration Command: /cfg/l3/rip/if <1-256> [RIP Interface 1 Menu] version - Set RIP version supply - Enable/disable supplying route updates listen - Enable/disable listening to route updates poison - Enable/disable poisoned reverse split - Enable/disable split horizon trigg - Enable/disable triggered updates mcast - Enable/disable multicast updates default - Set default route action metric - Set metric auth - Set authentication type key - Set authentication key enable - Enable interface dis
RIP Route Redistribution configuration Command: /cfg/l3/rip/redist fixed|static|ospf|eospf [RIP Redistribute Fixed Menu] add - Add rmap into route redistribution list rem - Remove rmap from route redistribution list export - Export all routes of this protocol cur - Display current route-maps added NOTE: This menu is available only on the GbE2c Layer 2/3 Ethernet Blade Switch. The following table describes the RIP Route Redistribute Menu options.
The following table describes the Open Shortest Path First Menu options. Table 134 OSPF Configuration Menu options Command Description aindex <0-2> Displays the area index menu. This area index does not represent the actual OSPF area number. range <1-16> Displays summary routes menu for up to 16 IP addresses. if <1-256> Displays the OSPF interface configuration menu. virt <1-3> Displays the Virtual Links menu used to configure OSPF for a Virtual Link.
The following table describes the Area Index Configuration Menu options. Table 135 OSPF Area Index Configuration Menu options Command Description areaid Defines the area ID of the OSPF area number. type transit|stub|nssa Defines the type of area. For example, when a virtual link has to be established with the backbone, the area type must be defined as transit. • Transit area: allows area summary information to be exchanged between routing devices.
The following table describes the OSPF Summary Range Configuration Menu options. Table 136 OSPF Summary Range Configuration Menu options Command Description addr Configures the base IP address for the range. For example, 100.10.1.1 mask Configures the IP address mask for the range. aindex <0-2> Configures the area index used by the switch. hide disable|enable Hides the OSPF summary range. enable Enables the OSPF summary range.
Table 137 OSPF Interface Configuration Menu options Command Description disable Disables the OSPF interface. delete Deletes the OSPF interface. cur Displays the current settings for OSPF interface.
OSPF Host Entry configuration Command: /cfg/l3/ospf/host <1-128> [OSPF Host Entry 1 Menu] addr - Set host entry IP address aindex - Set area index cost - Set cost of this host entry enable - Enable host entry disable - Disable host entry delete - Delete host entry cur - Display current OSPF host entry configuration NOTE: This menu is available only on the GbE2c Layer 2/3 Ethernet Blade Switch. The following table describes the OSPF Host Entry Configuration Menu options.
OSPF MD5 Key configuration Command: /cfg/l3/ospf/md5key [OSPF MD5 Key key delete cur 1 - Menu] Set authentication key Delete key Display current MD5 key configuration NOTE: This menu is available only on the GbE2c Layer 2/3 Ethernet Blade Switch. The following table describes the OSPF MD5 Key Configuration Menu options. Table 141 OSPF MD5 Key Configuration Menu options Command Description key Sets the authentication key for this OSPF packet.
IGMP snooping configuration Command: /cfg/l3/igmp/snoop [IGMP Snoop Menu] timeout - Set report timeout mrto - Set multicast router timeout qintrval - Set IGMP query interval robust - Set expected packet loss on subnet aggr - Aggregate IGMP report srcip - Set source ip to use when proxying GSQ add - Add VLAN(s) to IGMP Snooping rem - Remove VLAN(s) from IGMP Snooping clear - Remove all VLAN(s) from IGMP Snooping fastlv - Enable/disable Fastleave processing in VLAN cur - Display current IGMP Snooping configur
IGMP static multicast router configuration Command: /cfg/l3/igmp/mrouter [Static add rem cur Multicast Router Menu] - Add port as Multicast Router Port - Remove port as Multicast Router Port - Display current Multicast Router configuration The following table describes the Static Multicast Router Configuration Menu options. NOTE: When you configure a static multicast router on a VLAN, the process of learning multicast routers is disabled for that VLAN.
IGMP filter definition Command: /cfg/l3/igmp/igmpflt/filter <1-16> [IGMP Filter 1 Definition Menu] range - Set IP Multicast address range action - Set filter action ena - Enable filter dis - Disable filter del - Delete filter cur - Display current IGMP filter configuration The following table describes the IGMP Filter Definition Menu options.
Domain Name System configuration Command: /cfg/l3/dns [Domain Name System Menu] prima - Set IP address of primary DNS server secon - Set IP address of secondary DNS server dname - Set default domain name cur - Display current DNS configuration The Domain Name System (DNS) Configuration Menu is used for defining the primary and secondary DNS servers on your local network, and for setting the default domain name served by the switch services.
Virtual Router Redundancy Protocol configuration Command: /cfg/l3/vrrp [Virtual Router vr group if track on off cur - Redundancy Protocol Menu] VRRP Virtual Router Menu VRRP Virtual Router Group Menu VRRP Interface Menu VRRP Priority Tracking Menu Globally turn VRRP ON Globally turn VRRP OFF Display current VRRP configuration NOTE: This menu is available only on the GbE2c Layer 2/3 Ethernet Blade Switch.
Virtual routers are disabled by default. The following table describes the Virtual Router Configuration Menu options. Table 151 Virtual Router Configuration Menu options Command Description track Displays the VRRP Priority Tracking Menu for this virtual router. Tracking is a proprietary extension to VRRP, used for modifying the standard priority system used for electing the master router. vrid <1-255> Defines the virtual router ID.
VRRP Virtual Router Priority Tracking configuration Command: /cfg/l3/vrrp/vr <1-255>/track [VRRP Virtual vrs ifs ports cur Router 1 Priority Tracking Menu] - Enable/disable tracking master virtual routers - Enable/disable tracking other interfaces - Enable/disable tracking VLAN switch ports - Display current VRRP virtual router configuration NOTE: This menu is available only on the GbE2c Layer 2/3 Ethernet Blade Switch.
virtual router ID and an IP address. On each VRRP-capable routing device participating in redundancy for this virtual router, a virtual router will be configured to share the same virtual router ID and IP address. The following table describes the Virtual Router Group Configuration Menu options. Table 153 Virtual Router Group Configuration Menu options Command Description track Displays the VRRP Priority Tracking Menu for the virtual router group.
The following table describes the Virtual Router Group Priority Tracking Configuration Menu options. Table 154 Virtual Router Group Priority Tracking Configuration Menu options Command Description ifs disable|enable When enabled, the priority for this virtual router will be increased for each other IP interface active on this switch. An IP interface is considered active when there is at least one active port on the same VLAN.
NOTE: These priority tracking options only define increment values. These options do not affect the VRRP master router election process until options under the VRRP Virtual Router Priority Tracking Menu are enabled. The following table describes the VRRP Tracking Configuration Menu options. Table 156 VRRP Tracking Configuration Menu options Command Description vrs <0-254> Defines the priority increment value (0 through 254) for virtual routers in master mode detected on this switch.
[ACL Menu] acl group cur - Access Control List Item Config Menu - Access Control List Group Config Menu - Display current ACL configuration Use this menu to create Access Control Lists (ACLs) and ACL Groups. ACLs define matching criteria used for IP filtering and Quality of Service functions. The following table describes the Access Control Configuration Menu options.
ACL Ethernet Filter configuration Command: /cfg/acl/acl <1-762>/ethernet [Filtering Ethernet Menu] smac - Set to filter on source MAC dmac - Set to filter on destination MAC vlan - Set to filter on VLAN ID etype - Set to filter on ethernet type pri - Set to filter on priority reset - Reset all fields cur - Display current parameters This menu allows you to define Ethernet matching criteria for an ACL. The following table describes the Ethernet Filter Configuration Menu options.
Table 162 IPv4 Filter Configuration Menu options Command Description proto <0-255> Defines an IP protocol for the ACL. If defined, traffic from the specified protocol matches this filter. Specify the protocol number. Listed below are some of the well-known protocols. Number Name 1 icmp 2 igmp 6 tcp 17 udp 89 ospf 112 vrrp tos <0-255> Defines a Type of Service value for the ACL. For more information on ToS, see RFC 1340 and 1349. reset Resets the IPv4 parameters for the ACL to their default values.
ACL Meter configuration Command: /cfg/acl/acl <1-762>/meter [Metering Menu] cir mbsize enable dpass reset cur - Set committed rate in KiloBits/s Set maximum burst size in KiloBits Enable/disable port metering Set to Drop or Pass out of profile traffic Reset meter parameters Display current settings This menu defines the metering profile for the selected ACL. Table 164 ACL Meter Configuration Menu options Command Description cir <64-1000000> Configures the committed rate, in Kilobits per second.
ACL Re-mark In-Profile configuration Command: /cfg/acl/acl <1-762>/re-mark/inprof [Re-marking - In Profile Menu] up1p - Set Update User Priority Menu updscp - Set the update DSCP reset - Reset in profile settings cur - Display current settings Table 166 ACL Re-mark In-Profile Configuration Menu options Command Description up1p Displays the Re-Mark In-Profile Update User Priority Menu. updscp <0-63> Sets the DiffServ Code Point (DSCP) of In-Profile packets to the selected value.
ACL Packet Format configuration Command: /cfg/acl/acl <1-762>/pktfmt [Filtering Packet Format Menu] ethfmt - Set to filter on ethernet format tagfmt - Set to filter on ethernet tagging format reset - Reset all fields cur - Display current parameters The following table describes the Packet Format Configuration Menu options. Table 169 Packet Format Configuration Menu options Command Description ethfmt eth2|snap|llc Defines the Ethernet format for the ACL.
The following table describes the RMON Configuration Menu options. Table 171 RMON Menu options Command Description hist Displays the RMON History Menu. event Displays the RMON Event Menu. alarm Displays the RMON Alarm Menu. cur Displays the current RMON configuration.
RMON event configuration Command: /cfg/rmon/event <1-65535> [RMON Event 1 descn type owner delete cur Menu] - Set description for the event - Set event type - Set owner for the event - Delete this event and restore defaults - Display current event configuration The following table describes the RMON Event Menu options. Table 173 RMON Event Menu options Command Description descn <1-127 characters> Enter a text string to describe the event. The description can have a maximum of 127 characters.
Table 174 RMON Alarm Menu options Command Description sample abs|delta Configures the method of sampling the selected variable and calculating the value to be compared against the thresholds, as follows: abs: absolute value, the value of the selected variable is compared directly with the thresholds at the end of the sampling interval. delta: delta value, the value of the selected variable at the last sample is subtracted from the current value, and the difference compared with the thresholds.
Port-based port mirroring Command: /cfg/pmirr/monport [Port 1 Menu] add rem delete cur - Add "Mirrored" port Rem "Mirrored" port Delete this “Monitor” port Display current Port-based Port Mirroring configuration The following table describes the port-based Port Mirroring Configuration Menu options. Table 176 Port Mirroring Configuration Menu options Command Description add in|out|both Adds the port to be mirrored.
Failure Detection Pair configuration Command: /cfg/ufd/fdp [FDP Menu] ltm ltd ena dis current - Link to Monitor Menu Link to Disable Menu Enable FDP Disable FDP Display current FDP configuration Use these commands to configure a Failure Detection Pair, which consists of one Link to Monitor (LtM) and one Link to Disable (LtD). When the switch detects a failure on the LtM, it automatically disables the ports in the LtD.
Link to Disable configuration Command: /cfg/ufd/fdp/ltd [Failure Link addport remport addtrnk remtrnk cur to Disable Menu] - Add port to Link to Disable - Remove port from Link to Disable - Add trunk to Link to Disable - Remove trunk from Link to Disable - Display current LtD configuration The following table describes the Link to Disable (LtD) Menu options. The LtD can consist of any mix of downlink ports (ports 1-16) and trunk groups that contain only downlink ports.
Restoring the active switch configuration Command: /cfg/gtcfg When the gtcfg command is used, the active configuration will be replaced with the commands found in the specified configuration file. The file can contain a full switch configuration or a partial configuration. The configuration loaded using gtcfg is not activated until the apply command is used.
Operations Menu Introduction Operations-level commands are used for making immediate and temporary changes to switch configuration. The Operations Menu is used for bringing ports temporarily in and out of service. This menu is available only from an administrator and operator login.
Operations-level port 802.1x options Command: /oper/port /8021x [802.1x Operation Menu] reset - Reinitialize 802.1x access control on this port reauth - Initiate reauthentication on this port now Operations-level port 802.1x options are used to temporarily set 802.1x parameters for a port. Table 183 Operations-Level Port 802.1x Menu options Command Description reset Re-initializes the 802.1x access-control parameters for the port. The following actions take place, depending on the 802.
Boot Options Menu Introduction You must be logged in to the switch as the administrator to use the Boot Options Menu. The Boot Options Menu provides options for: • Selecting a switch software image to be used when the switch is next reset. • Selecting a configuration block to be used when the switch is next reset. • Downloading or uploading a new software image to the switch via FTP/TFTP.
When the above requirements are met, use the following procedure to download the new software to your GbE2c Ethernet Blade Switch. 1. At the Boot Options# prompt, enter: Boot Options# gtimg 2. Enter the name of the GbE2c Ethernet Blade Switch software to be replaced: Enter name of switch software image to be replaced ["image1"/"image2"/"boot"]: 3. Enter the hostname or IP address of the FTP or TFTP server: Enter hostname or IP address of FTP/TFTP server: 4.
Uploading a software image from the switch You can upload a software image from the GbE2c to a FTP or TFTP server. 1. At the Boot Options# prompt, enter: Boot Options# ptimg 2. The system prompts you for information. Enter the desired image: Enter name of switch software image to be uploaded ["image1"|"image2"|"boot"]: 3.
Resetting the switch You can reset the switch to make your software image file and configuration block changes occur. Resetting the switch causes the Spanning Tree Protocol to restart. This process can be lengthy, depending on the topology of your network. To reset the switch, at the Boot Options# prompt, enter: >> Boot Options# reset You are prompted to confirm your request.
Maintenance Menu Introduction The Maintenance Menu is used for debugging purposes, enabling you to generate a technical support dump of the critical state information in the switch, and to clear entries in the Forwarding Database and the Address Resolution Protocol (ARP) and routing tables. This menu is available only from an administrator and operator login.
System maintenance options Command: /maint/sys [System Maintenance Menu] flags - Set NVRAM flag word The System Maintenance Menu is reserved for use by HP technical support. The options are used to perform system debugging. The following table describes the System Maintenance Menu options. Table 186 System Maintenance Menu options Command Usage flags Sets the flags that are used for debugging purposes by HP technical support.
Debugging options Command: /maint/debug [Miscellaneous Debug Menu] tbuf - Show MP trace buffer snap - Show MP snap (or post-mortem) trace buffer clrcfg - Clear all flash configs The Miscellaneous Debug Menu displays trace buffer information about events that can be helpful in understanding switch operation.
IP Route Manipulation options Command: /maint/route [IP Routing Menu] find - Show a single route by destination IP address gw - Show routes to a single gateway type - Show routes of a single type tag - Show routes of a single tag if - Show routes on a single interface dump - Show all routes clear - Clear route table The following table describes the IP Route Manipulation Menu options: Table 190 IP Route Manipulation Menu options Command Usage find Shows a single route by destination IP addre
IGMP Snooping options Command: /maint/igmp/snoop [IGMP Multicast find vlan port trunk dump clear - Group Menu] Show a single group by IP group address Show groups on a single vlan Show groups on a single port Show groups on a single trunk Show all groups Clear group tables The following table describes the IGMP Snoop Maintenance Menu options. Table 192 IGMP Snooping Menu options Command Usage find Shows a single IGMP Multicast group by IP address.
Uuencode flash dump Command: /maint/uudmp Using this command, dump information is presented in uuencoded format. This format makes it easy to capture the dump information as a file or a string of characters. If you want to capture dump information to a file, set your communication software on your workstation to capture session data prior to issuing the uudmp command. This will ensure that you do not lose any information.
Panic command Command: /maint/panic The panic command causes the switch to immediately dump state information to flash memory and automatically reboot. To select panic, at the Maintenance# prompt, enter: >> Maintenance# panic A FLASH dump already exists. Confirm replacing existing dump and reboot [y/n]: Enter y to confirm the command: Confirm dump and reboot [y/n]: y A list of messages is displayed: Starting system dump...done. Reboot at 11:54:08 Wednesday October 30, 2006... . . . . . . . . . . . . . . . .
Index 8 802.1x information, 36 802.
MD5 cryptographic authentication, 132 media access control (MAC) address: ARP information, 46; display address, 10; FDB information, 33; FDB manipulation, 167 Miscellaneous Debug Menu, 168 monitor port, 155 N Network Time Protocol (NTP): synchronization, 96; time zone, 96 null modem cable, 9 O online help, 15 operating mode, configuration, 108 Operations-level port 802.
virtual router, 144; master preemption (prio); virtual router, 142 VLAN: active port; VLAN, 145 VLAN tagging: port configuration, 107 VLANs: ARP entry information, 46; configuration, 122; information, 43; name, 43; port membership, 43; setting default number (PVID), 107; tagging, 22, 58; VLAN number, 43 VRID (virtual router ID), 142, 144 VRRP: master advertisements, 142 VRRP configuration, 141 VRRP information, 52 VRRP master advertisements: time interval, 144 VRRP statistics menu, 80 Index 17 5