User's Manual

ManualsBrandsHP ManualsSwitchHP Switch 5300XL

management and

configuration guide

www.hp.com/go/hpprocurve

hp procurve

series 5300xl switches

Summary of content (632 pages)

PAGE 1
management and configuration guide hp procurve series 5300xl switches www.hp.
PAGE 2
PAGE 3
HP Procurve Series 5300XL Switches Software Release G.05.
PAGE 4
© Copyright 2000-2002 Hewlett-Packard Company All Rights Reserved. This document contains information which is protected by copyright. Reproduction, adaptation, or translation without prior permission is prohibited, except as allowed under the copyright laws. Publication Number 5990-3016 October 2002 Edition 4 The information contained in this document is subject to change without notice.
PAGE 5
Contents Getting Started Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxii Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxii Command Syntax Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxii Command Prompts . . . . . . . . . . .
PAGE 6
Main Menu Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-7 Screen Structure and Navigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-9 Rebooting the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-12 Menu Features List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-14 Where To Go From Here . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 7
Help and the Management Server URL . . . . . . . . . . . . . . . . . . . . . . . . 4-13 Status Reporting Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-15 The Overview Window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-15 The Port Utilization and Status Displays . . . . . . . . . . . . . . . . . . . . . . . 4-16 The Alert Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-19 The Status Bar .
PAGE 8
System Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-9 Menu: Viewing and Configuring System Information . . . . . . . . . . . . . 6-10 CLI: Viewing and Configuring System Information . . . . . . . . . . . . . . 6-11 Web: Configuring System Parameters . . . . . . . . . . . . . . . . . . . . . . . . . 6-14 Using Friendly (Optional) Port Names . . . . . . . . . . . . . . . . . . . . . . . . 6-15 Configuring and Operating Rules for Friendly Port Names . . .
PAGE 9
SNTP: Viewing, Selecting, and Configuring . . . . . . . . . . . . . . . . . . . . . 8-4 Menu: Viewing and Configuring SNTP . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5 CLI: Viewing and Configuring SNTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-8 TimeP: Viewing, Selecting, and Configuring . . . . . . . . . . . . . . . . . . . . 8-14 Menu: Viewing and Configuring TimeP . . . . . . . . . . . . . . . . . . . . . . . . 8-15 CLI: Viewing and Configuring TimeP . . . . . . . . . . . . . .
PAGE 10
Traffic/Security Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-33 Filter Limits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-34 Steps for Configuring Traffic/Security Filters . . . . . . . . . . . . . . . . . . . 9-34 Filter Types and Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-38 10 Configuring for Network Management Applications Contents . . . . . . . . . . . . . . . . . . . .
PAGE 11
Port-Based Virtual LANs (VLANs) and GVRP Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2 Port-Based Virtual LANs (Static VLANs) . . . . . . . . . . . . . . . . . . . . . . 11-3 Overview of Using VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-6 Menu: Configuring VLAN Parameters . . . . .
PAGE 12
Fast-Leave IGMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-16 Forced Fast-Leave IGMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-18 Querier Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-20 Excluding Well-Known or Reserved Multicast Addresses from IP Multicast Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-21 13 802.
PAGE 13
Configuring Switch Meshing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-10 Preparation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-10 Menu: To Configure Switch Meshing . . . . . . . . . . . . . . . . . . . . . . . . . 14-10 CLI: To View and Configure Switch Meshing . . . . . . . . . . . . . . . . . . 14-14 Operating Notes for Switch Meshing . . . . . . . . . . . . . . . . . . . . . . . . . 14-17 Flooded Traffic . . . . . . . . . .
PAGE 14
QoS Messages in the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-58 Operating and Troubleshooting Notes . . . . . . . . . . . . . . . . . . . . . . . . 15-59 16 IP Routing Features Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-1 Overview of IP Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-2 IP Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 15
Configuring IRDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-69 Enabling IRDP Globally . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-70 Enabling IRDP on an Individual VLAN Interface . . . . . . . . . . . . . . . 16-70 Displaying IRDP Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-71 Configuring DHCP Relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-72 Overview . . . . .
PAGE 16
Viewing Port and Trunk Group Statistics and Flow Control Status . B-9 Viewing the Switch’s MAC Address Tables . . . . . . . . . . . . . . . . . . . . B-11 Spanning Tree Protocol (STP) Information . . . . . . . . . . . . . . . . . . . . B-16 Internet Group Management Protocol (IGMP) Status . . . . . . . . . . . B-18 VLAN Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-19 Web Browser Interface Status Information . . . . . . . . . . . . . . . . . . . .
PAGE 17
Diagnostic Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-26 Port Auto-Negotiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-26 Ping and Link Tests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-27 Displaying the Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-31 CLI Administrative and Troubleshooting Commands . . . . . . . . . . .
PAGE 18
PAGE 19
Getting Started Contents Getting Started Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxii Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxii Command Syntax Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxii Command Prompts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiii Screen Simulations . . . . . .
PAGE 20
Getting Started Overview Overview This Management and Configuration Guide is intended for use with the following switches: � HP Procurve Switch 5304XL � HP Procurve Switch 5348XL � HP Procurve Switch 5308XL � HP Procurve Switch 5372XL Together, these four devices are termed the Series 5300XL switches. This guide describes how to use the command line interface (CLI), Menu interface, and web browser interface to configure, manage, monitor, and troubleshoot switch operation.
PAGE 21
Getting Started Conventions Command Prompts In the default configuration, your Series 5300XL switch displays one of the following CLI prompts: HP Procurve Switch 5304# HP Procurve Switch 5308# To simplify recognition, this guide uses HPswitch to represent command prompts for all models. For example: HPswitch# (You can use the hostname command to change the text in the CLI prompt.) Screen Simulations Figures containing simulated screen text and command output look like this: Figure i.
PAGE 22
Getting Started Related Publications Related Publications Read Me First. The Read Me First shipped with your switch provides software update information, product notes, and other information. A printed copy is shipped with your switch. For the latest version, refer to “Getting Documentation From the Web” on page xxi. Installation and Getting Started Guide. Use the Installation and Get ting Started Guide shipped with your switch to prepare for and perform the physical installation.
PAGE 23
Getting Started Getting Documentation From the Web Getting Documentation From the Web 1. Go to the HP Procurve website at http://www.hp.com/go/hpprocurve 2. Click on technical support. 3. Click on manuals. 4. Click on the product for which you want to view or download a manual.
PAGE 24
Getting Started Sources for More Information Sources for More Information � If you need information on specific parameters in the menu interface, refer to the online help provided in the interface. For example: Online Help for Menu � If you need information on a specific command in the CLI, type the command name followed by “help”.
PAGE 25
Getting Started Need Only a Quick Start? Need Only a Quick Start? IP Addressing. If you just want to give the switch an IP address so that it can communicate on your network, or if you are not using VLANs, HP recommends that you use the Switch Setup screen to quickly configure IP addressing. To do so, do one of the following: � Enter setup at the CLI Manager level prompt. HPswitch# setup � In the Main Menu of the Menu interface, select 8.
PAGE 26
PAGE 27
1 Selecting a Management Interface Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Understanding Management Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Advantages of Using the Menu Interface . . . . . . . . . . . . . . . . . . . . . . . . 1-3 Advantages of Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4 Advantages of Using the HP Web Browser Interface . . . . . . . . .
PAGE 28
Selecting a Management Interface Overview Overview This chapter describes the following: � � Management interfaces for the Series 5300XL switches Advantages of using each interface Understanding Management Interfaces Management interfaces enable you to reconfigure the switch and to monitor switch status and performance.
PAGE 29
Selecting a Management Interface Advantages of Using the Menu Interface Advantages of Using the Menu Interface Figure 1-1.
PAGE 30
Selecting a Management Interface Advantages of Using the CLI Advantages of Using the CLI HPswitch> Operator Level HPswitch# Manager Level HPswitch(config)# Global Configuration Level HPswitch()# Context Configuration Levels (port, VLAN) Figure 1-2. Command Prompt Examples � Provides access to the complete set of the switch configuration, perfor mance, and diagnostic features. � Offers out-of-band access (through the RS-232 connection) or Telnet (inband) access.
PAGE 31
Selecting a Management Interface Advantages of Using the HP Web Browser Interface Advantages of Using the HP Web Browser Interface Figure 1-3.
PAGE 32
Selecting a Management Interface Advantages of Using HP TopTools for Hubs & Switches Advantages of Using HP TopTools for Hubs & Switches You can operate HP TopTools from a PC on the network to monitor traffic, manage your hubs and switches, and proactively recommend network changes to increase network uptime and optimize performance. Easy to install and use, HP TopTools for Hubs & Switches is the answer to your management challenges. Figure 1-4.
PAGE 33
Selecting a Management Interface Advantages of Using HP TopTools for Hubs & Switches � � • Notifies you when HP hubs use “self-healing” features to fix or limit common network problems. • Provides a list of discovered devices, with device type, connectivity status, the number of new or open alerts for each device, and the type of management for each device. • Provides graphical maps of your networked devices, from which you can access specific devices.
PAGE 34
PAGE 35
2 Using the Menu Interface Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2 Starting and Ending a Menu Session . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3 How To Start a Menu Interface Session . . . . . . . . . . . . . . . . . . . . . . . . . 2-4 How To End a Menu Session and Exit from the Console: . . . . . . . . . . 2-5 Main Menu Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 36
Using the Menu Interface Overview Overview This chapter describes the following features: � � � � � Overview of the Menu Interface (page 4-1) Starting and ending a Menu session (page 2-3) The Main Menu (page 2-7) Screen structure and navigation (page 2-9) Rebooting the switch (page 2-12) The menu interface operates through the switch console to provide you with a subset of switch commands in an easy-to-use menu format enabling you to: � Perform a “quick configuration” of basic parameters, such as the
PAGE 37
Using the Menu Interface Starting and Ending a Menu Session Note If the switch has neither a Manager nor an Operator password, anyone having access to the console interface can operate the console with full manager privileges. Also, if you configure only an Operator password, entering the Operator password enables full manager privileges. For more information on passwords, refer to the Access Security Guide for your switch. Menu Interaction with Other Interfaces.
PAGE 38
Using the Menu Interface Starting and Ending a Menu Session How To Start a Menu Interface Session In its factory default configuration, the switch console starts with the CLI prompt. To use the menu interface with Manager privileges, go to the Manager level prompt and enter the menu command. 1. 2. 3. Use one of these methods to connect to the switch: • A PC terminal emulator or terminal • Telnet Do one of the following: • If you are using Telnet, go to step 3.
PAGE 39
Using the Menu Interface Starting and Ending a Menu Session Figure 2-1. The Main Menu with Manager Privileges For a description of Main Menu features, see “Main Menu Features” on page 2-7. Note To configure the switch to start with the menu interface instead of the CLI, go to the Manager level prompt in the CLI, enter the setup command, and in the resulting display, change the Logon Default parameter to Menu.
PAGE 40
Using the Menu Interface Starting and Ending a Menu Session Asterisk indicates a configuration change that requires a reboot to activate. Figure 2-2. An Asterisk Indicates a Configuration Change Requiring a Reboot 1. In the current session, if you have not made configuration changes that require a switch reboot to activate, return to the Main Menu and press (zero) to log out. Then just exit from the terminal program, turn off the terminal, or quit the Telnet session. �� 2.
PAGE 41
Using the Menu Interface Main Menu Features Main Menu Features Figure 2-3. The Main Menu View with Manager Privileges The Main Menu gives you access to these Menu interface features: � Status and Counters: Provides access to display screens showing switch information, port status and counters, port and VLAN address tables, and spanning tree information. (See Chapter B, “Monitoring and Analyzing Switch Operation”.
PAGE 42
Using the Menu Interface Main Menu Features 2-8 � Command Line (CLI): Selects the Command Line Interface at the same level (Manager or Operator) that you are accessing in the Menu interface. (See chapter 3, “Using the Command Line Interface (CLI)”.) � Reboot Switch: Performs a “warm” reboot of the switch, which clears most temporary error conditions, resets the network activity counters to zero, and resets the system up-time to zero.
PAGE 43
Using the Menu Interface Screen Structure and Navigation Screen Structure and Navigation Menu interface screens include these three elements: � � � Parameter fields and/or read-only information such as statistics Navigation and configuration actions, such as Save, Edit, and Cancel Help line to describe navigation options, individual parameters, and readonly data For example, in the following System Information screen: Screen title – identifies the location within the menu structure Parameter fields He
PAGE 44
Using the Menu Interface Screen Structure and Navigation Table 2-5. How To Navigate in the Menu Interface Task: Actions: Execute an action from the “Actions –>” list at the bottom of the screen: Use either of the following methods: • Use the arrow keys ( [ <] ,or [ >] ) to highlight the action you want to execute, then press . • Press the key corresponding to the capital letter in the action name. For example, in a configuration menu, press to select Edit and begin editing parameter values.
PAGE 45
Using the Menu Interface Screen Structure and Navigation To get Help on individual parameter descriptions. In most screens there is a Help option in the Actions line. Whenever any of the items in the Actions line is highlighted, press , and a separate help screen is displayed. For example: �� Pressing or highlighting Help and pressing displays Help for the parameters listed in the upper part of the screen �� Highlight on any item in the Actions line indicates that the Actions line is active.
PAGE 46
Using the Menu Interface Rebooting the Switch Rebooting the Switch Rebooting the switch from the menu interface � Terminates all current sessions and performs a reset of the operating system � � Activates any menu interface configuration changes that require a reboot Resets statistical counters to zero (Note that statistical counters can be reset to zero without rebooting the switch.) To Reboot the switch, use the Reboot Switch option in the Main Menu.
PAGE 47
Using the Menu Interface Rebooting the Switch Rebooting To Activate Configuration Changes. Configuration changes for most parameters in the menu interface become effective as soon as you save them. However, you must reboot the switch in order to implement a change in the Maximum VLANs to support parameter. (To access this parameter, go to the Main Menu and select: 2. Switch Configuration 8. VLAN Menu 1. VLAN Support.
PAGE 48
Using the Menu Interface Menu Features List Menu Features List Status and Counters • General System Information • Switch Management Address Information • Port Status • Port Counters • Address Table • Port Address Table • Spanning Tree Information Switch Configuration • System Information • Port/Trunk Settings • Network Monitoring Port • Spanning Tree Operation • IP Configuration • SNMP Community Names • IP authorized Managers • VLAN Menu Console Passwords Event Log Command Lin
PAGE 49
Using the Menu Interface Where To Go From Here Where To Go From Here This chapter provides an overview of the menu interface and how to use it. The following table indicates where to turn for detailed information on how to use the individual features available through the menu interface. Option: Turn to: To use the Run Setup option Refer to the Installation and Getting Started Guide shipped with the switch.
PAGE 50
PAGE 51
3 Using the Command Line Interface (CLI) Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2 Accessing the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2 Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2 Privilege Levels at Logon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 52
Using the Command Line Interface (CLI) Overview Overview The CLI is a text-based command interface for configuring and monitoring the switch. The CLI gives you access to the switch’s full set of commands while providing the same password protection that is used in the web browser interface and the menu interface. Accessing the CLI Like the menu interface, the CLI is accessed through the switch console, and, in the switch’s factory default state, is the default interface when you start a console session.
PAGE 53
Using the Command Line Interface (CLI) Using the CLI Startup Config file in non-volatile memory. If you reboot the switch without first using write memory, all changes made since the last reboot or write memory (whichever is later) will be lost. For more on switch memory and saving configuration changes, see Chapter 5, “Switch Memory and Configuration”. Privilege Levels at Logon Privilege levels control the type of access to the CLI. To implement this control, you must set at least a Manager password.
PAGE 54
Using the Command Line Interface (CLI) Using the CLI Caution HP strongly recommends that you configure a Manager password. If a Manager password is not configured, then the Manager level is not passwordprotected, and anyone having in-band or out-of-band access to the switch may be able to reach the Manager level and compromise switch and network security. Note that configuring only an Operator password does not prevent access to the Manager level by intruders who have the Operator password.
PAGE 55
Using the Command Line Interface (CLI) Using the CLI Manager Privileges Manager privileges give you three additional levels of access: Manager, Global Configuration, and Context Configuration. (See figure.) A “#” character delimits any Manager prompt. For example: HPswitch#_ � (Example of the Manager prompt.) Manager level: Provides all Operator level privileges plus the ability to perform system-level actions that do not require saving changes to the system configuration file.
PAGE 56
Using the Command Line Interface (CLI) Using the CLI Changing Interfaces. If you change from the CLI to the menu interface, or the reverse, you will remain at the same privilege level. For example, entering the menu command from the Operator level of the CLI takes you to the Operator privilege level in the menu interface. Table 3-1.
PAGE 57
Using the Command Line Interface (CLI) Using the CLI How To Move Between Levels Change in Levels Example of Prompt, Command, and Result Operator level to Manager level HPswitch> enable Password:_ After you enter enable, the Password prompt appears.
PAGE 58
Using the Command Line Interface (CLI) Using the CLI for VLAN 1 and later use the CLI to configure a different IP address of “Y” for VLAN 1, then “Y” replaces “X” as the IP address for VLAN 1 in the running config file. If you subsequently execute write memory in the CLI, then the switch also stores “Y” as the IP address for VLAN 1 in the startup-config file. (For more on the startup-config and running config files, see Chapter 5, “Switch Memory and Configuration”.
PAGE 59
Using the Command Line Interface (CLI) Using the CLI Typing ? at the Manager level produces this listing: When - - MORE - - appears, use the Space bar or to list additional commands. �� Figure 3-4. Example of the Manager-Level Command Listing When - - MORE - - appears, there are more commands in the listing. To list the next screenfull of commands, press the Space bar. To list the remaining commands one-by-one, repeatedly press .
PAGE 60
Using the Command Line Interface (CLI) Using the CLI As mentioned above, if you type part of a command word and press , the CLI completes the current word (if you have typed enough of the word for the CLI to distinguish it from other possibilities), including hyphenated exten sions. For example: �� HPswitch(config)# port HPswitch(config)# port-security _ �� Pressing after a completed command word lists the further options for that command.
PAGE 61
Using the Command Line Interface (CLI) Using the CLI Displaying CLI “Help” CLI Help provides two types of context-sensitive information: � � Command list with a brief summary of each command’s purpose Detailed information on how to use individual commands Displaying Command-List Help. You can display a listing of command Help summaries for all commands available at the current privilege level.
PAGE 62
Using the Command Line Interface (CLI) Using the CLI Figure 3-7. Example of How To Display Help for a Specific Command A similar action lists the Help showing additional parameter options for a given command. The following example illustrates how to list the Help for an interface command acting on a specific port: Figure 3-8.
PAGE 63
Using the Command Line Interface (CLI) Using the CLI Configuration Commands and the Context Configuration Modes You can execute any configuration command in the global configuration mode or in selected context modes. However, using a context mode enables you to execute context-specific commands faster, with shorter command strings. The Series 5300XL switches offers interface (port or trunk group) and VLAN context configuration modes: Port or Trunk-Group Context .
PAGE 64
Using the Command Line Interface (CLI) Using the CLI In the port context, the first block of commands in the “?” listing show the context-specific commands that will affect only ports C3-C6. The remaining commands in the listing are Manager, Operator, and context commands. Figure 3-9.
PAGE 65
Using the Command Line Interface (CLI) Using the CLI VLAN Context . Includes VLAN-specific commands that apply only to the selected VLAN, plus Manager and Operator commands. The prompt for this mode includes the VLAN ID of the selected VLAN. For example, if you had already configured a VLAN with an ID of 100 in the switch: HPswitch(config)# vlan 100 Command executed at configura tion level to enter VLAN 100 context. HPswitch(vlan-100)# Resulting prompt showing VLAN 100 context.
PAGE 66
Using the Command Line Interface (CLI) CLI Control and Editing CLI Control and Editing Keystrokes Function �� Jumps to the first character of the command line. �� or [ <] �� Terminates a task and displays the command prompt. �� Deletes the character at the cursor. �� Jumps to the end of the current command line. �� or [ >] Moves the cursor forward one character. Deletes from the cursor to the end of the command line.
PAGE 67
4 Using the HP Web Browser Interface Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2 General Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3 Starting an HP Web Browser Interface Session with the Switch . . 4-4 Using a Standalone Web Browser in a PC or UNIX Workstation . . . . 4-4 Using HP TopTools for Hubs & Switches . . . . . . . . . . . . . . . . . . . . . . .
PAGE 68
Using the HP Web Browser Interface Overview Overview The HP web browser interface built into the switch lets you easily access the switch from a browser-based PC on your network. This lets you do the following: � Optimize your network uptime by using the Alert Log and other diagnostic tools � � Make configuration changes to the switch Maintain security by configuring usernames and passwords This chapter covers the following: � � � � Note 4-2 General features (page 4-3).
PAGE 69
Using the HP Web Browser Interface General Features General Features The Series 5300XL switch include these web browser interface features: Switch Configuration: • Ports • VLANs and Primary VLAN • Fault detection • Port monitoring (mirroring) • System information • Enable/Disable Multicast Filtering (IGMP) and Spanning Tree • IP • Support and management URLs Switch Security: Passwords Switch Diagnostics: • Ping/Link Test • Device reset • Configuration report Switch status • Port util
PAGE 70
Using the HP Web Browser Interface Starting an HP Web Browser Interface Session with the Switch Starting an HP Web Browser Interface Session with the Switch You can start a web browser session in the following ways: � � Using a standalone web browser on a network connection from a PC or UNIX workstation: • Directly connected to your network • Connected through remote access to your network Using a management station running HP TopTools for Hubs & Switches on your network Using a Standalone Web Brow
PAGE 71
Using the HP Web Browser Interface Starting an HP Web Browser Interface Session with the Switch 2. Type the IP address (or DNS name) of the switch in the browser Location . (It is not necessary to include or Address field and press http://.) �� switch4108 10.11.12.
PAGE 72
Using the HP Web Browser Interface Starting an HP Web Browser Interface Session with the Switch 3. Note Alert Log The web browser interface automatically starts with the Status Overview window displayed for the selected device, as shown in figure 4-1. If the Registration window appears, click on the Status tab. First-Time Install Alert Figure 4-1.
PAGE 73
Using the HP Web Browser Interface Tasks for Your First HP Web Browser Interface Session Tasks for Your First HP Web Browser Interface Session The first time you access the web browser interface, there are three tasks that you should perform: � � � Review the “First Time Install” window Set Manager and Operator passwords Set access to the web browser interface online help Viewing the “First Time Install” Window When you access the switch’s web browser interface for the first time, the Alert log contains
PAGE 74
Using the HP Web Browser Interface Tasks for Your First HP Web Browser Interface Session This window is the launching point for the basic configuration you need to perform to set web browser interface passwords to maintain security and Fault Detection policy, which determines the types of messages that will be displayed in the Alert Log. To set web browser interface passwords, click on secure access to the device to display the Device Passwords screen, and then go to the next page.
PAGE 75
Using the HP Web Browser Interface Tasks for Your First HP Web Browser Interface Session Figure 4-3. The Device Passwords Window To set the passwords: 1. 2. Access the Device Passwords screen by one of the following methods: • If the Alert Log includes a “First Time Install” event entry, double click on this event, then, in the resulting display, click on the secure access to the device link. • Select the Security tab.
PAGE 76
Using the HP Web Browser Interface Tasks for Your First HP Web Browser Interface Session Note Passwords you assign in the web browser interface will overwrite previous passwords assigned in either the web browser interface, the Command Prompt, or the switch console. That is, the most recently assigned passwords are the switch’s passwords, regardless of which interface was used to assign the string. Using the Passwords Figure 4-4.
PAGE 77
Using the HP Web Browser Interface Tasks for Your First HP Web Browser Interface Session If You Lose a Password If you lose the passwords, you can clear them by pressing the Clear button on the front of the switch. This action deletes all password and user name protection from all of the switch’s interfaces.
PAGE 78
Using the HP Web Browser Interface Support/Mgmt URLs Feature Support/Mgmt URLs Feature The Support/Mgmt URLs window enables you to change the World Wide Web Universal Resource Locator (URL) for two functions: � � Support URL – a support information site for your switch Management Server URL – the site for online help for the web browser interface, and, if set up, the URL of a network management station running HP TopTools for Hubs & Switches. 1. Click Here 2. Click Here 3.
PAGE 79
Using the HP Web Browser Interface Support/Mgmt URLs Feature Support URL This is the site that the switch accesses when you click on the Support tab on the web browser interface. The default URL is: http://www.hp.com/go/procurve which is the World Wide Web site for Hewlett-Packard’s networking products. Click on the button on that page and you can get to support information regarding your switch, including white papers, operating system (OS) updates, and more.
PAGE 80
Using the HP Web Browser Interface Support/Mgmt URLs Feature � If you have World Wide Web access from your PC or workstation, and do not have HP TopTools installed on your network, enter the following URL in the Management Server URL field shown in figure 4-7 on page 4-14: http://www.hp.com/rnd/device_help Enter IP address of HP TopTools network management station, or URL of location of help files on HP’s World Wide Web site here. Figure 4-7.
PAGE 81
Using the HP Web Browser Interface Status Reporting Features Status Reporting Features Browser elements covered in this section include: � � � � The Overview window (below) Port utilization and status (page 4-16) The Alert log (page 4-19) The Status bar (page 4-22) The Overview Window The Overview Window is the home screen for any entry into the web browser interface.The following figure identifies the various parts of the screen.
PAGE 82
Using the HP Web Browser Interface Status Reporting Features The Port Utilization and Status Displays The Port Utilization and Status displays show an overview of the status of the switch and the amount of network activity on each port. The following figure shows a sample reading of the Port Utilization and Port Status. Port Utilization Bar Graphs Bandwidth Display Control Port Status Indicators Legend Figure 4-9.
PAGE 83
Using the HP Web Browser Interface Status Reporting Features � Maximum Activity Indicator: As the bars in the graph area change height to reflect the level of network activity on the corresponding port, they leave an outline to identify the maximum activity level that has been observed on the port. Utilization Guideline. A network utilization of 40% is considered the maximum that a typical Ethernet-type network can experience before encoun tering performance difficulties.
PAGE 84
Using the HP Web Browser Interface Status Reporting Features Port Status Port Status Indicators Legend Figure 4-12. The Port Status Indicators and Legend The Port Status indicators show a symbol for each port that indicates the general status of the port. There are four possible statuses: 4-18 � Port Connected – the port is enabled and is properly connected to an active network device. � Port Not Connected – the port is enabled but is not connected to an active network device.
PAGE 85
Using the HP Web Browser Interface Status Reporting Features The Alert Log The web browser interface Alert Log, shown in the lower half of the screen, shows a list of network occurrences, or alerts, that were detected by the switch. Typical alerts are Broadcast Storm, indicating an excessive number of broadcasts received on a port, and Problem Cable, indicating a faulty cable. A full list of alerts is shown in the table on page 4-20. Figure 4-13.
PAGE 86
Using the HP Web Browser Interface Status Reporting Features Alert Types The following table lists the types of alerts that can be generated. Table 4-1. Alert Strings and Descriptions Alert String Alert Description First Time Install Important installation information for your switch.
PAGE 87
Using the HP Web Browser Interface Status Reporting Features Viewing Detail Views of Alert Log Entries By double clicking on Alert Entries, the web browser interface displays a Detail View or separate window detailing information about the events. The Detail View contains a description of the problem and a possible solution.
PAGE 88
Using the HP Web Browser Interface Status Reporting Features The Status Bar The Status Bar is displayed in the upper left corner of the web browser interface screen. Figure 4-15 shows an expanded view of the status bar. Most Critical Alert Description Status Indicator Product Name Figure 4-15. Example of the Status Bar The Status bar consists of four objects: � Status Indicator. Indicates, by icon, the severity of the most critical alert in the current display of the Alert Log.
PAGE 89
Using the HP Web Browser Interface Status Reporting Features � Product Name. The product name of the switch to which you are connected in the current web browser interface session. Setting Fault Detection Policy One of the powerful features in the web browser interface is the Fault Detection facility. For your switch, this feature controls the types of alerts reported to the Alert Log based on their level of severity. Set this policy in the Fault Detection window (figure 4-16). Figure 4-16.
PAGE 90
Using the HP Web Browser Interface Status Reporting Features � High Sensitivity. This policy directs the switch to send all alerts to the Alert Log. This setting is most effective on networks that have none or few problems. � Medium Sensitivity. This policy directs the switch to send alerts related to network problems to the Alert Log. If you want to be notified of problems which cause a noticeable slowdown on the network, use this setting. � Low Sensitivity.
PAGE 91
5 Switch Memory and Configuration Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2 Overview of Configuration File Management . . . . . . . . . . . . . . . . . . . 5-2 Using the CLI To Implement Configuration Changes . . . . . . . . . . . . 5-5 Using the Menu and Web Browser Interfaces To Implement Configuration Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 92
Switch Memory and Configuration Overview Overview This chapter describes: � � � How switch memory manages configuration changes How the CLI implements configuration changes How the menu interface and web browser interface implement configu ration changes � How the switch provides OS (operating system) options through primary/ secondary flash image options � How to use the switch’s primary and secondary flash options, including displaying flash information, booting or restarting the switch, and other
PAGE 93
Switch Memory and Configuration Overview of Configuration File Management � Running Config File: Exists in volatile memory and controls switch operation. If no configuration changes have been made in the CLI since the switch was last booted, the running-config file is identical to the startup-config file. � Startup-config File: Exists in flash (non-volatile) memory and is used to preserve the most recently-saved configuration as the “permanent” configuration.
PAGE 94
Switch Memory and Configuration Overview of Configuration File Management “permanent”. When you are satisfied that the change is satisfactory, you can make it permanent by executing the write memory command. For example, suppose you use the following command to disable port 5: HPswitch(config)# interface ethernet 5 disable The above command disables port 5 in the running-config file, but not in the startup-config file. Port 5 remains disabled only until the switch reboots.
PAGE 95
Switch Memory and Configuration Using the CLI To Implement Configuration Changes Using the CLI To Implement Configuration Changes The CLI offers these capabilities: � � Access to the full set of switch configuration features The option of testing configuration changes before making them perma nent How To Use the CLI To View the Current Configuration Files. Use show commands to view the configuration for individual features, such as port status or Spanning Tree Protocol.
PAGE 96
Switch Memory and Configuration Using the CLI To Implement Configuration Changes 3. Observe the switch’s performance with the new parameter settings to verify the effect of your changes. 4. When you are satisfied that you have the correct parameter settings, use the write memory command to copy the changes to the startup-config file. Syntax: write memory For example, the default port mode setting is auto.
PAGE 97
Switch Memory and Configuration Using the CLI To Implement Configuration Changes Disables port 1 in the running configuration, which causes port 1 to block all traffic. HPswitch(config)# interface e 1 disable HPswitch(config)# boot Device will be rebooted, do you want to continue [y/n]? y Press �� to continue the rebooting process. You will then see this prompt. Do you want to save current configuration [y/n]? Figure 5-2.
PAGE 98
Switch Memory and Configuration Using the Menu and Web Browser Interfaces To Implement Configuration Changes How To Reset the startup-config and running-config Files to the Factory Default Configuration. This command reboots the switch, replacing the contents of the current startup-config and running-config files with the factory-default startup configuration.
PAGE 99
Switch Memory and Configuration Using the Menu and Web Browser Interfaces To Implement Configuration Changes Note The only exception to this operation are two VLAN-related parameter changes that require a reboot—described under “Rebooting To Activate Configuration Changes” on page 5-10. Using Save and Cancel in the Menu Interface For any configuration screen in the menu interface, the Save command: 1. Implements the changes in the running-config file 2.
PAGE 100
Switch Memory and Configuration Using the Menu and Web Browser Interfaces To Implement Configuration Changes face, the switch discards the configuration changes made while using the CLI. To ensure that changes made while using the CLI are saved, execute write memory in the CLI before rebooting the switch.
PAGE 101
Switch Memory and Configuration Using the Menu and Web Browser Interfaces To Implement Configuration Changes (To access these parameters, go to the Main menu and select 2. Switch Configuration, then 8. VLAN Menu, then 1. VLAN Support.) If configuration changes requiring a reboot have been made, the switch displays an asterisk (*) next to the menu item in which the change has been made.
PAGE 102
Switch Memory and Configuration Using Primary and Secondary Flash Image Options Using Primary and Secondary Flash Image Options The Series 4100GL switches feature two flash memory locations for storing system image (operating system, or OS) files: � � Primary Flash: The default storage for OS (system image) files. Secondary Flash: The additional storage for either a redundant or an alternate OS (system image) file.
PAGE 103
Switch Memory and Configuration Using Primary and Secondary Flash Image Options For example, if the switch is using an OS version of E.05.01 stored in Primary flash, show version produces the following: Figure 5-6. Example Showing the Identity of the Current Flash Image Determining Whether the Flash Images Are Different Versions. If the flash image sizes in primary and secondary are the same, then in almost every case, the primary and secondary images are identical.
PAGE 104
Switch Memory and Configuration Using Primary and Secondary Flash Image Options 1. In this example show version indicates the switch has version G.05.01 in primary flash. 2. After the boot system command, show version indicates that version G.05.00 is in secondary flash. Figure 5-8. Determining the OS Version in Primary and Secondary Flash OS Downloads The following table shows the switch’s options for downloading an OS to flash and booting the switch from flash Table 5-1.
PAGE 105
Switch Memory and Configuration Using Primary and Secondary Flash Image Options Local OS Replacement and Removal This section describes commands for erasing an OS (flash image) and copying an existing OS between primary and secondary flash. Note It is not necessary to erase the content of a flash location before downloading another OS file. The process automatically overwrites the previous file with the new file.
PAGE 106
Switch Memory and Configuration Using Primary and Secondary Flash Image Options 1. Verify that there is a valid flash image in the secondary flash location. The following figure indicates that an OS image is present in secondary flash. (If you are unsure whether the image is secondary flash is valid, try booting from it before you proceed, by using boot system flash secondary.) The unequal code size, differing dates, and differing version numbers indicates two different versions of the OS software.
PAGE 107
Switch Memory and Configuration Using Primary and Secondary Flash Image Options The prompt shows which flash location will be erased. Figure 5-10. Example of Erase Flash Prompt 3. Type y at the prompt to complete the flash erase. 4. Use show flash to verify erasure of the selected OS flash image The “0” here shows that primary flash has been erased. Figure 5-11.
PAGE 108
Switch Memory and Configuration Using Primary and Secondary Flash Image Options Booting from Primary Flash. This command always boots the switch from primary flash, and executes the complete set of subsystem self-tests. Syntax: boot For example, to boot the switch from primary flash with pending configuration changes in the running-config file: Figure 5-12. Example of Boot Command (Default Primary Flash) In the above example, typing either a y or n at the second prompt initiates the reboot operation.
PAGE 109
Switch Memory and Configuration Using Primary and Secondary Flash Image Options Booting from the Current OS Version. Reload reboots the switch from the flash image on which the switch is currently running, and saves to the startup-config file any configuration changes currently in the running-config file. Because reload bypasses some subsystem self-tests, the switch reboots faster than if you use either of the boot command options.
PAGE 110
Switch Memory and Configuration Using Primary and Secondary Flash Image Options using a version “Y” of the OS, and then reboot the switch with an earlier OS version “X” that does not include all of the features found in “Y”, the OS simply ignores the parameters for any features that it does not support.
PAGE 111
6 Interface Access, System Information, and Friendly Port Names Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2 Interface Access: Console/Serial Link, Web, and Inbound Telnet . 6-3 Menu: Modifying the Interface Access . . . . . . . . . . . . . . . . . . . . . . . . . . 6-4 CLI: Modifying the Interface Access . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 112
Interface Access, System Information, and Friendly Port Names Overview Overview This chapter describes how to: � � � View and modify the configuration for switch interface access Use the CLI kill command to terminate a remote session View and modify switch system information For help on how to actually use the interfaces built into the switch, refer to: � � � Chapter 2, “Using the Menu Interface” Chapter 3, “Using the Command Line Interface (CLI)” Chapter 4, Using the HP Web Browser Interface” Why Co
PAGE 113
Interface Access, System Information, and Friendly Port Names Interface Access: Console/Serial Link, Web, and Inbound Telnet Interface Access: Console/Serial Link, Web, and Inbound Telnet Interface Access Features Feature Inactivity Time Inbound Telnet Access Outbound Telnet Access Web Browser Interface Access Terminal type Event Log event types to list (Displayed Events) Baud Rate Flow Control Default Menu CLI Web 0 Minutes (disabled) page 6-4 page 6-6 — Enabled page 6-4 page 6-5 — n/a — pa
PAGE 114
Interface Access, System Information, and Friendly Port Names Interface Access: Console/Serial Link, Web, and Inbound Telnet Menu: Modifying the Interface Access The menu interface enables you to modify these parameters: � � � Inactivity Timeout Inbound Telnet Enabled Web Agent Enabled To Access the Interface Access Parameters: 1. From the Main Menu, Select... 2. Switch Configuration... 1. System Information Interface Access Parameters Figure 6-1.
PAGE 115
Interface Access, System Information, and Friendly Port Names Interface Access: Console/Serial Link, Web, and Inbound Telnet CLI: Modifying the Interface Access Interface Access Commands Used in This Section show console below [no] telnet-server below [no] web-management page 6-6 console page 6-6 Listing the Current Console/Serial Link Configuration. This com mand lists the current interface access parameter settings.
PAGE 116
Interface Access, System Information, and Friendly Port Names Interface Access: Console/Serial Link, Web, and Inbound Telnet Outbound Telnet to Another Device. This feature operates indepen dently of the telnet-server status and enables you to Telnet to another device that has an IP address. Syntax: telnet < ip-address > For example: HPswitch # telnet 10.28.27.204 Reconfigure Web Browser Access. In the default configuration, web browser access is enabled.
PAGE 117
Interface Access, System Information, and Friendly Port Names Interface Access: Console/Serial Link, Web, and Inbound Telnet � � � � � VT100 operation 19,200 baud No flow control 10-minute inactivity time Critical log events you would use the following command sequence: The switch implements the Event Log change immediately. The switch implements the other console changes after executing write memory and reload. Figure 6-3.
PAGE 118
Interface Access, System Information, and Friendly Port Names Denying Interface Access by Terminating Remote Management Sessions Denying Interface Access by Terminating Remote Management Sessions The switch supports up to four management sessions. You can use show ip ssh to list the current management sessions, and kill to terminate a currently running remote session. (Kill does not terminate a Console session on the serial port, either through a direct connection or via a modem.
PAGE 119
Interface Access, System Information, and Friendly Port Names System Information System Information System Information Features Feature Default Menu CLI Web System Name switch product name page 6-10 page 6-12 page 6-14 System Contact n/a page 6-10 page 6-12 page 6-14 System Location n/a page 6-10 page 6-12 page 6-14 MAC Age Time 300 seconds page 6-10 page 6-13 — Time Sync Method None See Chapter 8, “Time Protocols”.
PAGE 120
Interface Access, System Information, and Friendly Port Names System Information Time Zone: The number of minutes your time zone location is to the West (+) or East (-) of Coordinated Universal Time (formerly GMT). The default 0 means no time zone is configured. For example, the time zone for Berlin, Germany is + 60 (minutes) and the time zone for Vancouver, Canada is - 480 (minutes). Daylight Time Rule: Specifies the daylight savings time rule to apply for your location. The default is None.
PAGE 121
Interface Access, System Information, and Friendly Port Names System Information (for Edit). The cursor moves to the System Name field. 2. Press 3. Refer to the online help provided with this screen for further information on configuration options for these features. 4. When you have finished making changes to the above parameters, press , then press (for Save) and return to the Main Menu.
PAGE 122
Interface Access, System Information, and Friendly Port Names System Information Configure a System Name, Contact, and Location for the Switch. To help distinguish one switch from another, configure a plain-language identity for the switch. Syntax: hostname snmp-server [contact ] [location ] Both fields allow up to 48 characters. Blank spaces are not allowed in the variables for these commands.
PAGE 123
Interface Access, System Information, and Friendly Port Names System Information Reconfigure the Age Time for Learned MAC Addresses. This com mand corresponds to the MAC Age Interval in the menu interface, and is expressed in seconds. Syntax: mac-age-time <10 . . 1000000> (seconds) For example, to configure the age time to seven minutes: HPswitch(config)# mac-age-time 420 Configure the Time Zone and Daylight Time Rule.
PAGE 124
Interface Access, System Information, and Friendly Port Names System Information Web: Configuring System Parameters In the web browser interface, you can enter the following system information: � � � System Name System Location System Contact For access to the MAC Age Interval and the Time parameters, use the menu interface or the CLI. Configure System Parameters in the Web Browser Interface. 1. Click on the Configuration tab. 2. Click on 3. Enter the data you want in the displayed fields. 4.
PAGE 125
Interface Access, System Information, and Friendly Port Names Using Friendly (Optional) Port Names Using Friendly (Optional) Port Names Feature Configure Friendly Port Names Display Friendly Port Names Default Menu CLI Web Standard Port Numbering n/a page 16 n/a n/a n/a page 18 n/a This feature enables you to assign alphanumeric port names of your choosing to augment automatically assigned numeric port names.
PAGE 126
Interface Access, System Information, and Friendly Port Names Using Friendly (Optional) Port Names � To retain friendly port names across reboots, you must save the current running-configuration to the startup-config file after entering the friendly port names. (In the CLI, use the write memory command.) Configuring Friendly Port Names Syntax:interface [e] name Assigns a port name to port-list. no interface [e] nameDeletes the port name from port-list.
PAGE 127
Interface Access, System Information, and Friendly Port Names Using Friendly (Optional) Port Names Configuring the Same Name for Multiple Ports. Suppose that you want to use ports A5 through A8 as a trunked link to a server used by a drafting group. In this case you might configure ports A5 through A8 with the name “Draft-Server:Trunk”. Figure 6-10.
PAGE 128
Interface Access, System Information, and Friendly Port Names Using Friendly (Optional) Port Names Displaying Friendly Port Names with Other Port Data You can display friendly port name data in the following combinations: � show name: Displays a listing of port numbers with their corresponding friendly port names and also quickly shows you which ports do not have friendly name assignments. (show name data comes from the running config file.
PAGE 129
Interface Access, System Information, and Friendly Port Names Using Friendly (Optional) Port Names Port Without a “Friendly” Name Friendly port names assigned in previous examples. Figure 6-12. Example of Friendly Port Name Data for Specific Ports on the Switch Including Friendly Port Names in Per-Port Statistics Listings. A friendly port name configured to a port is automatically included when you display the port’s statistics output.
PAGE 130
Interface Access, System Information, and Friendly Port Names Using Friendly (Optional) Port Names For a given port, if a friendly port name does not exist in the running-config file, the Name line in the above command output appears as: Name : not assigned To Search the Configuration for Ports with Friendly Port Names. This option tells you which friendly port names have been saved to the startup config file.
PAGE 131
7 Configuring IP Addressing Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2 IP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3 Just Want a Quick Start with IP Addressing? . . . . . . . . . . . . . . . . . . . . 7-4 IP Addressing with Multiple VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 132
Configuring IP Addressing Overview Overview You can configure IP addressing through all of the switch’s interfaces. You can also: � Easily edit a switch configuration file to allow downloading the file to multiple Series 5300XL switches without overwriting each switch’s unique gateway and VLAN 1 IP addressing. � Assign up to seven secondary IP address to a VLAN (multinetting).
PAGE 133
Configuring IP Addressing IP Configuration IP Configuration IP Configuration Features Feature IP Address and Subnet Mask Multiple IP Addresses on a VLAN Default Menu CLI Web DHCP/Bootp page 7-5 page 7-7 page 7-11 n/a — page 7-9 — Default Gateway Address none page 7-5 page 7-7 page 7-11 Packet Time-To-Live (TTL) 64 seconds page 7-5 page 7-7 — DHCP page 7-5 page 7-7 — Time Server (Timep) IP Address and Subnet Mask.
PAGE 134
Configuring IP Addressing IP Configuration then the switch uses this gateway, even if a different gateway is received via DHCP or Bootp on the primary VLAN. (This is also true for TimeP and a nondefault Time-To-Live.) See “Notes” on page 7-4 and “The Primary VLAN” on page 11-6. Packet Time-To-Live (TTL) . This parameter specifies the maximum num ber of routers (hops) through which a packet can pass before being discarded. Each router decreases a packet’s TTL by 1 before forwarding the packet.
PAGE 135
Configuring IP Addressing IP Configuration TTL, and TimeP values will be acquired through the primary VLAN only.) For more on VLANs, refer to “Port-Based Virtual LANs (Static VLANs)” on page 11-3. � The IP addressing used in the switch should be compatible with your network. That is, the IP address must be unique and the subnet mask must be appropriate for your IP network.
PAGE 136
Configuring IP Addressing IP Configuration For descriptions of these parameters, see the online Help for this screen. Before using the DHCP/ Bootp option, refer to “DHCP/Bootp Operation” on page 7-13. Figure 7-1. Example of the IP Service Configuration Screen without Multiple VLANs Configured (for Edit). 2. Press 3. If the switch needs to access a router, for example, to reach off-subnet destinations, select the Default Gateway field and enter the IP address of the gateway router. 4.
PAGE 137
Configuring IP Addressing IP Configuration CLI: Configuring IP Address, Gateway, and Time-ToLive (TTL) IP Commands Used in This Section Page show ip 7-7 show ip secondary 7-10 ip address /< mask-length | mask-bits > 7-8 ip address /< mask-length | mask-bits > secondary 7-9 ip default-gateway 7-11 ip ttl 7-11 Viewing the Current IP Configuration. The following command displays the IP addressing for each VLAN configured in the switch.
PAGE 138
Configuring IP Addressing IP Configuration A Switch 5300XL with IP Addressing and VLANs Configured Figure 7-3. Example of Show IP Listing with Non-Default IP Addressing Configured Configure an IP Address and Subnet Mask. The following command includes both the primary IP address and the subnet mask. You must either include the ID of the VLAN for which you are configuring IP addressing or go to the context configuration level for that VLAN.
PAGE 139
Configuring IP Addressing IP Configuration Configure Multiple IP Addresses on a VLAN (Multinetting). You can configure one primary IP address per VLAN and up to seven secondary IP addresses for the same VLAN. That is, the switch enables you to assign up to eight networks to a VLAN. � � Each IP address on a VLAN must be for a separate subnet. � If the primary IP address on a VLAN is configured for DHCP-Bootp, the switch does not accept secondary IP addresses on that VLAN.
PAGE 140
Configuring IP Addressing IP Configuration If you then wanted to multinet the default VLAN, you would do the following: The secondary IP addresses in a VLAN are listed immediately after the primary IP address for the VLAN. Figure 7-5. Example of Multinetting on the Default VLAN For an alternate display of the above information, use the show ip secondary command: Figure 7-6.
PAGE 141
Configuring IP Addressing IP Configuration Configure the Optional Default Gateway. Using the Global configura tion level, you can assign one default gateway to the switch. ip default-gateway Syntax: For example: HPswitch(config)# ip default-gateway 10.28.227.115 Note The switch uses the IP default gateway only while operating as a Layer 2 device. While routing is enabled on the switch, the IP default gateway is not used.
PAGE 142
Configuring IP Addressing IP Configuration How IP Addressing Affects Switch Operation Without an IP address and subnet mask compatible with your network, the switch can be managed only through a direct terminal device connection to the Console RS-232 port. You can use direct-connect console access to take advantage of features that do not depend on IP addressing.
PAGE 143
Configuring IP Addressing IP Configuration DHCP/Bootp Operation Overview. DHCP/Bootp is used to provide configuration data from a DHCP or Bootp server to the switch. This data can be the IP address, subnet mask, default gateway, Timep Server address, and TFTP server address. If a TFTP server address is provided, this allows the switch to TFTP a previously saved configuration file from the TFTP server to the switch.
PAGE 144
Configuring IP Addressing IP Configuration DHCP Operation. A significant difference between a DHCP configuration and a Bootp configuration is that an IP address assignment from a DHCP server is automatic. Depending on how the DHCP server is configured, the switch may receive an ip address that is temporarily leased. Periodically the switch may be required to renew its lease of the IP configuration.
PAGE 145
Configuring IP Addressing IP Configuration gw=10.66.77.1:\ lg=10.22.33.44:\ T144=”switch.cfg”:\ vm=rfc1048 where: Note 5300switch is a user-defined symbolic name to help you find the correct section of the bootptab file. If you have multiple switches that will be using Bootp to get their IP configuration, you should use a unique symbolic name for each switch. ht is the “hardware type”. For the Series 5300XL switches, set this to ether (for Ethernet). This tag must precede the ha tag.
PAGE 146
Configuring IP Addressing IP Configuration Note Designating a primary VLAN other than the default VLAN affects the switch’s use of information received via DHCP/Bootp. For more on this topic, see “The Primary VLAN” on page 11-6. After you reconfigure or reboot the switch with DHCP/Bootp enabled in a network providing DHCP/Bootp service, the switch does the following: 7-16 � Receives an IP address and subnet mask and, if configured in the server, a gateway IP address and the address of a Timep server.
PAGE 147
Configuring IP Addressing IP Preserve: Retaining VLAN-1 IP Addressing Across Configuration File Downloads IP Preserve: Retaining VLAN-1 IP Addressing Across Configuration File Downloads IP Preserve enables you to copy a configuration file to multiple Series 5300XL switches while retaining the individual IP address and subnet mask on VLAN 1 in each switch, and the Gateway IP address assigned to the switch.
PAGE 148
Configuring IP Addressing IP Preserve: Retaining VLAN-1 IP Addressing Across Configuration File Downloads To set up IP Preserve, enter the ip preserve statement at the end of a configu ration file. (Note that you do not execute IP Preserve by entering a command from the CLI). Entering “ip preserve” in the last line of a configuration file implements IP Preserve when the file is downloaded to the switch and the switch reboots. Figure 7-7.
PAGE 149
Configuring IP Addressing IP Preserve: Retaining VLAN-1 IP Addressing Across Configuration File Downloads Using figure 7-8, above, switches 1 - 3 ignore these entries because the file implements IP Preserve and their current IP addressing was not acquired through DHCP/Bootp. IP Preserve Command Switch 4 ignores IP Preserve and implements the DHCP/Bootp addressing and IP Gateway specified in this file (because its last IP addressing was acquired from a DHCP/Bootp server). Figure 7-9.
PAGE 150
Configuring IP Addressing IP Preserve: Retaining VLAN-1 IP Addressing Across Configuration File Downloads Because switch 4 (figure 7-8) received its most recent IP addressing from a DHCP/Bootp server, the switch ignores the ip preserve command and implements the IP addressing included in this file. Figure 7-10.
PAGE 151
Configuring IP Addressing Globally Assigned IP Network Addresses Globally Assigned IP Network Addresses If you intend to connect your network to other networks that use globally administered IP addresses, Hewlett-Packard strongly recommends that you use IP addresses that have a network address assigned to you. There is a formal process for assigning unique IP addresses to networks worldwide. For more information: Please contact your internet service provider (ISP).
PAGE 152
PAGE 153
8 Time Protocols Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2 TimeP Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2 SNTP Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2 Selecting a Time Synchronization Protocol or Turning Off Time Protocol Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 154
Time Protocols Overview Overview This chapter describes: � � SNTP Time Protocol Operation Timep Time Protocol Operation Using time synchronization ensures a uniform time among interoperating devices. This helps you to manage and troubleshoot switch operation by attaching meaningful time data to event and error messages. The switch offers TimeP and SNTP (Simple Network Time Protocol) and a timesync command for changing the time protocol selection (or turning off time protocol operation).
PAGE 155
Time Protocols Selecting a Time Synchronization Protocol or Turning Off Time Protocol Operation ular server, it ignores time broadcasts from other SNTP servers unless the configurable Poll Interval expires three consecutive times without an update received from the first-detected server. Note To use Broadcast mode, the switch and the SNTP server must be in the same subnet. � Unicast Mode: The switch requests a time update from the config ured SNTP server.
PAGE 156
Time Protocols SNTP: Viewing, Selecting, and Configuring Note that simply selecting a time synchronization protocol does not enable that protocol on the switch unless you also enable the protocol itself (step 2, above). For example, in the factory-default configuration, TimeP is the selected time synchronization method. However, because TimeP is disabled in the factory-default configuration, no time synchronization protocol is running.
PAGE 157
Time Protocols SNTP: Viewing, Selecting, and Configuring Table 8-1.SNTP Parameters SNTP Parameter Operation Time Sync Method Used to select either SNTP, TIMEP, or None as the time synchronization method. SNTP Mode Disabled The Default. SNTP does not operate, even if specified by the Menu interface Time Sync Method parameter or the CLI timesync command. Unicast Directs the switch to poll a specific server for SNTP time synchronization. Requires at least one server address.
PAGE 158
Time Protocols SNTP: Viewing, Selecting, and Configuring Time Protocol Selection Parameter – TIMEP – SNTP – None Figure 8-1. The System Information Screen (Default Values) 2. Press 3. Use [ v] to move the cursor to the Time Sync Method field. 4. Use the Space bar to select SNTP, then press [ v] once to display and move to the SNTP Mode field. 5. Do one of the following: (for Edit). The cursor moves to the System Name field.
PAGE 159
Time Protocols SNTP: Viewing, Selecting, and Configuring ii. Enter the IP address of the SNTP server you want the switch to use for time synchronization. Note: This step replaces any previously configured server IP address. If you will be using backup SNTP servers (requires use of the CLI), then see “SNTP Unicast Time Polling with Multiple SNTP Servers” on page 8-22. iii. Press [ v] to move the cursor to the Server Version field.
PAGE 160
Time Protocols SNTP: Viewing, Selecting, and Configuring CLI: Viewing and Configuring SNTP CLI Commands Described in this Section SNTP Command show sntp Page 8-8 [no] timesync 8-9 and ff., 8-12 sntp broadcast 8-9 sntp unicast 8-10 sntp server 8-10 and ff. Protocol Version 8-12 poll-interval 8-12 no sntp 8-13 This section describes how to use the CLI to view, enable, and configure SNTP parameters.
PAGE 161
Time Protocols SNTP: Viewing, Selecting, and Configuring In the factory-default configuration (where TimeP is the selected time synchronization method), show sntp still lists the SNTP configuration even though it is not currently in use. For example: Even though, in this example, TimeP is the current time synchronous method, the switch maintains the SNTP configuration. Figure 8-3.
PAGE 162
Time Protocols SNTP: Viewing, Selecting, and Configuring � Time synchronization is in the factory-default configuration (TimeP is the currently selected time synchronization method). � You want to: 1. View the current time synchronization. 2. Select SNTP as the time synchronization mode. 3. Enable SNTP for Broadcast mode. 4. View the SNTP configuration again to verify the configuration.
PAGE 163
Time Protocols SNTP: Viewing, Selecting, and Configuring no sntp server Deletes the specified SNTP server. Note Deleting an SNTP server when only one is configured disables SNTP unicast operation. For example, to select SNTP and configure it with unicast mode and an SNTP server at 10.28.227.141 with the default server version (3) and default poll interval (720 seconds): HPswitch(config)# timesync sntpSelects SNTP. HPswitch(config)# sntp unicastActivates SNTP in Unicast mode.
PAGE 164
Time Protocols SNTP: Viewing, Selecting, and Configuring Deletes unicast SNTP server entry. Re-enters the unicast server with a nondefault protocol version. show sntp displays the result. Figure 8-6. Example of Specifying the SNTP Protocol Version Number Changing the SNTP Poll Interval. This command lets you specify how long the switch waits between time polling intervals. The default is 720 seconds and the range is 30 to 720 seconds.
PAGE 165
Time Protocols SNTP: Viewing, Selecting, and Configuring Disabling the SNTP Mode. If you want to prevent SNTP from being used even if selected by timesync (or the Menu interface’s Time Sync Method param eter), configure the SNTP mode as disabled. Syntax: no sntp Disables SNTP by changing the SNTP mode configuration to Disabled. For example, if the switch is running SNTP in Unicast mode with an SNTP server at 10.28.227.
PAGE 166
Time Protocols TimeP: Viewing, Selecting, and Configuring TimeP: Viewing, Selecting, and Configuring TimeP Feature Default Menu CLI Web view the Timep time synchronization configuration n/a page 8-15 page 8-17 — select Timep as the time synchronization method TIMEP page 8-13 pages 8-18 ff.
PAGE 167
Time Protocols TimeP: Viewing, Selecting, and Configuring Menu: Viewing and Configuring TimeP To View, Enable, and Modify the TimeP Protocol: 1. From the Main Menu, select: 2. Switch Configuration... 1. System Information Time Protocol Selection Parameter – TIMEP (the default) – SNTP – None Figure 8-9. The System Information Screen (Default Values) 2. Press 3. Use [ v] to move the cursor to the Time Sync Method field. 4.
PAGE 168
Time Protocols TimeP: Viewing, Selecting, and Configuring • Use the Space bar to select the Manual mode. i. Press [ >] to move the cursor to the Server Address field. ii. Enter the IP address of the TimeP server you want the switch to use for time synchronization. Note: This step replaces any previously configured TimeP server IP address. iii. Press [ >] to move the cursor to the Poll Interval field, then go to step 6. 6.
PAGE 169
Time Protocols TimeP: Viewing, Selecting, and Configuring CLI: Viewing and Configuring TimeP CLI Commands Described in this Section Command Page show timep 8-17 [no] timesync 8-18 ff., 8-20 ip timep dhcp 8-18 manual 8-19 server 8-19 interval 8-20 no ip timep 8-21 This section describes how to use the CLI to view, enable, and configure TimeP parameters.
PAGE 170
Time Protocols TimeP: Viewing, Selecting, and Configuring Even though, in this example, SNTP is the current time synchronization method, the switch maintains the TimeP configuration. Figure 8-11. Example of SNTP Configuration When SNTP Is Not the Selected Time Synchronization Method Configuring (Enabling or Disabling) the TimeP Mode Enabling the TimeP mode means to configure it for either broadcast or unicast mode.
PAGE 171
Time Protocols TimeP: Viewing, Selecting, and Configuring For example, suppose: � Time synchronization is configured for SNTP. � You want to: 1. View the current time synchronization. 2. Select TimeP as the time synchronization mode. 3. Enable TimeP for DHCP mode. 4. View the TimeP configuration. The commands and output would appear as follows: 1 show timep displays the TimeP configuration and also shows that SNTP is the currently active time synchronization mode.
PAGE 172
Time Protocols TimeP: Viewing, Selecting, and Configuring HPswitch(config)# timesync timep Selects TimeP. HPswitch(config)# ip timep manual Activates TimeP in Manual 10.28.227.141 mode. Figure 8-13. Example of Configuring Timep for Manual Operation Changing the TimeP Poll Interval. This command lets you specify how long the switch waits between time polling intervals. The default is 720 minutes and the range is 1 to 9999 minutes.
PAGE 173
Time Protocols TimeP: Viewing, Selecting, and Configuring Figure 8-14. Example of TimeP with Time Sychronization Disabled Disabling the TimeP Mode. Disabling the TimeP mode means to configure it as disabled. (Disabling TimeP prevents the switch from using it as the time synchronization protocol, even if it is the selected Time Sync Method option.) Syntax: no ip timep Disables TimeP by changing the TimeP mode configuration to Disabled.
PAGE 174
Time Protocols SNTP Unicast Time Polling with Multiple SNTP Servers SNTP Unicast Time Polling with Multiple SNTP Servers When running SNTP unicast time polling as the time synchronization method, the switch requests a time update from the server you configured with either the Server Address parameter in the menu interface, or the primary server in a list of up to three SNTP servers configured using the CLI.
PAGE 175
Time Protocols SNTP Unicast Time Polling with Multiple SNTP Servers Prioritized list of SNTP Server IP Addresses Figure 8-16. Example of SNTP Server Address Prioritization Note If there are already three SNTP server addresses configured on the switch, and you want to use the CLI to replace one of the existing addresses with a new one, you must delete the unwanted address before you configure the new one. Deleting Addresses. To delete an address, you must use the CLI.
PAGE 176
Time Protocols SNTP Messages in the Event Log Menu: Operation with Multiple SNTP Server Addresses Configured When you use the Menu interface to configure an SNTP server IP address, the new address writes over the current primary address, if one is configured. If there are multiple addresses configured, the switch re-orders the addresses according to the criteria described under “Address Prioritization” on page 22.
PAGE 177
9 Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2 Viewing Port Status and Configuring Port Parameters . . . . . . . . . . . 9-2 Menu: Viewing Port Status and Configuring Port Parameters . . . . . . 9-5 CLI: Viewing Port Status and Configuring Port Parameters . . . . . . . . 9-6 Web: Viewing Port Status and Configuring Port Parameters . . . . . . .
PAGE 178
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Overview Overview This chapter includes: � Configuring ports to non-default settings (page 9-2) These settings include enable/disable, mode (speed and duplex), flow control, port-trunk group, and port-trunk type. You can also set a broadcast limit that applies to all ports on the switch. � Port aggregation: Creating and modifying a port trunk group (page 9-10) You can configure static and dynamic trunks.
PAGE 179
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Viewing Port Status and Configuring Port Parameters Table 9-1. Status and Parameters for Each Port Type Status or Parameter Description Enabled Yes (default): The port is ready for a network connection. No: The port will not operate, even if properly connected in a network. Use this setting, for example, if the port needs to be shut down for diagnostic purposes or while you are making topology changes.
PAGE 180
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Viewing Port Status and Configuring Port Parameters Status or Parameter Description 100/1000Base-T ports: • Auto (default): Senses speed and negotiates with the port at the other end of the link for port operation (MDI-X or MDI). To see what the switch negotiates for the Auto setting, use the CLI show interfaces brief command or the “3. Port Status” option under “1. Status and Counters” in the menu interface.
PAGE 181
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Viewing Port Status and Configuring Port Parameters Menu: Viewing Port Status and Configuring Port Parameters From the menu interface, you can configure and view all port parameter settings and view all port status indicators. Using the Menu To View Port Status. The menu interface displays the status for ports and (if configured) a trunk group. From the Main Menu, select: 1. Status and Counters . . . 4.
PAGE 182
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Viewing Port Status and Configuring Port Parameters Figure 9-2. Example of Port/Trunk Settings with a Trunk Group Configured (for Edit). The cursor moves to the Enabled field for the first port. 2. Press 3. Refer to the online help provided with this screen for further information on configuration options for these features. 4. When you have finished making changes to the above parameters, press , then press (for Save).
PAGE 183
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Viewing Port Status and Configuring Port Parameters Syntax: show interfaces brief show interface config The next two figures list examples of the output of the above two commands for the same port configuration. Figure 9-3. Example of a Show Interface Command Listing Figure 9-4.
PAGE 184
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Viewing Port Status and Configuring Port Parameters Using the CLI To Configure Ports. You can configure one or more of the following port parameters. For details on each option, see Table 9-1 on page 9-3.
PAGE 185
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Viewing Port Status and Configuring Port Parameters Configuring a Broadcast Limiting on the Switch. Executing this com mand configures broadcast limiting for all ports on the switch. Syntax: broadcast-limit HPswitch(config)# broadcast-limit To display the current broadcast limit setting, use one of the following com mands: HPswitch# show config Displays the startup-config file.
PAGE 186
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking Port Trunking Port Status and Configuration Features Feature Default Menu CLI Web viewing port trunks n/a page 9-16 page 9-18 page 9-24 configuring a static trunk group none page 9-16 page 9-22 — configuring a dynamic LACP trunk group LACP passive page 9-23 — — Port trunking allows you to assign up to four physical links to one logical link (trunk) that functions as a single, higher-speed link providing
PAGE 187
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking Table 9-2.
PAGE 188
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking LACP Note LACP operation requires full-duplex (FDx) links. For most installations, HP recommends that you leave the port Mode settings at Auto (the default). LACP also operates with Auto-10, Auto-100, and Auto-1000 (if negotiation selects FDx); 10FDx, 100FDx, and 1000FDx settings.
PAGE 189
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking Table 9-3. Trunking Method Table 9-4. Trunk Types Used in Static and Dynamic Trunk Groups LACP Trunk FEC Dynamic Yes No No Static Yes Yes Yes Trunk Configuration Protocols Protocol Trunking Options LACP (802.3ad) Provides dynamic and static LACP trunking options.
PAGE 190
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking Table 9-5. General Operating Rules for Port Trunks Media: All ports on both ends of a trunk group must have the same media type and mode (speed and duplex). The switch blocks any trunked links that do not conform to this rule. (For the Series 5300XL Switches, HP recommends leaving the port Mode setting at Auto or, in networks using Cat 3 cabling, Auto-10.
PAGE 191
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking Spanning Tree: Spanning Tree operates as a global setting on the switch (one instance of Spanning Tree per switch). However, you can adjust Spanning Tree parameters on a per-port basis. A static trunk of any type appears in the Spanning Tree configuration display, and you can configure Spanning Tree parameters for a static trunk in the same way that you would configure Spanning Tree parameters on a non-trunked port.
PAGE 192
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking Menu: Viewing and Configuring a Static Trunk Group Important Configure port trunking before you connect the trunked links to another switch, routing switch, or server. Otherwise, a broadcast storm could occur. (If you need to connect the ports before configuring them for trunking, you can temporarily disable the ports until the trunk is configured. See “Using the CLI To Configure Ports” on page 9-8.
PAGE 193
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking • All ports in a trunk must have the same media type and mode (such as 10/100TX set to 100FDx, or 100FX set to 100FDx). The flow control settings must also be the same for all ports in a given trunk. To verify these settings, see “Viewing Port Status and Configuring Port Param eters” on page 9-2. • You can configure the trunk group with one, two, three, or four ports per trunk.
PAGE 194
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking During the Save process, traffic on the ports configured for trunking will be delayed for several seconds. If the Spanning Tree Protocol is enabled, the delay may be up to 30 seconds. 8. Connect the trunked ports on the switch to the corresponding ports on the opposite device. If you previously disabled any of the trunked ports on the switch, enable them now.
PAGE 195
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking Using a port list specifies, for switch ports in a static trunk group, only the ports you want to view. In this case, the command specifies ports A5 through A7. However, because port A6 is not in a static trunk group, it does not appear in the resulting listing: Port A5 appears with an example of a name that you can optionally assign using the Friendly Port Names feature.
PAGE 196
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking Listing Static LACP and Dynamic LACP Trunk Data. This command lists data for only the LACP-configured ports. Syntax: show lacp In the following example, ports A1 and A2 have been previously configured for a static LACP trunk. (For more on “Active”, see table 11-7 on page 9-27.) Figure 9-10. Example of a Show LACP Listing Dynamic LACP Standby Links.
PAGE 197
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking “Up” Links Standby Link Figure 9-11. Example of a Dynamic LACP Trunk with One Standby Link Using the CLI To Configure a Static or Dynamic Trunk Group Important Configure port trunking before you connect the trunked links between switches. Otherwise, a broadcast storm could occur. (If you need to connect the ports before configuring them for trunking, you can temporarily disable the ports until the trunk is configured.
PAGE 198
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking Configuring a Static Trunk, Static FEC, or Static LACP Trunk Group. Syntax: trunk < trk1 | trk2 | trk3 | trk4 | trk5 | trk6 > < trunk | fec | lacp > This example uses ports C4 - C6 to create a non-protocol static trunk group with the group name of Trk2. HPswitch(config)# trunk trk2 trunk c4-c6 Removing Ports from a Static Trunk Group. This command removes one or more ports from an existing Trkx trunk group.
PAGE 199
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking Enabling a Dynamic LACP Trunk Group. In the default port configura tion, all ports on the switch are set to LACP Passive. However, to enable the switch to automatically form a trunk group that is dynamic on both ends of the link, the ports on one end of a set of links must be LACP Active. The ports on the other end can be either LACP Active or LACP Passive.
PAGE 200
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking Removing Ports from an Dynamic LACP Trunk Group. To remove a port from dynamic LACP trunk operation, you must turn off LACP on the port. (On a port in an operating, dynamic LACP trunk, you cannot change between LACP Active and LACP passive without first removing LACP operation from the port.) Caution Unless STP is running on your network, removing a port from a trunk can result in a loop.
PAGE 201
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking Trunk Group Operation Using LACP The switch can automatically configure a dynamic LACP trunk group or you can manually configure a static LACP trunk group. Note LACP requires full-duplex (FDx) links of the same media type (10/100Base-T, 100FX, etc.) and the same speed, and enforces speed and duplex conformance across a trunk group.
PAGE 202
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking Table 9-6. LACP Trunk Types LACP Port Trunk Operation Configuration Dynamic LACP This option automatically establishes an 802.3ad-compliant trunk group, with LACP for the port Type parameter and DynX for the port Group name, where X is an automatically assigned value from 1 to 36, depending on how many dynamic and static trunks are currently on the switch.
PAGE 203
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking Default Port Operation In the default configuration, all ports are configured for passive LACP. However, if LACP is not configured, the port will not try to detect a trunk config uration and will operate as a standard, untrunked port. The following table describes the elements of per-port LACP operation. To display this data for a particular switch, execute the following command in the CLI: HPswitch> show lacp Table 9-7.
PAGE 204
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking LACP Notes and Restrictions 802.1x (Port-Based Access Control) Configured on a Port. To main tain security, LACP is not allowed on ports configured for 802.1x authenticator operation. If you configure port security on a port on which LACP (active or passive) is configured, the switch removes the LACP configuration, displays a notice that LACP is disabled on the port(s), and enables 802.1x on that port.
PAGE 205
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking Changing Trunking Methods. To convert a trunk from static to dynamic, you must first eliminate the static trunk. Static LACP Trunks. Where a port is configured for LACP (Active or Passive), but does not belong to an existing trunk group, you can add that port to a static trunk. Doing so disables dynamic LACP on that port, which means you must manually configure both ends of the trunk. Dynamic LACP Trunks.
PAGE 206
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking Half-Duplex and/or Different Port Speeds Not Allowed in LACP Trunks. The ports on both sides of an LACP trunk must be configured for the same speed and for full-duplex (FDx). The 802.3ad LACP standard speci fies a full-duplex (FDx) requirement for LACP trunking. A port configured as LACP passive and not assigned to a port trunk can be configured to half-duplex (HDx).
PAGE 207
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking � Depending on the capabilities of the device on the other end of the trunk, negotiate the forwarding mechanism on the trunk to the non-protocol option. � When auto-negotiated to the SA/DA forwarding mechanism, provide higher performance on the trunk for broadcast, multicast, and flooded traffic through distribution in the same manner as non-protocol trunking.
PAGE 208
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Port Trunking source address to the same destination address through the same trunked link, and sends traffic from the same source address to a different destination address through a different link, depending on the rotation of path assign ments among the links in the trunk. Likewise, the switch distributes traffic for the same destination address but from different source addresses through different links.
PAGE 209
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Traffic/Security Filters Traffic/Security Filters Feature Default Menu configure source-port filters none n/a page 9-35 n/a configure protocol filters none n/a page 9-35 n/a configure multicast filters none n/a page 9-35 n/a n/a n/a page 9-36 n/a display filter data CLI Web From the CLI you can enhance in-band security and bandwidth usage by configuring static filters on the switch to either forward (the default
PAGE 210
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Traffic/Security Filters Filter Limits The switch accepts up to 101 static filters. These limitations also apply: � � � Multicast filters: up to 16 Protocol filters: up to 7 Source-port filters: Up to 78 For configuration information, turn to the next page. For more information on filter types and operation, refer to “Filter Types and Operation” on page 9-38.
PAGE 211
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Traffic/Security Filters Configuring a Traffic Filter. The filter command specifies the filter type and action, and the destination (outbound) ports on which to apply the action. Syntax: filter [source-port [ethernet] < port-number >] Specifies one inbound port. Traffic received on this port from other devices will be filtered.
PAGE 212
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Traffic/Security Filters For example, suppose you wanted to configure these six filters on the switch: Filter Type Filter Value Action Destination Ports Source-Port Inbound ports: A1, A2* Drop D1-D4 Multicast 010000-123456 Drop C1-C24, D5-D10 Multicast 010000-224466 Drop B1-B4 Protocol Appletalk Drop C12-C18, D1 Protocol ARP Drop D17, D21-D24 *Because the switch allows one inbound port in a source-port filter, t
PAGE 213
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Traffic/Security Filters For example, to display the filters created in figure 9-15 and then list the details of the multicast filter for multicast address 010000-224466: Lists all filters configured in the switch. Filter Index Numbers (Automatically Assigned) Criteria for Individual Filters Uses the index number (IDX) for a specific filter to list the details for that filter only. Figure 9-16.
PAGE 214
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Traffic/Security Filters Filter Types and Operation Multicast Filters This filter type enables the switch to forward or drop multicast traffic to a specific set of destination ports. This helps to preserve bandwidth by reducing multicast traffic on ports where it is unnecessary, and to isolate multicast traffic to enhance security. You can configure up to 16 static multicast filters (defined by the filter command).
PAGE 215
Optimizing Traffic Flow with Port Controls, Port Trunking, and Filters Traffic/Security Filters Protocol Filters This filter type enables the switch to forward or drop, on the basis of protocol type, traffic to a specific set of destination ports on the switch. Filtered protocol types include: � � � AppleTalk ARP DEC LAT � � � IP � SNA IPX NetBEUI Only one filter for a particular protocol type can be configured at any one time.
PAGE 216
PAGE 217
10 Configuring for Network Management Applications Contents Using SNMP Tools To Manage the Switch . . . . . . . . . . . . . . . . . . . . . . 10-2 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-2 SNMP Management Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-3 Configuring for SNMP Access to the Switch . . . . . . . . . . . . . . . . . . . . 10-3 SNMP Communities . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 218
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Using SNMP Tools To Manage the Switch Overview You can manage the switch via SNMP from a network management station, including HP TopTools for Hubs & Switches — an OpenView-based network management application that runs on your Windows NT- or Windows 2000based PC. HP TopTools for Hubs & Switches provides control of your switch through its web browser interface.
PAGE 219
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch � � � SNMP version 2c over IP Security via configuration of SNMP communities (page 10-3) Event reporting via SNMP • Version 1 traps • RMON: groups 1, 2, 3, and 9 � Managing the switch with an SNMP network management tool such as HP TopTools for Hubs & Switches � Standard MIBs, such as the Bridge MIB (RFC 1493), Ethernet MAU MIB (RFC 1515), and others.
PAGE 220
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Caution The “public” community exists by default and is used by HP’s network man agement applications. Deleting the “public” community disables many network management functions (such as auto-discovery, traffic monitoring, SNMP trap generation, and threshold setting). If security for network manage ment is a concern, it is recommended that you change the write access for the “public” community to “Restricted”.
PAGE 221
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Note: This screen gives an overview of the SNMP communities that are currently configured. All fields in this screen are readonly. Add and Edit options are used to modify the SNMP options. See figure 8-2. Figure 10-1. The SNMP Communities Screen (Default Values) 2. Press �� (for Add) to display the following screen: If you are adding a community, the fields in this screen are blank.
PAGE 222
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch CLI: Viewing and Configuring Community Names Community Name Commands Page show snmp-server [] 10-6 [no] snmp-server 10-7 [community ] 10-7 [host ] [] 10-10 [enable traps 10-11 Listing Community Names and Values.
PAGE 223
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Configuring Community Names and Values. The snmp-server command enables you to add SNMP communities with either default or specific access attributes, and to delete specific communities. Syntax: [no] snmp-server community < community-name > Configures a new community name. If you do not also specify operator or manager, the switch automatically assigns the community to the operator MIB view.
PAGE 224
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Trap Receivers and Authentication Traps Trap Features Feature Default Menu CLI Web snmp-server host (trap receiver) public — page 10-10 — snmp-server enable (authentication trap) none — page 10-11 — A trap receiver is a management station designated by the switch to receive SNMP traps sent from the switch.
PAGE 225
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Using the CLI To List Current SNMP Trap Receivers. This command lists the currently configured trap receivers and the setting for authentication traps (along with the current SNMP community name data — see “SNMP Communities” on page 10-4). Syntax: show snmp-server Displays current community and trap receiver data.
PAGE 226
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Configuring Trap Receivers. This command specifies trap receivers by community membership, management station IP address, and the type of Event Log messages to send to the trap receiver. Note If you specify a community name that does not exist—that is, has not yet been configured on the switch—the switch still accepts the trap receiver assign ment.
PAGE 227
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch For example, to configure a trap receiver in a community named “red-team” with an IP address of 10.28.227.130 to receive only “critical” log messages: HPswitch(config)# snmp-server trap-receiver red-team 10.28.227.130 critical Notes To replace one community name with another for the same IP address, you must use no snmp-server host < community-name> < ip-address > to delete the unwanted community name.
PAGE 228
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Advanced Management: RMON The switch supports RMON (Remote Monitoring) on all connected network segments. This allows for troubleshooting and optimizing your network. The following RMON groups are supported: � � � � Ethernet Statistics (except the numbers of packets of different frame sizes) Alarm History (of the supported Ethernet statistics) Event The RMON agent automatically runs in the switch.
PAGE 229
Configuring for Network Management Applications CDP CDP CDP Features Feature Default Menu CLI Web view the switch’s CDP configuration n/a — page 10-20 — view the switch’s CDP Neighbors table n/a — page 10-20 — clear (reset) the CDP Neighbors table n/a — page 10-21 — enable or disable CDP on the switch enabled — page 10-22 — enable or disable CDP operation on an individual port enabled — page 10-23 — change the transmit interval for the switch’s 60 seconds CDP packets — page
PAGE 230
Configuring for Network Management Applications CDP An SNMP utility can progressively discover CDP devices in a network by: 1. Reading a given device’s CDP Neighbor table (in the Management Infor mation Base, or MIB) to learn about other, neighbor CDP devices 2. Using the information learned in step 1 to go to and read the neighbor devices’ CDP Neighbors tables to learn about additional CDP devices, and so on This section describes CDP operation in a Series 5300XL switches.
PAGE 231
Configuring for Network Management Applications CDP General CDP Operation The switch stores information about adjacent CDP devices in a CDP Neigh bors table maintained in the switch’s MIB (Management Information Base). This data is available to SNMP-based applications designed to read CDP data from the MIB.
PAGE 232
Configuring for Network Management Applications CDP Switch “B” CDP-Aware Switch with CDP Running Switch “C” CDP-Aware Switch with CDP Disabled Accepts, but does not forward CDP packets describing Switch “A”. Also transmits CDP packets describing itself (Switch “B”) out all ports. Drops CDP packets describing Switch “A”. Also, does not transmit any CDP packets describing itself (Switch “C”).
PAGE 233
Configuring for Network Management Applications CDP CDP neighbor pairs are as follows: A/1, A/2, A/3, A/B, B/C. Note that “C” and “E” are not neighbors because the intervening CDP-disabled switch “D” does not forward CDP packets; i.e. is not transparent to CDP traffic. (For the same reason, switch “E” does not have any CDP neighbors.
PAGE 234
Configuring for Network Management Applications CDP Using the example in figure 10-7, the CDP Neighbor table for switches “A” and “B” would appear similar to these: Switch A: Switch B: (Note that no CDP devices appear on port B5, which is connected to a device on which CDP is present, but disabled.) Figure 10-8.
PAGE 235
Configuring for Network Management Applications CDP CDP-disabled switch) does not forward CDP packets; i.e. is not transparent to CDP traffic. (For the same reason, switch “E” does not have any CDP neighbors.) Figure 10-7 (page 10-17) illustrates how multiple CDP neighbors can appear on a single port.
PAGE 236
Configuring for Network Management Applications CDP Viewing the Switch’s Current CDP Configuration Syntax: show cdp Lists the switch’s global and per-port CDP configura tion. This example shows the default CDP configuration. CDP Enable/Disable on the Switch Packet Hold Time in CDP Neighbor Table Interval for Transmitting Outbound CDP Packets on All Ports Per-Port CDP Enable/Disable Figure 10-9.
PAGE 237
Configuring for Network Management Applications CDP Figure 10-10 lists six CDP devices (four switches and two workstations) that the switch has detected by receiving their CDP packets. Figure 10-10. Example of CDP Neighbors Table Listing Figure 10-11 illustrates a topology of CDP-enabled devices for the CDP Neigh bors table listing in figure 10-10.
PAGE 238
Configuring for Network Management Applications CDP Note that the table will again list entries after the switch receives new CDP packets from neighboring CDP devices. Figure 10-12. View of the CDP Neighbors Table Immediately After Executing cdp clear Configuring CDP Operation Enabling or Disabling CDP Operation on the Switch.
PAGE 239
Configuring for Network Management Applications CDP Enabling or Disabling CDP Operation on Individual Ports. In the factory-default configuration, the switch has all ports enabled and transmit ting CDP packets. Disabling CDP on a port prevents that port from sending outbound CDP packets and causes it to drop inbound CDP packets without recording their data in the CDP Neighbors table.
PAGE 240
Configuring for Network Management Applications CDP Changing the Transmission Interval for Outbound CDP Packets. Syntax: cdp timer < 5 . . 254 > Changes the interval the switch uses to transmit CDP packets describing itself to neighbor devices.
PAGE 241
Configuring for Network Management Applications CDP Switch “A” CDP Enabled CDP Neighbor Table Port A3 CDP Packets from Switch “A” to Switch Switch “B” CDP Enabled Port B1 Port C5 Port | Data ------|-----------------A3 | Switch “B” data CDP Packets from Switch “B” to Switch “A” STP Root Device CDP Neighbor Table C5 | Switch “B” data STP block on port C5 of switch “A” blocks outbound transmission of CDP packets from switch “A”, but does not block inbound packets to switch “A” from switch “B”.
PAGE 242
Configuring for Network Management Applications CDP 4. If a CDP switch does not detect an IP address on the connecting port of a CDP neighbor, then the loopback IP address is used (127.0.0.1). For example, in figure 10-15, port A1 on CDP switch “X” is connected to port C5 on CDP neighbor switch “Y”, with the indicated VLAN configuration on port C5: VLAN Membership in Port C5 of Switch “Y” VID IP Address? DEFAULT_VLAN (Primary VLAN) 1 No Blue_VLAN 200 10.28.227.103 Red VLAN 300 10.28.227.
PAGE 243
Configuring for Network Management Applications CDP Table 10-3. CDP Neighbors Data CDP Neighbor Data Displayed Neighbors Table MIB Address Type No Yes Always “1” (IP address only). CDP Cache Address No Yes IP address of source device. Software Version Yes Yes ASCII String Device Name (ASCII string) Yes Yes In HP Procurve switches, this is the value configured for the System Name parameter. Device MAC Address Yes Yes Included in the Device Name entry.
PAGE 244
Configuring for Network Management Applications CDP CDP MIB data is grouped by type. That is, the Address Types for all detected CDP devices are listed first, then the IP addressesofthe source devices, and so on. The first number after the MIB string is the switch port on which the data point for that entry was received. In this case, the switch CDP packets on ports A1 and A3. (For CDP purposes, port numbering is consecutive, from 1 to n, where n is the last consecutive port on the switch.) Figure 10-16.
PAGE 245
Configuring for Network Management Applications CDP CDP-Capable Hubs. Some hubs are capable of running CDP, but also forward CDP packets as if the hub itself were transparent to CDP. Such hubs will appear in the switch’s CDP Neighbor table and will also maintain a CDP neighbor table similar to that for switches. For more information, refer to the documentation provided for the specific hub. Troubleshooting CDP Operation. Turn to “Using the Event Log To Identify Problem Sources” on page C-22.
PAGE 246
PAGE 247
11 Port-Based Virtual LANs (VLANs) and GVRP Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2 Port-Based Virtual LANs (Static VLANs) . . . . . . . . . . . . . . . . . . . . . . 11-3 Overview of Using VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-6 Menu: Configuring VLAN Parameters . . . . . . . . . . . . . . . . . . . . . . . . . 11-10 CLI: Configuring VLAN Parameters . . . . . . . . . . . . . . . .
PAGE 248
Port-Based Virtual LANs (VLANs) and GVRP Overview Overview This chapter describes the following features and how to configure them with the switch’s built-in interfaces: � � Port-Based VLANs — Page 11-3: GVRP — Page 11-34: For general information on how to use the switch’s built-in interfaces, see: � � � � 11-2 Chapter 2, “Using the Menu Interface” Chapter 3, “Using the Command Line Interface (CLI)” Chapter 4, “Using the HP Web Browser Interface Chapter 5, “Switch Memory and Configuration”
PAGE 249
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) Port-Based Virtual LANs (Static VLANs) VLAN Features Feature Default view existing VLANs n/a configuring static VLANs Menu CLI Web page 11-10 page 11-16 page 11-21 thru 11-15 default VLAN with page 11-10 page 11-15 page 11-21 VID = 1 thru 11-15 configuring dynamic disabled VLANs See “GVRP” on page 11-34. A VLAN is a group of ports designated by the switch as belonging to the same broadcast domain.
PAGE 250
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) eliminated and bandwidth is saved by not allowing packets to flood out all ports. An external router is required to enable separate VLANs on a switch to communicate with each other.
PAGE 251
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) Switch 4108 Figure 11-2. Example of Overlapping VLANs Using the Same Server Similarly, using 802.1Q-compliant switches, you can connect multiple VLANs through a single switch-to-switch link. HP Switc Procurve 25Switch HP Procurve Switch Figure 11-3. Example of Connecting Multiple VLANs Through the Same Link Introducing Tagged VLAN Technology into Networks Running Legacy (Untagged) VLANs. You can introduce 802.
PAGE 252
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) HP Procurve Switch HP Procurve Switch Tagged VLAN Link Untagged VLAN Links Figure 11-4.
PAGE 253
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) configuration values for the switch. The primary VLAN is the VLAN the switch uses to run and manage these features and data. In the factory-default config uration, the switch designates the default VLAN (DEFAULT_VLAN) as the primary VLAN. However, to provide more control in your network, you can designate another VLAN as primary.
PAGE 254
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) Example of Per-Port VLAN Configuration with GVRP Disabled (the default) Example of Per-Port VLAN Configuration with GVRP Enabled Enabling GVRP causes “No” to display as “Auto”. Figure 11-5. Comparing Per-Port VLAN Options With and Without GVRP Table 14-1. Per-Port VLAN Configuration Options Parameter Tagged Allows the port to join multiple VLANs.
PAGE 255
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) General Steps for Using VLANs 1. Plan your VLAN strategy and create a map of the logical topology that will result from configuring VLANs. Include consideration for the interaction between VLANs and other features such as Spanning Tree Protocol, load balancing, and IGMP. (Refer to “Effect of VLANs on Other Switch Fea tures” on page 11-31.
PAGE 256
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) Menu: Configuring VLAN Parameters In the factory default state, support is enabled for up to eight VLANs. (You can change the switch VLAN configuration to support up to 256 VLANs.) Also, all ports on the switch belong to the default VLAN (DEFAULT_VLAN) and are in the same broadcast/multicast domain. (The default VLAN is also the default primary VLAN—see “The Primary VLAN” on page 11-6.
PAGE 257
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) Note � To change the maximum number of VLANs, type the new number (1 - 256 allowed; default 8). � To designate a different VLAN as the primary VLAN, select the Primary VLAN field and use the space bar to select from the existing options. � To enable or disable dynamic VLANs, select the GVRP Enabled field and use the Space bar to toggle between options. (For GVRP information, see “GVRP” on page 11-34.
PAGE 258
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) Adding or Editing VLAN Names Use this procedure to add a new VLAN or to edit the name of an existing VLAN. 1. From the Main Menu select: 2. Switch Configuration 8. VLAN Menu . . . 2. VLAN Names If multiple VLANs are not yet configured you will see a screen similar to figure 11-8: Default VLAN and VLAN ID Figure 11-8. The Default VLAN Names Screen 2. Press (for Add).
PAGE 259
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) Example of a New VLAN and ID Figure 11-9. Example of VLAN Names Screen with a New VLAN Added 6. Repeat steps 2 through 5 to add more VLANs. Remember that you can add VLANs until you reach the number specified in the Maximum VLANs to support field on the VLAN Support screen (see figure 11-6 on page 11-10). This includes any VLANs added dynamically due to GVRP operation. 7.
PAGE 260
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) Default: In this example, the “VLAN-22” has been defined, but no ports have yet been assigned to it. (“No” means the port is not assigned to that VLAN.) Using GVRP? If you plan on using GVRP, any ports you don’t want to join should be changed to “Forbid”. A port can be assigned to several VLANs, but only one of those assignments can be “Untagged”. Figure 11-10. Example of VLAN Port Assignment Screen 2.
PAGE 261
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) Ports A4 and A5 are assigned to both VLANs. Ports A6 and A7 are assigned only to VLAN-22. All other ports are assigned only to the Default VLAN. Figure 11-11. Example of VLAN Assignments for Specific Ports For information on VLAN tags (“Untagged” and “Tagged”), refer to “VLAN Tagging Information” on page 11-22. d. 3.
PAGE 262
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) VLAN Commands Page show vlans below show vlan 11-17 max-vlans <1..256> 11-18 primary-vlan 11-18 [no] vlan 11-19 name 11-20 [no] tagged 11-20 [no] untagged 11-20 [no] forbid 11-20 auto 11-20 (Available if GVRP enabled.) static-vlan 11-20 (Available if GVRP enabled.) Displaying the Switch’s VLAN Configuration.
PAGE 263
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) Displaying the Configuration for a Particular VLAN . This command uses the VID to identify and display the data for a specific static or dynamic VLAN. Syntax: show vlan Figure 11-13. Example of “Show VLAN” for a Specific Static VLAN Show VLAN lists this data when GVRP is enabled and at least one port on the switch has dynamically joined the designated VLAN. Figure 11-14.
PAGE 264
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) Changing the Number of VLANs Allowed on the Switch. By default, the switch allows a maximum of 8 VLANs. You can specify any value from 1 to 256. (If GVRP is enabled, this setting includes any dynamic VLANs on the switch.) As part of implementing a new value, you must execute a write memory command (to save the new value to the startup-config file) and then reboot the switch. Syntax: max-vlans <1 ..
PAGE 265
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) Creating a New Static VLAN Changing the VLAN Context Level. With this command, entering a new VID creates a new static VLAN. Entering the VID or name of an existing static VLAN places you in the context level for that VLAN. Syntax: vlan [name ] Creates a new static VLAN if a VLAN with that VID does not already exist, and places you in that VLAN’s context level.
PAGE 266
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) Converting a Dynamic VLAN to a Static VLAN. If GVRP is running on the switch and a port dynamically joins a VLAN, you can use the next command to convert the dynamic VLAN to a static VLAN. (For GVRP and dynamic VLAN operation, see “GVRP” on page 11-34.) This is necessary if you want to make the VLAN permanent.
PAGE 267
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) For example, suppose you have a VLAN named VLAN100 with a VID of 100, and all ports are set to No for this VLAN.
PAGE 268
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) For web-based Help on how to use the web browser interface screen, click on button provided on the web browser screen. the �� VLAN Tagging Information VLAN tagging enables traffic from more than one VLAN to use the same port. (Even when two or more VLANs use the same port they remain as separate domains and cannot receive traffic from each other without going through an external router.
PAGE 269
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) Blue Server Red VLAN Red Server 5 4 3 Blue VLAN 2 Green Server Red VLAN: Untagged Green VLAN: Tagged 6 Switch "X" White Server 7 1 Green VLAN Ports 1-6: Untagged Port 7: Red VLAN Untagged Green VLAN Tagged 4 5 White VLAN 3 Switch "Y" 1 Red VLAN 2 Green VLAN Ports 1-4: Untagged Port 5: Red VLAN Untagged Green VLAN Tagged Figure 11-17.
PAGE 270
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) Note Each 802.1Q-compliant VLAN must have its own unique VID number, and that VLAN must be given the same VID in every device in which it is configured. That is, if the Red VLAN has a VID of 10 in switch X, then 10 must also be used for the Red VID in switch Y. VID Numbers Figure 11-18.
PAGE 271
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) Server S2 Server S1 Red VLAN: Untagged Green VLAN: Tagged X1 Switch "X" X4 Red VLAN X2 Red VLAN: Untagged Green VLAN: Tagged Red VLAN: Untagged Green VLAN: Tagged Y1 Y5 Switch "Y" Y4 X3 Green VLAN Y2 Green VLAN only Server S3 Y3 Red VLAN Green VLAN Figure 11-19. Example of Networked 802.
PAGE 272
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) To summarize: VLANs Per Port Tagging Scheme 1 Untagged or Tagged. If the device connected to the port is 802.1Q-compliant, then the recommended choice is “Tagged”. 2 or More 1 VLAN Untagged; all others Tagged or All VLANs Tagged A given VLAN must have the same VID on any 802.1Q-compliant device in which the VLAN is configured. The ports connecting two 802.
PAGE 273
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) The Secure Management VLAN Configures a secure Management VLAN by creating an isolated network for managing the HP Procurve switches that support this feature. (As of June 1, 2002, includes the HP Procurve Series 5300XL switches and Series 5300XL switches.) Access to this VLAN, and to the switch’s management functions (Menu, CLI, and web browser interface) is available only through ports configured as members.
PAGE 274
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) In figure 11-21, Workstation 1 has management access to all three switches through the Management VLAN, while the PCs do not. This is because config uring a switch to recognize a Management VLAN automatically excludes attempts to send management traffic from any other VLAN.
PAGE 275
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) • Ports on one switch that you will use to extend the Management VLAN to ports on other HP Procurve switches (such as ports A1 and B2 or B4 and C2 in figure 11-21 on page 11-28.). Hubs dedicated to connecting management stations to the Management VLAN can also be included in the above topology. Note that any device connected to a hub in the Management VLAN will also have Management VLAN access. Note 4.
PAGE 276
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) HPswitch (config)# management-vlan 100k HPswitch (config)# vlan 100 tagged a1k HPswitch (config)# vlan 100 tagged a2 Deleting the Management VLAN. You can disable the Secure Manage ment feature without deleting the VLAN itself.
PAGE 277
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) include the link carrying the Management VLAN, which will cause loss of management access to some devices. This can also occur where meshing is configured and the Management VLAN is configured on a separate link. Switch 1 VLAN 20 (Management VLAN) Even though the ports on the Management VLAN link do not belong to any of the VLANs in the mesh, the link will be blocked if you enable Spanning Tree.
PAGE 278
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) IP Interfaces There is a one-to-one relationship between a VLAN and an IP network interface. Since the VLAN is defined by a group of ports, the state (up/down) of those ports determines the state of the IP network interface associated with that VLAN. When a VLAN comes up because one or more of its ports is up, the IP interface for that VLAN is also activated.
PAGE 279
Port-Based Virtual LANs (VLANs) and GVRP Port-Based Virtual LANs (Static VLANs) � Before you can delete a VLAN, you must first re-assign all ports in the VLAN to another VLAN. HP Router Requirements. Use the Hewlett-Packard version A.09.70 (or later) router OS release if any of the following Hewlett-Packard routers are installed in networks in which you will be using VLANs: HP Router 440 (formerly Router ER) HP Router 470 (formerly Router LR) HP Router 480 (formerly Router BR) HP Router 650 Release A.09.
PAGE 280
Port-Based Virtual LANs (VLANs) and GVRP GVRP GVRP Feature Default Menu CLI Web view GVRP configuration n/a page 11-42 page 11-44 page 11-47 list static and dynamic VLANs on a GVRP-enabled switch n/a — page 11-46 page 11-47 enable or disable GVRP disabled page 11-42 page 11-45 page 11-47 enable or disable GVRP on individual ports enabled page 11-42 page 11-45 — control how individual ports will handle advertisements for new VLANs Learn page 11-42 page 11-45 page 11-47 convert
PAGE 281
Port-Based Virtual LANs (VLANs) and GVRP GVRP General Operation When GVRP is enabled on a switch, the VID for any static VLANs configured on the switch is advertised (using BPDUs—Bridge Protocol Data Units) out all ports, regardless of whether a port is up or assigned to any particular VLAN. A GVRP-aware port on another device that receives the advertisements over a link can dynamically join the advertised VLAN.
PAGE 282
Port-Based Virtual LANs (VLANs) and GVRP GVRP For example, in the following figure, Tagged VLAN ports on switch “A” and switch “C” advertise VLANs 22 and 33 to ports on other GVRP-enabled switches that can dynamically join the VLANs. Switch “C” GVRP On Switch “A” GVRP On 1 5 Tagged VLAN 22 11 Tagged VLAN 33 Switch “B” (No GVRP) Switch “C”: Port 5 dynamically joins VLAN 22. Ports 11 and 12 belong to Tagged VLAN 33.
PAGE 283
Port-Based Virtual LANs (VLANs) and GVRP GVRP Note also that a port belonging to a Tagged or Untagged static VLAN has these configurable options: � Send VLAN advertisements, and also receive advertisements for VLANs on other ports and dynamically join those VLANs. � Send VLAN advertisements, but ignore advertisements received from other ports. � Avoid GVRP participation by not sending advertisements and dropping any advertisements received from other devices. IP Addressing.
PAGE 284
Port-Based Virtual LANs (VLANs) and GVRP GVRP Table 11-3. Options for Handling “Unknown VLAN” Advertisements: Unknown VLAN Operation Mode Learn (the Default) Enables the port to become a member of any unknown VLAN for which it receives an advertisement. Allows the port to advertise other VLANs that have at least one other port on the same switch as a member. Block Prevents the port from joining any new dynamic VLANs for which it receives an advertisement.
PAGE 285
Port-Based Virtual LANs (VLANs) and GVRP GVRP Per-Port Options for Dynamic VLAN Advertising and Joining Initiating Advertisements. As described in the preceding section, to enable dynamic joins, GVRP must be enabled and a port must be configured to Learn (the default). However, to send advertisements in your network, one or more static (Tagged, Untagged, or Auto) VLANs must be configured on one or more switches (with GVRP enabled), depending on your topology. Enabling a Port for Dynamic Joins.
PAGE 286
Port-Based Virtual LANs (VLANs) and GVRP GVRP Table 11-4. Controlling VLAN Behavior on Ports with Static VLANs Per-Port Static VLAN Options—Per VLAN Specified on Each Port 1 “Unknown Port Activity: Forbid (Per VLAN)2 VLAN” Port Activity: Port Activity: 2 2 (GVRP) (Per VLAN) Auto Tagged or Untagged (Per VLAN) Configuration Learn (the Default) The port: • Belongs to specified VLAN. • Advertises specified VLAN. • Can become a member of dynamic VLANs for which it receives advertisements.
PAGE 287
Port-Based Virtual LANs (VLANs) and GVRP GVRP As the preceding table indicates, when you enable GVRP, a port that has a Tagged or Untagged static VLAN has the option for both generating advertise ments and dynamically joining other VLANs. Note In table 11-4, above, the Unknown VLAN parameters are configured on a perport basis using the CLI. The Tagged, Untagged, Auto, and Forbid options are configured per static VLAN on every port, using either the menu interface or the CLI.
PAGE 288
Port-Based Virtual LANs (VLANs) and GVRP GVRP Planning for GVRP Operation These steps outline the procedure for setting up dynamic VLANs for a seg ment. 1. Determine the VLAN topology you want for each segment (broadcast domain) on your network. 2. Determine the VLANs that must be static and the VLANs that can be dynamically propagated. 3. Determine the device or devices on which you must manually create static VLANs in order to propagate VLANs throughout the segment. 4.
PAGE 289
Port-Based Virtual LANs (VLANs) and GVRP GVRP 2. Switch Configuration . . . 8. VLAN Menu . . . 1. VLAN Support Figure 11-27. The VLAN Support Screen (Default Configuration) 2. Do the following to enable GVRP and display the Unknown VLAN fields: (for Edit). a. Press b. Use [ v] to move the cursor to the GVRP Enabled field. c. Press the Space bar to select Yes. d. Press [ v] again to display the Unknown VLAN fields.
PAGE 290
Port-Based Virtual LANs (VLANs) and GVRP GVRP CLI: Viewing and Configuring GVRP GVRP Commands Used in This Section show gvrp below gvrp page 11-45 unknown-vlans page 11-45 Displaying the Switch’s Current GVRP Configuration. This command shows whether GVRP is disabled, along with the current settings for the maximum number of VLANs and the current Primary VLAN. (For more on the last two parameters, see “Port-Based Virtual LANs (Static VLANs)” on page 11-3.
PAGE 291
Port-Based Virtual LANs (VLANs) and GVRP GVRP Enabling and Disabling GVRP on the Switch. This command enables GVRP on the switch. Syntax: gvrp This example enables GVRP: HPswitch(config)# gvrp This example disables GVRP operation on the switch: HPswitch(config)# no gvrp Enabling and Disabling GVRP On Individual Ports. When GVRP is enabled on the switch, use the unknown-vlans command to change the Unknown VLAN field for one or more ports.
PAGE 292
Port-Based Virtual LANs (VLANs) and GVRP GVRP Displaying the Static and Dynamic VLANs Active on the Switch. The show vlans command lists all VLANs present in the switch. Syntax: show vlans For example, in the following illustration, switch “B” has one static VLAN (the default VLAN), with GVRP enabled and port 1 configured to Learn for Unknown VLANs. Switch “A” has GVRP enabled and has three static VLANs: the default VLAN, VLAN-222, and VLAN-333.
PAGE 293
Port-Based Virtual LANs (VLANs) and GVRP GVRP Converting a Dynamic VLAN to a Static VLAN. If a port on the switch has joined a dynamic VLAN, you can use the following command to convert that dynamic VLAN to a static VLAN: Syntax: static For example, to convert dynamic VLAN 333 (from the previous example) to a static VLAN: HPswitch(config)# static 333 When you convert a dynamic VLAN to a static VLAN, all ports on the switch are assigned to the VLAN in Auto mode.
PAGE 294
Port-Based Virtual LANs (VLANs) and GVRP GVRP 11-48 � Converting a dynamic VLAN to a static VLAN and then executing the write memory command saves the VLAN in the startup-config file and makes it a permanent part of the switch’s VLAN configuration. � Within the same broadcast domain, a dynamic VLAN can pass through a device that is not GVRP-aware. This is because a hub or a switch that is not GVRP-ware will flood the GVRP (multicast) advertisement packets out all ports.
PAGE 295
12 Multimedia Traffic Control with IP Multicast (IGMP) Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-2 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-3 IGMP Operating Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-4 CLI: Configuring and Displaying IGMP . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 296
Multimedia Traffic Control with IP Multicast (IGMP) Overview Overview IGMP Features Feature Default Menu CLI Web view igmp configuration n/a — page 12-6 — show igmp status for multicast groups used by the selected VLAN n/a — Yes — disabled — page 12-7 page 12-9 auto — page 12-8 — IGMP traffic priority normal — page 12-8 — querier enabled — page 12-9 — enabling or disabling IGMP (Requires VLAN ID Context) per-port packet control Without IGMP enabled, the switch simply flood
PAGE 297
Multimedia Traffic Control with IP Multicast (IGMP) Terminology network). Switches in the network (that support IGMP) can then be config ured to direct the multicast traffic to only the ports where needed. If multiple VLANs are configured, you can configure IGMP on a per-VLAN basis. Enabling IGMP allows the ports to detect IGMP queries and report packets and manage IP multicast traffic through the switch. If no other querier is detected, the switch will then also function as the querier.
PAGE 298
Multimedia Traffic Control with IP Multicast (IGMP) IGMP Operating Features groups, and triggers updates of this information. With IGMP enabled, the Series 5300XL switches use data from the Querier to determine whether to forward or block multicast traffic on specific ports. When the switch has an IP address on a given VLAN, it automatically operates as a Querier for that VLAN if it does not detect a multicast router or another switch functioning as a Querier.
PAGE 299
Multimedia Traffic Control with IP Multicast (IGMP) IGMP Operating Features Note Note If you configure an individual port as blocked, but that port has either a forward configured on another VLAN or belongs to another VLAN that is connected to a router, blocking will not occur. � Querier: In the default state (enabled), eliminates the need for a multicast router.
PAGE 300
Multimedia Traffic Control with IP Multicast (IGMP) IGMP Operating Features Viewing the Current IGMP Configuration. This command lists the IGMP configuration for all VLANs configured on the switch or for a specific VLAN. Syntax: show ip igmp config show ip igmp < vlan-id > config IGMP configuration for all VLANs on the switch IGMP configuration for a specific VLAN on the switch, including per-port data (For IGMP operating status, see “Internet Group Management Protocol (IGMP) Status” on page B-18.
PAGE 301
Multimedia Traffic Control with IP Multicast (IGMP) IGMP Operating Features IGMP Configuration for the Selected VLAN IGMP Configuration On the Individual Ports in the VLAN Figure 12-2. Example Listing of IGMP Configuration for A Specific VLAN Enabling or Disabling IGMP on a VLAN. You can enable IGMP on a VLAN, along with the last-saved or default IGMP configuration (whichever was most recently set), or you can disable IGMP on a selected VLAN. Note that this command must be executed in a VLAN context.
PAGE 302
Multimedia Traffic Control with IP Multicast (IGMP) IGMP Operating Features Configuring Per-Port IGMP Packet Control. Use this command in the VLAN context to specify how each port should handle IGMP traffic. Note Syntax: vlan < vlan-id > ip igmp [auto | blocked | forward ] Default: auto The blocked feature does not operate on a port if the port either detects a router or belongs to multiple VLANs and is configured with forward on one of these other VLANs.
PAGE 303
Multimedia Traffic Control with IP Multicast (IGMP) IGMP Operating Features HPswitch(vlan-1)# ip igmp high-priority-forward Same as above command, but in the VLAN 1 context level. HPswitch(vlan 1)# no ip igmp high-priority-forward Returns IGMP traffic to “normal” priority. HPswitch> show ip igmp config Show command to display results of above high-priority commands. Configuring the Querier Capability. The default querier capability is “enabled”.
PAGE 304
Multimedia Traffic Control with IP Multicast (IGMP) More on IGMP Operation For web-based help on how to use the web browser interface screen, click on button provided on the web browser screen. the �� More on IGMP Operation Multicast traffic management uses switches, multicast routers, and hosts that support IGMP. (In Hewlett-Packard’s implementation of IGMP, a multicast router is not necessary as long as a switch is configured to support IGMP with the querier feature enabled.
PAGE 305
Multimedia Traffic Control with IP Multicast (IGMP) More on IGMP Operation General IGMP Operation With IGMP enabled, the switch examines the IGMP packets it receives to learn which of its ports are linked to IGMP hosts and multicast routers/queriers belonging to any multicast group. The switch becomes a querier if it does not discover a multicast router/querier on the network.
PAGE 306
Multimedia Traffic Control with IP Multicast (IGMP) More on IGMP Operation Multicast Data Stream Router Router PC X Video Server Router IGMP is NOT running here. Router Switch 1 IGMP IS running here. PC 1: Video Client Switch 2 PC 3 PC 2 PC 4: Video Client PC 6 PC 5 Figure 12-3. The Advantage of Using IGMP The next figure (12-4) shows a network running IP multicasting using IGMP without a multicast router. In this case, the IGMP-configured switch runs as a querier.
PAGE 307
Multimedia Traffic Control with IP Multicast (IGMP) More on IGMP Operation IGMP is NOT running on switches 1 and 2. Switch 1 Switch 3 is running IGMP and operating as the querier. Server Switch 3 Multicast Data Stream Switch 2 IGMP IS running on switch 4. PC 2 Switch 4 PC 1 PC 5 PC 6 Figure 12-4.
PAGE 308
Multimedia Traffic Control with IP Multicast (IGMP) More on IGMP Operation multicast traffic it receives for that group through the port on which the join request was received. To reduce unnecessary traffic, the networking device does not forward a given group’s multicast packets to ports from which a join request for that group has not been received. (If the switch or router has not received any join requests for a given multicast group, it drops the traffic it receives for that group.
PAGE 309
Multimedia Traffic Control with IP Multicast (IGMP) More on IGMP Operation Number of IP Multicast Addresses Allowed The total of static multicast filters and IGMP multicast filters (addresses) together can range from 389 to 420, depending on the current max-vlans setting in the switch. If multiple VLANs are configured, then each filter is counted once per VLAN in which it is used. Table 12-1.
PAGE 310
Multimedia Traffic Control with IP Multicast (IGMP) More on IGMP Operation IGMP Function Available With IP Addressing Available Operating Differences Without an IP Address Configured on the VLAN Without IP Addressing? Age-Out IGMP group addresses when the last IGMP client on a port in the VLAN leaves the group. Yes Requires that another IGMP device in the VLAN has an IP address and can operate as Querier. This can be a multicast router or another switch configured for IGMP operation.
PAGE 311
Multimedia Traffic Control with IP Multicast (IGMP) More on IGMP Operation Then the switch does not need to wait for the Querier status update interval, but instead immediately removes the IGMP client from its IGMP table and ceases transmitting IGMP traffic to the client. (If the switch detects multiple end nodes on the port, automatic Fast-Leave does not activate—regardless of whether one or more of these end nodes are IGMP clients.
PAGE 312
Multimedia Traffic Control with IP Multicast (IGMP) More on IGMP Operation Forced Fast-Leave IGMP Forced Fast-Leave IGMP Features Feature Default Menu CLI Web view the Forced Fast-Leave configuration view the switch’s Forced Fast-Leave state n/a — page 12-19 — 2 (disabled) — page 12-20 — configure Forced Fast-Leave configure Forced Fast-Leave for an individual port Forced Fast-Leave IGMP speeds up the process of blocking unnecessary IGMP traffic to a switch port that is connected to multiple
PAGE 313
Multimedia Traffic Control with IP Multicast (IGMP) More on IGMP Operation For example: Note: In this example, the switch has a 4-port module in slot “A” and a 24-port module in slot “B”. In this example, the 2 at the end of each port listing shows that Fast ForcedLeave is disabled on all ports in the switch. Note: In this example, the switch has a 4-port module in slot “A” and a 24-port module in slot “B”. Figure 12-7.
PAGE 314
Multimedia Traffic Control with IP Multicast (IGMP) More on IGMP Operation The 33 specifies port B7. The 2 shows that Fast Forced-Leave is disabled on port B7. Figure 12-8. Listing the Forced Fast-Leave State for a Single Port Configuring Per-Port Forced Fast-Leave IGMP. In the factory-default configuration, Forced Fast-Leave is disabled for all ports on the switch. To enable (or disable) this feature on individual ports, use the switch’s MIB commands, as shown below.
PAGE 315
Multimedia Traffic Control with IP Multicast (IGMP) More on IGMP Operation HPswitch(vlan-1)# no ip igmp querier Note A Querier is required for proper IGMP operation. For this reason, if you disable the Querier function on the switch, ensure that there is an IGMP Querier (and, preferably, a backup Querier) available on the same VLAN.
PAGE 316
Multimedia Traffic Control with IP Multicast (IGMP) More on IGMP Operation Table 12-1.Well-Known IP Multicast Address Groups Excluded from IGMP Filtering Groups of Consecutive Addresses in the Range of 224.0.0.X to 239.0.0.X* Groups of Consecutive Addresses in the Range of 224.128.0.X to 239.128.0.X* 224.0.0.x 232.0.0.x 224.128.0.x 232.128.0.x 225.0.0.x 233.0.0.x 225.128.0.x 233.128.0.x 226.0.0.x 234.0.0.x 226.128.0.x 234.128.0.x 227.0.0.x 235.0.0.x 227.128.0.x 235.128.0.x 228.0.0.x 236.
PAGE 317
13 802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-2 How Spanning Tree Operates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-4 Spanning Tree Options: RSTP (802.1w) and STP (802.1d) . . . . . . . . 13-5 Configuring Rapid Reconfiguration Spanning Tree (RSTP) . . . . . 13-7 Overview . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 318
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) Overview Overview STP Features 802.1d Spanning Tree Protocol Default Menu viewing the STP configuration n/a page 13-19 page 13-10 — enable/disable STP disabled page 13-19 page 13-23 page 13-41 reconfiguring general operation priority: 32768 max age: 20 s hello time: 2 s fwd.
PAGE 319
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) Overview Use spanning tree to ensure that only one active path at a time exists between any two nodes on the network. In networks where there is more than one physical, active path between any two nodes, enabling spanning tree ensures a single active path between such nodes by blocking all redundant paths.
PAGE 320
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) How Spanning Tree Operates How Spanning Tree Operates The switch automatically senses port identity and type, and automatically defines spanning-tree parameters for each type, as well as parameters that apply across the switch. You can use the default values for these parameters, or adjust them as needed.
PAGE 321
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) How Spanning Tree Operates ates untagged BPDUs). This means that if redundant physical links exist in separate VLANs, spanning tree will block all but one of those links. However, if you need to use spanning tree on the Series 5300XL switches in a VLAN environment with redundant physical links, you can prevent blocked redun dant links by using a port trunk. The following example shows how you can use a port trunk with 802.
PAGE 322
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) How Spanning Tree Operates In addition to faster network reconfiguration, RSTP also implements greater ranges for port path costs to accommodate the higher and higher connection speeds that are being implemented. RSTP is designed to be compatible with IEEE 802.1d STP, and HP recommends that you employ it in your network. For more information, refer to “Transi tioning from STP to RSTP” on page 13-8. STP (802.1d) The IEEE 802.
PAGE 323
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) Configuring Rapid Reconfiguration Spanning Tree (RSTP) Configuring Rapid Reconfiguration Spanning Tree (RSTP) This section describes the operation of the IEEE 802.
PAGE 324
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) Configuring Rapid Reconfiguration Spanning Tree (RSTP) Transitioning from STP to RSTP IEEE 802.1w RSTP is designed to be compatible with IEEE 802.1d STP. Even if all the other devices in your network are using STP, you can enable RSTP on your switch, and even using the default configuration values, your switch will interoperate effectively with the STP devices.
PAGE 325
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) Configuring Rapid Reconfiguration Spanning Tree (RSTP) Configuring RSTP The default switch configuration has spanning tree disabled with RSTP as the selected protocol. That is, when spanning tree is enabled, RSTP is the version of spanning tree that is enabled, by default.
PAGE 326
802.1w Rapid Spanning Tree Protocol (RSTP) 802.
PAGE 327
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) Configuring Rapid Reconfiguration Spanning Tree (RSTP) Figure 13-3. Example of the Spanning Tree Configuration Display Enabling or Disabling RSTP. Issuing the command to enable spanning tree on the switch implements, by default, the RSTP version of spanning tree for all physical ports on the switch. Disabling spanning tree removes protec tion against redundant network paths.
PAGE 328
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) Configuring Rapid Reconfiguration Spanning Tree (RSTP) For the STP version of spanning tree, the rest of the information in this section does not apply. Refer to “802.1p Spanning-Tree Protocol (STP)” on page 13-19 for more information on the STP version and its parameters. Reconfiguring Whole-Switch Spanning Tree Values.
PAGE 329
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) Configuring Rapid Reconfiguration Spanning Tree (RSTP) Note Executing the spanning-tree command alone enables spanning tree. Executing the command with one or more of the whole-switch RSTP parameters shown in the table on the previous page, or with any of the per-port RSTP parameters shown in the table on page 14, does not enable spanning tree.
PAGE 330
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) Configuring Rapid Reconfiguration Spanning Tree (RSTP) Reconfiguring Per-Port Spanning Tree Values. You can configure one or more of the following parameters, which affect the spanning tree operation of the specified ports only: Table 13-2.Per-Port RSTP Parameters Parameter Default Description edge-port Yes Identifies ports that are connected to end nodes.
PAGE 331
802.1w Rapid Spanning Tree Protocol (RSTP) 802.
PAGE 332
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) Configuring Rapid Reconfiguration Spanning Tree (RSTP) Menu: Configuring RSTP 1. From the console CLI prompt, enter the menu command. HP Procurve Switch # menu 2. From the switch console Main Menu, select 2. Switch Configuration ... 4. Spanning Tree Operation (for Edit) to highlight the Protocol Version parameter field. 3. Press 4. Press the Space bar to select the version of spanning tree you wish to run: RSTP or STP.
PAGE 333
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) Configuring Rapid Reconfiguration Spanning Tree (RSTP) Figure 13-4. Example of the RSTP Configuration Screen 7. key or use the arrow keys to go to the next parameter you Press the want to change, then type in the new value or press the Space bar to select to select the Actions –> line, a value. (To get help on this screen, press then press , for Help, to display the online help.) �� 8.
PAGE 334
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) Configuring Rapid Reconfiguration Spanning Tree (RSTP) Web: Enabling or Disabling RSTP In the web browser interface, you can enable or disable spanning tree on the switch. If the default configuration is in effect such that RSTP is the selected protocol version, enabling spanning tree through the web browser interface will enable RSTP with its current configuration.
PAGE 335
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) Menu: Configuring 802.1D STP 1. From the Main Menu, select: 2. Switch Configuration . . . 4. Spanning Tree Operation Use this field to select the 802.1d version of STP. Figure 13-5. The Default “Spanning Tree Operation” Screen 2. Press (for Edit) to highlight the Protocol Version field. In the default configuration this field is set to RSTP. 3.
PAGE 336
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) Use this field to enable spanning tree. Read-Only Fields Figure 13-6. Enabling Spanning-Tree Operation 6. If the remaining STP parameter settings are adequate for your network, go to step 10. 7. Use or the arrow keys to select the next parameter you want to change, then type in the new value or press the Space Bar to select a value.
PAGE 337
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) Figure 13-7. The Configuration Menu Indicating a Reboot Is Needed to Implement a Configuration Change 11. Press �� to return to the Main menu. Figure 13-8. The Main Menu Indicating a Reboot Is Needed To Implement a Configuration Change 12. Press to reboot the switch. This implements the Protocol Version change (steps 2 and 3 on page 13-19).
PAGE 338
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) CLI: Configuring 802.
PAGE 339
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) Configuring the Switch To Use the 802.1d Spanning Tree Protocol (STP). In the default configuration, the switch is set to RSTP (that is, 802.1w Rapid Spanning Tree), and spanning tree operation is disabled. To reconfigure the switch to 802.1d spanning tree, you must: 1. Change the spanning tree protocol version to stp. 2. Use write memory to save the change to the startup-configuration. 3.
PAGE 340
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) This command enables STP with the current parameter settings or disables STP without losing the most-recently configured parameter settings. (To learn how the switch handles parameter changes, how to test changes without losing the previous settings, and how to replace previous settings with new settings, see Chapter 5, “Switch Memory and Configuration”.
PAGE 341
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) Note Executing spanning-tree alone enables STP. Executing spanning-tree with one or more of the above “STP Operating Parameters” does not enable STP. It only configures the STP parameters (regardless of whether STP is actually running (enabled) on the switch).
PAGE 342
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) Syntax: spanning-tree [ethernet] path-cost <1 - 65535> priority <0 - 255> mode Default: See table 13-4, above.
PAGE 343
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) Caution The Fast Mode configuration should be used only on switch ports connected to end nodes. Changing the Mode to Fast on ports connected to hubs, switches, or routers may cause loops in your network that STP may not be able to immediately detect, in all cases. This will cause temporary loops in your network.
PAGE 344
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) Caution In general, fast-uplink spanning tree on the Series 5300XL switches is useful when running STP in a tiered topology that has well-defined edge switches. Also, ensure that an interior switch is used for the root switch and for any logical backup root switches.
PAGE 345
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) Terminology Term Definition downlink port (downstream port) A switch port that is linked to a port on another switch (or to an end node) that is sequentially further away from the STP root device. For example, port “C” in figure 13-11, above, is a downlink port. edge switch For the purposes of fast-uplink STP, this is a switch that has no other switches connected to its downlink ports.
PAGE 346
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) In figure 13-12, STP is enabled and in its default configuration on all switches, unless otherwise indicated in table 13-13-5, below: Table 13-5.
PAGE 347
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) � Edge switches cannot be directly linked together using fast-uplink ports. For example, the connection between switches 4 and 5 in figure 13-13 is not allowed for fast-uplink operation. Switch 2 The ports that make up this link cannot be configured as fastuplink ports. Switch 1 Switch 4 (5304-Edge) LAN (Root) Switch 3 Link blocked by STP: Switch 5 (5304-Edge) Figure 13-13.
PAGE 348
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) To View and/or Configure Fast-Uplink STP. This procedure uses the Spanning Tree Operation screen to enable STP and to set the Mode for fastuplink STP operation. 1. From the Main Menu select: 2. Switch Configuration . . . 4. Spanning Tree Operation 2. In the default STP configuration, RSTP is the selected protocol version.
PAGE 349
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) 3. If the Protocol Version is set to RSTP (as shown in figure 13-14), do the following: (Edit) to move the cursor to the Protocol Version field. a. Press b. Press the Space bar once to change the Protocol Version field to STP. c. Press d. Press ] (for Save) to save the change and exit from the Spanning Tree Operation screen.
PAGE 350
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) In this example, ports 2 and 3 have already been configured as a port trunk (Trk1), which appears at the end of the port listing. All ports (and the trunk) are in their default STP configuration. Note: In the actual menu screen, you must scroll the cursor down the port list to view the trunk configuration (ports A2 and A3). Figure 13-16. The Spanning Tree Operation Screen 4.
PAGE 351
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) STP is enabled. Port A1 and Trk1 are now configured for fast-uplink STP. Figure 13-17. Example of STP Enabled with Two Redundant Links Configured for Fast-Uplink STP 5. Press (for Save) to save the configuration changes to flash (nonvolatile) memory. To View Fast-Uplink STP Status.
PAGE 352
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) Indicates which uplink is the active path to the STP root device. Note: A switch using fast-uplink STP must never be the STP root device. Figure 13-18. Example of STP Status with Trk1 (Trunk 1) as the Path to the STP Root Device 2. Press (for Show ports) to display the status of individual ports.
PAGE 353
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) In figure 13-19: • Port A1 and Trk1 (trunk 1; formed from ports 2 and 3) are redundant fast-uplink STP links, with trunk 1 forwarding (the active link) and port A1 blocking (the backup link). (To view the configuration for port A1 and Trk1, see figure 13-17 on page 13-35.) • If the link provided by trunk 1 fails (on both ports), then port A1 begins forwarding in fast-uplink STP mode.
PAGE 354
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) Indicates that Trk1 (Trunk 1) provides the currently active path to the STP root device. Redundant STP link in the Blocking state. Links to PC or Workstation End Nodes Redundant STP link in the Forwarding state. (See the “Root Port field, above. This is the currently active path to the STP root device.) Figure 13-21.
PAGE 355
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) STP Enabled on the Switch Fast-Uplink STP Configured on Port 1 and Trunk 1 (Trk1) Figure 13-22. Example of a Configuration Supporting the STP Topology Shown in Figure 13-20 Using the CLI To Configure Fast-Uplink STP. This example uses the CLI to configure the switch for the fast-uplink operation shown in figures 13-20, 13-21, and 13-22.
PAGE 356
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) 802.1p Spanning-Tree Protocol (STP) Lists STP configuration. Shows the default STP protocol 1. Changes the Spanning-Tree protocol to STP (required for Fast-Uplink). 2. Saves the change to the startup-configuration 3. Reboots the switch. (Required for this configuration change.) Figure 13-23. Example of Changing the STP Configuration from the Default RSTP (802.1w) to STP (802.
PAGE 357
802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d Spanning Tree Protocol (STP) Web: Enabling or Disabling STP Note When you add a port to a trunk, the port takes on the STP mode configured for the trunk, regardless of which STP mode was configured on the port before it was added to the trunk. Thus, all ports belonging to a trunk configured with Uplink in the STP Mode field will operate in the fast-uplink mode.
PAGE 358
PAGE 359
14 Switch Meshing Contents Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-2 Switch Meshing Fundamentals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-4 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-4 Operating Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-5 Using a Heterogeneous Switch Mesh . . . . . . . . .
PAGE 360
Switch Meshing Introduction Introduction Switch meshing is a load-balancing technology that enhances reliability and performance in these ways: � Provides significantly better bandwidth utilization than either Spanning Tree Protocol (STP) or standard port trunking. � Uses redundant links that remain open to carry traffic, removing any single point of failure for disabling the network, and allowing quick responses to individual link failures.
PAGE 361
Switch Meshing Introduction Finding the Fastest Path. Using multiple switches redundantly linked together to form a meshed switch domain, switch meshing dynamically distributes traffic across load-balanced switch paths by seeking the fastest paths for new traffic between nodes. In actual operation, the switch mesh periodically determines the best (lowest latency) paths, then assigns these paths as the need arises. The path assignment remains until the related MAC address entry times out.
PAGE 362
Switch Meshing Switch Meshing Fundamentals Switch Meshing Fundamentals Terminology Switch Mesh Domain. This is a group of meshed switch ports exchanging meshing protocol packets. Paths between these ports can have multiple redundant links without creating broadcast storms. Hub W Switch 1 Switch Non-Mesh Switch 2 Switch 3 W Switch Non-Mesh Switch 4 Switch Mesh Domain Hub W Hub W W W Edge Switches: 1, 2, & 4 Figure 14-2. Example of a Switch Mesh Domain in a Network Edge Switch.
PAGE 363
Switch Meshing Switch Meshing Fundamentals Operating Rules (See also “Requirements and Restrictions” on page 14-24.) Note � A meshed switch can have some ports in the meshed domain and others outside the meshed domain. That is, ports within the meshed domain must be configured for meshing, while ports outside the meshed domain must not be configured for meshing. � � � � � Meshed links must be point-to-point switch links. Within any meshed switch, all ports belong to the same meshed domain.
PAGE 364
Switch Meshing Switch Meshing Fundamentals GVRP Note 14-6 � Spanning tree must be the same for all switches in the mesh (enabled or disabled). If spanning tree is enabled in the mesh, it must be the same version on all switches in the mesh (STP or RSTP). � If a switch in the mesh has GVRP enabled, then all switches in the mesh must have GVRP enabled. Otherwise, traffic on a dynamic VLAN may not pass through the mesh. HP Procurve 1600M/2400M/2424M/4000M/8000M switches do not offer the GVRP feature.
PAGE 365
Switch Meshing Switch Meshing Fundamentals Mesh Domain Non-Mesh Ports Mesh Domain Switch Non-Mesh Mesh Domain Mesh Domain Non-Mesh Ports Non-Mesh Link Figure 14-3. Example of Multiple Meshed Domains Separated by a Non-Mesh Switch or a Non-Mesh Link Using a Heterogeneous Switch Mesh You can use Series 5300XL switches together with any of the older HP Procurve Switch 1600M/2400M/2424M/4000M/8000M models.
PAGE 366
Switch Meshing Switch Meshing Fundamentals Scenario 1: In a heteroge neous mesh, creating the mesh with only one Series 5300XL switch connected to the host (on VLAN 1, for example), and then connecting a second Series 5300XL switch to the host (regardless of the VLAN used) results in connectivity issues with the host.
PAGE 367
Switch Meshing Switch Meshing Fundamentals Untagged VLAN 1 Host (Both links use the same MAC address.) Series 5300XL switch Series 5300XL switch Series 5300XL switch Series 5300XL switch Tagged VLAN 20 Series 5300XL switch Series 5300XL switch Switch 4000M Mesh Domain “A” In this topology, the presence of a host using the same MAC address in multiple links to different meshed switches means that Mesh Domain “B” cannot be merged with Mesh Domain “A” to form a single mesh domain.
PAGE 368
Switch Meshing Configuring Switch Meshing Configuring Switch Meshing Preparation Before configuring switch meshing: � Review the Operating Rules (page 14-5), and particularly the restrictions and requirements for using switch meshing in environments that include static trunks, multiple static VLANs, GVRP, IGMP, and STP. � To avoid unnecessary system disruption, plan the mesh bring-up to mini mize temporary port-blocking. (Refer to “Bringing Up a Switch Mesh Domain:” on page 14-9.
PAGE 369
Switch Meshing Configuring Switch Meshing Figure 14-7. Example of the Screen for Configuring Ports for Meshing 3. In the Group column, move the cursor to the port you want to assign to the switch mesh. 4. Press 5. Use the ^ or the v key to select the next port you want to include in your mesh domain, then press [M] again. For example, if you were adding ports A1 and A2 to your mesh domain, the screen would appear similar to figure 14-8: �� to choose Mesh for the selected port.
PAGE 370
Switch Meshing Configuring Switch Meshing Ports A1 and A2 configured for meshing. Figure 14-8. Example of Mesh Group Assignments for Several Ports 6. Notes Repeat step 5 for all ports you want in the mesh domain. For meshed ports, leave the Type value blank. (Meshed ports do not accept a Type value.) All meshed ports in the switch automatically belong to the same mesh domain. (See figure 14-2 on page 14-4.) 7. 14-12 When you finish assigning ports to the switch mesh, press (for Save).
PAGE 371
Switch Meshing Configuring Switch Meshing The asterisk indicates that you must reboot the switch to cause the Mesh configuration change to take effect. Figure 14-9. After Saving a Mesh Configuration Change, Reboot the Switch 8. Press 9. To activate the mesh assignment(s) from the Main menu, reboot the switch by pressing the following keys: a. �� to return to the Main menu. (for Reboot Switch) b. Space bar (to select Yes). c. �� (to start the reboot process).
PAGE 372
Switch Meshing Configuring Switch Meshing CLI: To View and Configure Switch Meshing Port Status and Configuration Features Feature Default Menu viewing switch mesh status n/a n/a configuring switch meshing Disabled n/a CLI Web below n/a n/a Viewing Switch Mesh Status Syntax: show mesh Lists the switch ports configured for meshing, along with the State of each mesh-configured connection, the MAC address of the switch on the opposite end of the link (Adjacent Switch), and the MAC address of the p
PAGE 373
Switch Meshing Configuring Switch Meshing Table 14-1. State Descriptions for Show Mesh Output State Meaning Established The port is linked to a meshed port on another switch and meshing traffic is flowing across the link. The show mesh listing includes the MAC addresses of the adjacent switch and direct connection port on the adjacent switch. Not Established The port may be linked to a switch on a port that is not configured for meshing or has gone down.
PAGE 374
Switch Meshing Configuring Switch Meshing Table 14-2. Operating Details for Figure 14-11 Port Meshing? Connection A1 Yes Connected to a port that may not be configured for meshing A2 Yes Connected to a switch port on a device that is not configured for meshing (another switch, or a hub). In this case, the Topology Error message indicates that the switch detects a meshed port on another, non-adjacent device that is also connected to the non-meshed switch or hub.
PAGE 375
Switch Meshing Operating Notes for Switch Meshing Figure 14-13. Example of How To Configure Ports for Meshing To remove a port from meshing, use the “no” version of mesh, followed by write memory and rebooting the switch. For example, to remove port C1 from the mesh: Figure 14-14. Example of Removing a Port from the Mesh Operating Notes for Switch Meshing In a switch mesh domain traffic is distributed across the available paths with an effort to keep latency the same from path to path.
PAGE 376
Switch Meshing Operating Notes for Switch Meshing This means that after an assigned path between two devices has timed out, new traffic between the same two devices may take a different path than previously used. To display information on the operating states of meshed ports and the identities of adjacent meshed ports and switches, see “Viewing Switch Mesh Status” on page 14-14.
PAGE 377
Switch Meshing Operating Notes for Switch Meshing traffic patterns, including the situation where multiple VLANs are configured and a broadcast path through the mesh domain leads only to ports that are in the same VLAN as the device originating the broadcast. Unicast Packets with Unknown Destinations A meshed switch receiving a unicast packet with an unknown destination does not flood the packet onto the mesh. Instead, the switch sends a query on the mesh to learn the location of the unicast destination.
PAGE 378
Switch Meshing Operating Notes for Switch Meshing Problem: Solution: STP enabled and creating traffic bottlenecks. Enabling meshing on links between switch ports removes STP blocks on meshed redundant links.
PAGE 379
Switch Meshing Operating Notes for Switch Meshing Figure 14-17. Connecting a Switch Mesh Domain to Non-Meshed Devices STP or RSTP should be configured on non-mesh devices that use redundant links to interconnect with other devices or with multiple switch mesh domains. For example: Non-Mesh Switch STP Block STP Block Mesh Domain Mesh Domain Non-Mesh Switch Figure 14-18.
PAGE 380
Switch Meshing Operating Notes for Switch Meshing Caution Because the switch automatically gives faster links a higher priority, the default STP or RSTP parameter settings are usually adequate for spanning tree operation. Because incorrect settings can adversely affect network performance, you should avoid making changes without having a strong understanding of how STP or RSTP operates. For more on STP and RSTP, refer to chapter 13, “802.1w Rapid Spanning Tree Protocol (RSTP) and 802.
PAGE 381
Switch Meshing Operating Notes for Switch Meshing Red Blue VLAN VLAN D (Blue VLAN) (Red VLAN) A Red VLAN Red VLAN Red VLAN Blue VLAN Blue VLAN Blue VLAN (Red VLAN) B C (Blue VLAN) (Red VLAN) E Red Blue VLAN VLAN Switch Mesh Domain All ports inside the mesh domain are members of all VLANs. Figure 14-19.
PAGE 382
Switch Meshing Operating Notes for Switch Meshing Requirements and Restrictions (See also “Operating Rules” on page 14-5.) � Mesh Domain Size: Up to 12 switches are supported in a switch mesh domain. The following example illustrates a meshed backbone where the maximum meshed switch hop count is 3. Server Farm Server Farm Switches SW 1 through SW 12 form the maximum size switch mesh domain. SW 1 SW 2 Note that more than one link is allowed between any two switches in the domain.
PAGE 383
Switch Meshing Operating Notes for Switch Meshing Switch 2 Switch 1 Switch 3 Switch 5 Switch 4 Figure 14-21. Example of the Maximum Meshed Switch Hop Count � Connecting Mesh Domains: To connect two separate switch meshing domains, you must use non-meshed ports. (The non-meshed link can be a port trunk or a single link.) Refer to figure 14-3 on page 14-7. � Fast EtherChannel® (FEC): This cannot be configured on a meshed port.
PAGE 384
Switch Meshing Operating Notes for Switch Meshing Series 5300XL switches detects a duplicate MAC address entering the mesh through separate switches, the 1600M/2400M/2424M/4000M/8000M switch will not be allowed in the switch mesh. For additional information on troubleshooting meshing problems, refer to “Using a Heterogeneous Switch Mesh” on page 14-7 and “Mesh-Related Prob lems” on page C-9.
PAGE 385
15 Quality of Service (QoS): Managing Bandwidth More Effectively Contents Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-2 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-5 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-6 Classifiers for Prioritizing Outbound Packets . . . . . . . . . . . . . . . . . . .
PAGE 386
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Introduction QoS Feature Default Menu CLI Web UDP/TCP Priority Disabled — page 15-14 page 15-57 IP-Device Priority Disabled — page 15-20 “ IP Type-of-Service Priority Disabled — page 15-25 “ LAN Protocol Priority Disabled — page 15-37 “ VLAN-ID Priority Disabled — page 15-39 “ Source-Port Priority Disabled — page 15-44 “ DSCP Policy Table Various — page 15-51 “ As the term suggests, network poli
PAGE 387
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Quality of Service is a general term for classifying and prioritizing traffic throughout a network. That is, QoS enables you to establish an end-to-end traffic priority policy to improve control and throughput of important data. You can manage available bandwidth so that the most important traffic goes first.
PAGE 388
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction QoS is implemented in the form of rules or policies that are configured on the switch. While you can use QoS to prioritize only the outbound traffic moving through the switch, you derive the maximum benefit by using QoS in an 802.1Q VLAN environment (with 802.1p priority tags) or in an untagged VLAN envi ronment (with DSCP policies) where QoS can set priorities that downstream devices can support without re-classifying the traffic.
PAGE 389
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Terminology Term Use in This Document codepoint Refer to DSCP, below. downstream device A device linked directly or indirectly to an outbound switch port. That is, the switch sends traffic to downstream devices. DSCP Differentiated Services Codepoint. (Also termed codepoint.) A DSCP is comprised of the upper six bits of the ToS (Type-of-Service) byte in IP packets. There are 64 possible codepoints.
PAGE 390
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Overview QoS settings operate on two levels: � Controlling the priority of outbound packets moving through the switch: Each switch port has four outbound traffic queues; “low”, “nor mal”, “medium”, and “high” priority. Packets leave the switch port on the basis of their queue assignment and whether any higher queues are empty: Table 15-1.
PAGE 391
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Note: If you are not using multiple tagged VLANs in your network, you can still use the tagged VLAN feature by configuring the default VLAN as a tagged VLAN. You can configure a QoS priority of 0 through 7 for an outbound packet. When the packet is then sent to a port, the QoS priority determines which outbound queue the packet uses: Table 15-2.
PAGE 392
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Classifiers for Prioritizing Outbound Packets You can configure QoS prioritization on the basis of seven QoS classifiers, or packet criteria, evaluated in the following order: Precedence QoS Classifier 1 UDP/TCP Application Type (port) 2 Device Priority (destination or source IP address) 3 IP Type of Service (ToS) field (IP packets only) 4 Protocol Priority (IP, IPX, ARP, DEC LAT, AppleTalk, SNA, and NetBeui) 5 VLAN Prior
PAGE 393
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Table 15-4. Precedence Criteria for QoS Classifiers Precedence Criteria 1 UDP/TCP Overview Takes precedence based on a layer 4 UDP or TCP application, with a user-specified application port number (for example, Telnet). Default state: Disabled If a packet does not meet the criteria for UDP/TCP priority, then precedence defaults to the Device Priority classifier, below.
PAGE 394
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Precedence Criteria 6 SourcePort Overview Takes precedence based on the source-port (that is, the port on which the packet entered the switch). If a packet does not meet the criteria for source-port priority, then precedence defaults to Incoming 802.1p criteria, below 7 Incoming 802.
PAGE 395
Quality of Service (QoS): Managing Bandwidth More Effectively Preparation for Configuring QoS Preparation for Configuring QoS You can use QoS regardless of whether your network has tagged VLANs: Table 15-5. Summary of QoS Capabilities Outbound Packet Options Tagged VLAN No Tagged Environment VLANs Control Queue Priority for Packet Types Yes Yes Carry the 802.1p Priority Assignment to Next Downstream Device Yes No Configure a Service Policy and Carry It to Downstream Devices.
PAGE 396
Quality of Service (QoS): Managing Bandwidth More Effectively Preparation for Configuring QoS 2. Select the QoS option you want to use. Table 15-6 lists the traffic types (QoS classifiers) and the QoS options you can use for prioritizing or setting a policy on these traffic types: Table 15-6.
PAGE 397
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic Using QoS Classifiers To Configure Quality of Service for Outbound Traffic QoS Feature Default Menu CLI Web UDP/TCP Priority Disabled — page 15-14 page 15-57 IP-Device Priority Disabled — page 15-20 “ IP Type-of-Service Priority Disabled — page 15-25 “ LAN Protocol Priority Disabled — page 15-37 “ VLAN-ID Priority Disabled — page 15-39 “ Sourc
PAGE 398
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic QoS UDP/TCP Priority QoS Classifier Precedence: 1 When you use UDP or TCP and a layer 4 Application port number as a QoS classifier, traffic carrying the specified UDP/TCP port number(s) is marked with the UDP/TCP classifier’s configured priority level, without regard for any other QoS classifiers in the switch. Options for Assigning Priority.
PAGE 399
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic Assigning a Priority Based on TCP or UDP Port Number This option assigns an 802.1p priority to outbound TCP or UDP packets as described below. Syntax: qos < udp-port | tcp-port > < tcp or udp port number > priority < 0 - 7 > Configures an 802.1p priority for outbound packets having the specified TCP or UDP application port number.
PAGE 400
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic Values in these two columns define the QoS classifiers to use for identifying packets to prioritize. Indicates 802.1p priority assignments are in use for packets with 23 or 80 as a TCP or UDP Application port number. Shows the 802.1p priority assignment for packets with the indicated QoS classifiers. Figure 15-3. Example of Configuring and Listing 802.
PAGE 401
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic Steps for Creating a DSCP Policy Based on TCP/UDP Port Number Classifiers. This procedure creates a DSCP policy for IP packets carrying the selected UDP or TCP port-number classifier. 1. Identify the TCP or UDP port-number classifier you want to use for assigning a DSCP policy. 2. Determine the DSCP policy for packets carrying the selected TCP or UDP port number. 3.
PAGE 402
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic Syntax: qos < udp-port | tcp-port > < tcp or udp port number > dscp < codepoint > Assigns a DSCP policy to packets having the specified TCP or UDP application port number and overwrites the DSCP in these packets with the assigned value. This policy includes an 802.1p priority and determines the packet’s queue in the outbound port to which it is sent.
PAGE 403
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic 2. Configure the DSCP policies for the codepoints you want to use. DSCP Policies Configured in this Step Figure 15-5. Assign Priorities to the Selected DSCPs 3. Assign the DSCP policies to the selected UDP/TCP port applications and display the result. Classifier DSCP Policy Figure 15-6.
PAGE 404
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic QoS IP-Device Priority QoS Classifier Precedence: 2 The IP device option enables you to use up to 256 IP addresses (source or destination) as QoS classifiers.
PAGE 405
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic For example, configure and list the 802.1p priority for packets carrying the following IP addresses: IP Address 802.1p Priority 10.28.31.1 7 10.28.31.130 5 10.28.31.100 1 10.28.31.101 1 Figure 15-7. Example of Configuring and Listing 802.
PAGE 406
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic 1. Identify the IP address you want to use as a classifier for assigning a DSCP policy. 2. Determine the DSCP policy for packets carrying the selected IP address: 3. Note a. Determine the DSCP you want to assign to the selected packets. (This codepoint will be used to overwrite the DSCP carried in packets received from upstream devices.) b. Determine the 802.
PAGE 407
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic no qos device-priority < ip-address > Deletes the specified IP address as a QoS classifier. show qos device-priority Displays a listing of all QoS Device Priority classifiers currently in the running-config file.
PAGE 408
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic 2. Configure the priorities for the DSCPs you want to use. DSCP Policies Configured in this step. Figure 15-9. Assigning 802.1p Priorities to the Selected DSCPs 3. Assign the DSCP policies to the selected device IP addresses and display the result. Figure 15-10.
PAGE 409
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic QoS IP Type-of-Service (ToS) Policy and Priority QoS Classifier Precedence: 3 This feature applies only to IP traffic and performs either of the following: � ToS IP-Precedence Mode: All IP packets generated by upstream devices and applications include precedence bits in the ToS byte.
PAGE 410
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic Assigning an 802.1p Priority to IP Packets on the Basis of the ToS Precedence Bits If a device or application upstream of the switch sets the precedence bits in the ToS byte of IP packets, you can use this feature to apply that setting for prioritizing packets for outbound port queues. If the outbound packets are in a tagged VLAN, this priority is carried as an 802.
PAGE 411
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic To replace this option with the ToS diff-services option, just configure diff services as described below, which automatically disables IP-Precedence. To disable IP-Precedence without enabling the diff-services option, use this command: HPswitch(config)# no qos type-of-service k Assigning an 802.
PAGE 412
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic Operating Notes Different applications may use the same DSCP in their IP packets. Also, the same application may use multiple DSCPs it the application originates on different clients, servers, or other devices.
PAGE 413
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic . Syntax: qos type-of-service diff-services Causes the switch to read the DSCP of an incoming IP packet and, when a match occurs, assign a corresponding 802.1p priority, as configured in the switch’s DSCP table (page 15-52). no qos type-of-service Disables all ToS classifier operation. no qos dscp-map < codepoint > Disables direct 802.
PAGE 414
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic configure an 802.1p priority of 7 for packets received with a DSCP of 000110, and then enable diff-services: Executing this command displays the current ToS configuration and shows that the selected DSCP is not currently in use. The 000110 codepoint is unused, and thus available for directly assigning an 802.1p priority without changing the packet’s DSCP.
PAGE 415
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic Assigning a DSCP Policy on the Basis of the DSCP in IP Packets Received from Upstream Devices The preceding section describes how to forward a policy set by an edge (or upstream) switch. This option changes a DSCP policy in an outbound IP packet by changing its IP ToS codepoint and applying the priority associated with the new codepoint.
PAGE 416
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic no qos type-of-service [ diff-services < codepoint > ] Deletes the DSCP policy assigned to the < codepoint > and returns the < codepoint > to the 802.1p priority setting it had before the DSCP policy was assigned. (This will be either a value from 0 - 7 or No-override.
PAGE 417
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic 2. Configure the policies in the DSCP table: Figure 15-16. Example of Policies Configured (with Optional Names) in the DSCP Table 3. Assign the policies to the codepoints in the selected packet types. The specified DSCP policies overwrite the original DSCPs on the selected packets, and use the 802.1p priorities previously configured in the DSCP policies in step 2.
PAGE 418
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic Details of QoS IP Type-of-Service IP packets include a Type of Service (ToS) byte. The ToS byte includes: � A Differentiated Services Codepoint (DSCP): This element is com prised of the upper six bits of the ToS byte). There are 64 possible codepoints. In the switch’s default qos configuration, some codepoints have default 802.
PAGE 419
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic Figure 15-18 shows an example of the ToS byte in the header for an IP packet, and illustrates the diffserv bits and precedence bits in the ToS byte. (Note that the Precedence bits are a subset of the Differentiated Services bits.) Field: Destination MAC Address Source MAC Address Packet: FF FF FF FF FF FF 08 00 09 00 00 16 IP Identifier Type & Version ToS Byte ...
PAGE 420
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic Table 16-7.
PAGE 421
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic QoS LAN Protocol Priority QoS Classifier Precedence: 4 The QoS protocol option enables you to use these protocols as QoS classifiers: � � IP IPX � � ARP DEC_LAT � � Appletalk � Netbeui SNA Options for Assigning Priority. Priority control for the LAN protocol clas sifier includes assigning only the 802.1p priority.
PAGE 422
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic For example: 1. Configure QoS protocol classifiers with IP at 0 (normal), ARP at 5 (medium), and AppleTalk at 7 (high) and display the QoS protocol config uration. 2. Disable the QoS IP protocol classifier, downgrade the ARP priority to 4, and again display the QoS protocol configuration. Figure 15-19 shows the command sequence and displays for the above steps.
PAGE 423
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic QoS VLAN-ID (VID) Priority QoS Classifier Precedence: 5 The QoS protocol option enables you to use up to 256 VLAN-IDs as QoS classifiers. Where a particular VLAN-ID classifier has the highest precedence in the switch for traffic in that VLAN, then traffic received in that VLAN is marked with the VID classifier’s configured priority level.
PAGE 424
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic no vlan < vlan-id > qos Removes the specified VLAN-ID as a QoS classifier and resets the priority for that VLAN to No- override. show qos vlan-priority Displays a listing of the QoS VLAN-ID classifiers currently in the running-config file, with their priority data. 1.
PAGE 425
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic If you then decided to remove VLAN_20 from QoS prioritization: In this instance, No- override indicates that VLAN 20 is not prioritized by QoS. Figure 15-22. Returning a QoS-Prioritized VLAN to “No-override” Status Assigning a DSCP Policy Based on VLAN-ID (VID) This option assigns a previously configured DSCP policy (codepoint and 802.
PAGE 426
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic Note A codepoint must have an 802.1p priority (0 - 7) before you can configure the codepoint for use in prioritizing packets by VLAN-ID. If a codepoint you want to use shows No-override in the Priority column of the DSCP Policy table (show qos dscp-map), then assign a priority before proceeding. 4.
PAGE 427
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic For example, suppose you wanted to assign this set of priorities: 1. VLAN-ID DSCP Priority 40 000111 7 30 000101 5 20 000010 1 1 000010 1 Determine whether the DSCPs already have priority assignments, which could indicate use by existing applications.
PAGE 428
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic 3. Assign the DSCP policies to the selected VIDs and display the result. Figure 15-25. The Completed VID-DSCP Priority Configuration The switch will now apply the DSCP policies in figure 15-25 to packets received on the switch with the specified VLAN-IDs.
PAGE 429
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic Options for Assigning Priority. Priority control options for packets from a specified source-port include: � � 802.1p priority DSCP policy (Assigning a new DSCP and an associated 802.1p priority; inbound packets must be IPv4.) (For operation when other QoS classifiers apply to the same traffic, refer to “Classifiers for Prioritizing Outbound Packets” on page 15-8.
PAGE 430
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic For example, suppose that you want to prioritize inbound traffic on the following source-ports: Source-Port Priority A1 - A3 2 A4 3 B1, B4 5 C1-C3 6 You would then execute the following commands to prioritize traffic received on the above ports: Figure 15-26.
PAGE 431
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic Assigning a DSCP Policy Based on the Source-Port This option assigns a previously configured DSCP policy (codepoint and 802.1p priority) to outbound IP packets (received from the specified sourceports). That is, the switch: 1. Selects an incoming IP packet on the basis of its source-port on the switch. 2.
PAGE 432
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic 4. Configure the switch to assign the DSCP policy to packets from the specified source-port. Syntax: qos dscp-map < codepoint > priority < 0 - 7 > This command is optional if a priority has already been assigned to the < codepoint >. The command creates a DSCP policy by assigning an 802.1p priority to a specific DSCP.
PAGE 433
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic For example, suppose you wanted to assign this set of priorities: Source-Port DSCP Priority A2 000111 7 B1-B3 000101 5 B4, C2 000010 1 1. Determine whether the DSCPs already have priority assignments, which could indicate use by existing applications.
PAGE 434
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic 3. Assign the DSCP policies to the selected source-ports and display the result. Figure 15-30.
PAGE 435
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic Differentiated Services Codepoint (DSCP) Mapping The DSCP Policy Table associates an 802.1p priority with a specific ToS byte codepoint in an IPv4 packet. This enables you to set a LAN policy that operates independently of 802.1Q VLAN-tagging. In the default state, most of the 64 codepoints do not assign an 802.
PAGE 436
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic Table 16-8. The Default DSCP Policy Table DSCP Policy 000000 000001 000010 000011 000100 000101 000110 000111 001000 001001 001010 001011 001100 001101 001110 001111 010000 010001 010010 010011 010100 010101 802.
PAGE 437
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic Codepoint Default Priority 001100 1 001101 No-override 001110 2 If you change all three settings to a priority of 3, and then execute write memory, the switch will reflect these changes in the show config listing: Configure these three codepoints with non-default priorities. Show config lists the non default codepoint settings. Figure 15-31.
PAGE 438
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic Note On Changing a Priority Setting If a QoS classifier is using a policy (codepoint and associated priority) in the DSCP Policy table, you must delete or change this usage before you can change the priority setting on the codepoint. Otherwise the switch blocks the change and displays this message: Cannot modify DSCP Policy < codepoint > - in use by other qos rules.
PAGE 439
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic 1. Identify which classifiers use the codepoint you want to change. Three classifiers use the codepoint that is to be changed. Two classifiers do not use the codepoint that is to be changed. Figure 15-33.
PAGE 440
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure Quality of Service for Outbound Traffic 2. 3. Change the classifier configurations by assigning them to a different DSCP policy, or to an 802.1p priority, or to No-override. For example: a. Delete the policy assignment for the device-priority classifier. (That is, assign it to No-override.) b. Create a new DSCP policy to use for re-assigning the remaining classifiers. c.
PAGE 441
Quality of Service (QoS): Managing Bandwidth More Effectively Configuring QoS from the Web Browser Interface Configuring QoS from the Web Browser Interface 1. Click here. 2. Click here. The default screen displays the TCP/UDP Application Priority option. Figure 15-34.
PAGE 442
Quality of Service (QoS): Managing Bandwidth More Effectively QoS Messages in the CLI IP Multicast (IGMP) Interaction with QoS IGMP high-priority-forward causes the switch to service the subscribed IP multicast group traffic at high priority, even if QoS on the switch has relegated the traffic to a lower priority. This does not affect any QoS priority settings, so the QoS priority is honored by downstream devices. However, QoS does take precedence over IGMP normal-priority traffic.
PAGE 443
Quality of Service (QoS): Managing Bandwidth More Effectively QoS Messages in the CLI Operating and Troubleshooting Notes � For Devices that Do Not Support 802.1Q Tagged VLANs: For communication between these devices and the switch, connect the device to a switch port configured as Untagged for the VLAN in which you want the device’s traffic to move. � VLAN Tagging Rules: For a port on the switch to be a member of a VLAN, the port must be configured as either Tagged or Untagged for that VLAN.
PAGE 444
PAGE 445
16 IP Routing Features Contents Overview of IP Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-2 IP Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-2 IP Tables and Caches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-3 IP Route Exchange Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-6 IP Interface Parameters for Routing Switches . . . . . . . .
PAGE 446
IP Routing Features Overview of IP Routing Overview of IP Routing The HP Procurve Series 5300XL Switches offer the following IP routing features: � � IP Static Routes – supports up to 256 static routes � OSPF (Open Shortest Path First) – the standard routing protocol for handling larger routed networks � IRDP (ICMP Router Discovery Protocol) – advertises the IP addresses of the routing interfaces on this switch to directly attached host systems � DHCP Relay – allows you to extend the service range
PAGE 447
IP Routing Features Overview of IP Routing Each IP address on a routing switch must be in a different sub-net. You can have only one VLAN interface that is in a given sub-net. For example, you can configure IP addresses 192.168.1.1/24 and 192.168.2.1/24 on the same routing switch, but you cannot configure 192.168.1.1/24 and 192.168.1.2/24 on the same routing switch. You can configure multiple IP addresses on the same VLAN. The number of IP addresses you can configure on an individual VLAN interface is 8.
PAGE 448
IP Routing Features Overview of IP Routing The software can learn an entry when the switch or routing switch receives an ARP request from another IP forwarding device or an ARP reply. Here is an example of a dynamic entry: 1 IP Address 207.95.6.102 MAC Address 0800.5afc.ea21 Type Dynamic Port 6 Each entry contains the destination device’s IP address and MAC address. To configure other ARP parameters, see “Configuring ARP Parameters” on page 16-10.
PAGE 449
IP Routing Features Overview of IP Routing Each IP route table entry contains the destination’s IP address and sub-net mask and the IP address of the next-hop router interface to the destination. Each entry also indicates route type, and for OSPF routes, the sub type, and the route’s IP metric (cost). The type indicates how the IP route table received the route.
PAGE 450
IP Routing Features Overview of IP Routing IP Route Exchange Protocols HP Procurve Series 5300XL Switches support the following IP route exchange protocols: � � Routing Information Protocol (RIP) Open Shortest Path First (OSPF) These protocols provide routes to the IP route table. You can use one or more of these protocols, in any combination. The protocols are disabled by default.
PAGE 451
IP Routing Features Overview of IP Routing Parameter Description Default See page Directed broadcast forwarding A directed broadcast is a packet containing all ones (or in some cases, all zeros) in the host portion of the destination IP address. When a router forwards such a broadcast, it sends a copy of the packet out each of its enabled IP interfaces. Note: You also can enable or disable this parameter on an individual interface basis. See table 16-2 on page 16-8.
PAGE 452
IP Routing Features Overview of IP Routing IP Interface Parameters for Routing Switches Table 16-2 lists the interface-level IP parameters for routing switches. Table 16-2. IP Interface Parameters – Routing Switches Parameter Description Default See page IP address A Layer 3 network interface address; separate IP addresses on individual VLAN interfaces. None configured chapter 7 Metric A numeric cost the router adds to RIP routes learned on the interface. This parameter applies only to RIP routes.
PAGE 453
IP Routing Features Configuring IP Parameters for Routing Switches Configuring IP Parameters for Routing Switches The following sections describe how to configure IP parameters. Some param eters can be configured globally while others can be configured on individual VLAN interfaces. Some parameters can be configured globally and overridden for individual VLAN interfaces. Note This section describes how to configure IP parameters for routing switches.
PAGE 454
IP Routing Features Configuring IP Parameters for Routing Switches HPswitch(config)# ip router-id 209.157.22.26 Syntax: Syntax: ip router-id The can be any valid, unique IP address. Note You can specify an IP address used for an interface on the HP routing switch, but do not specify an IP address in use by another device.
PAGE 455
IP Routing Features Configuring IP Parameters for Routing Switches � First, the routing switch looks in the ARP cache (not the static ARP table) for an entry that lists the MAC address for the IP address. The ARP cache maps IP addresses to MAC addresses. The cache also lists the port attached to the device and, if the entry is dynamic, the age of the entry.
PAGE 456
IP Routing Features Configuring IP Parameters for Routing Switches Enabling Proxy ARP Proxy ARP allows a routing switch to answer ARP requests from devices on one network on behalf of devices in another network. Since ARP requests are MAC-layer broadcasts, they reach only the devices that are directly connected to the sender of the ARP request. Thus, ARP requests do not cross routers. For example, if Proxy ARP is enabled on a routing switch connected to two sub-nets, 10.10.10.0/24 and 20.20.20.
PAGE 457
IP Routing Features Configuring IP Parameters for Routing Switches Changing the TTL Threshold The configuration of this parameter is covered in chapter 7, “Configuring IP Addressing”. Enabling Forwarding of Directed Broadcasts A directed broadcast is an IP broadcast to all devices within a single directlyattached network or sub-net. A net-directed broadcast goes to all devices on a given network. A sub-net-directed broadcast goes to all devices within a given sub-net.
PAGE 458
IP Routing Features Configuring IP Parameters for Routing Switches Configuring ICMP You can configure the following ICMP limits: � Burst-Normal – The maximum number of ICMP replies to send per second. � Reply Limit – You can enable or disable ICMP reply rate limiting. Disabling ICMP Messages HP devices are enabled to reply to ICMP echo messages and send ICMP Destination Unreachable messages by default.
PAGE 459
IP Routing Features Configuring IP Parameters for Routing Switches Disabling ICMP Destination Unreachable Messages By default, when an HP device receives an IP packet that the device cannot deliver, the device sends an ICMP Unreachable message back to the host that sent the packet. The following types of ICMP Unreachable messages are generated: Note � Administration – The packet was dropped by the HP device due to a filter or ACL configured on the device.
PAGE 460
IP Routing Features Configuring Static IP Routes Disabling ICMP Redirects You can disable ICMP redirects on the HP routing switch. only on a global basis, for all the routing switch interfaces.
PAGE 461
IP Routing Features Configuring Static IP Routes � Null (reject) – the static route consists of the destination network address and network mask, and the reject parameter. Typically, the null route is configured as a backup route for discarding traffic if the primary route is unavailable. Static IP Route Parameters When you configure a static IP route, you must specify the following param eters: � � The IP address and network mask for the route’s destination network.
PAGE 462
IP Routing Features Configuring Static IP Routes The following command configures a static route to 207.95.7.0, using 207.95.6.157 as the next-hop gateway. HPswitch(config)# ip route 207.95.7.0/24 207.95.6.157 When you configure a static IP route, you specify the destination address for the route and the next-hop gateway or routing switch interface through which the routing switch can reach the route. The routing switch adds the route to the IP route table. In this case, Router A knows that 207.95.6.
PAGE 463
IP Routing Features Configuring Static IP Routes To configure a null static route to drop packets destined for network 209.157.22.x, enter the following commands: HPswitch(config)# ip route 209.157.22.0 255.255.255.0 reject HPswitch(config)# write memory Syntax: ip route reject or ip route / reject The parameter specifies the network or host address.
PAGE 464
IP Routing Features Configuring RIP Configuring RIP This section describes how to configure RIP on HP Series 5300XL Switches using the CLI interface. To display RIP configuration information and statistics, see “Displaying RIP Information” on page 16-26. Overview of RIP Routing Information Protocol (RIP) is an IP route exchange protocol that uses a distance vector (a number representing distance) to measure the cost of a given route.
PAGE 465
IP Routing Features Configuring RIP RIP Parameters and Defaults The following tables list the RIP parameters, their default values, and where to find configuration information. RIP Global Parameters Table 16-3 lists the global RIP parameters and their default values. Table 16-3. RIP Global Parameters Parameter Description Default RIP state Routing Information Protocol V2-only. Disabled auto-summary Enable/Disable advertisement of summarized routes.
PAGE 466
IP Routing Features Configuring RIP Parameter Description Default IP address The routes that a routing switch learns or advertises The routing switch can be controlled. learns and advertises all RIP routes on all RIP interfaces loop prevention The method the routing switch uses to prevent routing Poison reverse loops caused by advertising a route on the same interface as the one on which the routing switch learned the route.
PAGE 467
IP Routing Features Configuring RIP Changing the RIP Type on a VLAN Interface When you enable RIP on a VLAN interface, RIPv2-only is enabled by default.
PAGE 468
IP Routing Features Configuring RIP Configuring RIP Redistribution You can configure the routing switch to redistribute connected and static routes into RIP. When you redistribute a route into RIP, the routing switch can use RIP to advertise the route to its RIP neighbors. To configure redistribution, perform the following tasks: 1. Configure redistribution filters to permit or deny redistribution for a route based on the destination network address or interface. (optional) 2.
PAGE 469
IP Routing Features Configuring RIP Syntax: restrict | This command prevents any routes with a destination address that is included in the range specified by the address/mask pair from being redistributed by RIP. Modify Default Metric for Redistribution The default metric is a global parameter that specifies the cost applied to all RIP routes by default. The default value is 1. You can assign a cost from 1 – 15.
PAGE 470
IP Routing Features Configuring RIP Changing the Route Loop Prevention Method RIP can use the following methods to prevent routing loops: � Split horizon - the routing switch does not advertise a route on the same interface as the one on which the routing switch learned the route. � Poison reverse - the routing switch assigns a cost of 16 (“infinity” or “unreachable”) to a route before advertising it on the same interface as the one on which the routing switch learned the route. This is the default.
PAGE 471
IP Routing Features Configuring RIP Displaying General RIP Information To display general RIP information, enter the following CLI command at any context level: HPswitch# show ip rip The resulting display will appear similar to the following: RIP global parameters RIP protocol Auto-summary Default Metric Route changes Queries : : : : : disabled disabled 1 0 0 RIP interface information IP Address --------------100.1.0.1 100.2.0.1 100.3.0.1 100.4.0.1 100.10.0.1 100.11.0.1 100.12.0.
PAGE 472
IP Routing Features Configuring RIP � Default Metric – Sets the default metric for imported routes. This is the metric that will be advertised with the imported route to other RIP peers. A RIP metric is a measurement used to determine the 'best' path to network; 1 is the best, 15 is the worse, 16 is unreachable. � Route changes – The number of times RIP has modified the routing switch’s routing table. � Queries – The number of RIP queries that have been received by the routing switch.
PAGE 473
IP Routing Features Configuring RIP Displaying RIP Interface Information To display RIP interface information, enter the following CLI command at any context level: HPswitch# show ip rip interface The resulting display will appear similar to the following: RIP interface information IP Address --------------100.1.0.1 100.2.0.1 100.3.0.1 100.4.0.
PAGE 474
IP Routing Features Configuring RIP The information in this display includes the following fields, which are defined under ““RIP Interface Information” on page 16-28: IP Address, Status, Send mode, Recv mode, Metric, and Auth. The information also includes the following fields: � Bad packets received – The number of packets that were received on this interface and were not processed for any reason.
PAGE 475
IP Routing Features Configuring RIP The resulting display will appear similar to the following: RIP peer information IP Address --------------100.1.0.100 100.2.0.100 100.3.0.100 100.10.0.100 Bad routes ----------0 0 0 0 Last update timeticks --------------------1 0 2 1 This display lists all neighboring routers from which the routing switch has received RIP updates. The following fields are displayed: � � IP Address – IP address of the RIP peer neighbor.
PAGE 476
IP Routing Features Configuring RIP Displaying RIP Redistribution Information To display RIP redistribution information, enter the following CLI command at any context level: HPswitch# show ip rip redistribute RIP redistributing Route type ---------connected static Status -------enabled enabled RIP automatically redistributes connected routes which are configured on interfaces that are running RIP, and all routes that are learned via RIP.
PAGE 477
IP Routing Features Configuring OSPF Configuring OSPF This section describes how to configure OSPF on HP Series 5300XL Switches using the CLI interface. To display OSPF configuration information and statistics, see “Displaying OSPF Information” on page 16-52. Overview of OSPF OSPF is a link-state routing protocol. The protocol uses link-state advertise ments (LSA) to update neighboring routers regarding its interfaces and infor mation on those interfaces.
PAGE 478
IP Routing Features Configuring OSPF An OSPF router can be a member of multiple areas. Routers with membership in multiple areas are known as Area Border Routers (ABRs). Each ABR maintains a separate topological database for each area the router is in. Each topological database contains all of the LSA databases for each router within a given area. The routers within the same area have identical topological databases.
PAGE 479
IP Routing Features Configuring OSPF When multiple Series 5300XL Switches on the same network are declaring themselves as DRs, then both priority and router ID are used to select the designated router and backup designated routers. When only one router on the network claims the DR role despite neighboring routers with higher priorities or router IDs, this router remains the DR. This is also true for BDRs.
PAGE 480
IP Routing Features Configuring OSPF This enhancement implements the portion of RFC 2328 that describes AS External LSA reduction. This enhancement is enabled by default, requires no configuration, and cannot be disabled. OSPF eliminates duplicate AS External LSAs.
PAGE 481
IP Routing Features Configuring OSPF Dynamic OSPF Activation and Configuration OSPF is automatically activated when you enable it. The protocol does not require a software reload.
PAGE 482
IP Routing Features Configuring OSPF Configuration Rules � If a Series 5300 Switch is to operate as an ASBR, you must enable redistribution. When you do that, ASBR capability is automatically enabled. � All Series 5300 Switch VLAN interfaces on which you wish to run OSPF must be assigned to one of the defined areas. When a VLAN interface is assigned to an area, the primary IP address is automatically included in the assignment.
PAGE 483
IP Routing Features Configuring OSPF Enable OSPF on the Series 5300XL Switch When you enable OSPF on the Series 5300XL Switch, the protocol is automat ically activated. To enable OSPF on the Series 5300XL Switch, use the CLI commands: HPswitch(config)# ip routing HPswitch(config)#router ospf The first command enables routing on the Series 5300XL Switch. The second command launches you into the OSPF router level where you can assign areas and modify OSPF global parameters. Note Regarding Disabling OSPF.
PAGE 484
IP Routing Features Configuring OSPF Example: Here is an example of the commands to set up several OSPF areas. HPswitch(ospf)# area 192.5.1.0 HPswitch(ospf)# area 200.5.0.0 HPswitch(ospf)# area 195.5.0.0 HPswitch(ospf)# area 0.0.0.0 HPswitch(ospf)# write memory Syntax: area | [stub [no-summary]] The | parameter specifies the area number, which can be a number or in IP address format. If you specify a number, the number can be from 0 – 4,294,967,295.
PAGE 485
IP Routing Features Configuring OSPF Note This feature applies only when the Series 5300XL Switch is configured as an Area Border Router (ABR) for the area. To completely prevent summary LSAs from being sent to the area, disable the summary LSAs on each OSPF router that is an ABR for the area.
PAGE 486
IP Routing Features Configuring OSPF Syntax: area range [no-advertise] The parameter specifies the area number, which can be in IP address format. The parameter following range specifies the IP address portion of the range. The software compares the address with the significant bits in the mask. All network addresses that match this comparison are summarized in a single route advertised by the Series 5300XL Switch.
PAGE 487
IP Routing Features Configuring OSPF Modify Interface Defaults OSPF has interface parameters that you can configure. For simplicity, each of these parameters has a default value. No change to these default values is required except as needed for specific network configurations.
PAGE 488
IP Routing Features Configuring OSPF Dead-interval: Indicates the number of seconds that a neighbor router waits for a hello packet from the current Series 5300XL Switch before declaring the Series 5300XL Switch down. The value can be from 1 – 2,147,483,647 seconds. The default is 40 seconds. Hello-interval: Represents the length of time between the transmission of hello packets. The value can be from 1 – 65535 seconds. The default is 10 seconds.
PAGE 489
IP Routing Features Configuring OSPF � The neighbor router field is the router ID (IP address) of the router that is physically connected to the backbone, when assigned from the router interface requiring a logical connection. When assigning the parameters from the router with the physical connection, the router ID is the IP address of the router requiring a logical connection to the backbone. Note By default, the HP router ID is the lowest numbered IP address configured on the device.
PAGE 490
IP Routing Features Configuring OSPF Example. Figure 16-1 shows an OSPF area border router, Routing Switch-A, that is cut off from the backbone area (Area 0). To provide backbone access to Routing Switch-A, you can add a virtual link between Routing Switch-A and Routing Switch-C using Area 1 as a transit area. To configure the virtual link, you define the link on the router that is at each end of the link. No configuration for the virtual link is required on the routers in the transit area.
PAGE 491
IP Routing Features Configuring OSPF The parameters are described below. For syntax information, at the CLI prompt, enter the command area help. Virtual Link Parameter Descriptions You can modify the following virtual link interface parameters: Authentication Key: This parameter allows you to assign different authen tication methods on a per-virtual-link basis. OSPF supports two methods of authentication for each interface—none and simple password.
PAGE 492
IP Routing Features Configuring OSPF Note Do not enable redistribution until you have configured the redistribution filters. Otherwise, the network might get overloaded with routes that you did not intend to redistribute. Example: To configure the Series 5300XL Switch acting as an ASBR to filter out redistribution of static or connected routes on network 10.0.0.0, enter the following commands: HPswitchASBR(config)# router ospf HPswitch(ospf)# restrict 10.0.0.0 255.0.0.
PAGE 493
IP Routing Features Configuring OSPF Enable Route Redistribution Note Do not enable redistribution until you have configured the redistribution “restrict” filters. Otherwise, the network might get overloaded with routes that you did not intend to redistribute. To enable redistribution of connected and static IP routes into OSPF, enter the following commands.
PAGE 494
IP Routing Features Configuring OSPF Modify OSPF Traps Generated OSPF traps as defined by RFC 1850 are supported on HP Series 5300XL Switches. OSPF trap generation is enabled on the Series 5300XL Switch, by default.
PAGE 495
IP Routing Features Configuring OSPF OSPF Trap Name MIB Object originate-lsa-trap ospfOriginateLsa originate-maxage-lsa-trap ospfMaxAgeLsa link-state-database-overflow-trap ospfLsdbOverflow link-state-database-approaching-overflowtrap ospfLsdbApproachingOverflow Examples: 1. To stop an OSPF trap from being collected, use the following CLI command: HPswitch(ospf)#no trap 2.
PAGE 496
IP Routing Features Configuring OSPF Displaying OSPF Information You can use CLI commands to display the following OSPF information: OSPF Information Type Page General Information 16-52 Area information 16-54 External link state information 16-55 Interface information 16-56 Link state information 16-59 Neighbor information 16-61 Route information 16-67 Virtual Neighbor information 16-64 Virtual Link information 16-65 Displaying General OSPF Configuration Information To display general O
PAGE 497
IP Routing Features Configuring OSPF Syntax: show ip ospf general The following fields are shown in the OSPF general status display: Table 16-3. CLI Display of OSPF General Information This Field... Displays... OSPF protocol indicates whether OSPF is currently enabled.
PAGE 498
IP Routing Features Configuring OSPF Displaying OSPF Area Information To display OSPF area information, enter the following command at any CLI level: HPswitch> show ip ospf area OSPF Area Information Area ID Type Cost SPFR ABR ASBR LSA Checksum --------------0.0.0.0 192.147.60.0 192.147.80.
PAGE 499
IP Routing Features Configuring OSPF Displaying OSPF External Link State Information To display external link state information, enter the following command at any CLI level: HPswitch# show ip ospf external-link-state When you enter this command, an output similar to the following is displayed: Link State ID --------------10.3.7.0 10.3.8.0 10.3.9.0 10.3.10.0 10.3.33.0 Router ID --------------10.0.8.37 10.0.8.37 10.0.8.37 10.0.8.37 10.0.8.
PAGE 500
IP Routing Features Configuring OSPF An example of the show ip ospf external-link-state advertise is the following: OSPF External LSAs Advertisements -----------------------------------------------------------------------000302050a0307000a00082580000005d99f0024ffffff008000000a0000000000000000 000302050a0308000a00082580000005cea90024ffffff008000000a0000000000000000 000302050a0309000a00082580000005c3b30024ffffff008000000a0000000000000000 000302050a030a000a00082580000005b8bd0024ffffff008000000a000000000000000
PAGE 501
IP Routing Features Configuring OSPF This Field... Displays... State The current state of the interface.
PAGE 502
IP Routing Features Configuring OSPF OSPF Interface Status for 10.3.18.36 IP Address Area ID State Cost Type : 10.3.18.36 : 10.3.16.0 : BDR : 1 : BCAST Status : enabled Auth-type : none Priority : 1 Transit Delay Hello Interval Designated Router Backup Desig. Rtr : : : : 1 10 10.3.18.34 10.3.18.
PAGE 503
IP Routing Features Configuring OSPF This Field... Displays... Backup Desig. Rtr IP address of the router that has been elected backup designated router on this interface. Events Number of times the interface state has changed. If you issue a show ip ospf interface vlan command, the information will be the same as shown in the previous table, but for the primary IP address on the indicated VLAN.
PAGE 504
IP Routing Features Configuring OSPF The OSPF link state display shows contents of the LSA database, one table for each area. The following information is shown: Table 16-8. CLI Display of OSPF Link State Information This Field... Displays... LSA Type Type of LSA. The possible types are: Router Network Summary AsbSummary Link State ID LSA ID for this LSA. The meaning depends on the LSA type. Advertised Router ID Router ID of the router that originated this LSA.
PAGE 505
IP Routing Features Configuring OSPF An example of the show ip ospf link-state advertise is the following: OSPF Link State Database for Area 0.0.0.0 Advertisements -----------------------------------------------------------------------000202010a0008200a00082080000281a7b60054000000050a030e00ffffff0003000001... 000202010a0008210a00082180000006a5c90024010000010a0008230a03112104000002 000102010a0008230a00082380000015755d006c010000070a030600ffffff0003000001...
PAGE 506
IP Routing Features Configuring OSPF This display shows the following information. Table 16-9. CLI Display of OSPF Neighbor Information 16-62 Field Description Router ID The router ID of the neighbor. Pri The OSPF priority of the neighbor. The priority is used during election of the Designated Router (DR) and Backup designated Router (BDR). IP Address The IP address of this routing switch’s interface with the neighbor. NbIfState The neighbor interface state.
PAGE 507
IP Routing Features Configuring OSPF Displaying OSFPF Redistribution Information As described under “Enable Route Redistribution” on page 16-49, you can configure the routing switch to redistribute connected and static routes into OSPF. When you redistribute a route into OSPF, the routing switch can use OSPF to advertise the route to its OSPF neighbors.
PAGE 508
IP Routing Features Configuring OSPF Displaying OSPF Virtual Neighbor Information To display OSPF virtual neighbor information, enter the following command at any CLI level: HPswitch# show ip ospf virtual-neighbor OSPF Virtual Interface Neighbor Information Router ID --------------10.0.8.33 10.0.8.36 Area ID --------------10.3.16.0 10.3.16.0 State -------FULL FULL IP Address --------------10.3.17.33 10.3.18.
PAGE 509
IP Routing Features Configuring OSPF Displaying OSPF Virtual Link Information To display OSPF virtual link information, enter the following command at any CLI level: HPswitch# show ip ospf virtual-link OSPF Virtual Interface Status Transit AreaID --------------10.3.16.0 10.3.16.0 Neighbor Router --------------10.0.8.33 10.0.8.
PAGE 510
IP Routing Features Configuring OSPF OSPF Virtual Interface Status for interface 10.0.8.33 Transit AreaID : 10.3.16.0 Neighbor Router : 10.0.8.33 Authentication : none Interface State : P2P Events : 1 Transit Delay Rtr Interval Hello Interval Dead Interval : : : : 1 5 10 40 In this display, these fields show the same type of information as described for the general OSPF virtual link display: Transit Area ID, Neighbor Router, Authentication, and Interface State.
PAGE 511
IP Routing Features Configuring OSPF Displaying OSPF Route Information To display OSPF route and other OSPF configuration information, enter the following command at any CLI level: HPswitch# show ip ospf OSPF Configuration Information OSPF protocol Router ID : enabled : 10.0.8.35 Currently defined areas: Area ID --------------backbone 10.3.16.0 10.3.32.
PAGE 512
IP Routing Features Configuring OSPF Syntax: show ip ospf This screen has a lot of information, most of it already covered in other show commands. The following table shows definitions for the fields: Table 16-13. CLI Display of OSPF Route and Status Information Field Description OSPF protocol enabled or disabled – indicates if OSPF is currently enabled. Router ID The Router ID that this routing switch is currently using to identify itself.
PAGE 513
IP Routing Features Configuring IRDP Configuring IRDP The ICMP Router Discovery Protocol (IRDP) is used by HP routing switches to advertise the IP addresses of its router interfaces to directly attached hosts. IRDP is enabled by default. You can enable the feature on a global basis or on an individual VLAN interface basis. When IRDP is enabled, the routing switch periodically sends Router Adver tisement messages out the IP interfaces on which the feature is enabled.
PAGE 514
IP Routing Features Configuring IRDP messages from other routers at the same time. The interval on each IRDPenabled routing switch interface is independent of the interval on other IRDP-enabled interfaces. The default maximum message interval is 600 seconds. The default minimum message interval is 450 seconds.
PAGE 515
IP Routing Features Configuring IRDP for the routing switch to the hold time specified in the new advertisement. If the hold time of an advertisement expires, the host discards the adver tisement, concluding that the router interface that sent the advertisement is no longer available. The value must be greater than the value of the maxadvertinterval parameter and cannot be greater than 9000. The default is three times the value of the maxadvertinterval parameter.
PAGE 516
IP Routing Features Configuring DHCP Relay Configuring DHCP Relay Overview The Dynamic Host Configuration Protocol (DHCP) is used for configuring hosts with IP address and other configuration parameters without human intervention. The protocol is composed of three components: the DHCP client, the DHCP server, and the DHCP relay agent.
PAGE 517
IP Routing Features Configuring DHCP Relay Minimum Requirements for DHCP Relay Operation In order for the DHCP Relay agent to work, the following steps must be completed: 1. DHCP Relay is enabled on the routing switch 2. A DHCP server is servicing the routing switch 3. IP Routing is enabled on the routing switch 4. There is a route from the DHCP server to the routing switch and back 5.
PAGE 518
PAGE 519
A File Transfers Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-2 Downloading an Operating System (OS) . . . . . . . . . . . . . . . . . . . . . . . A-2 General OS Download Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-2 Using TFTP To Download an OS Image from a Server . . . . . . . . . . . A-3 Using Xmodem to Download an OS Image From a PC or UNIX Workstation . . . . . . . . . . . . . . . . . . . . . .
PAGE 520
File Transfers Overview Overview You can download new switch software (operating system—OS) and upload or download switch configuration files. These features are useful for acquiring periodic switch software upgrades and for storing or retrieving a switch configuration.
PAGE 521
File Transfers Downloading an Operating System (OS) Note Downloading a new OS does not change the current switch configuration. The switch configuration is contained in separate files that can also be transferred. See “Transferring Switch Configurations” on page A-13. In most cases, if a power failure or other cause interrupts a flash image download, the switch reboots with the image previously stored in primary flash.
PAGE 522
File Transfers Downloading an Operating System (OS) Menu: TFTP Download from a Server to Primary Flash Note that the menu interface accesses only the primary flash. 1. In the console Main Menu, select Download OS to display this screen: Figure A-1. (for Edit). 2. Press 3. Ensure that the Method field is set to TFTP (the default). 4. In the TFTP Server field, type in the IP address of the TFTP server in which the OS file has been stored. 5.
PAGE 523
File Transfers Downloading an Operating System (OS) A “progress” bar indicates the progress of the download. When the entire OS file has been received, all activity on the switch halts and you will see Validating and writing system software to FLASH... 7. After the primary flash memory has been updated with the new operating system, you must reboot the switch to implement the newly downloaded (for Reboot Switch). You will OS.
PAGE 524
File Transfers Downloading an Operating System (OS) 1. Execute copy as shown below: Dynamic counter continually displays the number of bytes transferred. Figure A-3. 2. This message means that the image you want to upload will replace the image currently in primary flash. Example of the Command to Download an OS When the switch finishes downloading the OS file from the server, it displays this progress message: Validating and Writing System Software to FLASH . . . 3.
PAGE 525
File Transfers Downloading an Operating System (OS) � The terminal emulator you are using includes the Xmodem binary transfer feature. (For example, in the HyperTerminal application included with Windows NT, you would use the Send File option in the Transfer dropdown menu.) Menu: Xmodem Download to Primary Flash Note that the menu interface accesses only the primary flash. 1. From the console Main Menu, select 7. Download OS (for Edit). 2. Press 3.
PAGE 526
File Transfers Downloading an Operating System (OS) CLI: Xmodem Download from a PC or Unix Workstation to Primary or Secondary Flash Using Xmodem and a terminal emulator, you can download an OS image to either primary or secondary flash. Syntax: copy xmodem flash [] Note that if you do not specify the flash destination, the Xmodem download defaults to primary flash. For example, to download an OS file named E0500.
PAGE 527
File Transfers Downloading an Operating System (OS) If you need information on primary/secondary flash memory and the boot commands, see “Using Primary and Secondary Flash Image Options” on page 5-12. Switch-to-Switch Download You can use TFTP to transfer an OS image between two Series 5300XL switches. The menu interface enables you to transfer primary-to-primary or secondary-to-primary. The CLI enables all combinations of flash location options.
PAGE 528
File Transfers Downloading an Operating System (OS) 8. To confirm that the operating system downloaded correctly: a. From the Main Menu, select Status and Counters General System Information b. Check the Firmware revision line. CLI: Switch-To-Switch Downloads You can download an OS image between two Series 5300XL switchs connected on your LAN by initiating a copy tftp command from the destination switch.
PAGE 529
File Transfers Downloading an Operating System (OS) Syntax: copy tftp flash | [primary | secondary] If you do not specify either a primary or secondary flash location for the destination, the download automatically goes to primary flash. For example, to download an OS file from secondary flash in a Series 5300XL switch with an IP address of 10.28.227.
PAGE 530
File Transfers Troubleshooting TFTP Downloads Troubleshooting TFTP Downloads When using the menu interface, if a TFTP download fails, the Download OS screen indicates the failure. Message Indicating cause of TFTP Download Failure Figure A-6.
PAGE 531
File Transfers Transferring Switch Configurations Note � For a Unix TFTP server, the file permissions for the OS file do not allow the file to be copied. � Another console session (through either a direct connection to a terminal device or through Telnet) was already running when you started the session in which the download was attempted. If an error occurs in which normal switch operation cannot be restored, the switch automatically reboots itself.
PAGE 532
File Transfers Transferring Switch Configurations Series 5300XL switch# copy tftp startup-config 10.28.227.105 d:\configs\sw2512 TFTP: Copying a Configuration File to a Remote Host. Syntax: copy tftp This command copies the switch’s startup configuration (startup-config file) to a remote TFTP host.
PAGE 533
File Transfers Transferring Switch Configurations Xmodem: Copying a Configuration File from a Serially Connected PC or Unix Workstation. To use this method, the switch must be connected via the serial port to a PC or Unix workstation on which is stored the configuration file you want to copy. To complete the copying, you will need to know the name of the file to copy and the drive and directory location of the file.
PAGE 534
File Transfers Copying Diagnostic Data to a Remote Host, PC, or Unix Workstation Copying Diagnostic Data to a Remote Host, PC, or Unix Workstation You can use the CLI to copy the following types of switch data to a text file in a management device: � Command Output: Sends the output of a switch CLI command as a file on the destination device. � Event Log: Copies the switch’s Event Log into a file on the destination device.
PAGE 535
File Transfers Copying Diagnostic Data to a Remote Host, PC, or Unix Workstation Copying Event Log Output to a Destination Device This command uses TFTP or Xmodem to copy the Event Log content to a PC or UNIX workstation on the network. Syntax: copy event-log tftp copy event-log xmodem For example, to copy the event log to a PC connected to the switch: At this point, press and start the Xmodem command sequence in your terminal emulator. �� Figure A-8.
PAGE 536
File Transfers Copying Diagnostic Data to a Remote Host, PC, or Unix Workstation Copying Crash Log Data Content to a Destination Device This command uses TFTP or Xmodem to copy the Crash Log content to a PC or UNIX workstation on the network. You can copy individual slot information or the master switch information. If you do not specify either, the command defaults to the master data.
PAGE 537
B Monitoring and Analyzing Switch Operation Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-2 Status and Counters Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-3 Menu Access To Status and Counters . . . . . . . . . . . . . . . . . . . . . . . . . B-4 General System Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-5 Switch Management Address Information . . . . . . . . .
PAGE 538
Monitoring and Analyzing Switch Operation Overview Overview The Series 5300XL switches have several built-in tools for monitoring, analyz ing, and troubleshooting switch and network operation: Note B-2 � Status: Includes options for displaying general switch information, man agement address data, port status, port and trunk group statistics, MAC addresses detected on each port or VLAN, and STP, IGMP, and VLAN data (page B-3).
PAGE 539
Monitoring and Analyzing Switch Operation Status and Counters Data Status and Counters Data This section describes the status and counters screens available through the switch console interface and/or the web browser interface. Note Status or Counters Type You can access all console screens from the web browser interface via Telnet to the console. Telnet access to the switch is available in the Device View window under the Configuration tab.
PAGE 540
Monitoring and Analyzing Switch Operation Status and Counters Data Menu Access To Status and Counters Beginning at the Main Menu, display the Status and Counters menu by select ing: 1. Status and Counters Figure B-1. The Status and Counters Menu Each of the above menu items accesses the read-only screens described on the following pages. Refer to the online help for a description of the entries displayed in these screens.
PAGE 541
Monitoring and Analyzing Switch Operation Status and Counters Data General System Information Menu Access From the console Main Menu, select: 1. Status and Counters 1. General System Information Figure B-2. Example of General Switch Information This screen dynamically indicates how individual switch resources are being used. See the online Help for details.
PAGE 542
Monitoring and Analyzing Switch Operation Status and Counters Data Switch Management Address Information Menu Access From the Main Menu, select: 1 Status and Counters . . . 2. Switch Management Address Information Figure B-3. Example of Management Address Information with VLANs Configured This screen displays addresses that are important for management of the switch. If multiple VLANs are not configured, this screen displays a single IP address for the entire switch. See the online Help for details.
PAGE 543
Monitoring and Analyzing Switch Operation Status and Counters Data Module Information Use this feature to determine which slots have modules installed and which type(s) of modules are installed. Menu: Displaying Port Status From the Main Menu, select: 1. Status and Counters . . . 3. Module Information Figure B-4.
PAGE 544
Monitoring and Analyzing Switch Operation Status and Counters Data Port Status The web browser interface and the console interface show the same port status data. Menu: Displaying Port Status From the Main Menu, select: 1. Status and Counters . . . 4. Port Status Figure B-5. Example of Port Status on the Menu Interface CLI Access Syntax: show interfaces brief Web Access B-8 1. Click on the Status tab. 2. Click on .
PAGE 545
Monitoring and Analyzing Switch Operation Status and Counters Data Viewing Port and Trunk Group Statistics and Flow Control Status Feature Default Menu CLI Web viewing port and trunk statistics for all ports, and flow control status n/a page B-10 page B-11 page B-11 viewing a detailed summary for a particular port or trunk n/a page B-10 page B-11 page B-11 resetting counters n/a page B-10 page B-11 page B-11 These features enable you to determine the traffic patterns for each port since
PAGE 546
Monitoring and Analyzing Switch Operation Status and Counters Data Menu Access to Port and Trunk Statistics To access this screen from the Main Menu, select: 1. Status and Counters . . . 4. Port Counters Figure B-6. Example of Port Counters on the Menu Interface To view details about the traffic on a particular port, use the [ v] key to highlight that port number, then select Show Details. For example, selecting port A2 displays a screen similar to figure B-B-7, below. Figure B-7.
PAGE 547
Monitoring and Analyzing Switch Operation Status and Counters Data CLI Access To Port and Trunk Group Statistics To Display the Port Counter Summary Report. This command provides an overview of port activity for all ports on the switch. Syntax: show interfaces To Display a Detailed Traffic Summary for Specific Ports. This com mand provides traffic details for the port(s) you specify. Syntax: show interfaces [ethernet] To Reset the Port Counters for a Specific Port.
PAGE 548
Monitoring and Analyzing Switch Operation Status and Counters Data Menu Access to the MAC Address Views and Searches Per-VLAN MAC-Address Viewing and Searching. This feature lets you determine which switch port on a selected VLAN is being used to communi cate with a specific device on the network. The per-VLAN listing includes: � The MAC addresses that the switch has learned from network devices attached to the switch � The port on which each MAC address was learned 1. From the Main Menu, select: 1.
PAGE 549
Monitoring and Analyzing Switch Operation Status and Counters Data Finding the Port Connection for a Specific Device on a VLAN. This feature uses a device’s MAC address that you enter to identify the port used by that device. 1. Proceeding from figure B-B-8, press ing prompt: (for Search), to display the follow Enter MAC address: _ 2. Type the MAC address you want to locate and press . The address and port number are highlighted if found.
PAGE 550
Monitoring and Analyzing Switch Operation Status and Counters Data Prompt for Selecting the Port To Search Figure B-10. Listing MAC Addresses for a Specific Port 2. Use the Space bar to select the port you want to list or search for MAC to list the MAC addresses detected on that port. addresses, then press Determining Whether a Specific Device Is Connected to the Selected Port. Proceeding from step 2, above: 1. Press (for Search), to display the following prompt: Enter MAC address: _ 2.
PAGE 551
Monitoring and Analyzing Switch Operation Status and Counters Data Corresponding Port Numbers. For example, to list the learned MAC address on ports A1 through A4 and port A6: HPswitch> show mac-address a1-a4,a6 To List All Learned MAC Addresses on a VLAN, with Their Port Numbers. This command lists the MAC addresses associated with the ports for a given VLAN. For example: HPswitch> show mac-address vlan 100 Note The Series 5300XL switches operates with a multiple forwarding database architecture.
PAGE 552
Monitoring and Analyzing Switch Operation Status and Counters Data Spanning Tree Protocol (STP) Information Menu Access to STP Data From the Main Menu, select: 1. Status and Counters . . . 8. Spanning Tree Information STP must be enabled on the switch to display the following data: Figure B-11. Example of Spanning Tree Information Use this screen to determine current switch-level STP parameter settings and statistics.
PAGE 553
Monitoring and Analyzing Switch Operation Status and Counters Data Figure B-12. Example of STP Port Information CLI Access to STP Data This option lists the STP configuration, root data, and per-port data (cost, priority, state, and designated bridge).
PAGE 554
Monitoring and Analyzing Switch Operation Status and Counters Data Internet Group Management Protocol (IGMP) Status The switch uses the CLI to display the following IGMP status on a per-VLAN basis: Show Command Output show ip igmp Global command listing IGMP status for all VLANs configured in the switch: • VLAN ID (VID) and name • Active group addresses per VLAN • Number of report and query packets per group • Querier access port per VLAN show ip igmp Per-VLAN command listing above IGMP stat
PAGE 555
Monitoring and Analyzing Switch Operation Status and Counters Data VLAN Information The switch uses the CLI to display the following VLAN status: Show Command Output show vlan Lists: • Maximum number of VLANs to support • Existing VLANs • Status (static or dynamic) • Primary VLAN show vlan For the specified VLAN, lists: • Name, VID, and status (static/dynamic) • Per-Port mode (tagged, untagged, forbid, no/auto) • “Unknown VLAN” setting (Learn, Block, Disable) • Port status (up/down) For ex
PAGE 556
Monitoring and Analyzing Switch Operation Status and Counters Data Listing the VLAN ID (VID) and Status for Specific Ports. Because ports A1 and A2 are not members of VLAN44, it does not appear in this listing. Figure B-15. Example of VLAN Listing for Specific Ports Listing Individual VLAN Status. Figure B-16.
PAGE 557
Monitoring and Analyzing Switch Operation Status and Counters Data Web Browser Interface Status Information The “home” screen for the web browser interface is the Status Overview screen, as shown below. As the title implies, it provides an overview of the status of the switch, including summary graphs indicating the network utili zation on each of the switch ports, symbolic port status indicators, and the Alert Log, which informs you of any problems that may have occurred on the switch.
PAGE 558
Monitoring and Analyzing Switch Operation Interface Monitoring Features Interface Monitoring Features Port Monitoring Features Feature Default Menu CLI Web display monitoring configuration disabled page B-23 page B-25 page B-28 configure the monitor port(s) ports: none page B-23 page B-26 page B-28 selecting or removing ports page B-23 page B-26 page B-28 none selected You can designate monitoring of inbound traffic on: � Ports and static trunks: Allows monitoring of individual ports, groups
PAGE 559
Monitoring and Analyzing Switch Operation Interface Monitoring Features Menu: Configuring Port and Static Trunk Monitoring This procedure describes configuring the switch for monitoring when moni toring is disabled. (If monitoring has already been enabled, the screens will appear differently than shown in this procedure.) 1. From the Console Main Menu, Select: 2. Switch Configuration... 3. Network Monitoring Port Enable monitoring by setting this parameter to “Yes”. Figure B-18.
PAGE 560
Monitoring and Analyzing Switch Operation Interface Monitoring Features Move the cursor to the Monitoring Port parameter. Inbound Port and Trunk Monitoring (Only) on the Switch 4108 Figure B-19. How To Select a Monitoring Port 5. Use the Space bar to select the port to use for monitoring. 6. Highlight the Monitor field and use the Space bar to select the interfaces to monitor: Ports: Use for monitoring ports, static trunks, or the mesh. VLAN: Use for monitoring a VLAN. 7.
PAGE 561
Monitoring and Analyzing Switch Operation Interface Monitoring Features ii. Use the Space bar to select the VLAN you want to monitor. iii. Go to step 10. 8. Use the down arrow key to move the cursor to the Action column for the individual ports and position the cursor at a port you want to monitor. 9. Press the Space bar to select Monitor for each port and trunk that you want monitored. (Use the down arrow key to move from one interface to the next in the Action column.) , then press 10.
PAGE 562
Monitoring and Analyzing Switch Operation Interface Monitoring Features Port receiving monitored traffic. Monitored Ports Figure B-20. Example of Monitored Port Listing Configuring the Monitor Port. This command assigns or removes a mon itoring port, and must be executed from the global configuration level. Remov ing the monitor port disables port monitoring and resets the monitoring parameters to their factory-default settings.
PAGE 563
Monitoring and Analyzing Switch Operation Interface Monitoring Features Elements in the monitor list can include port numbers, static trunk names, and the mesh at the same time. For example, with a port such as port A6 configured as the monitoring (mirror) port, you would use either of the following commands to select these interfaces for monitoring: • A1 through A3, and A5 • Trunks 1 and 2 • Meshing From the global config level, selects ports and trunks for monitoring sources.
PAGE 564
Monitoring and Analyzing Switch Operation Interface Monitoring Features Web: Configuring Port Monitoring To enable port monitoring: 1. Click on the Configuration tab. 2. Click on 3. To monitor one or more ports. 4. �� . a. Click on the radio button for Monitor Selected Ports. b. Select the port(s) to monitor. Click on . �� To remove port monitoring: 1. Click on the Monitoring Off radio button. 2. Click on .
PAGE 565
C Troubleshooting Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-2 Troubleshooting Approaches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-3 Browser or Telnet Access Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . C-4 Unusual Network Activity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-6 General Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 566
Troubleshooting Overview Overview This chapter addresses performance-related network problems that can be caused by topology, switch configuration, and the effects of other devices or their configurations on switch operation. (For switch-specific information on hardware problems indicated by LED behavior, cabling requirements, and other potential hardware-related problems, refer to the installation guide you received with the switch.
PAGE 567
Troubleshooting Troubleshooting Approaches Troubleshooting Approaches Use these approaches to diagnose switch problems: � Check the HP Procurve web site for software updates that may have solved your problem: http://www.hp.com/go/hpprocurve � Check the switch LEDs for indications of proper switch operation: • Each switch port has a Link LED that should light whenever an active network device is connected to the port.
PAGE 568
Troubleshooting Browser or Telnet Access Problems Browser or Telnet Access Problems Cannot access the web browser interface: � Access may be disabled by the Web Agent Enabled parameter in the switch console. Check the setting on this parameter by selecting: 2. Switch Configuration . . . 1. System Information � The switch may not have the correct IP address, subnet mask or gateway. Verify by connecting a console to the switch’s Console port and selecting: 2. Switch Configuration . . . 5.
PAGE 569
Troubleshooting Browser or Telnet Access Problems Cannot Telnet into the switch console from a station on the network: � Off subnet management stations can lose Telnet access if you enable routing without first configuring a static (default) route. That is, the switch uses the IP default gateway only while operating as a Layer 2 device. While routing is enabled on the switch, the IP default gateway is not used.
PAGE 570
Troubleshooting Unusual Network Activity Unusual Network Activity Network activity that fails to meet accepted norms may indicate a hardware problem with one or more of the network components, possibly including the switch. Such problems can also be caused by a network loop or simply too much traffic for the network as it is currently designed and implemented.
PAGE 571
Troubleshooting Unusual Network Activity This can also happen, for example, if the server is first configured to issue IP addresses with an unlimited duration, then is subsequently configured to issue IP addresses that will expire after a limited duration. One solution is to configure “reservations” in the DHCP server for specific IP addresses to be assigned to devices having specific MAC addresses. For more information, refer to the documentation for the DHCP server.
PAGE 572
Troubleshooting Unusual Network Activity � If there is more than one physical path between the switch and the other CDP device and STP is running on the switch, then STP will block the redundant link(s). In this case, the switch port on the remaining open link may not be a member of an untagged VLAN, or any untagged VLANs to which the port belongs may not have an IP address. � The adjacent device’s CDP Neighbors table may be full.
PAGE 573
Troubleshooting Unusual Network Activity � Using the Switch Console Interface: From the Main Menu, check the Management Address Information screen by clicking on 1. Status and Counters 2. Switch Management Address Information LACP-Related Problems Unable to enable LACP on a port with the interface [ e ] < port-number > lacp command. In this case, the switch displays the following message: Operation is not allowed for a trunked port.
PAGE 574
Troubleshooting Unusual Network Activity 2400M/2424M/4000M/8000M Port To Join the Mesh . One of the Series 5300XL switches in the mesh domain has detected a duplicate MAC address on multiple switches. For example: Illegal Topology for Heterogenous Mesh 5300-1 VL A N2 Node “N” 4000M VL AN 1 5300-2 Mesh Domain Changing the topology can solve this problem. Also, the duplicate MAC address must age out before the Switch 1600M/2400M/2424M/4000M/8000M port can join the mesh.
PAGE 575
Troubleshooting Unusual Network Activity � Use ping to ensure that the switch has access to the configured RADIUS servers. � Verify that the switch is using the correct encryption key (RADIUS secret key) for each server. � � Verify that the switch has the correct IP address for each RADIUS server. Ensure that the radius-server timeout period is long enough for network conditions.
PAGE 576
Troubleshooting Unusual Network Activity Port A9 shows an "Open" status even though Access Control is set to Unauthorized (Force Auth). This is because the port-access authenticator has not yet been activated. Figure C-1. Authenticator Ports Remain “Open” Until Activated RADIUS server fails to respond to a request for service, even though the server’s IP address is correctly configured in the switch.
PAGE 577
Troubleshooting Unusual Network Activity The authorized MAC address on a port that is configured for both 802.1x and port security either changes or is re-acquired after execution of aaa port-access authenticator < port-list > initialize.
PAGE 578
Troubleshooting Unusual Network Activity Global RADIUS Encryption Key Unique RADIUS Encryption Key for the RADIUS server at 10.33.18.119 Figure C-2.
PAGE 579
Troubleshooting Unusual Network Activity Spanning-Tree Protocol (STP) and Fast-Uplink Problems Caution If you enable STP, it is recommended that you leave the remainder of the STP parameter settings at their default values until you have had an opportunity to evaluate STP performance in your network. Because incorrect STP settings can adversely affect network performance, you should avoid making changes without having a strong understanding of how STP operates.
PAGE 580
Troubleshooting Unusual Network Activity SSH-Related Problems Switch access refused to a client. Even though you have placed the cli ent’s public key in a text file and copied the file (using the copy tftp pub-keyfile command) into the switch, the switch refuses to allow the client to have access. If the source SSH client is an SSHv2 application, the public key may be in the PEM format, which the switch (SSHv1) does not interpret.
PAGE 581
Troubleshooting Unusual Network Activity � A key in the file is too long. The maximum key length is 1024 characters, including spaces. This could also mean that two or more keys are merged together instead of being separated by a . � � There are more than ten public keys in the key file. One or more keys in the file is corrupted or is not a valid rsa public key. Client ceases to respond (“hangs”) during connection phase. The switch does not support data compression in an SSH session.
PAGE 582
Troubleshooting Unusual Network Activity � As a last resort, use the Clear/Reset button combination to reset the switch to its factory default boot-up configuration. Taking this step means you will have to reconfigure the switch to return it to operation in your network. No Communication Between the Switch and the TACACS+ Server Application. If the switch can access the server device (that is, it can ping the server), then a configuration error may be the problem.
PAGE 583
Troubleshooting Unusual Network Activity Unknown Users Allowed to Login to the Switch. Your TACACS+ appli cation may be configured to allow access to unknown users by assigning them the privileges included in a default user profile. Refer to the documentation provided with your TACACS+ server application. System Allows Fewer Login Attempts than Specified in the Switch Configuration.
PAGE 584
Troubleshooting Unusual Network Activity or More VLANs. One or more VLANs may not be properly configured as “Tagged” or “Untagged”. A VLAN assigned to a port connecting two 802.1Qcompliant devices must be configured the same on both ports. For example, VLAN_1 and VLAN_2 use the same link between switch “X” and switch “Y”.
PAGE 585
Troubleshooting Unusual Network Activity MAC Address "A"; VLAN 1 Server Switch 4108GL MAC Address "A"; VLAN 2 (Multiple Forwarding Database) VLAN 1 VLAN 2 Switch with Single Forwarding Database Problem: This switch detects continual moves of MAC address "A" between ports. Figure C-4.
PAGE 586
Troubleshooting Using the Event Log To Identify Problem Sources Using the Event Log To Identify Problem Sources The Event Log records operating events as single-line entries listed in chrono logical order, and serves as a tool for isolating problems. Each Event Log entry is composed of five fields: Severity I Date 08/05/01 Time System Module 10:52:32 ports: Event Message port A1 enabled Severity is one of the following codes: I (information) indicates routine events.
PAGE 587
Troubleshooting Using the Event Log To Identify Problem Sources Table C-1.
PAGE 588
Troubleshooting Using the Event Log To Identify Problem Sources Menu: Entering and Navigating in the Event Log From the Main Menu, select Event Log. Range of Events in the Log Range of Log Events Displayed Log Status Line Figure C-5. Example of an Event Log Display The log status line at the bottom of the display identifies where in the sequence of event messages the display is currently positioned.
PAGE 589
Troubleshooting Using the Event Log To Identify Problem Sources CLI: Using the CLI, you can list � � � Events recorded since the last boot of the switch All events recorded Event entries containing a specific keyword, either since the last boot or all events recorded Syntax: show logging [-a] [] HPswitch> show logging Lists recorded log messages since last reboot. HPswitch> show logging -a Lists all recorded log messages, including those before the last reboot.
PAGE 590
Troubleshooting Diagnostic Tools Diagnostic Tools Diagnostic Features Feature Default Menu CLI Web Port Auto negotiation n/a n/a Ping Test n/a — page C-29 page C-28 Link Test n/a — page C-29 page C-28 Display Config File n/a — page C-31 page C-31 Admin.
PAGE 591
Troubleshooting Diagnostic Tools Ping and Link Tests The Ping test and the Link test are point-to-point tests between your switch and another IEEE 802.3-compliant device on your network. These tests can tell you whether the switch is communicating properly with another device. Note To respond to a Ping test or a Link test, the device you are trying to reach must be IEEE 802.3-compliant. Ping Test.
PAGE 592
Troubleshooting Diagnostic Tools Web: Executing Ping or Link Tests 1. Click here. 2. Click here. 3. Select Ping Test (the default) or Link Test 4. For a Ping test, enter the IP address of the target device. For a Link test, enter the MAC address of the target device. 6. Click on Start to begin the test. 5. Select the number of tries (packets) and the timeout for each try from the drop-down menus. Figure C-6.
PAGE 593
Troubleshooting Diagnostic Tools Number of Packets to Send is the number of times you want the switch to attempt to test a connection. Timeout in Seconds is the number of seconds to allow per attempt to test a connection before determining that the current attempt has failed. To halt a Link or Ping test before it concludes, click on the Stop button. To reset the screen to its default settings, click on the Defaults button. CLI: Ping or Link Tests Ping Tests.
PAGE 594
Troubleshooting Diagnostic Tools Link Tests. You can issue single or multiple link tests with varying repeti tions and timeout periods. The defaults are: � � Repetitions: 1 (1 - 999) Timeout: 5 seconds (1 - 256 seconds) Syntax: link [repetitions <1 - 999>] [timeout <1 - 256>] [vlan ] Basic Link Test Link Test with Repetitions Link Test with Repetitions and Timeout Link Test Over a Specific VLAN Link Test Over a Specific VLAN; Test Fail Figure C-8.
PAGE 595
Troubleshooting Diagnostic Tools Displaying the Configuration File The complete switch configuration is contained in a file that you can browse from either the web browser interface or the CLI. It may be useful in some troubleshooting scenarios to view the switch configuration. CLI: Viewing the Configuration File Using the CLI, you can display either the running configuration or the startup configuration. (For more on these topics, see appendix C, “Switch Memory and Configuration”.
PAGE 596
Troubleshooting Diagnostic Tools Executing show tech outputs a data listing to your terminal emulator. However, using your terminal emulator’s text capture features, you can also save show tech data to a text file for viewing, printing, or sending to an associate. For example, if your terminal emulator is the Hyperterminal application available with Microsoft® Windows® software, you can copy the show tech output to a file and then use either Microsoft Word or Notepad to display the data.
PAGE 597
Troubleshooting Diagnostic Tools Note Remember to do the above step to stop HyperTerminal from copying into the text file. Otherwise, the text file remains open to receiving additional data from the HyperTerminal screen. 5. To access the file, open it in Microsoft Word, Notepad, or a similar text editor. CLI Administrative and Troubleshooting Commands These commands provide information or perform actions that you may find helpful in troubleshooting operating problems with the switch.
PAGE 598
Troubleshooting Restoring the Factory-Default Configuration Restoring the Factory-Default Configuration As part of your troubleshooting process, it may become necessary to return the switch configuration to the factory default settings.
PAGE 599
Troubleshooting Restoring a Flash Image Restoring a Flash Image The switch can lose its operating system if either the primary or secondary flash image location is empty or contains a corrupted OS file and an operator uses the erase flash command to erase a good OS image file from the opposite flash location. To Recover from an Empty or Corrupted Flash State.
PAGE 600
Troubleshooting Restoring a Flash Image 4. Since the OS file is larage, you can increase the speed of the download by changing the switch console and terminal emulator baud rates to a high speed. For example: a. Change the switch baud rate to 115,200 Bps. b. Change the terminal emulator baud rate to match the switch speed: i. In HyperTerminal, select Call | Disconnect. ii. Select File | Properties. . iii. click on iv. Change the baud rate to 115200. . In the next window, click on again. v. Click on vi.
PAGE 601
Troubleshooting Restoring a Flash Image Figure C-11. Example of Xmodem Download in Progress 8. When the download completes, the switch reboots from primary flash using the OS image you downloaded in the preceding steps, plus the most recent startup-config file.
PAGE 602
PAGE 603
D MAC Address Management Overview The switch assigns MAC addresses in these areas: � For management functions, one Base MAC address is assigned to the default VLAN (VID = 1). (All VLANs on the switch use the same MAC address.) � For internal switch operations: One MAC address per port (See “CLI: Viewing the Port and VLAN MAC Addresses” on page D-4.) MAC addresses are assigned at the factory. The switch automatically implements these addresses for VLANs and ports as they are added to the switch.
PAGE 604
MAC Address Management Determining MAC Addresses Determining MAC Addresses MAC Address Viewing Methods Feature Menu CLI Web view switch’s base (default vlan) MAC address n/a and the addressing for any added VLANs D-3 D-4 — view port MAC addresses (hexadecimal format) n/a — D-4 — � Note Use the menu interface to view the switch’s base MAC address and the MAC address assigned to any non-default VLAN you have configured on the switch.
PAGE 605
MAC Address Management Determining MAC Addresses Menu: Viewing the Switch’s MAC Addresses The Management Address Information screen lists the MAC addresses for: � � Base switch (default VLAN; VID = 1) Any additional VLANs configured on the switch. Also, the Base MAC address appears on a label on the back of the switch. Note The Base MAC address is used by the first (default) VLAN in the switch.
PAGE 606
MAC Address Management Determining MAC Addresses CLI: Viewing the Port and VLAN MAC Addresses The MAC address assigned to each switch port is used internally by such features as Flow Control and the Spanning Tree Protocol. Using the walkmib command to determine the MAC address assignments for individual ports can sometimes be useful when diagnosing switch operation. The switch allots 26 MAC addresses per slot.
PAGE 607
MAC Address Management Determining MAC Addresses ifPhysAddress.1 - 4: Ports A1 - A4 in Slot A (Addresses 5 - 26 in slot A are unused.) ifPhysAddress.27 - 50: Ports B1 - B24 in Slot C (Addresses 51 - 52 in slot B are not used for physical ports.) ifPhysAddress.282 Base MAC Address (MAC Address for default VLAN; VID = 1) (ifPhysAddress.209 is for internal use and matches the base MAC Address assigned to the default VLAN.).) ifPhysAddress.301 & 311 Non-Default VLANs.
PAGE 608
MAC Address Management Determining MAC Addresses D-6
PAGE 609
E Daylight Savings Time on HP Procurve Switches This information applies to the following HP Procurve switches: • • • • • • 2512 2524 4104GL 4108GL 5304XL 5308XL • • • • • 1600M 2400M 2424M 4000M 8000M • 212M • 224M • HP AdvanceStack Switches • HP AdvanceStack Routers HP Procurve switches provide a way to automatically adjust the system clock for Daylight Savings Time (DST) changes. To use this feature you define the month and date to begin and to end the change from standard time.
PAGE 610
Daylight Savings Time on HP Procurve Switches Middle Europe and Portugal: • Begin DST at 2am the first Sunday on or after March 25th. • End DST at 2am the first Sunday on or after September 24th. Southern Hemisphere: • Begin DST at 2am the first Sunday on or after October 25th. • End DST at 2am the first Sunday on or after March 1st. Western Europe: • Begin DST at 2am the first Sunday on or after March 23rd. • End DST at 2am the first Sunday on or after October 23rd.
PAGE 611
Daylight Savings Time on HP Procurve Switches Before configuring a “User defined” Daylight Time Rule, it is important to understand how the switch treats the entries. The switch knows which dates are Sundays, and uses an algorithm to determine on which date to change the system clock, given the configured “Beginning day” and “Ending day”: � � If the configured day is a Sunday, the time changes at 2am on that day.
PAGE 612
PAGE 613
Index Symbols => prompt … C-35 Numerics 802.1p priority (QoS) definition … 15-5 802.1q VLAN in mesh … 14-22 802.1Q VLAN standard … 13-3 use with QoS, definition … 15-5 802.3u auto negotiation standard … 9-3 A A.09.
PAGE 614
from IGMP operation … 12-4 from STP operation … 13-4 boot ROM console … A-3 boot ROM mode … C-35 Bootp … 7-3, 7-13, 10-2 Bootp table file … 7-14 Bootptab file … 7-14 effect of no reply … C-6 gateway ignored … 11-7 operation … 7-14 using with Unix systems … 7-14 Bootp/DHCP differences … 7-14 BPDU … 11-34, 13-3, 13-5 bridge protocol data unit … 11-34 broadcast domain … 11-3 broadcast limit … 9-4, 9-9 broadcast storm … 9-11, 13-3, 13-7, 14-4, C-15 broadcast traffic … 14-18 enabling forwarding of directed … 16-
PAGE 615
router ID … 16-9 RSTP from the CLI … 13-10 from the menu … 13-16 per-port parameters … 13-14 whole switch parameters … 13-12 saving from menu interface … 2-10 serial link … 6-3 SNMP … 10-3, 10-4 spanning tree protocol … 13-4 startup … 2-10 static IP routes … 16-16, 16-18 system … 6-9 Telnet access configuration … 6-3 transferring … A-13 trap receivers … 10-8 viewing … 5-5 VLAN … 11-3 web browser access … 6-3 configuration file browsing for troubleshooting … C-31 configuring RSTP … 13-9 console … C-6 configu
PAGE 616
CLI … 13-11 menu interface … 13-16 web browser interface … 13-18 enabling STP CLI … 13-11 ending a console session … 2-5 event log … 2-7, C-22 navigation … C-24 severity level … C-22 use during troubleshooting … C-22 external LSA displaying … 16-55 flow control, terminal … 6-3 forbid option See GVRP. format, date … C-22 format, time … C-22 forwarding directed broadcasts … 16-13 forwarding parameters, IP routing configuring … 16-12 forwarding port, IGMP … 12-4 friendly port names See port names, friendly.
PAGE 617
meshing requirement … 14-6 non-GVRP aware … 11-48 non-GVRP device … 11-48 operating notes … 11-47 port control options … 11-41 port-leave from dynamic … 11-41 reboot, switch … 11-41 recommended tagging … 11-41 standard … 11-34 tagged, dynamic VLAN … 11-35 unknown VLAN … 11-41 unknown VLAN, options … 11-37 VLAN behavior … 11-7 VLAN, dynamic adds … 11-13 VLAN, maximum … 11-47 with QoS … 15-39 H Help … 2-11, 4-13 Help line, about … 2-9 Help line, location on screens … 2-9 help, online inoperable … 4-13 helper
PAGE 618
globally assigned addressing … 7-21 menu access … 7-5 multiple addresses in VLAN … 7-3, 7-9 subnet … 7-3, 7-9 subnet mask … 7-3, 7-6 Time-To-Live … 7-7, 7-11 traffic priority based on ToS field … 15-25 TTL … 7-7, 7-11 using for web browser interface … 4-5 web access … 7-11 IP address assigning … 16-9 CIDR notation … 16-9 IP forwarding cache … 16-5 IP global parameters … 16-6 IP interface parameters … 16-8 IP preserve DHCP server … 7-17 overview … 7-17 rules, operating … 7-17 summary of effect … 7-20 IP rout
PAGE 619
J Java … 4-4, 4-5 K kill command … 6-8 L LACP 802.
PAGE 620
connecting domains … 14-25 connecting multiple domains … 14-6 domain … 14-3 domain, bringing up … 14-9 domain, defined … 14-4 dynamic vlan … 14-23 edge switch … 14-4, 14-18 filtering … 14-22 GVRP … 14-23 GVRP requirement … 14-6 hop count … 14-24 hub not allowed … 14-5 IGMP requirement … 14-6 increase STP cost … 14-21 IP routing not allowed … 14-5 LACP dynamic trunk, effect … 14-5 link blocked … 14-21 link to non-mesh switch … 14-20 links, multiple … 14-25 management VLAN … 11-30 maximum domain size … 14-24
PAGE 621
null static route … 16-19 O online help … 4-13 online help location … 4-13 operating notes switch meshing … 14-17 operation not allowed, LACP … C-9 operator access … 10-4 operator password … 4-8, 4-10 optimizing RSTP configuration … 13-9 OS version … A-5, A-7, A-10 OS download failure indication … A-12 switch-to-switch download … A-9 troubleshooting … A-12 using TFTP … A-3 OSPF administrative distance … 16-49 area … 16-33 assigning VLAN to … 16-42 configuring … 16-39 area range configuring … 16-41 ASBR … 1
PAGE 622
setting … 4-9 using to access browser and console … 4-10 path cost … 13-4 peers, RIP displaying information … 16-30 Perlman, Interconnections … 13-28 ping test … C-27 for troubleshooting … C-27 port address table … B-12 auto negotiation … 9-4 auto, IGMP … 12-4 auto-negotiation … 9-3 blocked by STP operation … 13-4 blocked in mesh … 14-9 blocked, IGMP … 12-4 broadcast limit … 9-9 CLI access … 9-6 context level … 9-8 counters … B-9 counters, reset … B-9 fiber-optic … 9-4 forwarding, IGMP … 12-4 full-duplex, L
PAGE 623
primary VLAN See VLAN. priority … 12-4 802.1p priority, defined … 15-5 802.
PAGE 624
factory default reset … C-34 restrict redistribution OSPF configuring … 16-47 displaying … 16-63 RIP displaying … 16-32 restricted access … 10-4 restricted write access … 10-4 RFC See MIB.
PAGE 625
meshing meshing requirement … 14-6 optimizing the configuration … 13-9 path-cost parameter … 13-14 point-to-point-mac parameter … 13-14 priority parameter … 13-14 viewing the configuration … 13-10 running-config, viewing … 5-5 See also configuration.
PAGE 626
RSTP point-to-point-mac parameter … 13-14 RSTP priority parameter … 13-14 rules, operating, fast-uplink … 13-30 show tech, copy output … C-32 statistics … B-16 using with port trunking … 9-15 viewing the configuration … 13-10 VLAN effect on … 11-31 with 802.1Q VLANs … 13-4 spanning tree and CDP … 10-24 spanning tree protocol See STP. SSH troubleshooting … C-16 standard MIB … 10-3 starting a console session … 2-4 startup-config, viewing … 5-5 See also configuration.
PAGE 627
main screen … 1-6 system requirements … 4-4 ToS See Class of Service.
PAGE 628
VLAN … 7-4, 11-3, 11-32, C-20 802.
PAGE 629
enabling … 4-4 enabling RSTP … 13-18 error packets … 4-16 fault detection policy … 4-8, 4-23 fault detection window … 4-23 features … 1-5 first-time install … 4-7 first-time tasks … 4-7 help via TopTools … 4-13 main screen … 4-15 management server URL … 4-13 online help … 4-13 online help location specifying … 4-13 online help, inoperable … 4-13 overview … 4-15 Overview window … 4-15 password lost … 4-11 password, setting … 4-9 port status … 4-18 port utilization … 4-16 port utilization and status displays
PAGE 630
PAGE 631
PAGE 632
Technical information in this document is subject to change without notice. ©Copyright Hewlett-Packard Company 2000-2002. All right reserved. Reproduction, adaptation, or translation without prior written permission is prohibited except as allowed under the copyright laws.