System information

ManualsBrandsProCurve ManualsComputer equipment2510G Series

Advanced Traffic

Management Guide

www.procurve.com

ProCurve Series 2510G Switches

Y.11.XX

Summary of content (244 pages)

PAGE 1
Advanced Traffic Management Guide ProCurve Series 2510G Switches Y.11.XX www.procurve.
PAGE 2
PAGE 3
ProCurve Series 2510G Switches June 2008 Advanced Traffic Management Guide
PAGE 4
© Copyright 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Publication Number 5992-3096 June 2008 Applicable Products ProCurve Switch 2510G-24 ProCurve Switch 2510G-48 (J9279A) (J9280A) Trademark Credits Microsoft, Windows, and Windows NT are US registered trademarks of Microsoft Corporation.
PAGE 5
Contents Product Documentation About Your Switch Manual Set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix Feature Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x 1 Getting Started Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 6
Multiple VLAN Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-9 Single-Forwarding Database Operation . . . . . . . . . . . . . . . . . . . . 2-11 Example of an Unsupported Configuration and How to Correct It . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-11 Multiple-Forwarding Database Operation . . . . . . . . . . . . . . . . . . 2-13 Menu: Configuring VLAN Parameters . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 7
Configuring GVRP On a Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Menu: Viewing and Configuring GVRP . . . . . . . . . . . . . . . . . . . . . CLI: Viewing and Configuring GVRP . . . . . . . . . . . . . . . . . . . . . . . Web: Viewing and Configuring GVRP . . . . . . . . . . . . . . . . . . . . . . 3-11 3-12 3-13 3-16 GVRP Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 8
5 Multiple Instance Spanning-Tree Operation Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2 802.1s Multiple Spanning Tree Protocol (MSTP) . . . . . . . . . . . . . . . . . . . . . 5-6 MSTP Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7 How MSTP Operates . . .
PAGE 9
6 Quality of Service (QoS): Managing Bandwidth More Effectively Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-5 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 10
7 ProCurve Stack Management Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3 Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-4 Which Devices Support Stacking? . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 11
Product Documentation About Your Switch Manual Set The switch manual set includes the following: Note ■ Read Me First - a printed guide shipped with your switch. Provides software update information, product notes, and other information. ■ Installation and Getting Started Guide - a printed guide shipped with your switch. This guide explains how to prepare for and perform the physical installation and connection to your network.
PAGE 12
Product Documentation Feature Index For the manual set supporting your switch model, the following feature index indicates which manual to consult for information on a given software feature. Feature x Management and Configuration Advanced Traffic Management Access Security Guide 802.1Q VLAN Tagging - X - 802.1p Priority X - - 802.
PAGE 13
Product Documentation Feature Management and Configuration Advanced Traffic Management Access Security Guide LLDP X - - MAC Address Management X - - MAC Lockdown - - X MAC Lockout - - X MAC-based Authentication - - X Monitoring and Analysis X - - Multicast Filtering - X - Network Management Applications (LLDP, SNMP) X - - Passwords - - X Ping X - - Port Configuration X - - Port Security - - X Port Status X - - Port Trunking (LACP) X - - Port-Based
PAGE 14
Product Documentation Feature Management and Configuration Advanced Traffic Management Access Security Guide Syslog X - - System Information X - - TACACS+ Authentication - - X Telnet Access X - - TFTP X - - Time Protocols (TimeP, SNTP) X - - Troubleshooting X - - VLANs - X - Web-based Authentication - - X Xmodem X - - xii
PAGE 15
1 Getting Started Contents Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Feature Descriptions by Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Command Syntax Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Command Prompts . . . . . . . . . . . . . . . . . . .
PAGE 16
Getting Started Introduction Introduction This Advanced Traffic Management Guide describes how to manage and configure advanced traffic management features on your switch. It supports the following switches: ■ ProCurve Switch 2510G For an overview of other product documentation for the above switches, refer to “Product Documentation” on page ix. You can download a copy from the ProCurve Networking Website. Visit http://www.procurve.com/manuals, then select your switch product.
PAGE 17
Getting Started Conventions ■ Braces within square brackets ( [ < > ] ) indicate a required element within an optional choice. ■ Boldface indicates use of a CLI command, part of a CLI command syntax, or other displayed element in general text. For example: “Use the copy tftp command to download the key from a TFTP server.” ■ Italics indicate variables for which you must supply a value when executing the command.
PAGE 18
Getting Started Sources for More Information ProCurve(config)# ip default-gateway 18.28.152.1/24 ProCurve(config)# vlan 1 ip address 18.28.36.152/24 ProCurve(config)# vlan 1 ip igmp Port Identity Examples This guide describes software applicable to both chassis-based and stackable ProCurve switches. Where port identities are needed in an example, this guide uses the chassis-based port identity system, such as “A1”, “B3 - B5”, “C7”, etc.
PAGE 19
Getting Started Sources for More Information Online Help for Menu Figure 1-2. Getting Help in the Menu Interface ■ For information on a specific command in the CLI, type the command name followed by “help”. For example: Figure 1-3. Getting Help in the CLI ■ For information on specific features in the Web browser interface, use the online help. For more information, refer to the Management and Configuration Guide for your switch.
PAGE 20
Getting Started Need Only a Quick Start? Need Only a Quick Start? IP Addressing If you just want to give the switch an IP address so that it can communicate on your network, or if you are not using multiple VLANs, ProCurve recommends that you use the Switch Setup screen to quickly configure IP addressing. To do so, do one of the following: ■ Enter setup at the CLI Manager level prompt. ProCurve# setup ■ In the Main Menu of the Menu interface, select 8.
PAGE 21
2 Static Virtual LANs (VLANs) Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2 Port-Based Virtual LANs (Static VLANs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3 Overview of Using VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6 VLAN Support and the Default VLAN . . . . . . . . . . . . . . . . . . . . . . . 2-6 The Primary VLAN . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 22
Static Virtual LANs (VLANs) Overview Overview This chapter describes how to configure and use static, port-based VLANs on the switches covered by this manual.
PAGE 23
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Port-Based Virtual LANs (Static VLANs) VLAN Features Feature Default Menu CLI Web page 2-14 thru 2-20 page 2-20 page 2-28 default VLAN with page 2-14 VID = 1 thru 2-20 page 2-20 page 2-28 view existing VLANs n/a configuring static VLANs configuring dynamic disabled VLANs See the chapter on GVRP in this manual. A VLAN is a group of ports designated by the switch as belonging to the same broadcast domain.
PAGE 24
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) bandwidth is saved by not allowing packets to flood out all ports. Separate VLANs on the switch can communicate with each other through an external router. For example, referring to figure 2-1, if ports A1 through A4 belong to VLAN_1 and ports A5 through A8 belong to VLAN_2, traffic from end-node stations on ports A2 through A4 is restricted to only VLAN_1, while traffic from ports A5 through A7 is restricted to only VLAN_2.
PAGE 25
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) ProCurve Switch Figure 2-2. Example of Overlapping VLANs Using the Same Server Similarly, using 802.1Q-compliant switches, you can connect multiple VLANs through a single switch-to-switch link. ProCurve Switch ProCurve Switch Figure 2-3. Example of Connecting Multiple VLANs Through the Same Link Introducing Tagged VLAN Technology into Networks Running Legacy (Untagged) VLANs. You can introduce 802.
PAGE 26
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Switch 2524 ProCurve Switch Switch ProCurve Switch Untagged VLAN Links Non-802.1Qcompliant switch Tagged VLAN Link Figure 2-4.
PAGE 27
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) features and ensure that multiple instances of DHCP or Bootp on different VLANs do not result in conflicting configuration values for the switch. The primary VLAN is the VLAN the switch uses to run and manage these features and data. In the factory-default configuration, the switch designates the default VLAN (DEFAULT_VLAN) as the primary VLAN. However, to provide more control in your network, you can designate another VLAN as primary.
PAGE 28
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Per-Port Static VLAN Configuration Options The following figure and table show the options you have for assigning individual ports to a static VLAN. Note that GVRP, if configured, affects these options and VLAN behavior on the switch. The display below shows the perport VLAN configuration options. Table 2-1 briefly describes these options.
PAGE 29
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) General Steps for Using VLANs 1. Plan your VLAN strategy and create a map of the logical topology that will result from configuring VLANs. Include consideration for the interaction between VLANs and other features such as Spanning Tree Protocol, load balancing, and IGMP. (Refer to “Effect of VLANs on Other Switch Features” on page 2-38.
PAGE 30
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) showing the (different) source VLAN and source port. Other switch models have a single-forwarding database, which means they allow only one database entry of a unique MAC address, along with the source VLAN and source port on which it is found (see Table 2-6). Not all VLANs on a switch covered by this guide use the same MAC address (see “VLAN MAC Addresses” on page 2-38).
PAGE 31
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Multiple Forwarding Databases* Single Forwarding Database* Switch 2810 Series 2800 switches Series 2610/2610-PWR switches Series 2600/2600-PWR switches Series 2510/2510G switches *To determine whether other vendors’ devices use single-forwarding or multiple-forwarding database architectures, refer to the documentation provided for those devices.
PAGE 32
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Switch 8000M VLAN 2 VLAN 1 PC “A” A1 B1 PC “B” This switch has a single forwarding database. C1 VLAN 1 D1 VLAN 2 Multiple-Forwarding Database Switch Routing Enabled This switch has multiple forwarding databases. (Same MAC address for all VLANs.) Figure 2-1. Example of Invalid Configuration for Single-Forwarding to MultipleForwarding Database Devices in a Multiple VLAN Environment In figure 2-1, PC “A” sends an IP packet to PC “B”.
PAGE 33
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) The Solution. To avoid the preceding problem, use only one cable or port trunk between the single-forwarding and multiple-forwarding database devices, and configure the link with multiple, tagged VLANs. Switch 8000M VLAN 1 PC “A” VLAN 1& 2 VLAN 2 PC “B” A1 VLAN 1 C1 VLAN 1&2 This switch has a single forwarding database. VLAN 2 Multiple-Forwarding Database Switch (Routing Enabled) This switch has multiple forwarding databases.
PAGE 34
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) 2510G Switch VLAN 1 VLAN 1 VLAN 2 VLAN 2 Multiple-Forwarding Database Switch Both switches have multiple forwarding databases. Figure 2-3. Example of a Valid Topology for Devices Having Multiple-Forwarding Databases in a Multiple VLAN Environment Menu: Configuring VLAN Parameters In the factory default state, support is enabled for up to eight VLANs. (You can change the switch VLAN configuration to support additional VLANs.
PAGE 35
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Figure 2-8. The Default VLAN Support Screen Note 2. Press [E] (for Edit), then do one or more of the following: ■ To change the maximum number of VLANs, type the new number. ■ To designate a different VLAN as the primary VLAN, select the Primary VLAN field and use the space bar to select from the existing options. ■ To enable or disable dynamic VLANs, select the GVRP Enabled field and use the Space bar to toggle between options.
PAGE 36
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) – – 4. If you changed the VLAN Support option, you must reboot the switch before the Maximum VLANs change can take effect. You can go on to configure other VLAN parameters first, but remember to reboot the switch when you are finished. If you did not change the VLAN Support option, a reboot is not necessary. Press [0] to return to the Main Menu.
PAGE 37
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) 3. Type in a VID (VLAN ID number). This can be any number from 2 to 4094 that is not already being used by another VLAN. (The switch reserves “1” for the default VLAN.) Remember that a VLAN must have the same VID in every switch in which you configure that same VLAN. (GVRP dynamically extends VLANs with correct VID numbering to other switches. See chapter 3, “GVRP”.) 4.
PAGE 38
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Adding or Changing a VLAN Port Assignment Use this procedure to add ports to a VLAN or to change the VLAN assignment(s) for any port. (Ports not specifically assigned to a VLAN are automatically in the default VLAN.) 1. From the Main Menu select: 2. Switch Configuration 8. VLAN Menu . . . 3.
PAGE 39
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) For GVRP Operation: If you enable GVRP on the switch, “No” converts to “Auto”, which allows the VLAN to dynamically join an advertised VLAN that has the same VID. See “Per-Port Options for Dynamic VLAN Advertising and Joining” on page 3-8. Note Untagged VLANs: Only one untagged VLAN is allowed per port. Also, there must be at least one VLAN assigned to each port.
PAGE 40
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) CLI: Configuring VLAN Parameters In the factory default state, all ports on the switch belong to the (port-based) default VLAN (DEFAULT_VLAN; VID = 1) and are in the same broadcast/ multicast domain. (The default VLAN is also the default primary VLAN—see “The Primary VLAN” on page 2-6.) You can configure additional static VLANs by adding new VLAN names, and then assigning one or more ports to each VLAN.
PAGE 41
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) ProCurve(config)# show vlans Status and Counters - VLAN Information Maximum VLANs to support : 8 Primary VLAN : DEFAULT_VLAN Management VLAN : DEFAULT_VLAN VLAN ID ------1 22 33 Name ----------------DEFAULT_VLAN VLAN-22 GVRP_33 Status ----------Static Static Dynamic When GVRP is disabled (the default), Dynamic VLANs do not exist on the switch and do not appear in this listing. (See chapter 3, “GVRP”.) Figure 2-14.
PAGE 42
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Displaying the Configuration for a Particular VLAN. This command uses the VID to identify and display the data for a specific static or dynamic VLAN.
PAGE 43
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Displaying the VLAN Membership of One or More Ports. This command shows to which VLAN a port belongs. Syntax: show vlan ports < port-list > [detail] Displays VLAN information for an individual port or a group of ports, either cumulatively or on a detailed per-port basis. port-list: Specify a single port number, a range of ports (for example, 1-16), or all. detail: Displays detailed VLAN membership information on a perport basis.
PAGE 44
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Figure 2-17 is an example of the output when the detail option is not used. ProCurve# show vlan ports 1-24 Status and Counters - VLAN Information VLAN ID ------1 22 33 Name ----------------DEFAULT_VLAN VLAN-22 GVRP_33 Status ----------Static Static Dynamic - for ports 1-24 Voice ----No No Jumbo -----No No Figure 2-17. Example of “Show VLAN Ports” Cumulative Listing Figure 2-18 is an example of the output when the detail option is used.
PAGE 45
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Changing the Number of VLANs Allowed on the Switch. By default, the switch allows a maximum of 8 VLANs. You can specify any value from 1 to the upper limit for the switch. If GVRP is enabled, this setting includes any dynamic VLANs on the switch. As part of implementing a new value, you must execute a write memory command (to save the new value to the startup-config file) and then reboot the switch. Syntax: max-vlans <1...
PAGE 46
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Creating a New Static VLAN Changing the VLAN Context Level. With this command, entering a new VID creates a new static VLAN. Entering the VID or name of an existing static VLAN places you in the context level for that VLAN. Syntax: vlan [name ] Creates a new static VLAN if a VLAN with that VID does not already exist, and places you in that VLAN’s context level.
PAGE 47
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) want to make the VLAN permanent. After you convert a dynamic VLAN to static, you must configure the switch’s per-port participation in the VLAN in the same way that you would for any static VLAN. Syntax: static-vlan (Use show vlans to list current VIDs.) For example, suppose a dynamic VLAN with a VID of 125 exists on the switch. The following command converts the VLAN to a static VLAN.
PAGE 48
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) For example, if you have a VLAN named VLAN100 with a VID of 100, and all ports are set to No for this VLAN.
PAGE 49
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) 802.1Q VLAN Tagging VLAN tagging enables traffic from more than one VLAN to use the same port. (Even when two or more VLANs use the same port they remain as separate domains and cannot receive traffic from each other without going through an external router.) As mentioned earlier, a “tag” is simply a unique VLAN identification number (VLAN ID, or VID) assigned to a VLAN at the time that you configure the VLAN name in the switch.
PAGE 50
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) ■ ■ ■ Note In switch X: • VLANs assigned to ports X1 - X6 can all be untagged because there is only one VLAN assignment per port. Red VLAN traffic will go out only the Red ports; Green VLAN traffic will go out only the Green ports, and so on. Devices connected to these ports do not have to be 802.1Qcompliant.
PAGE 51
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) VLAN tagging gives you several options: ■ Since the purpose of VLAN tagging is to allow multiple VLANs on the same port, any port that has only one VLAN assigned to it can be configured as “Untagged” (the default). ■ Any port that has two or more VLANs assigned to it can have one VLAN assignment for that port as “Untagged”. All other VLANs assigned to the same port must be configured as “Tagged”.
PAGE 52
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) The VLANs assigned to ports X3, X4, Y2, Y3, and Y4 can all be untagged because there is only one VLAN assigned per port. Port X1 has multiple VLANs assigned, which means that one VLAN assigned to this port can be untagged and any others must be tagged. The same applies to ports X2, Y1, and Y5.
PAGE 53
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) The Secure Management VLAN Configures a secure Management VLAN by creating an isolated network for managing the following ProCurve switches that support this feature: • Series 2600 switches • Series 3400cl switches • Series 2600-PWR switches • Series 4100gl switches • Series 2610 switches • Series 4200vl switches • Series 2610-PWR switches • Series 5300xl switches • Series 2800 switches • Series 5400zl switches • Switch
PAGE 54
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) • Switches “A”, “B”, and “C” are connected by ports belonging to the management VLAN. • Hub “X” is connected to a switch port that belongs to the management VLAN. As a result, the devices connected to Hub X are included in the management VLAN. • Other devices connected to the switches through ports that are not in the management VLAN are excluded from management traffic.
PAGE 55
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Figure 2-25. Example of Management VLAN Control in a LAN Table 2-2. VLAN Membership in Figure 2-25 Switch A1 A3 A6 A7 B2 B4 B5 B9 C2 C3 C6 C8 Management VLAN (VID = 7) Y N N Y Y Y N N Y N N N Marketing VLAN (VID = 12) N N N N N N N N N Y Y Y Shipping Dept. VLAN (VID = 20) N Y Y N N N N N N N N N DEFAULT-VLAN (VID = 1) Y Y Y Y Y Y Y Y Y Y Y Y Preparation 1.
PAGE 56
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Configuration Syntax: [ no ] management-vlan < vlan-id | vlan-name > Default: Disabled To confirm the Management VLAN configuration, use the show running-config command. For example, suppose you have already configured a VLAN named My_VLAN with a VID of 100. Now you want to configure the switch to do the following: ■ Use My_VLAN as a Management VLAN (tagged, in this case) to connect port A1 on switch “A” to a management station.
PAGE 57
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Note ■ During a Telnet session to the switch, if you configure the ManagementVLAN to a VID that excludes the port through which you are connected to the switch, you will continue to have access only until you terminate the session by logging out or rebooting the switch.
PAGE 58
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Effect of VLANs on Other Switch Features Spanning Tree Operation with VLANs Because the switch follows the 802.1Q VLAN recommendation to use singleinstance spanning tree, Spanning Tree operates across all ports on the switch (regardless of VLAN assignments) instead of on a per-VLAN basis. This means that if redundant physical links exist between the switch and another 802.
PAGE 59
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) You can send an 802.2 test packet to the VLAN MAC address to verify connectivity to the switch. Likewise, you can assign an IP address to the VLAN interface, and when you Ping that address, ARP will resolve the IP address to this MAC address. Port Trunks When assigning a port trunk to a VLAN, all ports in the trunk are automatically assigned to the same VLAN. You cannot split trunk members across multiple VLANs.
PAGE 60
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) 2-40
PAGE 61
3 GVRP Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3 General Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4 Per-Port Options for Handling GVRP “Unknown VLANs” . . . . . . . . . . 3-6 Per-Port Options for Dynamic VLAN Advertising and Joining . . . . . .
PAGE 62
GVRP Overview Overview This chapter describes GVRP and how to configure it with the switch’s builtin interfaces, and assumes an understanding of VLANs, which are described in Chapter 2, “Static Virtual LANs (VLANs)”.
PAGE 63
GVRP Introduction Introduction Feature Default Menu CLI Web view GVRP configuration n/a page 3-12 page 3-13 page 3-16 list static and dynamic VLANs on a GVRP-enabled switch n/a — page 3-15 page 3-16 enable or disable GVRP disabled page 3-12 page 3-14 page 3-16 enable or disable GVRP on individual ports enabled page 3-12 page 3-14 — control how individual ports will handle advertisements for new VLANs Learn page 3-12 page 3-14 page 3-16 convert a dynamic VLAN to a static VLAN
PAGE 64
GVRP Introduction General Operation When GVRP is enabled on a switch, the VID for any static VLANs configured on the switch is advertised (using BPDUs—Bridge Protocol Data Units) out all ports, regardless of whether a port is up or assigned to any particular VLAN. A GVRP-aware port on another device that receives the advertisements over a link can dynamically join the advertised VLAN. A dynamic VLAN (that is, a VLAN learned through GVRP) is tagged on the port on which it was learned.
PAGE 65
GVRP Introduction Note that if a static VLAN is configured on at least one port of a switch, and that port has established a link with another device, then all other ports of that switch will send advertisements for that VLAN. For example, in the following figure, Tagged VLAN ports on switch “A” and switch “C” advertise VLANs 22 and 33 to ports on other GVRP-enabled switches that can dynamically join the VLANs.
PAGE 66
GVRP Introduction ■ If the switch already has a static VLAN assignment with the same VID as in the advertisement, and the port is configured to Auto for that VLAN, then the port will dynamically join the VLAN and begin moving that VLAN’s traffic. (For more detail on Auto, see “Per-Port Options for Dynamic VLAN Advertising and Joining” on page 3-8.) ■ Ignore the advertisement for that VID. ■ Don’t participate in that VLAN.
PAGE 67
GVRP Introduction Table 3-1. Options for Handling “Unknown VLAN” Advertisements: Unknown VLAN Operation Mode Learn (the Default) Enables the port to become a member of any unknown VLAN for which it receives an advertisement. Allows the port to advertise other VLANs that have at least one other port on the same switch as a member. Block Prevents the port from joining any new dynamic VLANs for which it receives an advertisement.
PAGE 68
GVRP Introduction Per-Port Options for Dynamic VLAN Advertising and Joining Initiating Advertisements. As described in the preceding section, to enable dynamic joins, GVRP must be enabled and a port must be configured to Learn (the default). However, to send advertisements in your network, one or more static (Tagged, Untagged, or Auto) VLANs must be configured on one or more switches (with GVRP enabled), depending on your topology. Enabling a Port for Dynamic Joins.
PAGE 69
GVRP Introduction Per-Port Static VLAN Options—Per VLAN Specified on Each Port 1 “Unknown VLAN” Port Activity: Port Activity: Port Activity: Forbid (Per VLAN)2 2 2 (GVRP) Tagged or Untagged (Per VLAN) Auto (Per VLAN) Configuration Block The port: • Belongs to the specified VLAN. • Advertises this VLAN. • Will not become a member of new dynamic VLANs for which it receives advertisements. • Will advertise dynamic VLANs that have at least one other port as a member.
PAGE 70
GVRP Introduction GVRP and VLAN Access Control When you enable GVRP on a switch, the default GVRP parameter settings allow all of the switch’s ports to transmit and receive dynamic VLAN advertisements (GVRP advertisements) and to dynamically join VLANs. The two preceding sections describe the per-port features you can use to control and limit VLAN propagation. To summarize, you can: ■ Allow a port to advertise and/or join dynamic VLANs (Learn mode—the default).
PAGE 71
GVRP Introduction 4. Determine security boundaries and how the individual ports in the segment will handle dynamic VLAN advertisements. (See table 3-1 on page 3-7 and table 3-2 on page 3-8.) 5. Enable GVRP on all devices you want to use with dynamic VLANs and configure the appropriate “Unknown VLAN” parameter (Learn, Block, or Disable) for each port. 6.
PAGE 72
GVRP Introduction Menu: Viewing and Configuring GVRP 1. From the Main Menu, select: 2. Switch Configuration . . . 8. VLAN Menu . . . 1. VLAN Support Figure 3-4. The VLAN Support Screen (Default Configuration) 2. Do the following to enable GVRP and display the Unknown VLAN fields: a. Press [E] (for Edit). b. Use [v] to move the cursor to the GVRP Enabled field. c. Press the Space bar to select Yes. d. Press [v] again to display the Unknown VLAN fields.
PAGE 73
GVRP Introduction 3. Use the arrow keys to select the port you want, and the Space bar to select Unknown VLAN option for any ports you want to change. 4. When you finish making configuration changes, press [Enter], then [S] (for Save) to save your changes to the Startup-Config file. CLI: Viewing and Configuring GVRP GVRP Commands Used in This Section show gvrp below gvrp page 3-14 unknown-vlans page 3-14 Displaying the Switch’s Current GVRP Configuration.
PAGE 74
GVRP Introduction This example includes non-default settings for the Unknown VLAN field for some ports. Figure 3-7. Example of Show GVRP Listing with GVRP Enabled Enabling and Disabling GVRP on the Switch. This command enables GVRP on the switch. Syntax: gvrp This example enables GVRP: ProCurve(config)# gvrp This example disables GVRP operation on the switch: ProCurve(config)# no gvrp Enabling and Disabling GVRP On Individual Ports.
PAGE 75
GVRP Introduction Figure 3-8. Example of Preventing Specific Ports from Joining Dynamic VLANs Displaying the Static and Dynamic VLANs Active on the Switch. The show vlans command lists all VLANs present in the switch. Syntax: show vlans For example, in the following illustration, switch “B” has one static VLAN (the default VLAN), with GVRP enabled and port 1 configured to Learn for Unknown VLANs. Switch “A” has GVRP enabled and has three static VLANs: the default VLAN, VLAN-222, and VLAN-333.
PAGE 76
GVRP Introduction Dynamic VLANs Learned from Switch “A” through Port 1 Figure 3-10. Example of Listing Showing Dynamic VLANs Converting a Dynamic VLAN to a Static VLAN.
PAGE 77
GVRP Introduction GVRP Operating Notes ■ A dynamic VLAN must be converted to a static VLAN before it can have an IP address. ■ The total number of VLANs on the switch (static and dynamic combined) cannot exceed the current Maximum VLANs setting. For example, in the factory default state, the switch supports eight VLANs. Thus, in a case where four static VLANs are configured on the switch, the switch can accept up to four additional VLANs in any combination of static and dynamic.
PAGE 78
GVRP Introduction 3-18
PAGE 79
4 Multimedia Traffic Control with IP Multicast (IGMP) Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2 General Operation and Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3 IGMP Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3 IGMP Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 80
Multimedia Traffic Control with IP Multicast (IGMP) Overview Overview This chapter describes Multimedia Traffic Control with IP Multicast (IGMP), and explains how to configure IGMP controls to reduce unnecessary bandwidth usage on a per-port basis. For the latest information on IGMP, see the software release notes posted on the ProCurve Networking support Web site at http://www.procurve.com.
PAGE 81
Multimedia Traffic Control with IP Multicast (IGMP) General Operation and Features General Operation and Features IGMP Features Feature Default Menu CLI Web view igmp configuration n/a — page 4-6 — show igmp status for multicast groups used by the selected VLAN n/a — Yes — enabling or disabling IGMP (Requires VLAN ID Context) disabled — page 4-8 page 4-10 per-port packet control auto — page 4-9 — IGMP traffic priority normal — page 4-10 — querier enabled — page 4-10 — fas
PAGE 82
Multimedia Traffic Control with IP Multicast (IGMP) General Operation and Features Enabling IGMP allows detection of IGMP queries and report packets in order to manage IP multicast traffic through the switch. If no other querier is detected, the switch will then also function as the querier. (If you need to disable the querier feature, you can do so through the IGMP configuration MIB. Refer to “Changing the Querier Configuration Setting” on page 4-10.
PAGE 83
Multimedia Traffic Control with IP Multicast (IGMP) General Operation and Features IGMP Operating Features Basic Operation In the factory default configuration, IGMP is disabled. If multiple VLANs are not configured, you must configure IGMP on the default VLAN (DEFAULT_VLAN; VID = 1). If multiple VLANs are configured, you must configure IGMP on a per-VLAN basis for every VLAN where this feature is desired.
PAGE 84
Multimedia Traffic Control with IP Multicast (IGMP) CLI: Configuring and Displaying IGMP Notes Whenever IGMP is enabled, the switch generates an Event Log message indicating whether querier functionality is enabled. IP multicast traffic groups are identified by IP addresses in the range of 224.0.0.0 to 239.255.255.255. Also, incoming IGMP packets intended for reserved, or “well-known” multicast addresses automatically flood through all ports (except the port on which the packets entered the switch).
PAGE 85
Multimedia Traffic Control with IP Multicast (IGMP) CLI: Configuring and Displaying IGMP Viewing the Current IGMP Configuration. This command lists the IGMP configuration for all VLANs configured on the switch or for a specific VLAN. Syntax: show ip igmp config IGMP configuration for all VLANs on the switch.
PAGE 86
Multimedia Traffic Control with IP Multicast (IGMP) CLI: Configuring and Displaying IGMP IGMP Configuration for the Selected VLAN IGMP Configuration On the Individual Ports in the VLAN Figure 4-2. Example Listing of IGMP Configuration for A Specific VLAN Enabling or Disabling IGMP on a VLAN. You can enable IGMP on a VLAN, along with the last-saved or default IGMP configuration (whichever was most recently set), or you can disable IGMP on a selected VLAN.
PAGE 87
Multimedia Traffic Control with IP Multicast (IGMP) CLI: Configuring and Displaying IGMP You can also combine the ip igmp command with other IGMP-related commands, as described in the following sections. Configuring Per-Port IGMP Packet Control. Use this command in the VLAN context to specify how each port should handle IGMP traffic. Syntax: vlan < vid > ip igmp [ auto | blocked | forward ] Syntax: vlan < vid > ip igmp Enables IGMP on the specified VLAN.
PAGE 88
Multimedia Traffic Control with IP Multicast (IGMP) Web: Enabling or Disabling IGMP The following command displays the VLAN and per-port configuration resulting from the above commands. ProCurve> show ip igmp 1 config Configuring the Querier Function. In its default configuration, the switch is capable of operating as an IGMP querier. This command lets you disable or re-enable this function.
PAGE 89
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates How IGMP Operates The Internet Group Management Protocol (IGMP) is an internal protocol of the Internet Protocol (IP) suite. IP manages multicast traffic by using switches, multicast routers, and hosts that support IGMP. (In ProCurve’s implementation of IGMP, a multicast router is not necessary as long as a switch is configured to support IGMP with the querier feature enabled.
PAGE 90
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates IGMP Operating Notes IGMP identifies members of a multicast group (within a subnet) and allows IGMP-configured hosts (and routers) to join or leave multicast groups based on the following process. ■ An IP multicast packet includes the multicast group (address) to which the packet belongs.
PAGE 91
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates Supported Standards and RFCs ProCurve’s implementation of IGMP supports the following standards and operating capabilities: • RFC2236 (IGMP V.2, with backwards support for IGMP V.1) • IETF draft for IGMP and MLD snooping switches (for IGMP V1, V2 V3) • Full IGMPv2 support as well as full support for IGMPv1 Joins. • Ability to operate in IGMPv2 Querier mode on VLANs with an IP address.
PAGE 92
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates Operation With or Without IP Addressing You can configure IGMP on VLANs that do not have IP addressing. The benefit of IGMP without IP addressing is a reduction in the number of IP addresses you have to use and configure. This can be significant in a network with a large number of VLANs.
PAGE 93
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates Automatic Fast-Leave IGMP IGMP Operation Presents a “Delayed Leave” Problem.
PAGE 94
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates Leave. The Querier will continue to transmit the multicast group during this short time, and because the group is no longer registered the switch will then flood the multicast group to all ports. On ProCurve switches that do support Data-Driven IGMP (“Smart” IGMP), when unregistered multicasts are received the switch automatically filters (drops) them.
PAGE 95
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates In the next figure, automatic Fast-Leave operates on the switch ports for IGMP clients “3A” and “5A”, but not on the switch port for IGMP clients “7A” and 7B, Server “7C”, and printer “7D”. Fast-Leave IGMP automatically operates on the ports connected to IGMP clients 3A and 5A, but does not operate on the port connected to Switch 7X because the switch detects multiple end nodes on that port.
PAGE 96
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates Forced Fast-Leave IGMP Forced Fast-Leave IGMP speeds up the process of blocking unnecessary IGMP traffic to a switch port that is connected to multiple end nodes. (This feature does not activate on ports where the switch detects only one end node).
PAGE 97
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates Setting Forced Fast-Leave Using the MIB Fast-Leave and Forced Fast-Leave options for a port can also be set through the switch’s MIB (Management Information Base). Feature Default Settings Function Forced Fast- 2 1 (enabled) Uses the setmib command to enable or disable Leave state (disabled) 2 (disabled) Forced Fast-Leave on individual ports.
PAGE 98
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates The 2 at the end of a port listing shows that Forced Fast-Leave is disabled on the corresponding port. The 1 at the end of a port listing shows that Forced Fast-Leave is enabled on the corresponding port. Internal VLAN Number for the Default VLAN Note: Internal VLAN numbers reflect the sequence in which VLANs are created, and are not related to the unique VID assigned to each VLAN. (See the “Note on VLAN Numbers on page 4-19.
PAGE 99
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates Configuring Per-Port Forced Fast-Leave IGMP In the factory-default configuration, Forced Fast-Leave is disabled for all ports on the switch. To enable (or disable) this feature on individual ports, use the switch’s setmib command, as shown below. Configuring Per-Port Forced Fast-Leave IGMP on Ports. This procedure enables or disables Forced Fast-Leave on ports in a given VLAN. (See the “Note on VLAN Numbers” on page 4-19.
PAGE 100
Multimedia Traffic Control with IP Multicast (IGMP) Using the Switch as Querier Using the Switch as Querier Querier Operation The function of the IGMP Querier is to poll other IGMP-enabled devices in an IGMP-enabled VLAN to elicit group membership information. The switch performs this function if there is no other device in the VLAN, such as a multicast router, to act as Querier.
PAGE 101
Multimedia Traffic Control with IP Multicast (IGMP) Excluding Multicast Addresses from IP Multicast Filtering Excluding Multicast Addresses from IP Multicast Filtering Each multicast host group is identified by a single IP address in the range of 224.0.0.0 through 239.255.255.255. Specific groups of consecutive addresses in this range are termed “well-known” addresses and are reserved for predefined host groups.
PAGE 102
Multimedia Traffic Control with IP Multicast (IGMP) Excluding Multicast Addresses from IP Multicast Filtering Notes: IP Multicast Filters. This operation applies to the ProCurve Switch 1600M, 2400M, 2424M, 4000M, and 8000M, but not to the Switch 2500, 2600, 2600-PWR, 2800, 2810, 2510/2510G, 4100, and 5300 Series devices or the Switch 6108 (which do not have static multicast traffic/security filters). IP multicast addresses occur in the range from 224.0.0.0 through 239.255.255.
PAGE 103
5 Multiple Instance Spanning-Tree Operation Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2 802.1s Multiple Spanning Tree Protocol (MSTP) . . . . . . . . . . . . . . . . . . . . . 5-6 MSTP Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7 How MSTP Operates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-9 MST Regions . . . . . . . . . . .
PAGE 104
Multiple Instance Spanning-Tree Operation Overview Overview MSTP Features 802.
PAGE 105
Multiple Instance Spanning-Tree Operation Overview instance spanning-tree network enables blocking of redundant links in one instance while allowing forwarding over the same links for non-redundant use by another instance.
PAGE 106
Multiple Instance Spanning-Tree Operation Overview The logical and physical topologies resulting from these VLAN/Instance groupings result in blocking on different links for different VLANs: Region “A”: Logical Topology Path blocked for VLANs in instance 2.
PAGE 107
Multiple Instance Spanning-Tree Operation Overview Note on Path Cost RSTP and MSTP implements a greater range of path costs and new default path cost values to account for higher network speeds. These values are different than the values defined by 802.1D STP as shown below. Port Type 802.1D STP Path Cost RSTP and MSTP Path Cost 10 Mbps 100 2 000 000 100 Mbps 10 200 000 1 Gbps 5 20 000 Because the maximum value for the path cost allowed by 802.
PAGE 108
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) 802.1s Multiple Spanning Tree Protocol (MSTP) The 802.1D and 802.1w spanning tree protocols operate without regard to a network’s VLAN configuration, and maintain one common spanning tree throughout a bridged network. Thus, these protocols map one loop-free, logical topology on a given physical topology. The 802.
PAGE 109
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) MSTP Structure MSTP maps active, separate paths through separate spanning tree instances and between MST regions. Each MST region comprises one or more MSTP switches. Note that MSTP recognizes an STP or RSTP LAN as a distinct spanning-tree region.
PAGE 110
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) MST Region: An MST region comprises the VLANs configured on physically connected MSTP switches. All switches in a given region must be configured with the same VLANs and Multiple Spanning Tree Instances (MSTIs). Internal Spanning Tree (IST): The IST administers the topology within a given MST region.
PAGE 111
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Caution When you enable MSTP on the switch, the default MSTP spanning tree configuration settings comply with the values recommended in the IEEE 802.1s Multiple Spanning Tree Protocol (MSTP) standard. Note that inappropriate changes to these settings can result in severely degraded network performance.
PAGE 112
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) How Separate Instances Affect MSTP Operation. Assigning different groups of VLANs to different instances ensures that those VLAN groups use independent forwarding paths. For example, in figure 5-3 each instance has a different forwarding path.
PAGE 113
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Within a region, traffic routed between VLANs in separate instances can take only one physical path. To ensure that traffic in all VLANs within a region can travel between regions, all of the boundary ports for each region should belong to all VLANs configured in the region. Otherwise, traffic from some areas within a region could be blocked from moving to other regions.
PAGE 114
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) MSTP Operation with 802.1Q VLANs As indicated in the preceding sections, within a given MST instance, a single spanning tree is configured for all VLANs included in that instance. This means that if redundant physical links exist in separate VLANs within the same instance, MSTP blocks all but one of those links.
PAGE 115
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Terminology Bridge: See “MSTP Bridge”. Common and Internal Spanning Tree (CIST): Comprises all LANs, STP, and RSTP bridges and MSTP regions in a network. The CIST automatically determines the MST regions in a network and defines the root bridge (switch) and designated port for each region.
PAGE 116
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) ■ No switch has a point-to-point connection to a bridging device that cannot process RSTP BPDUs. Operating Rules 5-14 ■ All switches in a region must be configured with the same set of VLANs, as well as the same MST configuration name and MST configuration number. ■ Within a region, a VLAN can be allocated to either a single MSTI or to the region’s IST instance.
PAGE 117
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) ■ Within an MST region, there is one logical forwarding topology per instance, and each instance comprises a unique set of VLANs. Where multiple paths exist between a pair of nodes using VLANs belonging to the same instance, all but one of those paths will be blocked for that instance. However, if there are different paths in different instances, all such paths are available for traffic.
PAGE 118
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) As indicated above, one of the benefits of MSTP and RSTP is the implementation of a larger range of port path costs, which accommodates higher network speeds. New default values have also been implemented for the path costs associated with the different network speeds. This can create some incompatibility between devices running the older 802.1D STP and your switch running MSTP or RSTP.
PAGE 119
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Note on MSTP Rapid State Tr a n s i t i o n s Under some circumstances the rapid state transitions employed by MSTP (and RSTP) can increase the rates of frame duplication and misordering in the switched LAN.
PAGE 120
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) – 2. Device spanning-tree priority. Specifies the priority value used along with the switch MAC address to determine which device is root. The lower a priority value, the higher the priority. spanning-tree priority Configure MST instances. • Configure one instance for each VLAN group that you want to operate as an active topology within the region to which the switch belongs.
PAGE 121
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Configuring MSTP Operation Mode and Global Parameters Command Page spanning-tree config-name < ascii-string > page 5-20 spanning-tree config-revision < revision-number > page 5-20 spanning-tree max-hops < hop-count > page 5-21 spanning-tree maximum-age page 5-21 spanning-tree force-version < stp-compatible | rstp-operation | mstp-operation> page 5-21 spanning-tree hello-time < 1..
PAGE 122
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Syntax: [no] spanning-tree config-name < ascii-string > This command resets the configuration name of the MST region in which the switch resides. This name can include up to 32 non-blank characters and is case-sensitive. On all switches within a given MST region, the configuration names must be identical.
PAGE 123
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Syntax: spanning-tree max-hops < hop-count > This command resets the number of hops allowed for BPDUs in an MST region. When an MSTP switch receives a BPDU, it decrements the hop-count setting the BPDU carries. If the hopcount reaches zero, the receiving switch drops the BPDU.
PAGE 124
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Syntax: spanning-tree hello-time < 1..10 > If MSTP is running and the switch is operating as the CIST root for your network, this command specifies the time in seconds between transmissions of BPDUs for all ports on the switch configured with Use Global (the default). This parameter applies in MSTP, RSTP and STP modes.
PAGE 125
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Command Page spanning-tree priority page 5-25 root-guard tcn-guard loop-protect Configuring Per Port Parameters Syntax: [no] spanning-tree admin-edge-port Enable admin-edge-port on ports connected to end nodes. During spanning tree establishment, ports with adminedge-port enabled transition immediately to the forwarding state.
PAGE 126
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Syntax: [no] spanning-tree < port-list > mcheck Forces a port to send RSTP BPDUs for 3 seconds. This allows for another switch connected to the port and running RSTP to establish its connection quickly and for identifying switches running 802.1D STP. If the wholeswitch force-version parameter is set to stp-compatible, the switch ignores the mcheck setting and sends 802.1D STP BPDUs out all ports.
PAGE 127
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Syntax: spanning-tree < port-list > point-to-point-mac < force-true | force-false | auto > This parameter informs the switch of the type of device to which a specific port connects. Force-True (default): Indicates a point-to-point link to a device such as a switch, bridge, or end-node. Force-False: Indicates a connection to a hub (which is a shared LAN segment).
PAGE 128
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Syntax: spanning-tree < port-list > tcn-guard When tcn-guard is enabled for a port, it causes the port to stop propagating received topology change notifications and topology changes to other ports. (Default: No - disabled) Configuring BPDU Filtering The STP BPDU filter feature allows control of spanning-tree participation on a per-port basis.
PAGE 129
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) For example, to configure BPDU filtering on port a9, enter: ProCurve(config)# spanning-tree a9 bpdu-filter Viewing BPDU Filtering. The spanning-tree show < port> configuration command displays the BPDU’s filter state. ProCurve(config)# show spanning-tree a9 config ...
PAGE 130
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) STP Domain SNMP Trap Management Station SNMP Trap SNMP Trap Switch Event Log: port X is disable by STP BPDU protection Fake STP BPDU End User Figure 5-7. Example of BPDU Protection Enabled at the Network Edge The following commands allow you to configure BPDU protection.
PAGE 131
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) The following steps will then be set in process: Note 1. When an STP BPDU packet is received on ports 1-10, STP treats it as an unauthorized transmission attempt and shuts down the port that the BPDU came in on. 2. An event message is logged and an SNMP notification trap is generated. 3. The port remains disabled until re-enabled manually by a network administrator using the interface enable command.
PAGE 132
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Configuring Loop Protection You can use BPDU protection for systems that have spanning tree enabled (See “Configuring BPDU Protection” on page 5-27), however, the BPDU protection feature cannot detect the formation of loops when an unmanaged device on the network drops spanning tree packets.
PAGE 133
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) [disable-timer <0-604800>] How long (in seconds) a port is disabled when a loop has been detected. A value of zero disables the auto re-enable functionality. Default: Timer is disabled [transmit-interval <1-10>] Allows you to configure the time in seconds between the transmission of loop protection packets. Default: 5 seconds To display information about ports with loop protection, enter this command.
PAGE 134
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Configuring MST Instance Parameters Command Page spanning-tree instance < 1..16 > vlan < vid> [ vid..vid ] no spanning-tree instance < 1..16 > page 5-32 spanning-tree instance < 1..16 > priority < 0..15 > page 5-33 spanning-tree priority < 0..15 > page 5-34 Syntax: spanning-tree instance < 1..16 > vlan < vid [ vid..vid ] > no spanning-tree instance < 1..
PAGE 135
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Syntax: spanning-tree instance < 1..16 > priority < 0 .. 15 > This command sets the switch (bridge) priority for the designated instance. This priority is compared with the priorities of other switches in the same instance to determine the root switch for the instance. The lower the priority value, the higher the priority.
PAGE 136
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Syntax: spanning-tree priority < 0 .. 15 > Every switch running an instance of MSTP has a Bridge Identifier, which is a unique identifier that helps distinguish this switch from all others. The switch with the lowest Bridge Identifier is elected as the root for the tree.
PAGE 137
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Configuring MST Instance Per-Port Parameters Command Page spanning-tree instance < 1..16 > < port-list > path-cost < auto | 1..200000000 > page 5-35 spanning-tree instance < 1..16 > < port-list > priority < priority-multiplier > page 5-36 spanning-tree < port-list > priority < priority-multiplier > page 5-37 Syntax: spanning-tree instance < 1..16 > [e] < port-list > path-cost < auto | 1..
PAGE 138
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Syntax: spanning-tree instance < 1..16 > [e] < port-list > priority This command sets the priority for the specified port(s) in the specified MST instance. (For a given port, the priority setting can be different for different MST instances to which the port may belong.) The priority range for a port in a given MST instance is 0-255.
PAGE 139
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Syntax: spanning-tree [e] < port-list > priority < priority-multiplier > This command sets the priority for the specified port(s) for the IST (that is, Instance 0) of the region in which the switch resides. The “priority” component of the port’s “Port Identifier” is set. The Port Identifier is a unique identifier that helps distinguish this switch’s ports from all others.
PAGE 140
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Enabling or Disabling Spanning Tree Operation This command enables or disables spanning tree operation for any spanning tree protocol enabled on the switch. Before using this command to enable spanning tree, ensure that the version you want to use is active on the switch.
PAGE 141
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) 1. Configure the VLANs you want included in any instances in the new region. When you create the pending region, all VLANs configured on the switch will be assigned to the pending IST instance unless assigned to other, pending MST instances. 2. Configure MSTP as the spanning-tree protocol, then execute write mem and reboot. (The pending option is available only with MSTP enabled.) 3.
PAGE 142
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) 9. To view the current pending MSTP configuration, use the show spanningtree pending command (page page 5-46). Displaying MSTP Statistics and Configuration Command Page MSTP Statistics: show spanning-tree [< port-list >] show spanning-tree instance < ist | 1..16 > below 42 MSTP Configuration show spanning-tree [ port-list ] config 43 show spanning-tree [ port-list ] config instance < ist | 1..
PAGE 143
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Switch’s Spanning Tree Configuration and Identity of VLANs Configured in the Switch for the IST Instance Identifies the overall spanning-tree root for the network. Lists the switch’s MSTP root data for connectivity with other regions and STP or RSTP devices. Identifies the spanning-tree root for the IST Instance for the region.
PAGE 144
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Displaying Switch Statistics for a Specific MST Instance. Syntax: show spanning-tree instance < ist | 1..16 > This command displays the MSTP statistics for either the IST instance or a numbered MST instance running on the switch. Figure 5-12.
PAGE 145
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Displaying the MSTP Configuration Displaying the Global MSTP Configuration. This command displays the switch’s basic and MST region spanning-tree configuration, including basic port connectivity settings. Syntax: show spanning-tree config The upper part of this output shows the switch’s global spanning-tree configuration that applies to the MST region.
PAGE 146
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Displaying Per-Instance MSTP Configurations. These commands displays the per-instance port configuration and current state, along with instance identifiers and regional root data. Syntax: show spanning-tree config instance < ist | 1..16 > The upper part of this output shows the instance data for the specified instance. The lower part of the output lists the spanning-tree port settings for the specified instance.
PAGE 147
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Displaying the Region-Level Configuration in Brief. This command output is useful for quickly verifying the allocation of VLANs in the switch’s MSTP configuration and for viewing the configured region identifiers. Syntax: show spanning-tree mst-config This command displays the switch’s regional configuration.
PAGE 148
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Displaying the Pending MSTP Configuration. This command displays the MSTP configuration the switch will implement if you execute the spanning-tree pending apply command (Refer to “Enabling an Entire MST Region at Once or Exchanging One Region Configuration for Another” on page 5-38.) Syntax: show spanning-tree pending < instance | mst-config > instance < 1..16 | ist > Lists region, instance I.D.
PAGE 149
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Displaying the Root History. This command displays the spanning-tree root changes history information. Syntax: show spanning-tree root-history < cst | ist | msti> cst Displays the CST root changes history. ist Displays the IST root changes history. msti Displays the MSTI root changes history.
PAGE 150
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Operating Notes SNMP MIB Support for MSTP. MSTP is a superset of the STP/802.1D and RSTP/802.1w protocols and uses the MIB objects defined for these two protocols. Also, as of December, 2003, there has been no formal MIB definition published for 802.1s MSTP managed objects. Troubleshooting Duplicate packets on a VLAN, or packets not arriving on a LAN at all.
PAGE 151
6 Quality of Service (QoS): Managing Bandwidth More Effectively Contents Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-5 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-6 QoS Types for Prioritizing Outbound Packets . . . . . . . . . . . . . . . . . . .
PAGE 152
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Introduction . QoS Feature Default Menu CLI Web IP Type-of-Service Priority Disabled — page 6-16 “ DSCP Policy Table — page 6-32 “ Various As the term suggests, network policy refers to the network-wide controls you can implement to: ■ Ensure uniform and efficient traffic handling throughout your network, while keeping the most important traffic moving at an acceptable speed, regardless of current bandwidth usage.
PAGE 153
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Edge Switch ■ Change the priorities of traffic from various segments of your network as your business needs change. ■ Set priority policies in edge switches in your network to enable traffichandling rules across the network. Honor Priority Classify inbound traffic on these Class-ofService (CoS) types: Downstream Switch • IP-device (address) • VLAN-ID (VID). • Source-Port Tagged VLANs on inbound and outbound ports.
PAGE 154
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction in an 802.1Q VLAN environment (with 802.1p priority tags) or in an untagged VLAN environment (with DSCP policies) where QoS can set priorities that downstream devices can support without re-classifying the traffic. By prioritizing traffic, QoS supports traffic growth on the network while optimizing the use of existing resources—and delaying the need for further investments in equipment and services.
PAGE 155
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Terminology Term Use in This Document 802.1p priority A traffic priority setting carried by a VLAN-tagged packet moving from one device to another through ports that are tagged members of the VLAN to which the packet belongs. This setting can be from 0 7. The switch handles an outbound packet on the basis of its 802.1p priority.
PAGE 156
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Term Use in This Document outbound port queue For any port, a buffer that holds outbound traffic until it can leave the switch through that port. There are four outbound queues for each port in the switch: high, medium, normal, and low. Traffic in a port’s high priority queue leaves the switch before any traffic in the port’s medium priority queue, and so-on.
PAGE 157
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction ■ Configuring a priority for outbound packets and a service (priority) policy for use by downstream devices: • DSCP Policy: This feature enables you to set a priority policy in outbound IP packets. (You can configure downstream devices to read and use this policy.) This method is not dependent on VLAN-tagged ports to carry priority policy to downstream devices, and can: – Change the codepoint (the upper six bits) in the ToS byte.
PAGE 158
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction If a packet is not in a VLAN-tagged port environment, then the QoS settings in table 6-2 control only to which outbound queue the packet goes. Without VLAN tagging, no 802.1p priority is added to the packet for downstream device use. But if the packet is in a VLAN-tagged environment, then the above setting is also added to the packet as an 802.1p priority for use by downstream devices and applications (shown in table 6-3).
PAGE 159
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Packet Types and Evaluation Order The switches covered by this chapter provide two QoS types (packet-matching criteria) you can use to configure QoS priority. Table 6-4.
PAGE 160
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Table 6-5. Precedence Criteria for QoS types Precedence Criteria 1 IP TypeofService (IP ToS) Overview Takes precedence based on the TOS field in IP packets. (Applies only to IP packets.) The ToS field is configured by an upstream device or application before the packet enters the switch.
PAGE 161
Quality of Service (QoS): Managing Bandwidth More Effectively Preparation for Configuring QoS Preparation for Configuring QoS QoS operates in VLAN-tagged and VLAN-untagged environments. If your network does not use multiple VLANs, you can still implement the 802.1Q VLAN capability for packets to carry their 802.1p priority to the next downstream device. To do so, configure ports as VLAN-tagged members on the links between switches and routers in your network infrastructure. Table 6-6.
PAGE 162
Quality of Service (QoS): Managing Bandwidth More Effectively Preparation for Configuring QoS Table 6-7. Applying QoS Options to Traffic Types Defined by QoS Types QoS Options for Prioritizing Outbound Traffic Option 1: Configure 802.1p Priority Rules Only Prioritize traffic by sending specific packet types (determined by QoS type) to different outbound port queues on the switch. Rely on VLAN-tagged ports to carry packet priority as an 802.1p value to downstream devices.
PAGE 163
Quality of Service (QoS): Managing Bandwidth More Effectively Preparation for Configuring QoS Planning a QoS Configuration QoS uses resources in a way that requires attention to rule usage when planning a QoS configuration. Otherwise, there is an increased possibility of oversubscribing resources, which means that at some point the switch would not support further QoS configuration.
PAGE 164
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic Using QoS Types To Configure QoS for Outbound Traffic QoS Feature Note Default Menu CLI Web IP Type-of-Service Priority Disabled — page 6-16 “ Interface (Source-Port) Priority — page 6-29 “ Disabled In addition to the information in this section on the various QoS types, refer to “QoS Operating Notes and Restrictions” on page 6-37.
PAGE 165
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic type-of-service Displays the current type-of-service priority configuration. The display output differs according to the ToS option used: ■ IP Precedence: Refer to figure 6-3 on page 6-17. ■ Diffserve: Refer to figure 6-5 on page 6-21. port-priority Displays the current Interface (source-port) priority configuration. Refer to figure 6-11 on page 6-30.
PAGE 166
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic QoS IP Type-of-Service (ToS) Policy and Priority QoS Type Precedence: 1 This feature applies only to IPv4 traffic and performs either of the following: ■ ToS IP-Precedence Mode: All IP packets generated by upstream devices and applications include precedence bits in the ToS byte. Using this mode, the switch uses these bits to compute and assign the corresponding 802.1p priority.
PAGE 167
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic Assigning an 802.1p Priority to IPv4 Packets on the Basis of the ToS Precedence Bits If a device or application upstream of the switch sets the precedence bits in the ToS byte of IPv4 packets, you can use this feature to apply that setting for prioritizing packets for outbound port queues. If the outbound packets are in a tagged VLAN, this priority is carried as an 802.
PAGE 168
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic To replace this option with the ToS diff-services option, just configure diffservices as described below, which automatically disables IP-Precedence. To disable IP-Precedence without enabling the diff-services option, use this command: ProCurve(config)# no qos type-of-service Assigning an 802.
PAGE 169
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic Note on DSCP Use Different applications may use the same DSCP in their IP packets. Also, the same application may use multiple DSCPs if the application originates on different clients, servers, or other devices. Using an edge switch enables you to select the packets you want and mark them with predictable DSCPs that can be used by downstream switches to honor policies set in the edge switch.
PAGE 170
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic . Syntax: qos type-of-service diff-services < codepoint > Causes the switch to read the < codepoint > (DSCP) of an incoming IPv4 packet and, when a match occurs, assign a corresponding 802.1p priority, as configured in the switch’s DSCP table (page 6-33). no qos type-of-service Disables all ToS type operation. no qos dscp-map < codepoint > Disables direct 802.
PAGE 171
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic For example, an edge switch “A” in an untagged VLAN assigns a DSCP of 000110 on IP packets it receives on port A6, and handles the packets with high priority (7). When these packets reach interior switch “B” you want the switch to handle them with the same high priority. To enable this operation you would configure an 802.
PAGE 172
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic Outbound IP packets with a DSCP of 000110 will have a priority of 7. Notice that codepoints 000000 and 001001 are named as DSCP policies by other codepoints (000001 and 000110 respectively). This means they are not available for changing to a different 802.1p priority. Figure 6-6. Example of a Type-of-Service Configuration Enabling Both Direct 802.
PAGE 173
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic 3. Use qos type-of-service diff-services < incoming-DSCP > dscp < outgoingDSCP > to change the policy on packets coming from the edge or upstream switch with the specified incoming DSCP. (Figure 6-4 on page 6-18 illustrates this scenario.) Notes “Mixing” ToS DSCP policies and 802.1p priorities is not recommended. Refer to the Note on page 6-9.
PAGE 174
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic For example, suppose you want to configure the following two DSCP policies for packets received with the indicated DSCPs. 1. Received DSCP Policy DSCP 802.1p Priority Policy Name (Optional) 001100 000010 6 Level 6 001101 000101 4 Level 4 Determine whether the DSCPs already have priority assignments, which could indicate use by existing applications.
PAGE 175
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic 2. Configure the policies in the DSCP table: Figure 6-8. Example of Policies Configured (with Optional Names) in the DSCP Table 3. Assign the policies to the codepoints in the selected packet types. The specified DSCP policies overwrite the original DSCPs on the selected packets, and use the 802.1p priorities previously configured in the DSCP policies in step 2. Figure 6-9.
PAGE 176
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic Details of QoS IP Type-of-Service IP packets include a Type of Service (ToS) byte. The ToS byte includes: ■ A Differentiated Services Codepoint (DSCP): This element is comprised of the upper six bits of the ToS byte). There are 64 possible codepoints. In the switches covered by this manual, the default qos configuration includes the codepoint having the 802.
PAGE 177
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic Figure 6-10 shows an example of the ToS byte in the header for an IPv4 packet, and illustrates the diffserv bits and precedence bits in the ToS byte. (Note that the Precedence bits are a subset of the Differentiated Services bits.) Field: Destination MAC Address Source MAC Address Packet: FF FF FF FF FF FF 08 00 09 00 00 16 802.1Q Field Type & Version ToS Byte 45 E0 08 00 … ...
PAGE 178
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic Table 6-8.
PAGE 179
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic QoS Interface (Source-Port) Priority QoS Type Precedence: 2 The QoS Interface option enables you to use a packet’s source-port on the switch as a QoS type. Where a particular source-port type has the highest precedence in the switch for traffic entering through that port, then traffic received from the port is marked with the source-port type’s configured priority level.
PAGE 180
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic For example, suppose that you want to prioritize inbound traffic on the following source-ports: Interface Priority (Source Port) 1-3 2 4 3 5, 8 5 9 - 11 6 You would then execute the following commands to prioritize traffic received on the above ports: ProCurve(config)# ProCurve(config)# ProCurve(config)# ProCurve(config)# interface interface interface interface e e e e 9-11 qos pri
PAGE 181
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic If you then decided to remove port 1 from QoS prioritization: ProCurve(config)# no interface e 1 qos ProCurve(config)# show qos port-priority Port priorities Port -----1 2 3 4 . . . Priority ----------0 2 2 3 . . . In this instance, 0 indicates that port 1 is not prioritized by QoS. Figure 6-12.
PAGE 182
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic Differentiated Services Codepoint (DSCP) Mapping The DSCP Policy Table associates an 802.1p priority with a specific ToS byte codepoint in an IPv4 packet. This enables you to set a LAN policy that operates independently of 802.1Q VLAN-tagging. In the default state, most of the 64 codepoints do not assign an 802.1p priority, as indicated by No-override in table 6-10 on page 6-33.
PAGE 183
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic Table 6-10. The Default DSCP Policy Table DSCP Policy 000000 000001 000010 000011 000100 000101 000110 000111 001000 001001 001010 001011 001100 001101 001110 001111 010000 010001 010010 010011 010100 010101 802.
PAGE 184
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic Quickly Listing Non-Default Codepoint Settings Table 6-10 lists the switch’s default codepoint/priority settings. If you change the priority of any codepoint setting to a non-default value and then execute write memory, the switch will list the non-default setting in the show config display.
PAGE 185
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic Effect of “No-override”. In the QoS Type-of-Service differentiated services mode, a No-override assignment for the codepoint of an outbound packet means that QoS is effectively disabled for such packets. That is, QoS does not affect the packet queuing priority or VLAN tagging.
PAGE 186
Quality of Service (QoS): Managing Bandwidth More Effectively IP Multicast (IGMP) Interaction with QoS IP Multicast (IGMP) Interaction with QoS IGMP high-priority-forward causes the switch to service the subscribed IP multicast group traffic at high priority, even if QoS on the switch has relegated the traffic to a lower priority. This does not affect any QoS priority settings, so the QoS priority is honored by downstream devices. However, QoS does take precedence over IGMP normal-priority traffic.
PAGE 187
Quality of Service (QoS): Managing Bandwidth More Effectively QoS Operating Notes and Restrictions QoS Operating Notes and Restrictions Table 6-11. Details of Packet Criteria and Restrictions for QoS Support Packet Criteria or Restriction QoS Types IP Type-of-Service DSCP Overwrite (Re-Marking) Source Port Incoming 802.
PAGE 188
Quality of Service (QoS): Managing Bandwidth More Effectively QoS Operating Notes and Restrictions 6-38
PAGE 189
7 ProCurve Stack Management Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3 Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-4 Which Devices Support Stacking? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-5 Components of ProCurve Stack Management . . . . . . . . . . . . . . . . . . . . 7-6 General Stacking Operation . . . . . . . . . . . . . .
PAGE 190
ProCurve Stack Management Contents Using the CLI To Disable or Re-Enable Stacking . . . . . . . . . . . . . . . . 7-46 Transmission Interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-46 Stacking Operation with Multiple VLANs Configured . . . . . . . . . . . . 7-46 Web: Viewing and Configuring Stacking . . . . . . . . . . . . . . . . . . . . . . . 7-47 Status Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 191
ProCurve Stack Management Overview Overview This chapter describes how to use your network to stack switches without the need for any specialized cabling. For an overview of stacking features, refer to the table on page 7-4.
PAGE 192
ProCurve Stack Management Operation Operation Stacking Features Feature Default Menu CLI Web view status of a single switch n/a page 7-28 thru page 7-30 page 7-33 page 7-47 view candidate status n/a page 7-33 view status of commander and its stack n/a page 7-34 view status of all stacking-enabled switches in the ip subnet n/a page 7-34 view stack status configure stacking enable/disable candidate Auto-Join enabled/Yes page 7-17 page 7-39 “push” a candidate into a stack n/a page 7-
PAGE 193
ProCurve Stack Management Operation ■ Simplify management of small workgroups or wiring closets while scaling your network to handle increased bandwidth demand. ■ Eliminate any specialized cables for stacking connectivity and remove the distance barriers that typically limit your topology options when using other stacking technologies. ■ Add switches to your network without having to first perform IP addressing tasks.
PAGE 194
ProCurve Stack Management Operation Components of ProCurve Stack Management Table 7-1. Stacking Definitions Stack Consists of a Commander switch and any Member switches belonging to that Commander’s stack. Commander A switch that has been manually configured as the controlling device for a stack. When this occurs, the switch’s stacking configuration appears as Commander. Candidate A switch that is ready to join (become a Member of) a stack through either automatic or manual methods.
PAGE 195
ProCurve Stack Management Operation Use the Commander’s console or Web browser interface to access the user interface on any Member switch in the same stack. Wiring Closet "A" Member Switch 1 Candidate Switch IP Address: None Assigned IP Address: None Assigned Manager Password: leader Manager Password: francois Commander Switch 0 Non-Member Switch Member Switch 2 IP Address: 14.28.227.100 IP Address: 14.28.227.
PAGE 196
ProCurve Stack Management Operation Operating Rules for Stacking General Rules ■ Stacking is an optional feature (enabled in the default configuration) and can easily be disabled. Stacking has no effect on the normal operation of the switch in your network. ■ A stack requires one Commander switch. (Only one Commander allowed per stack.) ■ All switches in a particular stack must be in the same IP subnet (broadcast domain). A stack cannot cross a router.
PAGE 197
ProCurve Stack Management Operation Specific Rules Table 7-2. Specific Rules for Commander, Candidate, and Member Switch IP Addressing and Stack Name Number Allowed Per Stack Passwords SNMP Communities Only one Commander switch is allowed per stack. The Commander’s Manager and Operator passwords are assigned to any switch becoming a Member of the stack. If you change the Commander’s passwords, the Commander propagates the new passwords to all stack Members. Standard SNMP community operation.
PAGE 198
ProCurve Stack Management Configuring Stack Management Note In the default stack configuration, the Candidate Auto Join parameter is enabled, but the Commander Auto Grab parameter is disabled. This prevents Candidates from automatically joining a stack prematurely or joining the wrong stack (if more than one stack Commander is configured in a subnet or broadcast domain).
PAGE 199
ProCurve Stack Management Configuring Stack Management Options for Configuring a Commander and Candidates. Depending on how Commander and Candidate switches are configured, Candidates can join a stack either automatically or by a Commander manually adding (“pulling”) them into the stack. In the default configuration, a Candidate joins only when manually pulled by a Commander. You can reconfigure a Commander to automatically pull in Candidates that are in the default stacking configuration.
PAGE 200
ProCurve Stack Management Configuring Stack Management ■ Default stacking configuration (Stack State set to Candidate, and Auto Join set to Yes) ■ Same subnet (broadcast domain) and default VLAN as the Commander (If VLANs are used in the stack environment, see “Stacking Operation with a Tagged VLAN” on page 7-46.) ■ No Manager password ■ 14 or fewer stack members at the moment General Steps for Creating a Stack This section describes the general stack creation process.
PAGE 201
ProCurve Stack Management Configuring Stack Management 2. Configure the Commander switch. Doing this first helps to establish consistency in your stack configuration, which can help prevent startup problems. • A stack requires one Commander switch.
PAGE 202
ProCurve Stack Management Configuring Stack Management Using the Menu Interface To View Stack Status and Configure Stacking Using the Menu Interface To View and Configure a Commander Switch 1. Configure an IP address and subnet mask on the Commander switch. (See the chapter on IP addressing in the Management and Configuration Guide.) 2. Display the Stacking Menu by selecting Stacking in the Main Menu. Figure 7-5.
PAGE 203
ProCurve Stack Management Configuring Stack Management 3. Display the Stack Configuration menu by pressing [3] to select Stack Configuration. Figure 7-6. The Default Stack Configuration Screen 4. Move the cursor to the Stack State field by pressing [E] (for Edit). Then use the Space bar to select the Commander option. 5. Press the downarrow key to display the Commander configuration fields in the Stack Configuration screen. Figure 7-7.
PAGE 204
ProCurve Stack Management Configuring Stack Management 7. Ensure that the Commander has the desired Auto Grab setting, then press the downarrow key: • No (the default) prevents automatic joining of Candidates that have their Auto Join set to Yes. • Yes enables the Commander to automatically take a Candidate into the stack as a Member if the Candidate has Auto Join set to Yes (the default Candidate setting) and does not have a previously configured password. 8.
PAGE 205
ProCurve Stack Management Configuring Stack Management Using the Menu To “Push” a Switch Into a Stack, Modify the Switch’s Configuration, or Disable Stacking on the Switch. Use Telnet or the Web browser interface to access the Candidate if it has an IP address. Otherwise, use a direct connection from a terminal device to the switch’s console port. (For information on how to use the Web browser interface, see the online Help provided for the browser.) 1.
PAGE 206
ProCurve Stack Management Configuring Stack Management • To change Auto Join or Transmission Interval, use [Tab] to select the desired parameter, and: – To change Auto Join, use the Space bar. – To change Transmission Interval, type in the new value in the range of 1 to 300 seconds. Note: All switches in the stack must be set to the same transmission interval to help ensure proper stacking operation. ProCurve recommends that you leave this parameter set to the default 60 seconds. Then go to step 5. 5.
PAGE 207
ProCurve Stack Management Configuring Stack Management Using the Commander’s Menu To Manually Add a Candidate to a Stack. In the default configuration, you must manually add stack Members from the Candidate pool. Reasons for a switch remaining a Candidate instead of becoming a Member include any of the following: ■ Auto Grab in the Commander is set to No (the default). ■ Auto Join in the Candidate is set to No.
PAGE 208
ProCurve Stack Management Configuring Stack Management The Commander automatically selects an available switch number (SN). You have the option of assigning any other available number. Candidate List Figure 7-10. Example of Candidate List in Stack Management Screen 3. Either accept the displayed switch number or enter another available number. (The range is 0 - 15, with 0 reserved for the Commander.) 4.
PAGE 209
ProCurve Stack Management Configuring Stack Management For status descriptions, see the table on page 7-48. New Member added in step 6. Figure 7-11. Example of Stack Management Screen After New Member Added Using the Commander’s Menu To Move a Member From One Stack to Another. Where two or more stacks exist in the same subnet (broadcast domain), you can easily move a Member of one stack to another stack if the destination stack is not full.
PAGE 210
ProCurve Stack Management Configuring Stack Management You will then see the Stacking Status (All) screen: For status descriptions, see the table on page 7-48. This column lists the MAC Addresses for switches discovered (in the local subnet) that are configured for Stacking. Using the MAC addresses for these Members, you can move them between stacks in the same subnet. Figure 7-12. Example of How the Stacking Status (All) Screen Helps You Find Member MAC Addresses 3.
PAGE 211
ProCurve Stack Management Configuring Stack Management 8. 9. Note: Do one of the following: • If the stack containing the Member you are moving has a Manager password, press the downarrow key to select the Candidate Password field, then type the password. • If the stack containing the Member you want to move does not have a password, go to step 9. Press [Enter] to return to the Actions line, then press [S] (for Save) to complete the Add process for the selected Member.
PAGE 212
ProCurve Stack Management Configuring Stack Management To remove a Member from a stack, use the Stack Management screen. 1. From the Main Menu, select: 9. Stacking... 4. Stack Management You will then see the Stack Management screen: For status descriptions, see the table on page 7-48. Stack Member List Figure 7-13. Example of Stack Management Screen with Stack Members Listed 2. Use the downarrow key to select the Member you want to remove from the stack. Figure 7-14.
PAGE 213
ProCurve Stack Management Configuring Stack Management 4. To continue deleting the selected Member, press the Space bar once to select Yes for the prompt, then press [Enter] to complete the deletion. The Stack Management screen updates to show the new stack Member list.
PAGE 214
ProCurve Stack Management Configuring Stack Management Main Menu for stack Member named “Coral Sea” (SN = 1 from figure 7-16) Figure 7-17. The eXecute Command Displays the Console Main Menu for the Selected Stack Member 2. You can now make configuration changes and/or view status data for the selected Member in the same way that you would if you were directly connected or telnetted into the switch. 3.
PAGE 215
ProCurve Stack Management Configuring Stack Management 3. Press [B] (for Back) to return to the Stacking Menu. 4. To display Stack Configuration menu for the switch you are moving, select 3. Stack Configuration 5. Press [E] (for Edit) to select the Stack State parameter. 6. Use the Space bar to select Member, then press [v] to move to the Commander MAC Address field. 7. Enter the MAC address of the destination Commander and press [Enter]. 8. Press [S] (for Save).
PAGE 216
ProCurve Stack Management Configuring Stack Management Using Any Stacked Switch To View the Status for All Switches with Stacking Enabled. This procedure displays the general status of all switches in the IP subnet (broadcast domain) that have stacking enabled. 1. Go to the console Main Menu for any switch configured for stacking and select: 9. Stacking ... 2. Stacking Status (All) You will then see a Stacking Status screen similar to the following: For status descriptions, see the table on page 7-48.
PAGE 217
ProCurve Stack Management Configuring Stack Management Figure 7-19. Example of the Commander’s Stacking Status Screen Viewing Member Status. This procedure displays the Member’s stacking information plus the Commander’s status, IP address, and MAC address. To display the status for a Member: 1. Go to the console Main Menu of the Commander switch and select 9. Stacking ... 5. Stack Access 2. Use the downarrow key to select the Member switch whose status you want to view, then press [X] (for eXecute).
PAGE 218
ProCurve Stack Management Configuring Stack Management Figure 7-20. Example of a Member’s Stacking Status Screen Viewing Candidate Status. This procedure displays the Candidate’s stacking configuration. To display the status for a Candidate: 1. Use Telnet (if the Candidate has a valid IP address for your network) or a direct serial port connection to access the menu interface Main Menu for the Candidate switch and select 9. Stacking ... 1.
PAGE 219
ProCurve Stack Management Configuring Stack Management Using the CLI To View Stack Status and Configure Stacking The CLI enables you to do all of the stacking tasks available through the menu interface.) Table 7-6. CLI Commands for Configuring Stacking on a Switch CLI Command Operation show stack [candidates | view | all] Commander: Shows Commander’s stacking configuration and lists the stack members and their individual status.
PAGE 220
ProCurve Stack Management Configuring Stack Management CLI Command Operation [no] stack member mac-address [password ] Commander: Adds a Candidate to stack membership. “No” form removes a Member from stack membership. To easily determine the MAC address of a Candidate, use the show stack candidates command. To determine the MAC address of a Member you want to remove, use the show stack view command.
PAGE 221
ProCurve Stack Management Configuring Stack Management Using the CLI To View Stack Status You can list the stack status for an individual switch and for other switches that have been discovered in the same subnet. Syntax: show stack [candidates | view | all] Viewing the Status of an Individual Switch. The following example illustrates how to use the CLI in a to display the stack status for that switch. In this case, the switch is in the default stacking configuration. Syntax: show stack Figure 7-22.
PAGE 222
ProCurve Stack Management Configuring Stack Management Viewing the Status of all Stack-Enabled Switches Discovered in the IP Subnet. The next example lists all the stack-configured switches discovered in the IP subnet. Because the switch on which the show stack all command was executed is a candidate, it is included in the “Others” category. Syntax: show stack all Figure 7-24.
PAGE 223
ProCurve Stack Management Configuring Stack Management Using the CLI To Configure a Commander Switch You can configure any stacking-enabled switch to be a Commander as long as the intended stack name does not already exist on the broadcast domain. (When you configure a Commander, you automatically create a corresponding stack.) Before you begin configuring stacking parameters: 1. Note Configure IP addressing on the switch intended for stack commander and, if not already configured, on the primary VLAN.
PAGE 224
ProCurve Stack Management Configuring Stack Management The stack commander command configures the Commander and names the stack. The Commander appears in the stack as Switch Number (SN) 0. Figure 7-26. Example of the Commander’s Show Stack Screen with Only the Commander Discovered Using a Member’s CLI to Convert the Member to the Commander of a New Stack. This procedure requires that you first remove the Member from its current stack, then create the new stack.
PAGE 225
ProCurve Stack Management Configuring Stack Management The output from this command tells you the MAC address of the current stack Commander. Removes the Member from the “Big_Waters” stack. Converts the former Member to the Commander of the new “Lakes” stack. Figure 7-27.
PAGE 226
ProCurve Stack Management Configuring Stack Management Using the Commander’s CLI To Manually Add a Candidate to the Stack. To manually add a candidate, you will use: ■ A switch number (SN) to assign to the new member. Member SNs range from 1 to 15. To see which SNs are already assigned to Members, use show stack view. You can use any SN not included in the listing. (SNs are viewable only on a Commander switch.) ■ The MAC address of the discovered Candidate you are adding to the stack.
PAGE 227
ProCurve Stack Management Configuring Stack Management For example, if the ProCurve 8000M in the above listing did not have a Manager password and you wanted to make it a stack Member with an SN of 2, you would execute the following command: ProCurve(config)# stack member 2 mac-address 0060b0dfla00 The show stack view command then lists the Member added by the above command: The new member did not have a System Name configured prior to joining the stack, and so receives a System Name composed of the stack
PAGE 228
ProCurve Stack Management Configuring Stack Management Using a Candidate CLI To Manually “Push” the Candidate Into a Stack . Use this method if any of the following apply: ■ The Candidate’s Auto Join is set to Yes (and you do not want to enable Auto Grab on the Commander) or the Candidate’s Auto Join is set to No. ■ Either you know the MAC address of the Commander for the stack into which you want to insert the Candidate, or the Candidate has a valid IP address and is operating in your network.
PAGE 229
ProCurve Stack Management Configuring Stack Management Syntax: stack member < switch-number > mac-address < mac-addr > [ password < password-str >] In the destination Commander, use show stack all to find the MAC address of the Member you want to pull into the destination stack. For example, suppose you created a new Commander with a stack name of “Cold_Waters” and you wanted to move a switch named “Bering Sea” into the new stack: Move this switch into the “Cold Waters” stack. Figure 7-32.
PAGE 230
ProCurve Stack Management Configuring Stack Management Syntax: no stack name < stack name> stack join < mac-address > If you don’t know the MAC address of the destination Commander, you can use show stack all to identify it. For example, suppose you have a switch operating as the Commander for a temporary stack named “Test”.
PAGE 231
ProCurve Stack Management Configuring Stack Management Use show stack view to list the stack Members. For example, suppose that you wanted to use the Commander to remove the “North Sea” Member from the following stack: Remove this Member from the stack. Figure 7-34.
PAGE 232
ProCurve Stack Management Configuring Stack Management You would then execute this command in the “North Sea” switch’s CLI to remove the switch from the stack: North Sea(config)# no stack join 0030c1-7fec40 Using the CLI To Access Member Switches for Configuration Changes and Traffic Monitoring After a Candidate becomes a Member, you can use the telnet command from the Commander to access the Member’s CLI or console interface for the same configuration and monitoring that you would do through a Telnet or
PAGE 233
ProCurve Stack Management Configuring Stack Management SNMP Community Operation in a Stack Community Membership In the default stacking configuration, when a Candidate joins a stack, it automatically becomes a Member of any SNMP community to which the Commander belongs, even though any community names configured in the Commander are not propagated to the Member’s SNMP Communities listing.
PAGE 234
ProCurve Stack Management Configuring Stack Management Note that in the above example (figure 7-37) you cannot use the public community through the Commander to access any of the Member switches. For example, you can use the public community to access the MIB in switches 1 and 3 by using their unique IP addresses. However, you must use the red or blue community to access the MIB for switch 2. snmpget < MIB variable > 10.31.29.
PAGE 235
ProCurve Stack Management Configuring Stack Management ■ Stacking uses only the primary VLAN on each switch in a stack. ■ The primary VLAN can be tagged or untagged as needed in the stacking path from switch to switch. ■ The same VLAN ID (VID) must be assigned to the primary VLAN in each stacked switch. Web: Viewing and Configuring Stacking Figure 7-38. Example of the Web Browser Interface for a Commander The Web browser interface for a Commander appears as shown above.
PAGE 236
ProCurve Stack Management Configuring Stack Management Status Messages Stacking screens and listings display these status messages: Message Condition Action or Remedy Candidate Auto-join Indicates a switch configured with Stack State set to Candidate, Auto Join set to Yes (the default), and no Manager password. None required Candidate Candidate cannot automatically join the stack because one or both of the following conditions apply: • Candidate has Auto Join set to No.
PAGE 237
Index Numerics D 802.1p priority (QoS) definition … 6-5 802.1w as a region … 5-14 data-driven IGMP … 4-15 dedicated management VLAN … 2-6 DHCP gateway ignored … 2-7 disclaimer … 1-ii domain … 2-14, 2-20 downstream device (QoS) definition … 6-5 effect of priority settings … 6-8 DSCP Policy Table … 6-33 policy, defined … 6-5 See also priority.
PAGE 238
CLI, configuring … 3-13 configurable port options … 3-6 configuring learn, block, disable … 3-7 convert dynamic to static … 3-6 converting to static VLAN … 3-3 disable … 3-7 dynamic VLAN and reboots … 3-17 dynamic VLANs always tagged … 3-4 Effect on maximum allowed VLANs … 2-25 forbid option … 3-8 GARP … 3-3 general operation … 3-4 IP addressing … 3-6 learn … 3-7 learn, block, disable … 3-8 menu, configuring … 3-12 non-GVRP aware … 3-17 non-GVRP device … 3-17 operating notes … 3-17 port control options … 3-
PAGE 239
multicast group See IGMP. multimedia See IGMP. multiple … 2-9 multiple forwarding database … 2-9 N notes on using VLANs … 2-9 notices … 1-ii O outbound port (QoS) definition … 6-5 outbound port queue (QoS) definition … 6-6 P port auto, IGMP … 4-5 blocked by STP operation … 5-10 blocked, IGMP … 4-5 forwarding, IGMP … 4-5 loop … 5-10 monitoring … 2-39 redundant path … 5-10 state, IGMP control … 4-5 port trunk VLAN … 2-39 precedence bits (QoS) definition … 6-5 primary VLAN See VLAN. priority … 4-5 802.
PAGE 240
broadcast storm … 5-2 enabling MSTP … 5-38 MSTP See spanning-tree, 802.1s VLAN effect on … 2-38 spanning-tree root-history … 5-47 spanning-tree, 802.1s … 5-2, 5-6 802.1D and 802.1w connections … 5-14 802.1D as a region … 5-13, 5-14 802.1D connection requirement … 5-24 802.1Q VLANs … 5-12 802.1s standard-compliant … 5-6 802.
PAGE 241
MSTP … 5-9 MSTP operation … 5-9 MSTP, view global configuration … 5-43 multiple spanning tree instance See MSTI override hello-time … 5-14 path cost, effect on 802.
PAGE 242
U upstream device QoS) definition … 6-6 V VID See VLAN.
PAGE 243
PAGE 244
Technical information in this document is subject to change without notice. © Copyright 2008 Hewlett-Packard Development Company, L.P. All rights reserved. Reproduction, adaptation, or translation without prior written permission is prohibited except as allowed under the copyright laws.