manualshive.com logo in svg

HP 5300, Reviewer'S Manual

The HP 5300 Reviewer's Manual is a comprehensive user guide that provides detailed instructions and insights for maximizing the potential of your HP 5300 device. This essential manual is available for free download at manualshive.com, empowering users to easily access and optimize their product's performance.

Share
Download
background image

HP ProCurve Switch 5300xl Series Reviewer’s Guide 

 

 

RFC-2868 - RADIUS Attributes for Tunnel Protocol Support 

 

RFC-2618 - RADIUS Authentication Client MIB 

 

RFC-2866 - RADIUS Accounting 

 

RFC-2620 - RADIUS Accounting Client MIB 

2.5.3  Authentication 

The HP ProCurve Switch 5300xl Series supports  as an authentication means for switch 
telnet or console port access. The switches support two levels of access: if the user/password 

combination listed on the server is given a privilege level of 15 the user has Manager access 
(read/write) to the switch. A privilege level of 14 or lower will restrict the user to Operator status (read 

only). 
Backup servers can be configured providing multiple server access in case the 

primary server is unavailable for any reason. 

2.5.4  Port Security - MAC Lockdown 

The 802.1x standard provides logical security to the network based on a user. There are many times, 
however, when physical access limitations are desired. The Port Security - MAC Lockdown feature 

limits physical access to a particular port on the switch by one of two methods: a particular list of MAC 
addresses (up to 8 addresses per port can be configured), or to the first MAC address the switch sees 

on that port. While this solution doesn’t help with a switch port that legitimately sees a large number of 
MAC addresses, such as in a conference room, it does provide security to a port used by a shared PC or 

dedicated PC by locking out other PCs that try to access the switch port, even when the port is 

network enabled through 802.1x. 
The Port Security feature can be set to send an SNMP trap to a management station when such a 

violation occurs. It can also be set to completely disable the switch port (requiring the network 
manager to re-enable the port before use), a feature for use in high security environments, or an 

environment subject to potential hacking, such as a college dorm room. 

2.5.5  Secure Shell – SSHv2 

Secure Shell is an application very similar to telnet except that it encrypts the dialog so that in-band 

CLI sessions can be kept private over the network. Encryption is done through the use of public/private 
key pairs, one pair for host authentication and one pair for each SSH session that is initiated. 
The host key pair is used to authenticate the SSH client and switch to each other. The host key pair is 

stored in flash, so is not lost on reboot, power-cycle or by clearing the config file. Although not 
necessary or recommended, a new host key pair can be generated through the CLI. 
The session key pair is used to authenticate the SSH session. A new key pair is used for each SSH 
session. Keys are kept in RAM and are lost on power-cycle or reboot. When the HP ProCurve 

Switch 5300xl Series is rebooted, new session key pairs are generated. With a key pair taking about 12 
seconds to generate, 10 keys are generated on boot up and placed in a cache to prevent delays when 

starting up SSH sessions rapidly in succession. Filling this key cache takes about 2 minutes and is CPU 

intensive. To keep this process from affecting other switch functions, it is designated low priority for 
the CPU. Because the CPU is doing many things at boot up, key pair generation doesn’t start until 

about one minute after boot up. This means that an SSH session, waiting for the first session key pair 
generation, cannot be established until a little over a minute after boot up. 
The HP ProCurve Switch 5300xl Series support both SSHv1 and SSHv2 clients. SSHv2 provides an 
additional level of security in that the public key negotiation is accomplished via a Diffie-Hellman 

exchange that is not done under SSHv1.  

 

© Hewlett-Packard Co. 2002, 2003

 

Rev 1.1 – 2/11/2003 

http://www.hp.com/go/hpprocurve

 

Page 22 of 35 

 

Summary of Contents for 5300

Page 1: ...HP ProCurve Switch 5300xl Series Date 2 11 2003 Version 1 1 HP ProCurve Switch 5372xl HP ProCurve Switch 5348xl ...

Page 2: ...port 10 2 1 9 New Features in Software Release E 07 0x 11 2 2 Architecture 11 2 2 1 Hardware Architecture Summary 11 2 2 2 N Chip 11 2 2 2 1 Classification and Lookup 12 2 2 2 2 N Chip Programmability 12 2 2 2 3 Fabric Interface 12 2 2 2 4 The N Chip CPU 12 2 2 3 F Chip 13 2 2 4 The Master CPU 13 2 3 High Availability 13 2 3 1 IP Routing 13 2 3 2 Rapid Spanning Tree Protocol 802 1w 14 2 3 2 1 IEEE...

Page 3: ...6 2 7 Network Management 26 2 7 1 MIB Support 26 2 7 2 RMON Support 27 2 7 3 Network Monitoring Port 27 2 7 4 Console Support 27 2 8 Availability 28 2 8 1 Hot Swap 28 2 8 2 Redundant Power Supply 28 2 8 3 Dual Flash 28 2 8 4 Alert Log 28 2 8 4 1 SysLog Capabilities 29 2 9 Service and Support 29 2 9 1 Lifetime Software Updates Best in the Industry 29 2 9 2 Lifetime Warranty Best in the Industry 29 ...

Page 4: ...HP ProCurve Switch 5300xl Series Reviewer s Guide 4 1 ProCurve Networking Web Site 33 5 PRICING 35 Hewlett Packard Co 2002 2003 Rev 1 1 2 11 2003 http www hp com go hpprocurve Page 4 of 35 ...

Page 5: ...ting engine and power supply HP ProCurve Switch 5304xl J4850A The HP ProCurve Switch 5304xl is a 3U wire speed Layer 2 3 4 four slot chassis switch targeted primarily at high performance access tier applications The HP ProCurve Switch 5304xl provides up to 16 Gigabit Ethernet ports or 96 10 100 TX with HP Auto MDI X ports Voice video and data ready the Switch 5300xl series offers extensive priorit...

Page 6: ... driving up cost and complexity In addition this opens the network to security attacks between where access is physically attained and where authorization is granted The intelligent control to the edge must be done in the switches closest to the users Since these switches constitute the highest number of network ports in a network they must also be cost effective The Adaptive EDGE Architecture is ...

Page 7: ...ule slots hp procurve switch 4108gl same chassis as the 4108gl bundle 8 open module slots hp procurve switch 4148gl 10 100 1000 48 ports 2 open module slots hp procurve switch 4104gl same chassis as the 4148gl 4 open module slots hp procurve switch 6108 10 100 1000 6 ports 2 dual personality ports hp procurve switch 2650 10 100 1000 48 ports 2 dual personality ports IP static routing new new new n...

Page 8: ...h 5308xl can also be used as a distribution switch 1 4 2 Positioning for the HP ProCurve Switch 5304xl The HP ProCurve Switch 5304xl is a 3U wire speed Layer 2 3 4 four slot chassis switch targeted primarily at high performance access tier applications The HP ProCurve Switch 5304xl provides up to 16 Gigabit Ethernet ports or 96 10 100 TX with HP Auto MDI X ports Voice video and data ready the Swit...

Page 9: ... convergence approaching 1 second under optimal conditions on lost links or when the root switch is unreachable Compatible with switches running 802 1D Spanning Tree XRRP Router Redundancy Protocol Two 5300s can back each other up for Layer 3 interfaces Failure detection and switch over can be as fast as 3 seconds HP Layer 2 Switch Meshing Allows fully meshed connections between switches at Layer ...

Page 10: ...lone HP Toptools For Hubs Switches integration into HP OpenView NT HP OpenView UX CA Unicenter and Tivoli via no cost bridge software between these platforms and HP Toptools HP OpenView NT native application via the HP ProCurve network management for OV NT product HP OpenView UX native application via the HP ProCurve network management for OV UX product Alert Log capability which finds common netw...

Page 11: ... Memory Subsystem Classifier Look up Programmable Fabric Interface Fabric Buffer Cross Bar Fabric CPU Interface Output Memory Input Memory Table Memory Output Memory Input Memory Table Memory Management CPU Subsystem N Chip F Chip CPU 24 10 100 MACs 4 GbE MACs Memory Subsystem Classifier Look up Programmable Fabric Interface N Chip 9 6 Gbps backplane link 8 Fabric Ports Output Memory Input Memory ...

Page 12: ...witch 4000M new ASIC related features well after initial release of the product Customers with existing units could benefit from the new features via a free software download The customer s investment in the Switch 4000M was preserved by providing new functionality not otherwise possible without the ASIC programmability Being based on the Switch 4000M s implementation the HP ProCurve 5300xl progra...

Page 13: ...ice attacks 2 3 High Availability 2 3 1 IP Routing IP routing on the HP ProCurve Switch 5300xl Series is done in the ASIC at wire speed by the user defining VLANs and then specifying routing between them Some of the IP services available are Routing Services RIP version 1 version 1 compatible version 2 and version 2 Split Horizon and Poison Reverse supported Redistribution importing of static and ...

Page 14: ...gher level of management needed in a routed environment over a Layer 2 environment While the HP ProCurve Switch 5300xl Series can perform Layer 3 routing there is an easier solution in Switch Meshing which is described in the next section The second concern is on link failure or loss of the STP root switch Spanning Tree can take up to 45 seconds to re establish network connections In many networks...

Page 15: ...hing If one of the links fails between switches traffic is redirected through another path if available The switchover time of typically less than 1 second is very fast Very robust high availability solutions can be implemented with a switch mesh Switch Meshing allows multiple HP ProCurve Switch 5300xl Series to form a virtual backplane between the switches allowing reliable high port density envi...

Page 16: ...e inability of the master physical interface in the 5300 pair to be heard by the backup interface This could be caused by a cable failure module failure whole 5300 failure or operator error such as a disconnected cable Some XRRP specifications Number of physical routers in a backup group XRRP calls this a protection domain 2 Number of protection domains allowed per VLAN 16 Time to failure detectio...

Page 17: ...et travels elsewhere in the network Each of these is discussed in the following sections The final section End to End QoS briefly discusses the value of QoS in networks 2 4 1 Priority Queues Each port on an HP ProCurve Switch 5300xl Series module has four priority queues A packet placed into a particular queue will be processed according to the priority of that queue The priority queues are manage...

Page 18: ... IEEE 802 1Q packet tagging supports both designation of VLAN membership see the VLAN section below and packet priority up to 8 levels and often referred to as 802 1p Since 802 1p has 8 levels of priority possible but the switch has only 4 physical priority levels the following mappings are used 802 1p priority Switch priority queue 1 2 1 low 0 3 2 normal 4 5 3 6 7 4 highest Packets without any 80...

Page 19: ...he 802 1p priority but also read and or re write the DSCP bits to set QoS policy provides the network manager with an even finer degree of control Priority can be tailored to specific areas of the network and the DSCPs can be used eventually for parts of QoS policy other than priority There is also room in the DSCP definition for new QoS services that have not yet been defined 2 5 Security 2 5 1 F...

Page 20: ...ng a VLAN router boundary They have no effect on packets that are being switched in a Layer 2 environment ACLs for the HP ProCurve Switch 5300xl Series are flexible and can be used to create sophisticated filters Before implementing ACLs ACL details should be consulted in the HP ProCurve Switch 5300xl Series documentation located at http www hp com go hpprocurve under the Technical Support section...

Page 21: ...witch 5300xl Series and updated on the RADIUS server at either RADIUS session begin end or just at session end Three areas of parameters are tracked Network Accounting Keeps track of items for an authenticated user on a switch port such as Account ID Username Input and Output Packets Account Termination Reason etc Exec Accounting Keeps track of the same items used in Network Accounting but for log...

Page 22: ...e enable the port before use a feature for use in high security environments or an environment subject to potential hacking such as a college dorm room 2 5 5 Secure Shell SSHv2 Secure Shell is an application very similar to telnet except that it encrypts the dialog so that in band CLI sessions can be kept private over the network Encryption is done through the use of public private key pairs one p...

Page 23: ... is not a viable solution in many environments particularly remote environments SNMPv3 provides security for the SNMP communications across the web including an encryption mechanism to encrypt packet information The three levels of security available in SNMPv3 are Authentication between the SNMP initiator and the 5300 switch based on username Not very secure Authentication between the SNMP initiat...

Page 24: ...f each connection The switch however has a default configuration of passive LACP2 each link is listening for an active LACP connection on the other end For LACP to dynamically configure the ports in a trunk one or both ends of the trunks need to have LACP configured in its active mode Once the user configures active LACP links can be moved to different ports or new links can be added with LACP det...

Page 25: ...agged ports Packets leaving these ports will not be 802 1Q tagged VLAN continuity from switch to switch must be manually maintained at each switch if untagged ports are used 2 6 2 2 GVRP GVRP GARP VLAN Registration Protocol is a standard under 802 1Q that provides a facility to dynamically configure a VLAN on switches throughout a Layer 2 domain when that VLAN has been statically configured on at ...

Page 26: ...ch switch accessible via a standard web browser HP Toptools for Hubs Switches Management of a network of HP hubs switches and routing switches can be done through the included HP Toptools for Hubs Switches application part of the HP Toptools suite of management products HP Toptools for Hubs Switches provides a network map and device configuration in a web based format HP OpenView platforms If mana...

Page 27: ...Port Monitoring allows the end user to copy all traffic inbound and outbound from any number of ports even those on different subnets within the switch to a single destination port This allows the probe to see all traffic on the selected ports to provide the probe with the proper global perspective The Network Monitoring Port can also copy all traffic for one particular VLAN to the destination por...

Page 28: ...ing system and is particularly useful when doing an OS upgrade If problems are found when moving to the new OS the switch can be immediately rebooted using the older OS 2 8 4 Alert Log The HP ProCurve Switch 5300xl Series like most other switches in the HP ProCurve line look for the following common port based network problems Too many undersized giant packets Excessive jabbering Excessive CRC ali...

Page 29: ...as a concern of end users as they get ready to actually make a purchase decision The HP ProCurve Switch 5300xl Series have a limited lifetime warranty for as long as you own the product If any part of the switch fails due to a defect in material or workmanship including the power supply or fans it will be replaced In most parts of the world the replacement unit is sent with next business day deliv...

Page 30: ...ces such as site surveys installation services and actual management of the network depending on customer needs More information can be found at http www hp com go hpprocurve or by contacting a local HP sales office Hewlett Packard Co 2002 2003 Rev 1 1 2 11 2003 http www hp com go hpprocurve Page 30 of 35 ...

Page 31: ...8112000 4347829856 2255634400 1149426432 923077824 780229824 TotalLoss 0 000 0 000 0 000 0 000 0 000 0 000 0 000 3 1 2 100BT Ports Port pairs active full duplex 192 19 2 Gbps data out of the tester Test length 3 hours Packet size bytes 64 128 256 512 1024 1280 1518 MaxRate 100 100 100 100 100 100 100 TotalTxFrames 308572144115 175134177024 93913320982 48721238434 24827090688 19937539584 1685210419...

Page 32: ...or a 1518 byte packet itself to move into and out of the switch At 1Gbps a 64 byte packet takes 576 ηseconds while a 1518 byte packet takes 12 208 µsec Adding the packet receive time to the latency is proper because this extra time is seen externally to the switch by the network and figures in to the transit time of the packet as it moves through the network 3 3 5300 vs the Cisco Catalyst 4006 Tol...

Page 33: ...n services white papers product documentation and support information can be obtained through the HP ProCurve Networking web site HP ProCurve Networking can be reached at http www hp com go hpprocurve The information contained in this document is subject to change without notice Hewlett Packard Co 2002 2003 Rev 1 1 2 11 2003 http www hp com go hpprocurve Page 33 of 35 ...

Page 34: ......

Page 35: ...en module slots 4 759 Modules J4820A HP ProCurve Switch 10 100Base TX module 24 autosensing 10 100 RJ45 ports 2 379 J4821A HP ProCurve Switch 100 1000Base T module 4 autosensing 100 1000 RJ45 ports 1 099 J4852A HP ProCurve Switch 100FX MT RJ module 12 ports of 100FX MT RJ connectors 4 729 J4878A HP ProCurve Switch Mini GBIC module 4 port module for Gigabit Ethernet mini GBIC SFP SX LX 1 299 Mini G...

Reviews:

No comments

Related manuals for 5300

Safco 1901 Assembly Instructions preview
1901
Brand: Safco Pages: 2
IBM BladeCenter HC10 Type 7996 Installation And User Manual preview
BladeCenter HC10 Type 7996
Brand: IBM Pages: 74
IBM PS/2 N51 SX HMR Hardware Maintenance Service preview
PS/2 N51 SX HMR
Brand: IBM Pages: 43
WAGO Edge Computer Manual preview
Edge Computer
Brand: WAGO Pages: 52
ZALMAN HD501 User Manual preview
HD501
Brand: ZALMAN Pages: 20
Lenovo 34IAZ7 User Manual preview
34IAZ7
Brand: Lenovo Pages: 54
Lenovo 3257A9U User Manual preview
3257A9U
Brand: Lenovo Pages: 64
Lenovo 30114MU Specifications preview
30114MU
Brand: Lenovo Pages: 4
Lenovo 3245A8U User Manual preview
3245A8U
Brand: Lenovo Pages: 84
Lenovo 31102NU Specifications preview
31102NU
Brand: Lenovo Pages: 2
Lenovo 3245A8U Specifications preview
3245A8U
Brand: Lenovo Pages: 4
Lenovo 30GL003YGE Hardware Maintenance Manual preview
30GL003YGE
Brand: Lenovo Pages: 102
Lenovo 3000 H305 Hardware Maintenance Manual preview
3000 H305
Brand: Lenovo Pages: 56
Lenovo 3246A2U User Manual preview
3246A2U
Brand: Lenovo Pages: 92
Lenovo 3285A1U Brochure preview
3285A1U
Brand: Lenovo Pages: 4
Lenovo 415539U - Ts D20 Twr X/2.26 4Gb 500Gb Dvdr Wvb64 User Manual preview
415539U - Ts D20 Twr X/2.26 4Gb 500Gb Dvdr Wvb64
Brand: Lenovo Pages: 70
Lenovo 3257A5U User Manual preview
3257A5U
Brand: Lenovo Pages: 76
Lenovo 30151IU Hardware Maintenance Manual preview
30151IU
Brand: Lenovo Pages: 60

Brands by name

Popular brands

Load more brands