manualshive.com logo in svg

HP PROCURVE 2520, Management And Configuration Manual

The HP ProCurve 2520 Selection Manual is a comprehensive guide designed to assist users in getting the most out of their network switch. Easily downloadable and available for free from manualshive.com, this manual provides detailed instructions and helpful tips for optimal performance and seamless operation.

Share
Download
background image

Troubleshooting 

Browser or Telnet Access Problems 

Browser or Telnet Access Problems 

Cannot access the web browser interface: 

 

Access may be disabled by the 

Web Agent Enabled

 parameter in the switch 

console. Check the setting on this parameter by selecting: 

2. Switch Configuration … 

1. System Information 

 

The switch may not have the correct IP address, subnet mask or gateway. 
Verify by connecting a console to the switch’s Console port and selecting: 

2. Switch Configuration … 

5. IP Configuration 

Note:

 If DHCP/Bootp is used to configure the switch, the IP addressing 

can be verified by selecting: 

1. Status and Counters …

 2. Switch Management Address Information 

also check the DHCP/Bootp server configuration to verify correct IP 
addressing. 

 

If you are using DHCP to acquire the IP address for the switch, the IP 
address “lease time” may have expired so that the IP address has changed. 
For more information on how to “reserve” an IP address, refer to the 
documentation for the DHCP application that you are using. 

 

If one or more IP-Authorized managers are configured, the switch allows 
web browser access only to a device having an authorized IP address. For 
more information on IP Authorized managers, refer to the 

Access Security 

Guide 

for your switch. 

 

Java™ applets may not be running on the web browser. They are required 
for the switch web browser interface to operate correctly. Refer to the 
online Help on your web browser for how to run the Java applets. 

C-6 

Summary of Contents for PROCURVE 2520

Page 1: ...HP ProCurve Switch Software Management and Configuration Guide 2520 Switches Software version S 14 03 November 2009 ...

Page 2: ......

Page 3: ...HP ProCurve 2520 Switches November 2009 S 14 03 Management and Configuration Guide ...

Page 4: ... TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE Hewlett Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing performance or use of this material The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services No...

Page 5: ...s 1 2 Protocol Acronyms 1 2 Command Syntax and Displayed Information 1 2 Command Syntax Statements 1 2 Command Prompts 1 3 Screen Simulations 1 3 Keys 1 4 Sources for More Information 1 4 Getting Documentation From the Web 1 6 Online Help 1 6 Menu Interface 1 6 Command Line Interface 1 7 Web Browser Interface 1 7 Need Only a Quick Start 1 8 IP Addressing 1 8 To Set Up and Install the Switch in You...

Page 6: ...and Web Browser Interfaces 2 8 Banner Operation with Telnet Serial or SSHv2 Access 2 8 Banner Operation with Web Browser Access 2 8 Configuring and Displaying a Non Default Banner 2 9 Example of Configuring and Displaying a Banner 2 9 Operating Notes 2 12 3 Using the Menu Interface Contents 3 1 Overview 3 2 Starting and Ending a Menu Session 3 3 How To Start a Menu Interface Session 3 4 How To End...

Page 7: ...iguration Commands and the Context Configuration Modes 4 13 CLI Control and Editing 4 16 Executing a Prior Command Redo 4 16 Repeating Execution of a Command 4 16 Using a Command Alias 4 18 CLI Editing Shortcuts 4 21 5 Using the ProCurve Web Browser Interface Contents 5 1 Starting a Web Browser Using ProCurve Manager PCM or Overview 5 2 General Features 5 3 Interface Session with the Switch 5 4 Us...

Page 8: ...Status 5 19 The Alert Log 5 20 Sorting the Alert Log Entries 5 20 Alert Types and Detailed Views 5 21 Setting Fault Detection Policy 5 23 6 Switch Memory and Configuration Contents 6 1 Overview Using the Menu and Web Browser Interfaces To Implement 6 3 Configuration File Management 6 3 Using the CLI To Implement Configuration Changes 6 6 Configuration Changes 6 9 Menu Implementing Configuration Ch...

Page 9: ...artup Config Files 6 27 Configuration Enabled 6 27 Displaying the Content of A Specific Startup Config File 6 28 Changing or Overriding the Reboot Configuration Policy 6 28 Managing Startup Config Files in the Switch 6 30 Renaming an Existing Startup Config File 6 31 Creating a New Startup Config File 6 31 Erasing a Startup Config File 6 32 Switch to Its Default Configuration 6 34 Transferring Sta...

Page 10: ...uring System Parameters 7 17 8 Configuring IP Addressing Contents 8 1 Overview 8 2 IP Configuration 8 2 Just Want a Quick Start with IP Addressing 8 3 IP Addressing with Multiple VLANs 8 4 Menu Configuring IP Address Gateway and Time To Live TTL 8 5 CLI Configuring IP Address Gateway and Time To Live TTL 8 6 Web Configuring IP Addressing 8 10 How IP Addressing Affects Switch Operation 8 11 DHCP Bo...

Page 11: ...10 TimeP Viewing Selecting and Configuring 9 16 Menu Viewing and Configuring TimeP 9 17 CLI Viewing and Configuring TimeP 9 18 Viewing the Current TimeP Configuration 9 19 Configuring Enabling or Disabling the TimeP Mode 9 20 SNTP Unicast Time Polling with Multiple SNTP Servers 9 25 Displaying All SNTP Server Addresses Configured on the Switch 9 25 Adding and Deleting SNTP Server Addresses 9 26 Me...

Page 12: ...0 17 Configuring a Broadcast Limit on the Switch 10 19 Configuring ProCurve Auto MDIX 10 19 Web Viewing Port Status and Configuring Port Parameters 10 22 Using Friendly Optional Port Names 10 23 Configuring and Operating Rules for Friendly Port Names 10 23 Configuring Friendly Port Names 10 24 Displaying Friendly Port Names with Other Port Data 10 25 Configuring Transceivers and Modules That Haven...

Page 13: ...aying an Overview of PoE Status on All Ports 11 16 Displaying the PoE Status on Specific Ports 11 18 Planning and Implementing a PoE Configuration 11 20 Assigning PoE Ports to VLANs 11 20 Applying Security Features to PoE Configurations 11 20 PoE Event Log Messages 11 21 12 Port Trunking Contents 12 1 Overview 12 2 Port Trunk Features and Operation 12 4 Trunk Configuration Methods 12 4 Menu Viewin...

Page 14: ...1 SNMPv3 Communities 13 11 Menu Viewing and Configuring non SNMP version 3 Communities 13 13 CLI Viewing and Configuring SNMP Community Names 13 15 SNMP Notifications 13 17 Supported Notifications 13 17 General Steps for Configuring SNMP Notifications 13 18 SNMPv1 and SNMPv2c Traps 13 19 Configuring an SNMP Trap Receiver 13 19 Enabling SNMPv2c Informs 13 21 Configuring SNMPv3 Notifications 13 23 M...

Page 15: ... Support 13 48 Configuring Per Port Transmit and Receive Modes 13 49 Configuring Basic LLDP Per Port Advertisement Content 13 50 Advertisements 13 52 LLDP MED Media Endpoint Discovery 13 53 LLDP MED Topology Change Notification 13 56 LLDP MED Fast Start Control 13 58 and Location Data 13 58 Configuring Location Data for LLDP MED Devices 13 62 Displaying Advertisement Data 13 67 Advertisements 13 6...

Page 16: ...h A 19 CLI Switch To Switch Downloads A 20 Xmodem Copying a Software Image from the Switch to a Xmodem Copying a Configuration File to a Serially Xmodem Copying a Configuration File from a Serially Using PCM to Update Switch Software A 22 Copying Software Images A 22 TFTP Copying a Software Image to a Remote Host A 22 Serially Connected PC or UNIX Workstation A 23 Transferring Switch Configuration...

Page 17: ... Port Status B 10 CLI Access B 10 Web Access B 10 Viewing Port and Trunk Group Statistics and Flow Control Status B 11 Menu Access to Port and Trunk Statistics B 12 CLI Access To Port and Trunk Group Statistics B 13 Group Statistics B 13 Viewing the Switch s MAC Address Tables B 14 Menu Access to the MAC Address Views and Searches B 14 CLI Access for MAC Address Views and Searches B 17 Spanning Tr...

Page 18: ...ng Tree Protocol MSTP and Fast Uplink Problems C 15 SSH Related Problems C 16 TACACS Related Problems C 17 TimeP SNTP or Gateway Problems C 19 VLAN Related Problems C 19 Fan Failure C 21 Using the Event Log for Troubleshooting Switch Problems C 22 Event Log Entries C 22 Menu Displaying and Navigating in the Event Log C 28 CLI Displaying the Event Log C 29 CLI Clearing Event Log Entries C 29 CLI Tu...

Page 19: ... Diagnostic Tools C 49 Port Auto Negotiation C 50 Ping and Link Tests C 50 Web Executing Ping or Link Tests C 51 CLI Ping Test C 52 Link Tests C 53 Traceroute Command C 54 Viewing Switch Configuration and Operation C 58 CLI Viewing the Startup or Running Configuration File C 58 Web Viewing the Configuration File C 58 CLI Viewing a Summary of Switch Operational Data C 59 Saving show tech Command Ou...

Page 20: ...nfiguration C 77 Operating Notes C 78 Event Log Messages C 79 D MAC Address Management Contents D 1 Overview D 2 Determining MAC Addresses D 3 Menu Viewing the Switch s MAC Addresses D 4 CLI Viewing the Port and VLAN MAC Addresses D 5 Viewing the MAC Addresses of Connected Devices D 6 E Daylight Savings Time on ProCurve Switches F Power Saving Features Contents F 1 Configuring Power Saving for LED...

Page 21: ... for more detailed information Electronic Publications The latest version of each of the publications listed below is available in PDF format on the ProCurve Web site as described in the Note at the top of this page Installation and Getting Started Guide Explains how to prepare for and perform the physical installation and connect the switch to your network Management and Configuration Guide Descr...

Page 22: ...ration AdvancedTraffic Management Access Security Guide 802 1Q VLAN Tagging X 802 1p Priority X 802 1X Authentication X AAA Authentication X Authorized IP Managers X Auto MDIX Configuration X BOOTP X Config File X Console Access X Copy Command X Debug X DHCP Configuration X DHCP Bootp Operation X Diagnostic Tools X Downloading Software X Eavesdrop Protection X Event Log X Factory Default Settings ...

Page 23: ...ressing X LACP X Link X LLDP X LLDP MED X Loop Protection X MAC Address Management X MAC Lockdown X MAC Lockout X MAC based Authentication X Monitoring and Analysis X Multicast Filtering X Network Management Applications LLDP SNMP X Passwords X Ping X Port Configuration X Port Security X Port Status X Port Trunking LACP X Port Based Access Control 802 1X X Port Based Priority 802 1Q X xxi ...

Page 24: ...ounting X Secure Copy X SFTP X SNMP X Software Downloads SCP SFTP TFTP Xmodem X Spanning Tree MSTP X SSH Secure Shell Encryption X SSL Secure Socket Layer X Stack Management Stacking X Syslog X System Information X TACACS Authentication X Telnet Access X TFTP X Time Protocols TimeP SNTP X Troubleshooting X VLANs X Web based Authentication X Web UI X Xmodem X xxii ...

Page 25: ...nfiguration and Operation Examples 1 3 Keys 1 3 Sources for More Information 1 4 Getting Documentation From the Web 1 6 Online Help 1 6 Menu Interface 1 6 Command Line Interface 1 7 Web Browser Interface 1 7 Need Only a Quick Start 1 8 IP Addressing 1 8 To Set Up and Install the Switch in Your Network 1 8 Physical Installation 1 8 1 1 ...

Page 26: ... download documenta tion from the ProCurve Networking web site www procurve com Conventions Configuration and Operation Examples Unless otherwise noted examples using a particular switch model apply to all switch models covered by this guide Protocol Acronyms IP Refers to the IPv4 protocol unless otherwise noted IPv6 Refers to the IPv6 protocol Command Syntax and Displayed Information Command Synt...

Page 27: ...isplays a CLI prompt similar to the following example ProCurve 2520 8 PoE To simplify recognition this guide uses ProCurve to represent command prompts for all switch models For example ProCurve You can use the hostname command to change the text in the CLI prompt Screen Simulations Displayed Text Figures containing simulated screen text and command output look like this ProCurve show version Imag...

Page 28: ...Curve Networking web site and provide information on new software updates new features and how to configure and use them software management including downloading software to the switch software fixes addressed in current and previous releases Product Notes and Software Update Information The printed Read Me First shipped with your switch provides software update information product notes and othe...

Page 29: ...TP and 802 1s MSTP Quality of Service QoS IGMP Access Security Guide Use this guide for information on topics such as Local username and password security Web Based and MAC based authentication RADIUS and TACACS authentication SSH Secure Shell and SSL Secure Socket Layer operation 802 1X access control Port security operation with MAC based control Authorized IP Manager security Key Management Sys...

Page 30: ...rt 3 Click on Manuals 4 Click on the product for which you want to view or download a manual If you need further information on ProCurve switch technology visit the ProCurve Networking web site at www procurve com Online Help Menu Interface If you need information on specific parameters in the menu interface refer to the online help provided in the interface For example Online Help for Menu Figure...

Page 31: ...face hereafter referred to as the web browser interface use the online Help You can access the Help by clicking on the Help text on top right side of any of the web browser interface screens Figure 1 4 Help for Web Browser Interface Not e To access the online Help for the ProCurve web browser interface you need either ProCurve Manager version 1 5 or greater installed on your network or an active c...

Page 32: ...p screen see the Installation and Getting Started Guide you received with the switch To Set Up and Install the Switch in Your Network Physical Installation Use the ProCurve Installation and Getting Started Guide for the following Notes cautions and warnings related to installing and using the switch and its related modules Instructions for physically installing the switch in your network Quickly a...

Page 33: ...ntages of Using the CLI 2 4 General Benefits 2 4 Information on Using the CLI 2 4 Advantages of Using the Web Browser Interface 2 5 or ProCurve Manager Plus 2 6 and Web Browser Interfaces 2 8 Banner Operation with Telnet Serial or SSHv2 Access 2 8 Banner Operation with Web Browser Access 2 8 Configuring and Displaying a Non Default Banner 2 9 Example of Configuring and Displaying a Banner 2 9 Oper...

Page 34: ...avigator or Microsoft Internet Explorer 2 5 ProCurve Manager PCM a windows based network management solution included in box with all manageable ProCurve devices Features include automatic device discovery network status summary topology and mapping and device management ProCurve Manager Plus PCM a complete windows based network management solution that provides both the basic features offered wit...

Page 35: ...ovides quick easy management access to a menu driven subset of switch configuration and performance features IP addressing System information VLANs and GVRP Local passwords Port Security SNMP communities Port and Static Trunk Group Time protocols Spanning Tree The menu interface also provides access for Setup screen Switch and port statistic and counter displays Event Log display Reboots Switch an...

Page 36: ... context Prompt for Context Configuration Levels For example ProCurve eth 1 5 ProCurve vlan 1 ProCurve rip Figure 2 2 Command Prompt Examples General Benefits Provides access to the complete set of the switch configuration perfor mance and diagnostic features Offers out of band access through the RS 232 connection or Telnet in band access Enables quick detailed system configuration and management ...

Page 37: ...ix B For information on individual CLI commands refer to the Index or to the online Help provided in the CLI interface Advantages of Using the Web Browser Interface Figure 2 3 Example of the Web Browser Interface Easy access to the switch from anywhere on the network Familiar browser interface locations of window objects consistent with commonly used browsers uses mouse clicking for navigation no ...

Page 38: ...vices end nodes events and traffic levels From here users can research any one of these areas to get more details Alerts and Troubleshooting An events summary screen displays alerts to the user and categorizes them by severity making it easier to track where bottlenecks and issues exist in the network Alerts present detailed information on the problem even down to the spe cific port Automatic Devi...

Page 39: ...ons can be compared over time or between two devices with the differences highlighted for users Advanced VLAN Management A new easy to use VLAN manage ment interface allows users to create and assign VLANs across the entire network without having to access each network device indi vidually Device Software Updates This feature automatically obtains new device software images from ProCurve and updat...

Page 40: ...eration with Telnet Serial or SSHv2 Access When a system operator begins a login session the switch displays the banner above the local password prompt or if no password is configured above the Pressanykeytocontinueprompt Entering a correct password or if no password is configured pressing any key clears the banner from the CLI and displays the CLI prompt Refer to Figure 2 5 on page 2 10 Banner Op...

Page 41: ...the banner text and enables banner text input You can use any character except a blank space as a delimiter The no form of the command disables the login banner feature banner text string The switch allows up to 3070 banner characters including blank spaces and CR LF Enter The tilde and the delimiter defined by banner motd delimiter are not allowed as part of the banner text While entering banner ...

Page 42: ... blank spaces for line centering and the symbol to terminate the banner message Figure 2 4 Example of Configuring a Login Banner To view the current banner configuration use either the show banner motd or show running command ProCurve config show banner motd Banner Information Banner status Enabled Configured Banner This is a private system maintained by the Allied Widget Corporation Unauthorized ...

Page 43: ...d This is a private system maintained by the Allied Widget Corporation Shows the current banner Unauthorized use of this system can result in configuration civil and criminal penalites Figure 2 6 The Current Banner Appears in the Switch s Running Config File The next time someone logs onto the switch s management CLI the following appears The login screen displays the configured banner Entering a ...

Page 44: ...tion The switch supports one banner at any time Configuring a new banner replaces any former banner configured on the switch If the switch is configured with ssh version 1 or ssh version 1 or 2 configuring the banner sets the SSH configuration to ssh version 2 and displays the following message in the CLI Warning SSH version has been set to v2 If a banner is configured the switch does notallow con...

Page 45: ...Ending a Menu Session 3 3 How To Start a Menu Interface Session 3 4 How To End a Menu Session and Exit from the Console 3 5 Main Menu Features 3 7 Screen Structure and Navigation 3 9 Rebooting the Switch 3 12 Menu Features List 3 14 Where To Go From Here 3 15 3 1 ...

Page 46: ...rs IP addressing VLANs Virtual LANs and GVRP Time protocol Ports Trunk groups View status counters and Event Log information Update switch software Reboot the switch For a detailed list of menu features see the Menu Features List on page 3 14 Privilege Levels and Password Security ProCurve strongly recom mends that you configure a Manager password to help prevent unauthorized access to your networ...

Page 47: ...ation change made through any switch interface overwrites earlier changes made through any other interface The Menu Interface and the CLI Command Line Interface both use the switch console To enter the menu from the CLI use the menu command To enter the CLI from the Menu interface select Command Line CLI option Starting and Ending a Menu Session You can access the menu interface using any of the f...

Page 48: ...ulator or a terminal press Enter one or more times until a prompt appears 3 When the switch screen appears do one of the following If a password has been configured the password prompt appears Password _ Type the Manager password and press Enter Entering the Manager password gives you manager level access to the switch Entering the Operator password gives you operator level access to the switch Re...

Page 49: ...Menu For more information see the Installation and Getting Started Guide you received with the switch How To End a Menu Session and Exit from the Console The method for ending a menu session and exiting from the console depends on whether during the session you made any changes to the switch configu ration that require a switch reboot to activate Most changes via the menu interface need only a Sav...

Page 50: ...inal program turn off the terminal or quit the Telnet session 2 If you have made configuration changes that require a switch reboot thatis if anasterisk appearsnexttoaconfigureditemornexttoSwitch Configuration in the Main Menu a Return to the Main Menu b Press 6 to select Reboot Switch and follow the instructions on the reboot screen Rebooting the switch terminates the menu session and if you are ...

Page 51: ...zing Switch Opera tion Switch Configuration Provides access to configuration screens for displaying and changing the current configuration settings See the Con tents listing at the front of this manual For a listing of features and parameters configurable through the menu interface see the Menu Fea tures List on page 3 14 For an index of the features covered in the software manuals for your switch...

Page 52: ...is required to activate a change in the VLAN Support parameter See Rebooting from the Menu Interface on page 6 11 Download OS Enables you to download a new switch software version to the switch See Appendix A File Transfers Run Setup Displays the Switch Setup screen for quickly configuring basic switch parameters such as IP addressing default gateway logon default interface and others Refer to the...

Page 53: ...nstructions Actions line Screentitle identifies the location within the menu structure Figure 3 4 Elements of the Screen Structure Forms Design The configuration screens in particular operate similarly to a number of PC applications that use forms for data entry When you first enter these screens you see the current configuration for the item you have selected To change the configuration the basic...

Page 54: ...r parameter value return to step 3 6 If you are finished editing parameters in the displayed screen press Enter to return to the Actions line and do one of the following Tosaveandactivateconfigurationchanges press S forthe Save action This saves the changes in the startup configuration and also implements the change in the currently running configuration See Chapter 6 Switch Memory and Configurati...

Page 55: ...t of the screen Highlightonanyitemin the Actions line indicates that the Actions line is active The Help line provides a brief descriptor of the highlighted Action item or parameter Figure 3 6 Example Showing How To Display Help To get Help on the actions or data fields in each screen Use the arrow keys or v to select an action or data field The help line under the Actions items describes the curr...

Page 56: ...require a reboot Resets statistical counters to zero Note that statistical counters can be reset to zero without rebooting the switch To Reboot the switch use the Reboot Switch option in the Main Menu Note that Reboot Switch is not available if you log on in Operator mode that is if you enter an Operator password instead of a manager password at the password prompt Reboot Switch option Figure 3 7 ...

Page 57: ...alue for the Maximum VLANs to support parameter an asterisk appears next to the VLAN Support entry in the VLAN Menu screen and also next to the Switch Configuration entry in the Main Menu Reminder to reboot the switch to activate configuration changes Asterisk indicates a configuration change that requires a reboot in order to take effect Figure 3 8 Indication of a Configuration Change Requiring a...

Page 58: ...n Port Status Port Counters VLAN Address Table Port Address Table Switch Configuration System Information Port Trunk Settings Network Monitoring Port IP Configuration SNMP Community Names IP authorized Managers VLAN Menu Console Passwords Event Log Command Line CLI Reboot Switch Download OS Download Switch Software Run Setup Stacking Logout 3 14 ...

Page 59: ...B Monitoring and Analyzing Switch counters Operation To learn how to configure and use Refer to the Access Security Guide for your passwords and other security features switch To learn how to use the Event Log Using the Event Log for Troubleshooting Switch Problems on page C 22 To learn how the CLI operates Chapter 4 Using the Command Line Interface CLI To download switch software Appendix A File ...

Page 60: ...Using the Menu Interface Where To Go From Here 3 16 ...

Page 61: ... 5 How To Move Between Levels 4 7 Listing Commands and Command Options 4 8 Listing Commands Available at Any Privilege Level 4 8 Listing Command Options 4 10 Displaying CLI Help 4 11 Configuration Commands and the Context Configuration Modes 4 13 CLI Control and Editing 4 16 Executing a Prior Command Redo 4 16 Repeating Execution of a Command 4 16 Using a Command Alias 4 18 CLI Editing Shortcuts 4...

Page 62: ...tch s factory default state is the default interface when you start a console session You can access the console out of band by directly connect ing a terminal device to the switch or in band by using Telnet either from a terminal device or through the web browser interface Also if you are using the menu interface you can access the CLI by selecting the Command Line CLI option in the Main Menu Usi...

Page 63: ...guration Privilege Levels at Logon Privilege levels control the type of access to the CLI To implement this control you must set at least a Manager password Without a Manager password configured anyone having serial port Telnet or web browser access to the switch can reach all CLI levels For more on setting passwords refertothechapteronusernames andpasswordsintheAccess Security Guide for your swit...

Page 64: ...mended that you protect the switch from physical access by unauthorized persons If you are concerned about switch security and operation you should install the switch in a secure location such as a locked wiring closet Privilege Level Operation 2 Manager Level 3 Global Configuration Operator Privileges Manager Privileges 1 Operator Level 4 Context Configuration Level Figure 4 2 Access Sequence for...

Page 65: ...ges and enables you to make configuration changes to any of the switch s software features The prompt for the Global Configuration level includes the system name and config To select this level enter the config command at the Manager prompt For example ProCurve config Enter config at the Manager prompt ProCurve config _ The Global Config prompt Context Configuration level Provides all Operator and...

Page 66: ...ion same as logout Manager Privilege ManagerLevel ProCurve Perform system level actions such as system control monitoring and diagnostic commands plusanyoftheOperator levelcommands Foralist of available commands enter at the prompt Global ProCurve config Execute configuration commands plus all Configuration Operator and Manager commands For a list of Level available commands enter at the prompt Co...

Page 67: ... ProCurve config ProCurve config vlan 10 ProCurve vlan 10 ProCurve vlan 10 interface e 3 ProCurve int 3 The CLI accepts e as the abbreviated form of ethernet ProCurve int 3 exit ProCurve config exit ProCurve exit ProCurve ProCurve int 3 end ProCurve or ProCurve config end ProCurve Moving Between the CLI and the Menu Interface When moving between interfaces the switch retains the current privilege ...

Page 68: ...s At any privilege level you can List all of the commands available at that level List the options for a specific command Listing Commands Available at Any Privilege Level At a given privilege level you can list and execute the commands that level offers plus all of the commands available at preceding levels For example at the Operator level you can list and execute only the Operator level com man...

Page 69: ...e Global Configuration level or the Context Configuration level produces similar results Use Tab To Search for or Complete a Command Word You can use Tab to help you find CLI commands or to quickly complete the current word in a command To do so type one or more consecutive characters in a command and then press Tab with no spaces allowed For example at the Global Configuration level if you press ...

Page 70: ...based priority tcp portSet TCP port based priority device priorityConfigure device based priority dscp mapDefine mapping between a DSCP Differentiated Services Codepoint value and 802 1p priority type of serviceConfigure the Type of Service method the device uses to prioritize IP traffic Listing Command Options You can use the CLI to remind you of the options available for a command by entering co...

Page 71: ... is at the Operator level executing help displays the Help summaries only for Operator Level commands At the Manager level executing help displays the Help summaries for both the Operator and Manager levels and so on For example to list the Operator Level commands with their purposes Figure 4 6 Example of Context Sensitive Command List Help Displaying Help for an Individual Command Syntax command ...

Page 72: ...that trying to list the help for an individual command from a privilege level that does not include that command results in an error message For example trying to list the help for the interface command while at the global configuration level produces this result ProCurve speed duplex help Invalid input speed duplex 4 12 ...

Page 73: ...ommands that apply only to the selected port s or trunk group plus the global config uration Manager and Operator commands The prompt for this mode includes the identity of the selected port s ProCurve config interface c3 c6 ProCurve eth C5 C8 ProCurve config interface trk1 ProCurve eth Trk1 Commands executed at configuration level for entering port and trk1 static trunk group contexts and resulti...

Page 74: ...context the first block of commands in the listing show the context specific commands that will affect only ports C3 C6 The remaining commands in the listing are Manager Operator and context commands Figure 4 8 Context Specific Commands Affecting Port Context 4 14 ...

Page 75: ...ig vlan 100 Command executed at configuration level to enter VLAN 100 context ProCurve vlan 100 Resulting prompt showing VLAN 100 context ProCurve vlan 100 Lists commands you can use in the VLAN context plus Manager Operator and context commands you can execute at this level In the VLAN context the first block of commands in the listing show the commandsthat will affect only vlan 100 The remaining...

Page 76: ...ber is specified the nth command starting from the most recent command in the history is executed command str When command str is specified the most recent command whose name matches the specified string is executed ProCurve config show history 2 show arp 1 show flash ProCurve config redo 2 Executes the show arp command again IP ARP table IP Address MAC Address Type Port 15 255 128 1 00000c 07ac00...

Page 77: ...ay The command repeats execution after a delay for the number of seconds specified For example ProCurve config repeat 1 4 7 8 10 count 2 delay 3 ProCurve config show history 3 show ver 2 show ip 1 show arp ProCurve config repeat 1 2 Repeats the show arp and show ip commands IP ARP table IP Address MAC Address Type Port 15 255 128 1 000000 000000 dynamic Internet IP Service Default Gateway Default ...

Page 78: ...rity in place for a particular context ProCurve recommends that you configure no more than 128 aliases Syntax no alias name command Creates a shortcut alias name to use in place of a commonly used command The alias command is executed from the current config context name Specifies the new command name to use to simplify keystrokes and aid memory command Specifies an existing command to be aliased ...

Page 79: ...m Port Status Intrusion Port Name Type VLAN Alert Speed Enabled MDI mode 1 Acco 10 100T 1 No 100FDx Yes Auto 2 Huma 10 100T 1 No 100FDx Yes Auto 3 Deve 10 100T 1 No 100FDx Yes Auto 4 Lab1 10 100T 1 No 100FDx Yes Auto Figure 4 12 Example of Using the Alias Command with show int custom Not e Remember to enclose the command being aliased in quotes Command parameters for the aliased command can be add...

Page 80: ...face CLI CLI Control and Editing ProCurve config show alias Name Command sc show config sic show int custom 1 4 port name 4 type vlan intrusion speed enabled mdi Figure 4 13 Example of Alias Commands and Their Configurations 4 20 ...

Page 81: ... from the cursor to the end of the command line Ctrl L or Ctrl R Repeats current command line on a new line Ctrl N or v Enters the next command line in the history buffer Ctrl P or Enters the previous command line in the history buffer Ctrl U or Ctrl X Deletes from the cursor to the beginning of the command line Ctrl W Deletes the last word typed Esc B Moves the cursor backward one word Esc D Dele...

Page 82: ...Using the Command Line Interface CLI CLI Editing Shortcuts 4 22 ...

Page 83: ...Time Install Window 5 7 in the Browser Interface 5 8 Entering a User Name and Password 5 10 Using a User Name 5 10 If You Lose the Password 5 10 Online Help for the Web Browser Interface 5 11 Support Mgmt URLs Feature 5 12 Support URL 5 13 Help and the Management Server URL 5 13 Using the PCM Server for Switch Web Help 5 14 Status Reporting Features 5 16 The Overview Window 5 16 The Port Utilizati...

Page 84: ...ace page 5 8 Selecting the fault detection configuration for the Alert Log operation page 5 23 Getting access to online help for the web browser interface page 5 11 Description of the web browser interface Overview window and tabs page 5 16 Port Utilization and Status displays page 5 17 Alert Log and Alert types page 5 20 Setting the Fault Detection Policy page 5 23 Not e You can disable access to...

Page 85: ...tch Configuration Device view Port configuration VLAN configuration Fault detection Quality of service QoS Port monitoring mirroring System information IP configuration Support and management server URLs Device features Spanning Tree On Off VLAN selection and IGMP Switch Security User names and passwords Authorized Addresses Intrusion Log SSL RADIUS authentication Refer to the Access Security Guid...

Page 86: ...r workstation For more on assigning an IP address refer to IP Configuration on page 8 2 1 Ensure that the JavaTM applets are enabled for your browser For more information on this topic refer to your browser s online Help 2 Use the web browser to access the switch If your network includes a Domain Name Server DNS your switch s IP address may have a name associated with it for example switch8212 tha...

Page 87: ...ation The networked device you want to access has been assigned an IP address and optionally a DNS name and has been discovered by PCM or PCM For more on assigning an IP address refer to IP Configuration on page 8 2 To establish a web browser session with PCM or PCM running do the following on the network management station 1 Make sure the JavaTM applets are enabled for your web browser If they ar...

Page 88: ...Using the ProCurve Web Browser Interface Starting a Web Browser Interface Session with the Switch First time install alert Figure 5 1 Example of Status Overview Screen 5 6 ...

Page 89: ...ime Install Window When you access the switch s web browser interface for the first time the Alert log contains a First Time Install alert as shown in figure 5 2 This gives you information about first time installations and provides an immediate opportunity to set passwords for security and to specify a Fault Detection policy which determines the types of messages that will be displayed in the Ale...

Page 90: ... on page 5 23 You can also access the password screen by clicking on the Configuration tab and then the Fault Detection key Security Creating Usernames and Passwords in the Browser Interface Not e On the switches covered in this guide you can also configure RADIUS authen tication for web browser interface access For more information refer to the chapter titled RADIUS Authentication and Accounting ...

Page 91: ...2 Click in the appropriate box in the Device Passwords window and enter user names and passwords You will be required to repeat the password strings in the confirmation boxes Both the user names and passwords can be up to 16 printable ASCII characters 3 Click on Apply Changes to activate the user names and passwords Not e Passwords you assign in the web browser interface will overwrite previous pa...

Page 92: ...es you full read write troubleshooting capabilities Entering the operator password gives you read and limited trouble shooting capabilities Using a User Name If you also set user names in the web browser interface screen you must supply the correct user name for web browser interface access If a user name has not been set then leave the User Name field in the password window blank Note that the Co...

Page 93: ... your switch Online Help for the Web Browser Interface Online Help is available for the web browser interface You can use it by clicking on the Help text in the top right corner of any of the web browser interface screens Figure 5 5 Online Help for the Web Browser Interface Context sensitive help is provided for the screen you are on Not e To access the online Help for the ProCurve web browser int...

Page 94: ...ault setting The URL for the support information source you want the switch to access when you click on the web browser interface Support tab The default is the URL for the ProCurve Networking home page TheURLofaPCM ProCurveNetworkManager workstationorotherserver for the online Help files for this web browser interface The default setting accesses the switch s browser based Help on the ProCurve Wo...

Page 95: ...agement Server URL field specifies the URL the switch uses to find online Help for the web browser interface If you install PCM ProCurve Manager in your network the PCM manage ment station acts as the web browser Help server for the switch and automatically inserts the necessary URL in this field For more on the option see Using the PCM Server for Switch Web Help on page 5 14 In the default config...

Page 96: ...lp Using the PCM Server for Switch Web Help For ProCurve devices that support the Web Help feature you can use the PCM server to host the switch help files for devices that do not have HTTP access to the ProCurve Support Web site 1 Go to the ProCurve Support web site to get the Device Help files www hp com rnd device_help 2 Copy the Web help files to the PCM server under C program files hewlett pa...

Page 97: ...ter the IP address for your PCM server 8040 is the standard port number to use 4 Restart the Discovery process for the change to be applied Not e Changing the Discovery s Global properties file will redirect the Device Help URL for all devices If you just want to change the Device Help URL for a particular device then go to the Configuration tab on the Web UI for that device and select the Support...

Page 98: ...llowing figure identifies the various parts of the screen Active Button Active Tab Alert Log Control Bar Port Utiliza tion Graphs page 5 17 Alert Log page 5 20 Port Status Indicators page 5 19 Button Bar Tab Bar Figure 5 8 The Status Overview Window Policy Management and Configuration PCMcanperformnetwork wide policymanagementandconfigurationofyourswitch The ManagementServer URL field page 5 13 sh...

Page 99: ... color on many systems can signify either transmitted or received traffic Non Unicast Pkts Rx All multicast and broadcast traffic received by the port This indicator a gold color on many systems enables you to know at a glance the source of any non unicast traffic that is causing high utilization of the switch For example if one port is receiving heavy broadcast or multicast traffic all ports will...

Page 100: ...s Clickonthebandwidthdisplaycontrolbuttonintheupperleftcorner of the graph The button shows the current scale setting such as 40 In the resulting menu select the bandwidth scale you want the graph to show 3 10 25 40 75 or 100 as shown in figure figure 5 10 Note that when viewing activity on a gigabit port you may want to select a lower value such as 3 or 10 This is because the bandwidth utilizatio...

Page 101: ...nnected to an active network device A cable may not be connected to the port or the device at the other end may be powered off or inoperable or the cable or connected device could be faulty Port Disabled the port has been configured as disabled through the web browser interface the switch console or SNMP network manage ment Port Fault Disabled a fault condition has occurred on the port that has ca...

Page 102: ... Date Time The date and time the event was received by the web browser interface This value is shown in the format DD MM YY HH MM SS AM PM for example 16 Sep 99 7 58 44 AM Description A short narrative statement that describes the event For example Excessive CRC Alignment errors on port 8 Sorting the Alert Log Entries The alerts are sorted by default by the Date Time field with the most recent ale...

Page 103: ...Not e When troubleshooting the sources of alerts it may be helpful to check the switch s Port Status and Port Counter windows or use the CLI or menu interface to view the switch s Event Log When you double click on an Alert Entry the web browser interface displays a separate window showing information about the event This view includes a description of the problem and a possible solution It also p...

Page 104: ...Using the ProCurve Web Browser Interface Status Reporting Features Figure 5 14 Example of Alert Log Detail View 5 22 ...

Page 105: ...ure controls the types of alerts reported to the Alert Log based on their level of severity Set this policy in the Fault Detection window figure 5 15 Figure 5 15 The Fault Detection Window The Fault Detection screen contains a list box for setting fault detection and response policy and enables you to set the sensitivity level at which a network problem should generate an alert and send it to the ...

Page 106: ... severe alerts to the Alert Log This policy is most effective on a network where there are normally a lot of problems and you want to be informed of only the most severe ones Never Disables the Alert Log and transmission of alerts traps to the management server in cases where a network management tool such as ProCurve Manager is in use Use this option when you don t want to use the Alert Log The F...

Page 107: ...imary and Secondary Flash Image Options 6 13 Displaying the Current Flash Image Data 6 13 Switch Software Downloads 6 15 Local Switch Software Replacement and Removal 6 16 Rebooting the Switch 6 18 Operating Notes about Booting 6 18 Boot and Reload Command Comparison 6 19 Setting the Default Flash 6 20 Booting from the Default Flash Primary or Secondary 6 20 Booting from a Specified Flash 6 20 Usi...

Page 108: ... a New Startup Config File 6 31 Erasing a Startup Config File 6 32 Switch to Its Default Configuration 6 34 Transferring Startup Config Files To or From a Remote Server 6 35 TFTP Copying a Configuration File to a Remote Host 6 35 TFTP Copying a Configuration File from a Remote Host 6 36 Connected Host 6 36 Connected Host 6 37 Operating Notes for Multiple Configuration Files 6 37 Automatic Configur...

Page 109: ...h maintains two configuration files the running config file and the startup config file Volatile Memory Running Config File Controls switch operation When the switch boots the contents of this file are erased and replaced by the contents of the startup config file Flash Non Volatile Memory Startup Config File Preserves the most recently saved configuration through any subsequent reboot CLI configu...

Page 110: ...ore changes to the running config file creates a new operating configuration Saving a new configurationmeans tooverwrite replace thecurrentstartup config file with the current running config file This means that if the switch subsequently reboots for any reason it will resume operation using the new configuration insteadof theconfigurationpreviously defined in the startup config file There are thr...

Page 111: ...e startup config file then the switch prompts you to save the change For example if you use the CLI to create VLAN 20 and then select the menu interface VLAN 20 is configured in the running config file but not in the startup config file In this case you will see ProCurve config vlan 20 ProCurve config menu Do you want to save current configuration y n If you type Y the switch overwrites the startu...

Page 112: ...sting of the current running config file show config status Compares the startup config file to the running config file and lists one of the following results If the two configurations are the same you will see Running configuration is the same as the startup configuration If the two configurations are different you will see Running configuration has been changed and needs to be saved Not e Show c...

Page 113: ...out making the mode change permanent ProCurve config interface e a5 speed duplex auto 10 After you are satisfied that the link is operating properly you can save the change to the switch s permanent configuration the startup config file by executing the following command ProCurve config write memory The new mode auto 10 on port A5 is now saved in the startup config file and the startup config and ...

Page 114: ...onfig file will be saved in the startup config file If you want to discard the changes you made to the running config file so that it will match the startup config file then press N for no This means that the switch will discard the changes you entered in the running config file and will update the running config file to match the startup config file Not e If you use the CLI to make a change to th...

Page 115: ...p configuration Syntax erase startup config For example ProCurve config erase startup config Configuration will be deleted and device rebooted continue y n Figure 6 3 Example of erase startup config Command Press y to replace the current configuration with the factory default config uration and reboot the switch Press n to retain the current configuration and prevent a reboot Using the Menu and We...

Page 116: ...e command 1 Implements the changes in the running config file 2 Saves your changes to the startup config file If you decide not to save and implement the changes in the screen select Cancel to discard them and continue switch operation with the current oper ation For example suppose you have made the changes shown below in the System Information screen To save and implement the changes for all par...

Page 117: ...n in Operator mode that is if you enter an Operator password instead of a manager password at the password prompt ProCurve Switch 2 Jan 2009 0 00 44 TELNET MANAGER MODE Main Menu 1 Status and Counters 2 Switch Configuration 3 Console Passwords 4 Event Log 5 Command Line CLI 6 Reboot Switch Optional Reboot 7 Download OS Switch Command 8 Run Setup 9 Stacking 0 Logout Provides the menu to display con...

Page 118: ...indicates a configuration change that requires a reboot in order to take effect Figure 6 6 Indication of a Configuration Change Requiring a Reboot Web Implementing Configuration Changes You can use the web browser interface to simultaneously save and implement a subset of switch configuration changes without having to reboot the switch That is when you save a configuration change in most cases by ...

Page 119: ...in Primary flash to run your system The switch can use only one image at a time The following tasks involve primary secondary flash options Displaying the current flash image data and determining which switch software versions are available Switch software downloads Replacing and removing erasing a local switch software version System booting Displaying the Current Flash Image Data Use the command...

Page 120: ...running on the version stored in the secondary flash image ProCurve config show flash Image Size Bytes Date Version Build Primary Image 7493854 03 21 07 W 14 29 1617 Secondary Image 7463821 03 23 07 W 14 30 1700 Boot Rom Version W 14 01 Default Boot Primary Will boot from primary flash on the next boot Figure 6 8 Example Showing Different Flash Image Versions Determining Which Flash Image Versions...

Page 121: ...rimary and Secondary Flash Switch Software Downloads The following table shows the switch s options for downloading a software version to flash and booting the switch from flash Table 6 1 Primary Secondary Memory Access Action Menu CLI Web Browser SNMP Download to Primary Yes Yes Yes Yes Download to Secondary No Yes No Yes Boot from Primary Yes Yes Yes Yes Boot from Secondary No Yes No Yes The dif...

Page 122: ...rce refer to Appendix A File Transfers Copying a Switch Software Image from One Flash Location to Another When you copy the flash image from primary to secondary or the reverse the switch overwrites the file in the destination location with a copy of the file from the source location This means you do not have to erase the current image at the destination location before copying in a new image C a...

Page 123: ... follows ProCurve config copy flash flash primary Erasing the Contents of Primary or Secondary Flash This command deletes the software image file from the specified flash location Caution Before using this command in one flash image location primary or second ary ensure that you have a valid software file in the other flash image location No Undo secondary orprimary Ifthe switchhasonly oneflashima...

Page 124: ...ecify the secondary flash by entering either the boot system flash primary secondary or boot set default flash primary secondary command Both the boot command and the reload command will reboot based on how these options have been selected Boot Attempts from an Empty Flash Location In this case the switch aborts the attempt and displays Image does not exist Operation aborted Interaction of Primary...

Page 125: ...eduled reload feature removes the requirement to physically reboot the switch at inconvenient times for example at 1 00 inthe morning Instead a reload at 1 00 mm dd command can be executed where mm dd is the date the switch is scheduled to reboot Boot and Reload Command Comparison The switch offers reboot options through the boot and reload commands plus the options inherent in a dual flash image ...

Page 126: ...x boot system flash primary secondary config FILENAME Reboots the switch from the flash that you are currently booted on primary or secondary You can select which image to boot from during the boot process itself Note This is changed from always booting from primary flash You are prompted with a message which will indicate the flash being booted from system Boots the switch You can specify the fla...

Page 127: ...ables the feature Syntax show fastboot Shows the status of the fastboot feature either enabled or disabled The fastboot command is shown below ProCurve config fastboot Using Reload The Reload command reboots the switch from the flash image that you are currently booted on primary or secondary or the flash image that was set either by the boot set default command or by the last executed boot system...

Page 128: ... details and examples see below The scheduled reload feature removes the requirement to physically reboot the switch at inconvenient times for example at 1 00 inthe morning Instead a reload at 1 00 mm dd command can be executed where mm dd is the date the switch is scheduled to reboot Not e Configuration changes are not saved with reload at or reload after commands No prompt to save configuration ...

Page 129: ...tions for selecting which startup config file to use for A fixed reboot policy using a specific startup config file for a specific boot path primary or secondary flash Overriding the current reboot policy on a per instance basis Boot Command Secondary Boot Path Primary Boot Path Startup Config Options File 1 File 2 File 3 Running Config Figure 6 14 Optional Reboot Process While you can still use r...

Page 130: ...red in this guide can use the startup config in any of the memory slots if the software version supports the configured features Boot Options With multiple startup config files in the switch you can spec ify a policy for the switch to use upon reboot The options include Use the designated startup config file with either or both reboot paths primary or secondary flash Override the current reboot po...

Page 131: ...hange Running Config Execute write mem To Save Changes to Source Startup Config File Figure 6 15 Example of Reboot Process and Making Changes to the Startup Config File Creating an Alternate Startup Config File There are two methods for creating a new configuration file Copy an existing startup config file to a new filename then reboot the switch make the desired changes to the running config file...

Page 132: ...workingConfig Assigns the workingConfig file as the active configuration and the default configuration for all subsequent reboots using either primary or second ary flash Figure 6 16 Switch Memory Assignments After the First Reboot from Software Supporting Multiple Configuration In the above state the switch always Uses the workingConfig file to reboot The commands described later in this section ...

Page 133: ...config file is currently in use pri An asterisk in this column indicates that the corresponding startup config file is currently assigned to the primary boot path sec An asterisk in this column indicates that the corresponding startup config file is currently assigned to the secondary boot path name Shows the filename for each listed startup config file in the switch Refer to Renaming an Existing ...

Page 134: ...tem flash primary secondary config filename 6 30 You can boot the switch using any available startup config file Changing the Reboot Configuration Policy For a given reboot the switch automatically reboots from the startup config file assigned to the flash location primary or secondary being used for the current reboot For exam ple when you first download a software version that supports multiple ...

Page 135: ... single reboot instance use the boot system flash command with the options described under Overriding the Default Reboot Configuration Policy on page 6 30 For example suppose Software release A is stored in primary flash and a later software release is stored in secondary flash The system operator is using memory slot 1 for a reliable minimal configuration named minconfig for the software version ...

Page 136: ...t instance only This command overrides the current reboot policy Using Reload To Reboot From the Current Flash Image and Startup Config File Syntax reload This command boots the switch from the currently active flash image and startup config file Because reload bypasses some subsystem self tests the switch boots faster than if you use a boot command Note To identify the currently active startup co...

Page 137: ...riment with configuration changes while preserving the source file unchanged It also simplifies a transition from one software version to another by enabling you to preserve the startup config file for the earlier software version while creating a separate startup config file for the later software version With two such versions in place you can easily reboot the switch with the correct startup co...

Page 138: ... config2 the default startup config file for booting from secondary flash Figure 6 18 Example of Creating and Assigning a New Startup Config File Not e You can also generate a new startup config file by booting the switch from a flash memory location from which you have erased the currently assigned startup config file Refer to Erasing a Startup Config File in the next section Erasing a Startup Co...

Page 139: ...ot have an assigned startup config then the switch creates a new default startup config file and uses this file in the reboot This new startup config file contains only the default configuration for the software version used in the reboot Executing write memory after the reboot causes a switch generated filename of configx to appear in the show config files display for the new file where x corresp...

Page 140: ... Reset Button Combination To Reset the Switch to Its Default Configuration The Clear Reset button combination described in the Installation and Getting Started Guide produces these results That is when you press the Clear Reset button combination the switch Overwrites the content of the startup config file currently in memory slot 1 with the default configuration for the software version in primar...

Page 141: ...pc unix below copy tftp config dest file ip addr remote file pc unix below copy config src file xmodem pc unix 6 36 copy xmodem config dest file pc unix 6 37 TFTP Copying a Configuration File to a Remote Host Syntax copy config src file tftp ip addr remote file pc unix This is an addition to the copy tftp command options Use this command to upload a configuration file from the switch to a TFTP ser...

Page 142: ...fer to TFTP Copying a Configuration File from a Remote Host on page A 24 For example the following command copies a startup config file named test 01 txt from a UNIX TFTP server at IP address 10 10 28 14 to the first empty memory slot in the switch ProCurve config copy tftp config test 01 10 10 28 14 test 01 txt unix Xmodem Copying a Configuration File to a Serially Connected Host Syntax copy conf...

Page 143: ... Files SFTP SCP The configuration files are available for sftp scp transfer as cfg filename Automatic Configuration Update with DHCP Option 66 ProCurve switches are initially booted up with the factory shipped configura tion file This feature provides a way to automatically download a different configurationfilefromaTFTPserverusingDHCPOption66 Theprerequisites for this to function correctly are On...

Page 144: ...ehavior Single Server serving Multiple VLANs Each DHCP enabled VLAN interface initiates DHCPDISCOVER message receives DHCPOFFER from the server and send DHCPREQUEST to obtain the offered parameters If multiple interfaces send DHCPREQUESTs it s possible that more than one DHCPACK is returned with a valid Option 66 Evaluating and updating the configuration file occurs only on the primary VLAN Option...

Page 145: ...figurationfile Ifthecontentisdifferent thenewconfiguration file replaces the existing file and the switch reboots Option 67 and the Configuration File Name Option 67 includes the name of the configuration file If the DHCPACK contains this option it overrides the default name for the configuration file switch cfg Global DHCP Parameters Globalparameters are processed only if received on the primary ...

Page 146: ...Switch Memory and Configuration Automatic Configuration Update with DHCP Option 66 6 40 ...

Page 147: ...7 3 Menu Modifying the Interface Access 7 4 CLI Modifying the Interface Access 7 5 Denying Interface Access by Terminating Remote Management Sessions 7 9 System Information 7 11 Menu Viewing and Configuring System Information 7 12 CLI Viewing and Configuring System Information 7 13 Web Configuring System Parameters 7 17 7 1 ...

Page 148: ...ng the Menu Interface Chapter 4 Using the Command Line Interface CLI Chapter 5 Using the ProCurve Web Browser Interface Why Configure Interface Access and System Information The inter face access features in the switch operate properly by default However you can modify or disable access features to suit your particular needs Similarly you can choose to leave the system information parameters at th...

Page 149: ...led page 7 4 page 7 7 Terminal type VT 100 page 7 8 Event Log event types to list All page 7 8 Displayed Events Baud Rate Speed Sense page 7 8 Flow Control XON XOFF page 7 8 In most cases the default configuration is acceptable for standard operation Not e Basic switch security is through passwords You can gain additional security by using the security features described in the Access Security Gui...

Page 150: ...odify these parameters Inactivity Timeout Inbound Telnet Enabled Web Agent Enabled To Access the Interface Access Parameters 1 From the Main Menu Select 2 Switch Configuration 1 System Information Interface Access Parameters Figure 7 1 The Default Interface Access Parameters Available in the Menu Interface 2 Press E for Edit The cursor moves to the System Name field 7 4 ...

Page 151: ...rface Access Interface Access Commands Used in This Section show console below no telnet server below no web management page 7 7 console page 7 8 Listing the Current Console Serial Link Configuration This command lists the current interface access parameter settings Syntax show console This example shows the switch s default console serial configuration Interface Access Enable Disable Console Cont...

Page 152: ...dr ipv6 addr hostname switch num Initiates an outbound telnet session to another network device The destination can be specified as IPv4 address IPv6 address Hostname Stack number of a member switch 1 16 if the switch is a commander in a stack and stacking is enabled For example if the host Labswitch is in the domain abc com you can enter the following command and the destination is resolved to La...

Page 153: ...Example of show telnet Command Displaying Resolved IP Addresses Reconfigure Web Browser Access In the default configuration web browser access is enabled Syntax no web management Enables or disables web browser access management url Specify the URL for the web interface button plaintext Enable Disable the http server secure ssl Enable Disable the https server secure support url Specify the URL the...

Page 154: ...ch and your terminal emulatordue todifferencesbetweenthe terminal andswitchsettingsforthese two parameters All console parameter changes except events and inactivity timer require that you save the configuration with write memory and then execute boot before the new console configuration will take effect For example to use one command to configure the switch with the following VT100 operation 19 2...

Page 155: ...ve the changes Boot the switch Configure the individual Figure 7 5 Example of Executing a Series of Console Commands DenyingInterfaceAccessbyTerminating Remote Management Sessions The switch supports up to five management sessions You can use show ip ssh to list the current management sessions and kill to terminate a currently running remote session Kill does not terminate a Console session on the...

Page 156: ...cess and System Information Denying Interface Access by Terminating Remote Management Sessions The kill 2 command terminates session 2 Session 2 is an active Telnet session Figure 7 6 Example of Using the Kill Command To Terminate a Remote Session 7 10 ...

Page 157: ...al but recommended System Name Using a unique name helps you to identify individual devices where you are using an SNMP network management tool such as ProCurve Manager System Contact and Location This information is helpful for identifying the person administratively responsible for the switch and for identifying the locations of individual switches MAC Age Time The number of seconds a MAC addres...

Page 158: ...or your location The default is None For more on this topic refer to Appendix D Daylight Savings Time on ProCurve Switches Time Used in the CLI to specify the time of day the date and other system parameters Menu Viewing and Configuring System Information To access the system information parameters 1 From the Main Menu Select 2 Switch Configuration 1 System Information System Information Figure 7 ...

Page 159: ...mmands Used in This Section show system information below hostname below snmp server below contact location mac age time page 7 16 time timezone page 7 16 daylight time rule page 7 16 date page 7 16 time Listing the Current System Information Thiscommandliststhecurrent system information settings Syntax show system information This example shows the switch s default console configuration ProCurve ...

Page 160: ... hostname contact System Contact Ext 4474 and location data from System Location North Data Room previous commands MAC Age Time sec 300 Time Zone 0 Daylight Time Rule None Software revision S 14 XX Base MAC Addr 001ffe 74b3e0 ROM Version S 14 02 Serial Number ff ff ff Up Time 5 days Memory Total 33 554 432 CPU Util 5 Free 24 718 392 IP Mgmt Pkts Rx 1 611 997 Packet Total 3022 Pkts Tx 2109 Buffers ...

Page 161: ...gent Enabled Yes Yes Time Sync Method None TIMEP TimeP Mode Disabled Disabled Tftp enable Yes Yes Time Zone 0 0 Daylight Time Rule None None Actions Cancel Edit Save Help Cancel changes and return to previous screen Use arrow keys to change action selection and Enter to execute action Figure 7 10 Menu Screen Showing System Information The Web Browser interface also allows you to enter a maximum of...

Page 162: ... 720 840 time daylight time rule none alaska continental us and canada middle europe and portugal southern hemisphere western europe user defined East of the 0 meridian the sign is West of the 0 meridian the sign is For example the time zone setting for Berlin Germany is 60 zone 1 or 60 minutes and the time zone setting for Vancouver Canada is 480 zone 8 or 480 minutes Toconfigurethetime zone andd...

Page 163: ...tion System Name System Location System Contact For access to the MAC Age Interval and the Time parameters use the menu interface or the CLI Configure System Parameters in the Web Browser Interface 1 Click on the Configuration tab 2 Click on System Info 3 Enter the data you want in the displayed fields 4 Implement your new data by clicking on Apply Changes To access the web based help provided for...

Page 164: ...Interface Access and System Information System Information 7 18 ...

Page 165: ...d Time To Live TTL 8 5 CLI Configuring IP Address Gateway and Time To Live TTL 8 6 Web Configuring IP Addressing 8 10 How IP Addressing Affects Switch Operation 8 11 DHCP Bootp Operation 8 12 Network Preparations for Configuring DHCP Bootp 8 14 IP Preserve Retaining VLAN 1 IP Addressing Across Configuration File Downloads 8 16 Operating Rules for IP Preserve 8 16 Enabling IP Preserve 8 16 8 1 ...

Page 166: ...epend on IP addressing to operate IP Configuration IP Configuration Features Feature Default Menu CLI Web IP Address and Subnet Mask DHCP Bootp page 8 5 page 8 6 page 8 10 Multiple IP Addresses on a VLAN n a page 8 8 Default Gateway Address none page 8 5 page 8 6 page 8 10 Packet Time To Live TTL 64 seconds page 8 5 page 8 6 Time Server Timep DHCP page 8 5 page 8 6 IP Address and Subnet Mask Confi...

Page 167: ... default gateway and DHCP Bootp is configured on the primary VLAN then the default gateway value provided by the DHCP or Bootp server will be used If the switch has a manually configured default gateway then the switch uses his gateway even if a different gateway is received via DHCPor Bootp onthe primary VLAN This is also true for manually configured TimeP SNTP and Time To Live TTL In the default...

Page 168: ...arning the default gateway address The switch can also learn other settings from a DHCP or Bootp server such as packet Time To Live TTL and Timep or SNMP settings Other VLANs can also use DHCP or BootP to acquire IP addressing However the switch s gateway TTL and TimeP or SNTP values which are applied globally and not per VLAN will be acquired through the primary VLAN only unless manually set by u...

Page 169: ...ddressing 1 From the Main Menu Select 2 Switch Configuration 5 IP Configuration Not e s If multiple VLANs are configured a screen showing all VLANs appears instead of the following screen The Menu interface displays the IP address for any VLAN If you use the CLI to configure the IP address on a VLAN use the CLI show ip command to list them Refer to Viewing the Current IP Configuration on page 8 6 ...

Page 170: ...e Tab key to move to the other IP configuration fields 6 Select the IP Address field and enter the IP address for the switch 7 Select the Subnet Mask field and enter the subnet mask for the IP address 8 Press Enter then S for Save CLI Configuring IP Address Gateway and Time To Live TTL IP Commands Used in This Section Page show ip 8 6 ip address mask length 8 7 8 8 ip address mask bits 8 7 8 8 ip ...

Page 171: ...sing With multiple VLANs and some other features configured show ip provides additional information A Switch with IP Addressing and VLANs Configured Figure 8 3 Example of Show IP Listing with Non Default IP Addressing Configured Configure an IP Address and Subnet Mask The following command includes both the IP address and the subnet mask You must either include the ID of the VLAN for which you are...

Page 172: ...ddress configured in VLAN 1 ProCurve config no vlan 1 ip address 10 28 227 103 24 Configure Multiple IP Addresses on a VLAN Multinetting The fol lowing is supported Up to 2048 IP addresses for the switch Up to 32 IP addresses for the same VLAN Up to 256 IP VLANs that is VLANs on which you can configure IP addresses Each IP address on a VLAN must be for a separate subnet whether on the same VLAN or...

Page 173: ...ing a Multinetted VLAN If you then wanted to multinet the default VLAN you would do the following Figure 8 5 Example of Multinetting on the Default VLAN Not e The Internet IP Service screen in the Menu interface figure 8 1 on page 8 5 displays the first IP address for each VLAN You must use the CLI show ip command to display the full IP address listing for multinetted VLANs 8 9 ...

Page 174: ...fault gateway 10 28 227 115 Configure Time To Live TTL The maximum number of routers hops through which a packet can pass before being discarded The default is 64 Each router decreases a packet s TTL by 1 before forwarding the packet If a router decreases the TTL to 0 the router drops the packet instead of forward ing it Syntax ip ttl number of hops ProCurve config ip ttl 60 In the CLI you can exe...

Page 175: ... Bootp support for automatic IP address configuration and DHCP support for automatic Timep server IP address configuration Multiple Spanning Tree Protocol Port settings and port trunking Console based status and counters information for monitoring switch operation and diagnosing problems through the CLI or menu interface VLANs and GVRP Serial downloads of software updates and configuration files X...

Page 176: ...viously configured IP address and subnet mask for the switch The switch also receives an IP Gateway address if the server has been config ured to provide one In the case of Bootp the server must first be configuredwithanentrythathastheswitch sMACaddress Todetermine the switch s MAC address refer to Appendix D MAC Address Manage ment The switch properly handles replies from either type of server If...

Page 177: ...ocumenta tion provided with the DHCP server Bootp Operation When a Bootp server receives a request it searches its Bootp database for a record entry that matches the MAC address in the Bootp request from the switch If a match is found the configuration data in the associated database record is returned to the switch For many Unix systems the Bootp database is contained in the etc bootptab file In ...

Page 178: ...figuration file T144 is the vendor specific tag identifying the configuration file to download vm is a required entry that specifies the Bootp report format Use rfc1048 for the switches covered in this guide Not e The above Bootp table entry is a sample that will work for the switch when the appropriate addresses and file names are used Network Preparations for Configuring DHCP Bootp In its defaul...

Page 179: ...rk providing DHCP Bootp service the switch does the following Receives an IP address and subnet mask and if configured in the server a gateway IP address and the address of a Timep server If the DHCP Bootp reply provides information for downloading a config urationfile theswitchusesTFTPtodownloadthefilefromthe designated source then reboots itself This assumes that the switch or VLAN has connectiv...

Page 180: ...e switch adopts all other configuration parameters in the configuration file into the startup config file If the switch s current IP addressing for VLAN 1 is from a DHCP server IP Preserve is suspended In this case whatever IP addressing the config uration file specifies is implemented when the switch downloads the file and reboots If the file includes DHCP Bootp as the IP addressing source for VL...

Page 181: ...witch 4 VLAN 1 DHCP Switch 3 VLAN 1 10 31 22 103 Switch 1 VLAN 1 10 31 22 101 DHCP Server Switch 2 VLAN 1 10 31 22 102 config IP Address Switches 1 through 3 copy and implement the config txt file from the TFTP server figure 8 8 but retain their current IP Switch 4 also copies and implements the config txt file from the TFTP server figure 8 8 but acquires new IP addressing from the DHCP TFTP Serve...

Page 182: ...A24 B1 B24 Trk1 Using figure 8 7 above switches 1 3 ignore these entries because the file implements IP Preserve and their current IP addressing was not acquired through DHCP Bootp Switch 4 ignores IP Preserve and implements the DHCP Bootp addressing and IP Gateway specified in this file because its last IP addressing was acquired from a DHCP Bootp server Figure 8 8 Configuration File in TFTP Serv...

Page 183: ...A6 no untagged A2 A3 exit vlan 2 name VLAN2 untagged A2 A3 no ip address exit spanning tree Trk1 priority 4 password manager password operator Figure 8 9 Configuration File in TFTP Server with Dedicated IP Addressing Instead of DHCP Bootp To summarize the IP Preserve effect on IP addressing If the switch received its most recent VLAN 1 IP addressing from a DHCP Bootp server it ignores the IP Prese...

Page 184: ...Configuring IP Addressing IP Preserve Retaining VLAN 1 IP Addressing Across Configuration File Downloads 8 20 ...

Page 185: ... Viewing the Current SNTP Configuration 9 8 Configuring Enabling or Disabling the SNTP Mode 9 10 TimeP Viewing Selecting and Configuring 9 16 Menu Viewing and Configuring TimeP 9 17 CLI Viewing and Configuring TimeP 9 18 Viewing the Current TimeP Configuration 9 19 Configuring Enabling or Disabling the TimeP Mode 9 20 SNTP Unicast Time Polling with Multiple SNTP Servers 9 25 Displaying All SNTP Se...

Page 186: ...h the TimeP mode itself set to Disabled TimeP Time Synchronization You can either manually assign the switch to use a TimeP server or use DHCP to assign the TimeP server In either case the switch can get its time synchro nization updates from only one designated Timep server This option enhances security by specifying which time server to use SNTP Time Synchronization SNTP provides two operating m...

Page 187: ... the default 2 Enable the protocol The choices are SNTP Broadcast or Unicast TimeP DHCP or Manual 3 Configure the remaining parameters for the time protocol you selected The switch retains the parameter settings for both time protocols even if you change from one protocol to the other Thus if you select a time protocol the switch uses the parameters you last configured for the selected protocol No...

Page 188: ... page 9 5 page 9 8 select SNTP as the time synchronization method timep page 9 6 page 9 10 ff disable time synchronization timep page 9 6 page 9 14 enable the SNTP mode Broadcast Unicast or Disabled disabled broadcast n a page 9 6 page 9 11 unicast n a page 9 6 page 9 12 none disabled n a page 9 6 page 9 15 configure an SNTP server address for Unicast mode only none page 9 6 page 9 12 ff change th...

Page 189: ... In Unicast Mode Specifies how often the switch polls the designated SNTP server for a time update In Broadcast Mode Specifies how often the switch polls the network broadcast address for a time update Value between 30 720 seconds Server Address Used only when the SNTP Mode is set to Unicast Specifies the IP address of the SNTP server that the switch accesses for time synchronization updates You c...

Page 190: ...e v to move the cursor to the Time Sync Method field 4 Use the Space bar to select SNTP then press v once to display and move to the SNTP Mode field 5 Do one of the following Use the Space bar to select the Broadcast mode then press v to move the cursor to the Poll Interval field and go to step 6 For Broadcast mode details refer to SNTP Operating Modes on page 9 2 Time Sync Method None SNTP SNTP M...

Page 191: ... SNTP server from the IP address es in the updated list For more on this topic refer to SNTP Unicast Time Polling with Multiple SNTP Servers on page 9 25 iv Press to move the cursor to the Poll Interval field then go to step 6 Time Sync Method None SNTP SNTP Mode Disabled Unicast Server Address 10 28 227 15 Poll Interval sec 720 720 Server Version 3 3 Tftp enable Yes Yes Time Zone 0 0 Daylight Tim...

Page 192: ...terval 9 14 no sntp 9 15 This section describes how to use the CLI to view enable and configure SNTP parameters Viewing the Current SNTP Configuration Syntax show sntp This command lists both the time synchronization method TimeP SNTP or None and the SNTP configuration even if SNTP is not the selected time protocol For example if you configured the switch with SNTP as the time synchronization meth...

Page 193: ...urrently in use For example ProCurve config show sntp SNTP Configuration Time Sync Mode Timep SNTP Mode Unicast Poll Interval sec 720 719 Even though in this example TimeP is the current time synchronous method the switch maintains the SNTP configuration Priority SNTP Server Address Protocol Version 1 2001 db8 215 60ff fe79 8980 7 2 10 255 5 24 3 3 fe80 123 vlan10 3 Figure 9 5 Example of SNTP Conf...

Page 194: ... run SNTP as the switch s time synchronization protocol you must also select SNTP as the time synchronization method by using the CLI timesync command or the Menu interface Time Sync Method parameter Syntax timesync sntp Selects SNTP as the time protocol sntp broadcast unicast Enables the SNTP mode below and page 9 12 Syntax sntp server priority 1 3 ip addr ipv6 addr 1 7 Required only for unicast ...

Page 195: ...ollows ProCurve config show sntp 1 show sntp displays the SNTP configuration and also shows that TimeP is the currently active time synchronization mode SNTP Configuration Time Sync Mode Timep SNTP Mode disabled Poll Interval sec 720 720 ProCurve config timesync sntp ProCurve config sntp broadcast 2 3 5406_1 config show sntp 4 show sntp again displays the SNTP configuration and shows that SNTP is ...

Page 196: ...ast Configures the SNTP mode for Unicast operation Syntax sntp server priority 1 3 ip addr ipv6 addr 1 7 Specifies the SNTP server address server priority and optionally the server version The priority setting 1 3 specifies the order in which the configured servers are polled for getting the time The server version range is 1 7 and the default is 3 Syntax no sntp server ip addr ipv6 addr Deletes t...

Page 197: ...ecify the correct version number For example suppose you learned that SNTP version 4 was in use on a server you specified above IP address 10 28 227 141 with version 3 You would use the following commands to delete the server IP address and then re enter it with the correct version number for that server ProCurve config no sntp server priority 2 10 28 227 141 ProCurve config sntp server priority 2...

Page 198: ...figuration The recommended method for disabling time synchroniza tion is to use the timesync command Syntax no timesync Halts time synchronization without changing your SNTP configuration For example suppose SNTP is running as the switch s time synchronization protocol with Broadcast as the SNTP mode and the factory default polling interval You would halt time synchronization with this command Pro...

Page 199: ...ers as shown in figure 9 9 no sntp changes the SNTP configuration as shown below and disables time synchronization on the switch ProCurve config no sntp ProCurve config show sntp SNTP Configuration Even though the Time Sync Mode is set to Sntp time synchronization is disabled because no Time Sync Mode Sntp sntp has disabled the SNTP Mode parameter SNTP Mode disabled Poll Interval sec 720 720 Prior...

Page 200: ...does not operate even if specified by the Menu interface Time Sync Method parameter or the CLI timesync command DHCP When Timep is selected as the time synchronization method the switch attempts to acquire a Timep server IP address via DHCP If the switch receives a server address it polls the server for updates according to the Timep poll interval If the switch does not receive a Timep server IP a...

Page 201: ...ocol Selection Parameter Tftp enable Yes Yes TIMEP the default Time Zone 0 0 SNTP Daylight Time Rule None None None Actions Cancel Edit Save Help Figure 9 12 The System Information Screen Default Values Press E for Edit The cursor moves to the System Name field 2 Use v to move the cursor to the Time Sync Method field 3 If TIMEP is not already selected use the Space bar to select TIMEP then press v...

Page 202: ...field enter the time in minutes that you want for a TimeP Poll Interval Press Enter to return to the Actions line then S for Save to enter the new time protocol configuration in both the startup config and running config files CLI Viewing and Configuring TimeP CLI Commands Described in this Section Command Page show timep 9 19 no timesync 9 20 ff 9 23 ip timep dhcp 9 21 manual 9 22 server ip addr ...

Page 203: ...ble TimeP in DHCP mode with the default poll interval show timep lists the following Figure 9 13 Example of TimeP Configuration When TimeP Is the Selected Time Synchronization Method If SNTP is the selected time synchronization method show timep still lists the TimeP configuration even though it is not currently in use Even though in this example SNTP is the current time synchronization method the...

Page 204: ...splay Showing IP Addressing for All Configured Time Servers and VLANs Configuring Enabling or Disabling the TimeP Mode Enabling the TimeP mode means to configure it for either broadcast or unicast mode Remember that to run TimeP as the switch s time synchronization protocol you must also select TimeP as the time synchronization method by using the CLI timesync command or the Menu interface Time Sy...

Page 205: ...se Time synchronization is configured for SNTP You want to 1 View the current time synchronization 2 Select TimeP as the time synchronization mode 3 Enable TimeP for DHCP mode 4 View the TimeP configuration The commands and output would appear as follows 1 show timep displays the TimeP configuration and also shows that SNTP is the currently active time synchronization mode 2 3 4 show timep again d...

Page 206: ...er Syntax no ip timep Disables TimeP Not e To change from one TimeP server to another you must 1 use the no ip timep command to disable TimeP mode and then reconfigure TimeP in Manual mode with the new server IP address For example to select TimeP and configure it for manual operation using a TimeP server address of 10 28 227 141 and the default poll interval 720 minutes assuming the TimeP poll in...

Page 207: ...ronization without changing your TimeP configuration Syntax no timesync Disables time synchronization by changing the Time Sync Mode configuration to Disabled For example suppose TimeP is running as the switch s time synchronization protocol with DHCP as the TimeP mode and the factory default polling interval You would halt time synchronization with this command ProCurve config no timesync If you ...

Page 208: ...changes the TimeP configuration as shown below and disables time synchronization Even though the Time Sync Mode is set to Timep time synchronization is disabled because no ip timep has disabled the TimeP Mode parameter Figure 9 19 Example of Disabling Time Synchronization by Disabling the TimeP Mode Parameter 9 24 ...

Page 209: ... Event Log and reschedules to try the address list again after the configured Poll Interval time has expired Displaying All SNTP Server Addresses Configured on the Switch The System Information screen in the menu interface displays only one SNTP server address even if the switch is configured for two or three servers The CLI show management command displays all configured SNTP servers on the switc...

Page 210: ...with a new one you must delete the unwanted address before you configure the new one Deleting Addresses To delete an address you must use the CLI If there are multiple addresses and you delete one of them the switch re orders the address priority Syntax no sntp server ip addr For example to delete the primary address in the above example and automatically convert the secondary address to primary P...

Page 211: ...Messages 10 13 Note on Using Pattern Matching with the Show Interfaces Custom Command 10 13 Viewing Port Utilization Statistics 10 14 Viewing Transceiver Status 10 14 Enabling or Disabling Ports and Configuring Port Mode 10 16 Enabling or Disabling Flow Control 10 17 Configuring a Broadcast Limit on the Switch 10 19 Configuring ProCurve Auto MDIX 10 19 Web Viewing Port Status and Configuring Port ...

Page 212: ...Port Status and Configuration Contents Configuring Transceivers and Modules That Haven t Been Inserted 10 28 Transceivers 10 28 10 2 ...

Page 213: ...22 viewing transceiver status n a n a page 10 14 page 10 22 configuring ports page 10 7 page 10 16 page 10 22 configuring ProCurve auto mdix page 10 19 If the switch either fails to show a link between an installed transceiver and another device or demonstrates errors or other unexpected behavior on the link check the port configuration on both devices for a speed and or duplex mode mismatch To ch...

Page 214: ...es Down 10FDx MDIX off 0 3 10 100TX No Yes Down 10FDx MDI off 0 4 10 100TX No Yes Down 10FDx MDIX off 0 5 10 100TX No Yes Down 10FDx MDIX off 0 6 10 100TX No Yes Down 10FDx MDIX off 0 7 10 100TX No Yes Up 100FDx MDI off 0 8 10 100TX No Yes Down 10FDx MDIX off 0 9 100 1000T No Yes Down 1000FDx MDI off 0 10 100 1000T No Yes Down 1000FDx MDI off 0 Actions Back Intrusion log Help Return to previous sc...

Page 215: ...low control on enabled the switch negotiates flow control on the indicated port If the port mode is not set to Auto or if flow control is off disabled on the port then flow control is not used Flow control must be enabled on both ends of a link On Enabled The port uses 802 3x Link Layer Flow Control generates flow control packets and processes received flow control packets Off Disabled default The...

Page 216: ...aight through cable Manual mode appliesonlytocopperportswitchesusingtwisted paircopperEthernet cables Auto 10 Allows the port to negotiate between half duplex HDx and full duplex FDx while keeping speed at 10Mbps Also negotiates flow control enabled or disabled ProCurve recommends Auto 10 for links between 10 100 auto sensing ports connected with Cat 3 cabling Cat 5 cabling is required for 100 Mbp...

Page 217: ...HDx 100HDx Table 10 3 Protocols and Modes Supported for Fiber Optic Ports 100 Mbps Gigabit Protocols 100BASE FX 100BASE BX10 1000BASE SX 1000BASE LX 1000BASE BX10 1000BASE LH Modes 100HDx Auto 100FDx 1000FDx Configuring Ports You can configure and view the port settings by using the menu Not e The menu interface uses the same screen for configuring both individual ports and port trunk groups For i...

Page 218: ...ves to the Enabled field for the first port 3 Refer to the online help provided with this screen for further information on configuration options for these features 4 When you have finished making changes to the above parameters press Enter then press S for Save CLI Viewing Port Status and Configuring Port Parameters From the CLI you can configure and view all port parameter settings and view all ...

Page 219: ... and whether it is configured for flow control port list Shows a summary of network traffic handled by the specified ports An example of the show interfaces brief command is shown below ProCurve config show interfaces brief Status and Counters Port Status Intrusion MDI Flow Bcast Port Type Alert Enabled Status Mode Mode Ctrl Limit 1 10 100TX No Yes Up 100FDx MDI off 0 2 10 100TX No Yes Down 10FDx ...

Page 220: ... used to initiate the dynamic update of the show interfaces command with the output being the same as the show interfaces command When using the display option in the CLI the information stays on the screen and is updated every 3 seconds as occurs with the display using the menu feature The update is terminated with Cntl C You can use the arrow keys to scroll through the screen when the output doe...

Page 221: ...set Help Return to previous screen Use up down arrow keys to scroll to other entries left right arrow keys to change action selection and Enter to execute action Figure 10 5 Example of show int display Command with Dynamically Updating Output Customizing the Show Interfaces Command You can create show commands displaying the information that you want to see in any order you want by using the custo...

Page 222: ... intrusion Intrusion alert status no bcast Broadcast limit 0 ProCurve config show int custom 1 4 port name 4 type vlan intrusion speed enabled mdi Status and Counters Custom Port Status Intrusion Port Name Type VLAN Alert Speed Enabled MDI mode 1 Acco 10 100T 1 No 100FDx Yes Auto 2 Huma 10 100T 1 No 100FDx Yes Auto 3 Deve 10 100T 1 No 100FDx Yes Auto 4 Lab1 10 100T 1 No 100FDx Yes Auto Figure 10 6...

Page 223: ...0 Field name is misspelled Invalid input input Mistake in specifying the port list Module not present for port or invalid port input The port list is not specified Incomplete input custom Note on Using Pattern Matching with the Show Interfaces Custom Command If you have included a pattern matching command to search for a field in the output of the show int custom command and the show int custom co...

Page 224: ... 0 0 Figure 10 7 Example of a Show Interface Port Utilization Command Listing Operating Notes Foreachportontheswitch thecommandprovidesareal timedisplay oftherateatwhichdataisreceived Rx andtransmitted Tx interms of kilobits per second KBits s number of packets per second Pkts s and utilization Util expressed as a percentage of the total band width available The show interfaces port list command c...

Page 225: ...umber Includes revision letter such as A B or C If no revision letter follows a product number this means that no revision is available for the transceiver Part number Allows you to determine the manufacturer for a spec ified transceiver and revision number For a non ProCurve installed transceiver see line 23 Figure 10 8 no transceiver type product number or part information is displayed In the Se...

Page 226: ...negotiation feature allows a port to establish a link with a port at the other end at either 10 Mbps or 100 Mbps using the highest mutual speed and duplex mode available Only these speeds are allowed with this setting For example to configure port 5 for auto 10 100 enter this command ProCurve config int 5 speed duplex auto 10 100 To configure ports 1 through 3 and port 6 for 100Mbps full duplex yo...

Page 227: ... on both ports in a given link Otherwise flow control does not operate on the link and appears as Off in the show interfaces brief port listing even if flow control is configured as enabled on the port in the switch Refer to Figure 10 3 on page 10 9 Also the port speed duplex mode must be set to Auto the default To disable flow control on some ports while leaving it enabled on other ports just dis...

Page 228: ...100 1000T No Yes Down 1000FDx MDI off 0 10 100 1000T No Yes Down 1000FDx MDI off 0 Figure 10 10 Example of Configuring Flow Control for Ports ProCurve config no int 5 6 flow control ProCurve config show int brief Status and Counters Port Status Intrusion MDI Flow Bcast Port Type Alert Enabled Status Mode Mode Ctrl Limit 1 10 100TX No Yes Up 100FDx MDI off 0 2 10 100TX No Yes Down 10FDx MDIX off 0 ...

Page 229: ...imit command Note This feature is not appropriate for networks requiring high levels of IPX or RIP broadcast traffic Syntax show config Displays the startup config file The broadcast limit setting appears here if enabled and saved to the startup config file Syntax show running config Displays the running config file The broadcast limit setting appears here if enabled If the setting is not also sav...

Page 230: ...through cable on a switch to a port on an end node such as a server or PC that uses MDI ports the switch port automatically operates as an MDI X port ProCurve Auto MDIX was developed for auto negotiating devices and was shared with the IEEE for the development of the IEEE 802 3ab standard ProCurve Auto MDIX and the IEEE 802 3ab Auto MDI MID X feature are completely compatible Additionally ProCurve...

Page 231: ...configures the port for connecting to either a switch hub or other MDI X device with a crossover cable or to a PC or other MDI device with a straight through cable Syntax show interfaces config Lists the current per port Auto MDI MDI X configuration Syntax show interfaces brief Where a port is linked to another device this command lists the MDI mode the port is currently using In the case of ports...

Page 232: ...l Limit 1 100 100T No Yes Down 1000FDx MDIX off 0 2 100 100T No Yes Down 100FDx MDI off 0 3 100 100T No Yes Down 100FDx MDIX off 0 4 100 100T No Yes Down 1000FDx Auto off 0 5 100 100T No Yes Down 1000FDx Auto off 0 6 100 100T No Yes Up 1000FDx Auto off 0 Figure 10 13 Example of Displaying the Current MDI Operating Mode Web Viewing Port Status and Configuring Port Parameters In the web browser inte...

Page 233: ...ou can assign a unique name to a port You can also assign the same name to multiple ports The friendly port names you configure appear in the output of the show name port list showconfig andshowinterface port number commands They do not appear in the output of other show commands or in Menu interface screens Refer to Displaying Friendly Port Names with Other Port Data on page 10 25 Friendly port n...

Page 234: ...he friendly port names In the CLI use the write memory command Configuring Friendly Port Names Syntax interface port list name port name string Assigns a port name to port list Syntax no interface port list name Deletes the port name from port list Configuring a Single Port Name Suppose that you have connected port A3 on the switch to Bill Smith s workstation and want to assign Bill s name and wor...

Page 235: ...g combinations show name Displays a listing of port numbers with their corresponding friendly port names and also quickly shows you which ports do not have friendly name assignments show name data comes from the running config file showinterface port number Displays the friendly port name if any along with the traffic statistics for that port The friendly port name data comes from the running conf...

Page 236: ...ort names assigned in previous examples Ports Without Friendly Figure 10 16 Example of Friendly Port Name Data for All Ports on the Switch Port Without a Friendly Name Friendly port names assigned in previous examples Figure 10 17 Example of Friendly Port Name Data for Specific Ports on the Switch Including Friendly Port Names in Per Port Statistics Listings A friendly port name configured to a po...

Page 237: ...nt Rx 0 Collisions Tx 0 Runts Rx 0 Late Colln Tx 0 Giants Rx 0 Excessive Colln 0 Total Rx Errors 0 Deferred Tx 0 Others Since boot or last clear Discard Rx 0 Out Queue Len 0 Unknown Protos 0 Rates 5 minute weighted average Total Rx bps 0 Total Tx bps 0 Unicast Rx Pkts sec 0 Unicast Tx Pkts sec 0 B Mcast Rx Pkts sec 0 B Mcast Tx Pkts sec 0 Utilization Rx 0 Utilization Tx 0 Figure 10 18 Example of a...

Page 238: ...executedafter write memory In this case show config lists only port A1 Executing write memafterenteringthenamefor port A2 and then executing show config again would result in a listing that includes both ports Listing includes friendly port name for port A1 only Configuring Transceivers and Modules That Haven t Been Inserted Transceivers Previously a port had to be valid and verified for the switc...

Page 239: ... Port Operation 11 6 Enabling Support for Pre Standard Devices 11 6 Configuring the PoE Port Priority Level 11 8 Controlling PoE Allocation 11 9 Manually Configuring PoE Power Levels 11 10 Changing the Threshold for Generating a Power Notice 11 12 Cycling Power on a Port 11 13 PoE PoE Allocation Using LLDP Information 11 14 LLDP with PoE 11 14 Viewing PoE Configuration and Status 11 15 Displaying ...

Page 240: ...er Ethernet PoE Operation Contents Planning and Implementing a PoE Configuration 11 20 Assigning PoE Ports to VLANs 11 20 Applying Security Features to PoE Configurations 11 20 PoE Event Log Messages 11 21 11 2 ...

Page 241: ... PoE links Thus you can connect either a non PoE device or a powered device PD to a PoE enabled port without reconfiguring the port Configuration Options In the default configuration all 10 100Base TX ports on the HP ProCurve 2520 switches and 10 100 1000Base TX ports on the 2520G switches support PoE operation Using the commands described in this chapter you can Configure a power threshold for SN...

Page 242: ...priority rules apply only if PoE provisioning on the switch becomes oversubscribed EPS External Power Supply An EPS device provides power to provision PoE ports on a switch See also RPS below Oversubscribed The state where there are more PDs requesting PoE power than can be accommodated MPS Maintenance Power Signature the signal a PD sends to the switch to indicate that the PD is connected and req...

Page 243: ...D s operation Unneeded power becomes available for supporting other PD connections Thus while 17 watts must be available for the switch to begin supplying power to a port with a PD connected 17 watts per port is not continually required if the connected PD requires less power For example with 20 watts of PoE power remaining available on the switch you can connect one new PD without losing power to...

Page 244: ...D power demand oversubscribes the available power then the power allocation is prioritized to the ports that present a PD power demand This causes the loss of power from one or more lower priority ports to meet the power demand on other higher priority ports This operation occurs regardless of the order in which PDs connect to the switch s PoE enabled ports How Is Power Allocation Prioritized Ther...

Page 245: ...fect when PoE was disabled on port list The no form of the command disables PoE operation on port list Default All PoE ports are initially enabled for PoE operation at Low priority If you configure a higher priority this priority is retained until you change it Note For PoE disabling all ports allows the 22 W of minimum PoE power to be recovered and used elsewhere You must disable ALL ports for th...

Page 246: ...standard powered devices can be enabled or disabledonly from the switch s CLI This feature cannot be enabled or disabled through either the switch s menu or web browser interfaces Executing the show power over ethernet command lists the system power status as follows ProCurve config show power over ethernet Status and Counters System Power Status Pre standard Detect On Operational Status On Usage ...

Page 247: ...ere is power available after provisioning any active PoE ports at the higher priority levels Table 11 1 provides examples of how PoE priority settings impact operation Table 11 1 Example of PoE Priority Operation on the HP ProCurve 2520 24 PoE Priority Setting Configuration Command and Resulting Operation Critical This priority class always receives power If there is not enough power to provision ...

Page 248: ...setting is ProCurve config no interface 15 23 power Controlling PoE Allocation The default option for PoE allocation is usage which is what a PD attached to the port is allocated You can override this value by specifying the amount of power allocated to a port by using the class or value options Syntax no int port list poe allocate by usage class value Allows you to manually allocate the amount of...

Page 249: ...utput of 30 watts at the PSE For example to allocate by class for ports 6 8 ProCurve config int 6 8 PoE allocate by class Manually Configuring PoE Power Levels You can specify a power level in watts allocated for a port by using the value option This is the maximum amount of power that will be delivered To configure a port by value first set the PoE allocation by entering the poe allocate by value...

Page 250: ...r 8 4 W Figure 11 2 Example Displaying PoE Allocation by Value and the Maximum Power Delivered If you set the PoE maximum value to less than the PD requires a fault occurs ProCurve config int 7 poe value 4 ProCurve config show power over ethernet 7 Status and Counters Port Power Status for port 7 Power Enable Yes LLDP Detect enabled Priority low Configured Type AllocateBy value Value 4 W Detection...

Page 251: ...nd crosses this threshold the switch sends an SNMP trap and generates this Event Log message PoE usage has exceeded threshold of 80 If the switch is configured for debug logging it also sends the same message to the configured debug destination s The switch automatically invokes the power threshold at the global configuration level with a default setting of 80 You can configure the power threshold...

Page 252: ...yntax no interface e port list power Re enables PoE operation on port list and restores the priority setting in effect when PoE was disabled on port list The no form of the command disables PoE operation on port list Default All 10 100Base TX ports on the switch enabled for PoE operation at Low priority For example to cycle the power on a PoE device connected to port 1 on a switch covered in this ...

Page 253: ...on to be ignored if detected through LLDP Note Detecting PoE information via LLDP only affects power delivery it does not affect normal Ethernet connectivity To enable or disable ports for allocating power using LLDP use this command Syntax int port list poe lldp detect enabled disabled Enables or disables port s for allocating PoE power based on the link partner s capabilities via LLDP Default Di...

Page 254: ...ge Threshold Lists the configured percentage of available PoE power provisioning the switch must exceed togeneratea usage notice inthe form ofanEvent Log message and an SNMP trap If this event is followed by a drop in power provisioning below the threshold the switch generates another SNMP trap and Event Log message Event Log messages are also sent to any optionally configured debug destinations D...

Page 255: ...n is enabled or disabled Power Priority Lists the power priority Low High and Critical configured on ports enabled for PoE For more on this topic refer to the command description on page 11 8 Alloc By Displays how PoE is allocated usage class value PoEVal The maximum amount of PoE power allocated for that port expressed in watts Default 17W Configured Type Lists the type of PD connected to each po...

Page 256: ...ect Priority By Val Type Status Class 1 Yes disabled critical usage 17 W Telephone Delivering 1 2 Yes disabled critical usage 17 W Telephone Delivering 1 3 Yes disabled high usage 17 W Wireless Delivering 3 4 Yes disabled high usage 17 W Wireless Delivering 3 5 Yes disabled low usage 17 W Searching 0 6 Yes disabled low usage 17 W Searching 0 7 Yes disabled low usage 17 W Searching 0 8 Yes disabled...

Page 257: ...er of times a connected PD has attempted to draw more than 15 4 watts Each occurrence generates an Event Log message Power Denied Cnt Shows the number of times PDs requesting power on the port have been denied due to insufficient power available Each occurrence generates an Event Log message Voltage The total voltage in Volts being delivered to PDs Power The total power in Watts being delivered to...

Page 258: ... config show power over ethernet 5 Status and Counters Port Power Status for port 5 Power Enable Yes LLDP Detect disabled Priority low Configured Type AllocateBy usage Value 17 W Detection Status Searching Power Class 0 Over Current Cnt 0 MPS Absent Cnt 0 Power Denied Cnt 0 Short Cnt 0 Voltage 0 0 V Current 0 mA Power 0 0 W Figure 11 6 Example of Output for show power over ethernet for a Port 11 2...

Page 259: ... utilize security features built into the switch to control device or user access to the network through PoE ports in the same way as non PoE ports MAC Address Security Using Port Security you can configure each switch port with a unique list of up to eight MAC addresses for devices that are authorized to access the network through that port For more information refer to the chapter titled Configu...

Page 260: ... indicated by actual power The avail power field indicates the maximum power wattage the detected EPS is capable of delivering Ext Power Supply disconnected The switch has lost contact with an external power supply POE usage is below configured threshold of 1 99 slot POE usage is below configured threshold of 1 99 Indicates that POE usage in the switch or indicated slot if the switch includes modu...

Page 261: ...power supply has exceeded the normal operating range 50V fault The ProCurve 600 RPS EPS or ProCurve 610 EPS reported a fault condition Contact your ProCurve support representative 12V fault The ProCurve 600 RPS EPS or ProCurve 610 EPS reported a fault condition Contact your ProCurve support representative POE usage has exceeded threshold of 1 99 slot POE usage has exceeded threshold of 1 99 Indica...

Page 262: ...t The device may have been disconnected powered down or stopped functioning Port port PD Other Fault indication There is a problem with the PD connected to the port Port port PD Over Current indication The PD connected to port has requested more than 15 4 watts of power This may indicate a short circuit or other problem in the PD 11 24 ...

Page 263: ...ps 12 11 Using the CLI To View Port Trunks 12 11 Using the CLI To Configure a Static or Dynamic Trunk Group 12 14 Web Viewing Existing Port Trunk Groups 12 17 Trunk Group Operation Using LACP 12 18 Default Port Operation 12 21 LACP Notes and Restrictions 12 22 Trunk Group Operation Using the Trunk Option 12 26 How the Switch Lists Trunk Data 12 27 Outbound Traffic Distribution Across Trunked Links...

Page 264: ...ack bone devices as well as to connections in other network areas where traffic bottlenecks exist A trunk group is a set of up to eight ports configured as members of the same port trunk Note that the ports in a trunk group do not have to be consecutive For example The multiple physical links in a trunk behave as one logical link Switch 2 Switch 1 port 1 port c1 port 2 port c2 Ports a1 a3 a4 Ports...

Page 265: ...ngdevicesuchasahub orusingmorethanonemedia type in a port trunk group Similarly for proper trunk operation all links in the same trunk group must have the same speed duplex and flow control Port Security Restriction Portsecuritydoesnotoperateonatrunkgroup If you configure port security on one or more ports that are later added to a trunk group the switch resets the port security parameters for tho...

Page 266: ... and 10FDx 100FDx and 1000FDx settings The 10 gigabit ports available for some switch models allow only the Auto setting Fault Tolerance If a link in a port trunk fails the switch redistributes traffic originally destined for that link to the remaining links in the trunk The trunk remains operable as long as there is at least one link in operation If a link is restored that link is automatically i...

Page 267: ...er device you would do the following to change them to LACP passive ProCurve config no int c1 c4 lacp Removes the ports from the trunk ProCurve config int c1 c4 lacp passive Configures LACP passive Static Trunk The switch uses the links you configure with the Port Trunk Settings screen in the menu interface or the trunk command inthe CLI to create a static port trunk The switch offers two types of...

Page 268: ...spanning tree or IGMP parameters on an LACP trunk group You want an LACP trunk group to operate in a VLAN other than the default VLAN and GVRP is disabled Refer to VLANs and Dynamic LACP on page 12 23 You want to use a monitor port on the switch to monitor an LACP trunk For more information refer to Trunk Group Operation Using LACP on page 12 18 Trunk Provides manually configured static only trunk...

Page 269: ...g operate on a per port basis regardless of trunk membership Enable Disable Flow control Flow Ctrl LACP is a full duplex protocol Refer to Trunk Group Operation Using LACP on page 12 18 Trunk Configuration All ports in the same trunk group must be the same trunk type LACP or Trunk All LACP ports in the same trunk group must be either all static LACP or all dynamic LACP A trunk appears as a single ...

Page 270: ...moveaportfromastatictrunk theportretainsthesameSpanningTreesettingsthatwereconfiguredforthetrunk IP Multicast Protocol IGMP A static trunk of any type appears in the IGMP configuration display and you can configure IGMP for a static trunk in the same way that you would configure IGMP on a non trunked port Note that the switch lists the trunk by name such as Trk1 and does not list the individual po...

Page 271: ...igure Static Port Trunking This procedure uses the Port Trunk Settings screen to configure a static port trunk group on the switch 1 Follow the procedures in the Important note above 2 From the Main Menu Select 2 Switch Configuration 2 Port Trunk Settings 3 Press E for Edit and then use the arrow keys to access the port trunk parameters These two columns indicate static trunk status For dynamic LA...

Page 272: ...led Static Virtual LANs VLANs in the Advanced Traffic Management Guide for your switch To return a port to a non trunk status keep pressing the Space bar until a blank appears in the highlighted Group value for that port Figure 12 5 Example of the Configuration for a Two Port Trunk Group 6 Move the cursor to the Type column for the selected port and use the Space bar to select the trunk type LACP ...

Page 273: ...tion Commands show trunks below show lacp page 12 13 trunk page 12 15 interface port list lacp page 12 15 Using the CLI To View Port Trunks You can list the trunk type and group for all ports on the switch or for selected ports You can also list LACP only status information for LACP configured ports Listing Static Trunk Type and Group for All Ports or for Selected Ports Syntax show trunks port lis...

Page 274: ...dly Port Names feature Refer to Using Friendly Optional Port Names on page 10 23 Port A6 does not appear in this listing because it is not assigned to a static trunk Figure 12 6 Example Listing Specific Ports Belonging to Static Trunks The show trunks port list command in the above example includes a port list and thus shows trunk group information only for specific ports that have membership in a...

Page 275: ...age 12 21 Dynamic LACP Standby Links Dynamic LACP trunking enables you to configure standby links for a trunk by including more than eight ports in a dynamic LACP trunk configuration When eight ports trunk links are up the remaining link s will be held in standby status If a trunked link that is Up fails it will be replaced by a standby link which maintains your intended bandwidth for the trunk Re...

Page 276: ...configuring them for trunking you can temporarily disable the ports until the trunk is configured Refer to Enabling or Disabling Ports and Configuring Port Mode on page 10 16 The table on page 12 5 describes the maximum number of trunk groups you can configure on the switch An individual trunk can have up to eight links with additional standby links if you re using LACP You can configure trunk gro...

Page 277: ...ee is not in use ProCurve recommends that you first disable the port or disconnect the link on that port Syntax no trunk port list Removes the specified ports from an existing trunk group For example to remove ports C4 and C5 from an existing trunk group ProCurve config no trunk c4 c5 Enabling a Dynamic LACP Trunk Group In the default port configura tion all ports on the switch are set to disabled...

Page 278: ...d is LACP active Spanning tree is not needed and the clear advantages are increased bandwidth and fault tolerance Syntax interface port list lacp active Configures port list as LACP active If the ports at the other end of the links on port list are configured as LACP passive then this command enables a dynamic LACP trunk group on port list This example uses ports C4 and C5 to enable a dynamic LACP...

Page 279: ...ive LACP In this example port C6 belongs to an operating dynamic LACP trunk To remove port C6 from the dynamic trunk and return it to passive LACP you would do the following ProCurve config no interface c6 lacp ProCurve config interface c6 lacp passive Note that in the above example if the port on the other end of the link is configured for active LACP or static LACP the trunked link will be re es...

Page 280: ...gs at Auto the default LACP also operates with Auto 10 Auto 100 andAuto 1000 ifnegotiation selectsFDx and 10FDx 100FDx and 1000FDx settings LACP trunk status commands include Trunk Display Method Static LACP Trunk Dynamic LACP Trunk CLI show lacp command Included in listing Included in listing CLI show trunk command Included in listing Not included Port Trunk Settings screen in menu interface Incl...

Page 281: ...P port trunk group and assigns a port Group name The ports on both ends of each link have compatible mode settings speed and duplex The port on one end of each link must be configured for LACP Active and the port on the other end of the same link must be configured for either LACP Passive or LACP Active For example Switch 1 Port X LACP Enable Active Port Y LACP Enable Active Switch 2 Port A LACP E...

Page 282: ...e trunk operates if the trunk group on the opposite device is running one of the following trunking protocols Active LACP Passive LACP Trunk This option uses LACP for the port Type parameter and TrkX for the port Group parameter where X is an automatically assigned value in a range corresponding to the maximum number of trunks the switch allows The table on page 12 5 lists the maximum number of tr...

Page 283: ...P is disabled for all ports Trunk Group TrkX This port has been manually configured into a static LACP trunk Trunk Group Same as Port Number The port is configured for LACP but is not a member of a port trunk Port Status Up The port has an active LACP link and is not blocked or in Standby mode Down The port is enabled but an LACP link is not established This can indicate for example a port that is...

Page 284: ...you configure port security on a port on which LACP active or passive is configured the switch removes the LACP configuration displays a notice that LACP is disabled on the port s and enables 802 1X on that port ProCurve config aaa port access authenticator b1 LACP has been disabled on 802 1x port s ProCurve config The switch will not allow you to configure LACP on a port on which port access 802 ...

Page 285: ...g trunk group you can add that port to a static trunk Doing so disables dynamic LACP on that port which means you must manually configure both ends of the trunk Dynamic LACP Trunks You can configure a port for LACP active or LACP passive but on a dynamic LACP trunk you cannot configure the other options that you can on static trunks If you want to manually configure a trunk use the trunk command R...

Page 286: ...ed port will replace it Port Status becomes Up When the other port becomes active again the replace ment port goes back to blocked Port Status is Blocked It can take a few seconds for the switch to discover the current status of the ports ProCurve eth 1 8 show lacp LACP PORT LACP TRUNK PORT LACP LACP NUMB ENABLED GROUP STATUS PARTNER STATUS 1 Active Dyn1 Up Yes Success 2 Active Dyn1 Up Yes Success...

Page 287: ... to operate in static LACP trunks Spanning Tree and IGMP If Spanning Tree and or IGMP is enabled in the switch a dynamic LACP trunk operates only with the default settings for these features and does not appear in the port listings for these features Half Duplex and or Different Port Speeds Not Allowed in LACP Trunks The ports on both sides of an LACP trunk must be configured for the same speed an...

Page 288: ...orts without regard for how that traffic is handled by the device at the other end of the trunked links Similarly the switch handles incoming traffic from the trunked links as if it were from a trunked source When a trunk group is configured with the trunk option the switch automati cally sets the trunk to a priority of 4 for spanning tree operation even if spanning tree is currently disabled This...

Page 289: ...inks The two trunk group options LACP and Trunk use source destination address pairs SA DA for distributing outbound traffic over trunked links SA DA source address destination address causes the switch to distribute outbound traffic to the links within the trunk group on the basis of source destination address pairs That is the switch sends traffic from the same sourceaddresstothesamedestinationa...

Page 290: ...ce Address and Destination address When an IP address is available the calculation includes the last five bits of the IP source address and IP destination address otherwise the MAC addresses are used The result of that process undergoes a mapping that determines which link the traffic goes through If you have only two ports in a trunk it is possible that all the traffic will be sent through one po...

Page 291: ...B Node X 2 Node C Node Y 3 Node D Node Z 1 Node A Node Y 2 Node B Node W 3 Because the amount of traffic coming from or going to various nodes in a network can vary widely it is possible for one link in a trunk group to be fully utilized while other links in the same trunk have unused bandwidth capacity even if the assignments were evenly distributed across the links in a trunk 12 29 ...

Page 292: ...Port Trunking Outbound Traffic Distribution Across Trunked Links 12 30 ...

Page 293: ...ing non SNMP version 3 Communities 13 13 CLI Viewing and Configuring SNMP Community Names 13 15 SNMP Notifications 13 17 Supported Notifications 13 17 General Steps for Configuring SNMP Notifications 13 18 SNMPv1 and SNMPv2c Traps 13 19 Configuring an SNMP Trap Receiver 13 19 Enabling SNMPv2c Informs 13 21 Configuring SNMPv3 Notifications 13 23 Managing Network Security Notifications 13 26 Enablin...

Page 294: ...LLDP Operation 13 42 Viewing the Current Configuration 13 43 Configuring Global LLDP Packet Controls 13 44 Configuring SNMP Notification Support 13 48 Configuring Per Port Transmit and Receive Modes 13 49 Configuring Basic LLDP Per Port Advertisement Content 13 50 Advertisements 13 52 LLDP MED Media Endpoint Discovery 13 53 LLDP MED Topology Change Notification 13 56 LLDP MED Fast Start Control 13...

Page 295: ...s configured either manually or dynamically using DHCP or Bootp If multiple VLANs are configured each VLAN interface should have its own IP address For DHCP use with multiple VLANs refer to the section titled The Primary VLAN in the Static Virtual LANs VLANs chapter of the Advanced Traffic Management Guide for your switch Not e If you use the switch s Authorized IP Managers and Management VLAN fea...

Page 296: ...View database To do so go to the ProCurve Networking web site at www procurve com Click on software updates then MIBs Configuring for SNMP version 1 and 2c Access to the Switch SNMP access requires an IP address and subnet mask configured on the switch Refer to IP Configuration on page 8 2 If you are using DHCP Bootp to configure the switch ensure that the DHCP Bootp process provides the IP addres...

Page 297: ...guration on page 8 2 If you are using DHCP Bootp to configure the switch ensure that the DHCP Bootp process provides the IP address See DHCP Bootp Operation on page 8 12 Once an IP address has been configured the main steps for configuring SNMP version 3 access management features are 1 Enable SNMPv3 for operation on the switch Refer to SNMP Version 3 Commands on page 13 6 2 Configure the appropri...

Page 298: ...mmunitynamed public inaccessible to network management applications such as auto discovery traffic monitoring SNMP trap generation and threshold setting from operating in the switch Syntax no snmpv3 enable Enable and disable the switch for access from SNMPv3 agents This includes the creation of the initial user record no snmpv3 only Enables or disables restrictions to access from only SNMPv3 agent...

Page 299: ...ftware requires an initial user record to clone The initial user record can be downgraded and provided with fewer features but not upgraded by adding new features For this reason it is recommended that when you enable SNMPv3 you also create a second user with SHA authentication and DES privacy Enable SNMPv3 CreateinitialusermodelsforSNMPv3 Management Applications Set restriction on non SNMPv3 mess...

Page 300: ... the appropriate security level to an existing security group Adding Users To configure an SNMPv3 user you must first add the user name to the list of known users with the snmpv3 user command ProCurve config snmpv3 user NetworkAdmin ProCurve config snmpv3 user NetworkMgr auth md5 authpass priv privpass Add user Network Admin with no authentication or privacy Add user Network Mgr with authenticatio...

Page 301: ...6 32 characters in length and is mandatory when you configure privacy Default DES Note Only AES 128 bit and DES 56 bit encryption are supported as privacy protocols Other non standard encryptionalgorithms suchasAES 172 AES 256 and 3 DES are not supported Listing Users To display the management stations configured to access the switch with SNMPv3 and view the authentication and privacy protocols th...

Page 302: ... Assigning Users to Groups SNMPv3 Group Commands Syntax no snmpv3 group This command assigns or removes a user to a security group for access rights to the switch To delete an entry all of the following three parameters must be included in the command group group_name This parameter identifies the group that has the privileges that will be assigned to the user For more details refer to Group Acces...

Page 303: ...w DiscoveryView Each view allows you to view or modify a different set of MIBs Manager Read View access to all managed objects Manager Write View access to all managed objects except the follow ing vacmContextTable vacmAccessTable vacmViewTreeFamilyTable OperatorReadView no access to icfSecurityMIB hpSwitchIpTftp Mode vacmContextTable vacmAccessTable vacmViewTreeFami lyTable usmUserTable snmpCommu...

Page 304: ...is being mapped to a group access level sec name security_name This is the group level to which the community is being mapped For more information refer to Group Access Levels on page 13 11 tag tag_value This is used to specify which target address may have access by way of this index reference Figure 13 5 shows the assigning of the Operator community on MgrStation1 to the CommunityOperatorReadWri...

Page 305: ...her an operator level or a manager level view and either restricted or unrestricted write access Using SNMP requires that the switch have an IP address and subnet mask compatible with your network C a u t i o n For ProCurve Manager PCM version 1 5 or earlier or any TopTools version deleting the public community disables some network management functions such as traffic monitoring SNMP trap generat...

Page 306: ...sting community the values for the currently selected Community appear in the fields Type the value for this field Use the Space bar to select values for other fields Figure 13 7 The SNMP Add or Edit Screen Need Help If you need information on the options in each field press Enter to move the cursor to the Actions line then select the Help option on the Actions line When you are finished with Help...

Page 307: ... configured SNMP community names along with trap receivers and the setting for authentication traps refer to SNMP Notifications on page 13 17 Syntax show snmp server community string This example lists the data for all communities in a switch that is both the default public community name and another community named blue team Default Community and Settings Non Default Community and Settings Trap R...

Page 308: ... Optionally assigns an access level At the operator level the community can access all MIB objects except the CONFIG MIB At the manager level the community can access all MIB objects restricted unrestricted Optionally assigns MIB access type Assigning the restricted type allows the community to read MIB variables but not to set them Assigning the unrestricted type allows the community to read and ...

Page 309: ... link on a port changes from up to down linkDown or down to up linkUp Port security web MAC or 802 1X authentication failure Invalid password entered in a login attempt through a direct serial Telnet or SSH connection Inability to establish a connection with the RADIUS or TACACS authen tication server DHCP snooping events ARP protection events In addition you can enable the switch to send the foll...

Page 310: ...c Traps on page 13 19 Configuring an SNMP Trap Receiver on page 13 19 Enabling SNMPv2c Informs on page 13 21 If you want to use SNMPv3 notifications including traps you must also configure an SNMPv3 management station Follow the required configu ration procedure in the following section Configuring SNMPv3 Notifications on page 13 23 2 To reconfigure any of the SNMP notifications that are enabled b...

Page 311: ...c community name Thresholds A switch automatically sends all messages created when a system threshold is reached to the network management station that configured the threshold regardless of the trap receiver configuration Configuring an SNMP Trap Receiver Usethe snmp serverhost commandtoconfigureatrapreceiverthatcanreceive SNMPv1 and SNMPv2c traps and optionally event log messages When you config...

Page 312: ...t you specify applies only to event log messages not to threshold traps For each configured event level the switch continues to send threshold traps to all network management stations that have the appropriate threshold level configured If you do not specify an event level the switch uses the default value none and sends no event log messages as traps inform Optional Configures the switch to send ...

Page 313: ...g SNMPv2c Informs On a switch enabled for SNMPv2c you can use the snmp server host inform command to send inform requests when certain events occur When an SNMP Manager receives an inform request it can send an SNMP response back to the sending agent on the switch to let the agent know that the inform request reached its destination If the sending agent on the switch does not receive an SNMP respo...

Page 314: ...munities Community Name MIB View Write Access public Manager Unrestricted Trap Receivers Link Change Traps Enabled on Ports All All Address Community Events Sent Notify Type Retry Timeout 15 28 333 456 guest All inform SNMPv2c Inform configuration 3 15 Excluded MIBs Snmp Response Pdu Source IP Information Selection Policy Default rfc1517 Trap Pdu Source IP Information Selection Policy Configured I...

Page 315: ...sers by entering the snmpv3 user command see SNMPv3 Users on page 13 7 Each SNMPv3 user configuration is entered in the User Table 3 Assign SNMPv3 users to security groups according to their level of access privilege by entering the snmpv3 group command see Assigning Users to Groups on page 13 10 4 Define the name of an SNMPv3 notification configuration by entering the snmpv3 notify command Syntax...

Page 316: ...tified by one or more tag_name values to be sent to the IP address of the SNMPv3 management station You can enter more than one tag_name value Each tag_name value must be already associated with the name of an SNMPv3 notification configuration entered with the snmpv3 notify command in Step 4 Use a blank space to separate tag_name values You can enter up to 103 characters in tag_name entries follow...

Page 317: ...rams_name value configured with the snmpv3 targetaddress command in Step 5 to a specified SNMPv3 user from the user user_name value configured with the snmpv3 user command in Step 2 If you enter the snmpv3 params user command you must also configure a security model sec model and message processing algorithm msg processing sec model ver1 ver2c ver3 Configures the security model used for SNMPv3 not...

Page 318: ...ported Notifications on page 13 17 when a network security event for example authentication failure occurs However before security notifications can be sent you must first configure one or more trap receivers or SNMPv3 management stations as described in Configuring an SNMP Trap Receiver on page 13 19 Configuring SNMPv3 Notifications on page 13 23 You can manage the default configuration of the sw...

Page 319: ...trap when the link state on a port changes from up to down or the reverse login failure mgr sends a trap for a failed login with a manager password password change mgr sends a trap when a manager password is reset port security sends a trap for a failed authentication attempt through a web MAC or 801 X authentication session snmp authentication extended standard sendsatrapforafailed authentication...

Page 320: ... 0121 user_1 All trap 3 15 Excluded MIBs Figure 13 11 Display of Configured Network Security Notifications Enabling Link Change Traps By default a switch is enabled to send a trap when the link state on a port changes from up to down linkDown or down to up linkUp To reconfigure the switch to send link change traps to configured trap receivers enter the snmp server enable traps link change command ...

Page 321: ...n SNMP notification traps and replies enter the snmp server response source and snmp server trap source commands Syntax no snmp server response source dst ip of request ip addr Specifies the source IP address of the SNMP response PDU The default SNMP response PDU uses the IP address of the active interface from which the SNMP response was sent as the source IP address The no form of the command re...

Page 322: ...ver response source and snmp server trap source commands configure the source IP address for IPv4 interfaces only You must manually configure the snmp server response source value if you wish to change the default user defined interface IP address that is used as the source IP address in SNMP traps RFC 1517 The values configured with the snmp server response source and snmp server trap source comm...

Page 323: ...Source IP Information received i s used as the source IP address in Selection Policy Configured IP SNMP replies Ip Address 10 10 10 10 Figure 13 12 Display of Source IP Address Configuration Displaying SNMP Notification Configuration Use the show snmp server command to display the currently configured Management stations trap receivers Settings for network security notifications and link change tr...

Page 324: ...Operator Restricted blue team Manager Unrestricted red team Manager Unrestricted Trap Receivers Link Change Traps Enabled on Ports All All Trap Category SNMP Authentication Password change Login failures Port Security Authorization Server Contact Current Trap Configuration extended enabled enabled enabled enabled Address 10 28 227 200 10 28 227 105 10 28 227 120 Community public red team blue team...

Page 325: ...ofdifferentframesizes Alarm History of the supported Ethernet statistics Event The RMON agent automatically runs in the switch Use the RMON management station on your network to enable or disable specific RMON traps and events Note that you can access the Ethernet statistics Alarm and EventgroupsfromtheProCurveManagernetworkmanagementsoftware For more on ProCurve Manager visit the ProCurve Network...

Page 326: ...oldtime multiplier for LLDP Packets 4 seconds page 13 38 holdtime multiplier x refresh interval time to live Change the delay interval between advertisements 2 seconds page 13 46 Changing the reinitialization delay interval 2 seconds page 13 47 Configuring SNMP notification support Disabled page 13 48 Configuring transmit and receive modes tx_rx page 13 49 Configuring basic LLDP per port advertise...

Page 327: ...d to the switch including device type capability and some configuration information In VoIP deployments using LLDP MED on the switches covered in this guide additional support unique to VoIP applications is also available Refer to LLDP MED Media Endpoint Discovery on page 13 53 Terminology Adjacent Device Refer to Neighbor or Neighbor Device Advertisement See LLDPDU Active Port A port linked to an...

Page 328: ...System A network based and or premises based telephone system having a common interface with the public switched telephone system and having multiple telephone lines common control units multiple telephone sets and control hardware and software NANP North American Numbering Plan A ten digit telephone number format where the first three digits are an area code and the last seven digits are a local ...

Page 329: ...d LLDP enabled LLDP is a one way protocol and does not include any acknowledgement mechanism An LLDP enabled port receiving LLDP packets inbound from neighbor devices stores the packet data in a Neighbor database MIB LLDP MED This capability is an extension to LLDP and is available on the switches covered in this guide Refer to LLDP MED Media Endpoint Discovery on page 13 53 Packet Boundaries in a...

Page 330: ... an LLDP advertisement packet out each active port enabled for outbound LLDP transmissions and receives LLDP advertisements on each active port enabled to receive LLDP traffic page 13 49 Per Port configuration options include four modes Transmit and Receive tx_rx This is the default setting on all ports It enables a given port to both transmit and receive LLDP packets and to store the data from re...

Page 331: ...of identifier used for Chassis ID Chassis ID6 N A Always Enabled Uses base MAC address of the switch Port Type3 6 N A Always Enabled Uses Local meaning assigned locally by LLDP Port Id6 N A Always Enabled Uses port number of the physical port In the switches covered in this guide this is an internal number reflecting the reserved slot port position in the chassis For more information on this numbe...

Page 332: ...fault process or an address configured for inclusion in advertisements Refer to IP Address Advertisements on page 13 41 Debug Logging You can enable LLDP debug logging to a configured debug destination Syslog server and or a terminal device by executing the debug lldp command For more on Debug and Syslog refer to the Troubleshooting appendix in this guide Note that the switch s Event Log does not ...

Page 333: ... then the port advertises the lowest order IP address configured on the VLAN with the lowest VID If the qualifying VLAN does not have an IP address the port advertises 127 0 0 1 as its IP address For example if the port is a member of the default VLAN VID 1 and there is an IP address configured for the defaultVLAN thentheportadvertisesthisIPaddress Inthe defaultoperation the IP address that LLDP u...

Page 334: ...d and in both transmit and receive mode on all active ports The LLDP configuration includes global settings that apply to all active ports on the switch and per port settings that affect only the operation of the specified ports The commands in this section affect both LLDP and LLDP MED operation for information on operation and configuration unique to LLDP MED refer to LLDP MED Media Endpoint Dis...

Page 335: ...smit and Receive Modes on page 13 49 For example show lldp config produces the following display when the switch is in the default LLDP configuration ProCurve config show lldp config Note This value corresponds to the lldp refresh interval command page 13 45 LLDP Global Configuation LLDP Enabled Yes Yes LLDP Transmit Interval 30 30 LLDP Hold time Multiplier 4 4 LLDP Delay Interval 2 2 LLDP Reinit ...

Page 336: ...ation on the other configurable settings displayed by this command refer to Configuring Per Port Transmit and Receive Modes on page 13 49 The blank IpAddress field indicates that the default IP address will be advertised from this port Refer to page 13 50 Configuring a Remote Management Address for Outbound LLDP Advertisements This fieldappearswhendot3tlvenableis enabled on the switch which is the...

Page 337: ... configuration when LLDP is disabled After LLDP is disabled the information in the LLDP neighbors database remains until it times out Default Enabled For example to disable LLDP on the switch ProCurve config no lldp run Changing the Packet Transmission Interval This interval controls how often active ports retransmit advertisements to their neighbors Syntax lldp refresh interval 5 32768 Changes th...

Page 338: ...es the advertised data is deleted from the neighbor switch s MIB Default 4 Range 2 10 For example if the refresh interval on the switch is 15 seconds and the holdtime multiplier is at the default the Time to Live for advertisements transmitted from the switch is 60 seconds 4 x 15 To reduce the Time to Live you could lower the holdtime interval to 2 which would result in a Time to Live of 30 second...

Page 339: ...ou must first set the refresh interval to a minimum of 32 seconds 32 4 x 8 Figure 13 16 Example of Changing the Transmit Delay Interval Attempt to change the transmit delay interval shows that the refresh interval is less than 4 x delay interval Changes the refresh interval to 32 that is 32 4 x desired transmit delay interval Successfully changes the transmit delay interval to 8 Changing the Reini...

Page 340: ...l to five seconds ProCurve config setmib lldpreinitdelay 0 i 5 Configuring SNMP Notification Support You can enable SNMP trap notification of LLDP data changes detected on advertisements received from neighbor devices and control the interval between successive notifications of data changes on the same neighbor Enabling LLDP Data Change Notification for SNMP Trap Receivers Syntax no lldp enable no...

Page 341: ...5 seconds For example the following command limits change notification traps from a particular switch to one per minute ProCurve config setmib lldpnotificationinterval 0 i 60 lldpNotificationInterval 0 60 Configuring Per Port Transmit and Receive Modes These commands control advertisement traffic inbound and outbound on active ports Syntax lldp admin status port list txonly rxonly tx_rx disable Wi...

Page 342: ... a specific IP address in the outbound LLDP advertisements for specific ports Syntax no lldp config port list ipAddrEnable ip address Replaces the default IP address for the port with an IP address you specify This can be any IP address configured in a static VLAN on the switch even if the port does not belong to the VLAN configured with the selected IP address The no form of the command deletes t...

Page 343: ... use LLDP commands to configure their actual content port description TLV system name TLV system description TLV system capabilities TLV system capabilities Supported TLV subelement system capabilities Enabled TLV subelement port speed and duplex TLV subelement Syntax no lldp config port list basicTlvEnable TLV Type port_descr For outbound LLDP advertisements this TLV includes an alphanumeric stri...

Page 344: ...roCurve config lldp config 1 5 basicTlvEnable system_name Configuring Support for Port Speed and Duplex Advertisements This feature is optional for LLDP operation but is required for LLDP MED operation Port speed and duplex advertisements are supported on the switches covered in this guide to inform an LLDP endpoint and the switch port of each other s port speed and duplex configuration and capabi...

Page 345: ...on refer to Displaying the Current Port Speed and Duplex Configuration on a Switch Port on page 13 69 LLDP MED Media Endpoint Discovery LLDP MED ANSI TIA 1057 D6 extends the LLDP IEEE 802 1AB industry standard to support advanced features on the network edge for Voice Over IP VoIP endpoint devices with specialized capabilities and LLDP MED standards based functionality LLDP MED in the switches use...

Page 346: ...ays media servers IP communications controllers other VoIP devices or servers IP Network Infrastructure IEEE 802 LAN Switches Providing Network Access to LLDP MED Endpoints LLDP MED Class 1 Generic Endpoints Such As IP Call Control Devices LLDP MEDClass2MediaEndpointsSuchAs Media Gateways Conference Bridges and other Devices Supporting IP Media Streams LLDP MED Class 3 End User IP Communication De...

Page 347: ... e LLDP MED on the switches covered in this guide is intended for use with VoIP endpoints and is not designed to support links between network infrastructure devices such as switch to switch or switch to router links LLDP MED Endpoint Device Classes LLDP MED endpoint devices are by definition located at the network edge and communicate using the LLDP MED framework Any LLDP MED endpoint device belo...

Page 348: ...P MED Operational Support The switches covered in this guide offer two configurable TLVs supporting MED specific capabilities medTlvEnable for per port enabling or disabling of LLDP MED opera tion medPortLocation for configuring per port location or emergency call data Not e LLDP MED operation also requires the port speed and duplex TLV dot3TlvEnable page 13 53 which is enabled in the default conf...

Page 349: ...es on page 13 55 The show running command shows whether the topology change notification feature is enabled or disabled For example if ports A1 A10 have topology change notification enabled the following entry appears in the show running output lldp top change notify A1 A10 Default Disabled Note To send traps this feature requires access to at least one SNMP server For information on configuring t...

Page 350: ...ration of the fast start count interval In most cases the default setting should provide an adequate fast start count interval Range 1 10 seconds Default 5 seconds Note This global command applies only to ports on which a new LLDP MED device is detected It does not override the refresh interval setting on ports where non MED devices are detected Advertising Device Capability Network Policy PoE Sta...

Page 351: ...LAN port membership configured on the switch can be tagged or untagged However if the LLDP MED endpoint expects a tagged mem bership when the switch port is configured for untagged or the reverse then a configuration mismatch results Typically the endpoint expects the switch port to have a tagged voice VLAN membership If a given port does not belong to a voice VLAN then the switch does not adverti...

Page 352: ...fig port list medTlvEnable medTlv Enables or disables advertisement of the following TLVs on the specified ports device capability TLV configured network policy TLV configured location data TLV Refer to Configuring Location Data for LLDP MED Devices on page 13 62 current PoE status TLV Default All of the above TLVs are enabled Helps to locate configuration mismatches by allowing use of an SNMP app...

Page 353: ... is selected as the VLAN for voice traffic Also this TLV cannot be enabled unless the capability TLV is already enabled For more information refer to Network Policy Advertisements on page 13 59 location_id This TLV enables the switch port to advertise its configured location data if any For more on configuring location data refer to Configuring Location Data for LLDP MED Devices Default Enabled No...

Page 354: ...ity configured on the MED capable end point power value indicates the total power in watts that a switch port PSE can deliver at a particular time or the total power in watts that the MED endpoint PD requires to operate To display the current power data for an LLDP MED device connected to a port use the following command show lldp info remote device port list For more on this command refer to page...

Page 355: ...without regard to type Configuring a new medPortLocation entry of any type on a port replaces any previously configured entry on that port civic addr COUNTRY STR WHAT CA TYPE CA VALUE CA TYPE CA VALUE CA TYPE CA VALUE This command enables configuration of a physical address on a switch port and allows up to 75 characters of address information COUNTRY STR A two character country code as defined by...

Page 356: ...ers are used by the PSAP to identify and organize the location data components in an understandable format for response personnel to interpret A civic addr command requires a minimum of one type value pair but typically includes multiple type value pairs as needed to configure a complete set of data describing a given location CA TYPE This is the first entry in a type value pair and is a number de...

Page 357: ...ure An ELIN Emergency Location Identification Number is a valid North American Numbering Plan NANP format telephone number assigned to MLTS operators in North America by the appropriate authority The ELIN is used to route emergency E911 calls to a Public Safety Answering Point PSAP Range 1 15 numeric characters Configuring Coordinate Based Locations Latitude longitude and altitude data can be conf...

Page 358: ...ost Configuration Protocol DHCPv4 and DHCPv6 Option for Civic Addresses Configuration Information draft ietf geopriv dhcp civil 06 dated May 30 2005 For the actual codes to use contact the PSAP or other authority responsible for specifying the civic addressing data standard for your network Example of a Location Configuration Suppose a system operator wanted to configure the following information ...

Page 359: ...configuring and displaying the above data Figure 13 18 Example of a Civic Address Configuration Displaying Advertisement Data Command Page show lldp info local device below walkmib lldpXdot3LocPortOperMauType show lldp info remote device 13 70 walkmib lldpXdot3RemPortAutoNegAdvertisedCap show lldp info stats 13 72 13 67 ...

Page 360: ...e port list option this command displays only the following port specific information that is currently available for outbound LLDP advertisements on the specified ports PortType PortId PortDesc Note This command displays the information available on the switch Use the lldp config port list command to change the selection of information that is included in actual outbound advertisements In the def...

Page 361: ...Management Address on page 13 40 Figure 13 19 Example of Displaying the Global and Per Port Information Available for Outbound Advertisements Figure 13 20 Example of the Default Per Port Information Content for Ports 1 and 2 Displaying the Current Port Speed and Duplex Configuration on a Switch Port Port speed and duplex information for a switch port and a connected LLDP MED endpoint can be compar...

Page 362: ...s are listed by the inbound port on which they were discovered Multiple devices listed for a single port indicates that such devices are connected to the switch through a hub Discovering the same device on multiple ports indicates that the remote device may be connected to the switch in one of the following ways Through different VLANS using separate links This applies to switches that use the sam...

Page 363: ...Example of a Global Listing of Discovered Devices Indicates the policy configured on the telephone A configuration mismatch occurs if the supporting port is configured differently Figure 13 22 Example of an LLLDP MED Listing of an Advertisement Received From an LLDP MED VoIP Telephone Source 13 71 ...

Page 364: ...ntries Count Shows the total of new LLDP neighbors detected since the last switch reboot Disconnecting then reconnecting a neighbor increments this counter Neighbor Entries Deleted Count Shows the number of neighbor deletions from the MIB for AgeOut Count and forced drops for all ports For example if the admin status for port on a neighbor device changes from tx_rx or txonly to disabled or rxonly ...

Page 365: ... the maximum number of neighbors Refer to Neighbor Maximum on page 13 74 This can also be an indication of advertisement formatting problems in the neighbor device Frames Invalid Shows the total number of invalid LLDP advertisements received on the port An invalid advertisement can be caused by header formatting problems in the neighbor device TLVs Unrecognized Shows the total number of LLDP TLVs ...

Page 366: ...istics Display Figure 13 24 Example of a Per Port LLDP Statistics Display LLDP Operating Notes Neighbor Maximum The neighbors table in the switch supports as many neighbors as there are ports on the switch The switch can support multiple neighbors connected through a hub on a given port but if the switch neighbor maximum is reached advertisements from additional neighbors on the same or other port...

Page 367: ...sumes Neighbor Data Can Remain in the Neighbor Database After the Neighbor Is Disconnected After disconnecting a neighbor LLDP device from the switch the neighbor can continue to appear in the switch s neighbor database for an extended period if the neighbor s holdtime multiplier is high especially if the refresh interval is large Refer to Changing the Time to Live for Transmitted Advertisements o...

Page 368: ...ry Protocol data received by the switch from other devices LLDP operation includes both transmitting LLDP packets to neighbor devices and reading LLDP packets received from neighbor devices CDP operation is limited to reading incoming CDP packets from neighbor devices ProCurve switches do not generate CDP packets LLDP and CDP Neighbor Data With both LLDP and read only CDP enabled on a switch port ...

Page 369: ...LLDP and CDP support the System Capability TLV However LLDP differentiates between what a device is capable of supporting and what it is actually supporting and separates the two types of information into subelements of the System Capability TLV CDP has only a single field for this data Thus when CDP System Capability data is mapped to LLDP the same value appears in both LLDP System Capability fie...

Page 370: ...u want to use only one type of data from a neighbor sending both types disable the unwanted protocol on either the neighbor device or on the switch However if the chassis and port ID information in the two types of advertisements is the same the LLDP information overwrites the CDP data for the same neighbor device on the same port CDP Operation and Commands By default the switches covered in this ...

Page 371: ...he switch s CDP Neighbors table maintained in the switch s MIB Management Information Base refer to the documentation provided with the particular SNMP utility Viewing the Switch s Current CDP Configuration CDP is shown as enabled disabled both globally on the switch and on a per port basis Syntax show cdp Lists the switch s global and per port CDP configuration The following example shows the def...

Page 372: ...e port at a time Using detail provides a longer list of details on the CDP device the switch detects on the specified port detail e port num Provides a list of the details for all of the CDP devices the switch detects Using port num produces a list of details for the selected port Figure 13 27 lists CDP devices that the switch has detected by receiving their CDP packets Figure 13 27 Example of CDP...

Page 373: ...r example to disable CDP read only on the switch ProCurve config no cdp run When CDP is disabled show cdp neighbors displays an empty CDP Neighbors table show cdp displays Global CDP information Enable CDP Yes No Enabling or Disabling CDP Operation on Individual Ports In the factory default configuration the switch has all ports enabled to receive CDP packets Disabling CDP on a port causes it to d...

Page 374: ...Configuring for Network Management Applications LLDP Link Layer Discovery Protocol 13 82 ...

Page 375: ...g Notes A 14 Troubleshooting SSH SFTP and SCP Operations A 16 Using Xmodem to Download Switch Software From a PC or UNIX Workstation A 17 Menu Xmodem Download to Primary Flash A 17 CLI Xmodem Download from a PC or UNIX Workstation to Primary or Secondary Flash A 18 Switch to Switch Download A 19 Menu Switch to Switch Download to Primary Flash A 19 CLI Switch To Switch Downloads A 20 Using PCM to U...

Page 376: ...st A 24 TFTP Copying a Customized Command File to a Switch A 25 Connected PC or UNIX Workstation A 26 Connected PC or UNIX Workstation A 26 Copying Diagnostic Data to a Remote Host PC or UNIX Workstation A 28 Copying Command Output to a Destination Device A 28 Copying Event Log Output to a Destination Device A 29 Copying Crash Data Content to a Destination Device A 29 Copying Crash Log Data Conten...

Page 377: ...dwiththeswitch orvisitwww procurve comandclick on software updates After you acquire a new software version you can use one of the following methods for downloading software to the switch Software Download Feature Default Menu CLI Web TFTP n a page A 4 page A 7 Xmodem n a page A 17 page A 18 Switch to Switch n a page A 19 page A 20 Software Update Manager in PCM Refer to the documentation provided...

Page 378: ...switch The software file is typically available from the ProCurve Networking web site at www procurve com The switch is properly connected to your network and has already been configured with a compatible IP address and subnet mask The TFTP server is accessible to the switch via IP Before you use the procedure do the following Obtain the IP address of the TFTP server in which the software file has...

Page 379: ... Remote File Name field type the name of the software file If you are using a UNIX system remember that the filename is case sensitive 6 Press Enter then X for eXecute to begin the software download The following screen then appears Figure A 2 Example of the Download OS Software Screen During a Download A progress bar indicates the progress of the download When the entire software file has been re...

Page 380: ...using the Reboot Switch command in the Main Menu always reboots the switch from primary flash Rebooting the switch from the CLI gives you more options Refer to Rebooting the Switch on page 6 18 8 After you reboot the switch confirm that the software downloaded cor rectly a FromtheMainMenu select 1 StatusandCounters andfromtheStatus and Counters menu select 1 General System Information b Check the ...

Page 381: ...er is a UNIX machine and the case upper or lower for the filename on the server does not match the case for the filename entered for the RemoteFileName parameter inthe DownloadOS Operating System or software screen One or more of the switch s IP configuration parameters are incorrect For a UNIX TFTP server the file permissions for the software file do not allow the file to be copied Another consol...

Page 382: ...loaded software image To do so use one of the following commands Syntax boot system flash primary secondary Boots from the selected flash Syntax reload Boots from the flash image and startup config file A switch covered in this guide with multiple configuration files also uses the current startup config file For more on these commands refer to Rebooting the Switch on page 6 18 4 To confirm that th...

Page 383: ...s a plain text mechanism and it connects to a standalone TFTP server or another ProCurve switch acting as a TFTP server to obtain the software image file s Using SCP and SFTP allows you to maintain your switches with greater security You can also roll out new software images with automated scripts that make it easier to upgrade multiple switches simultaneously and securely SFTP secure file transfe...

Page 384: ...mes that you have already set up SSH on the switch 2 Execute ip ssh filetransfer to tell the switch that you want to enable secure file transfer 3 Use a third party client application for SCP and SFTP commands The SCP SFTP Process To use SCP and SFTP 1 Open an SSH session as you normally would to establish a secure encrypted tunnel between your computer and the switch For more detailed directions ...

Page 385: ... on release S 14 XX hostname ProCurve vlan 1 name DEFAULT_VLAN untagged A1 A24 B1 B24 ip address 10 28 234 176 255 255 240 0 exit ip ssh filetransfer no tftp enable password manager password operator ViewingtheconfigurationshowsthatSFTPis enabled and TFTP is disabled Figure A 5 Example of Switch Configuration with SFTP Enabled If you enable SFTP then later disable it TFTP and auto TFTP remain disa...

Page 386: ...duces one of the following messages in the CLI SFTP must be disabled before enabling tftp SFTP must be disabled before enabling auto tftp Similarly while SFTP is enabled TFTP cannot be enabled using an SNMP management application Attempting to do so generates an inconsistent value message An SNMP management application cannot be used to enable or disable auto TFTP To enable SFTP by using an SNMP m...

Page 387: ...tion thus preventing auto tftp operation if the switch reboots Note This command does not affect the current TFTP enable configuration on the switch Command Options If you need to enable SSH v2 which is required for SFTP enter this command ProCurve config ip ssh version 2 Note As a matter of policy administrators should not enable the SSHv1 only or the SSHv1 or v2 advertisement modes SSHv1 is supp...

Page 388: ...mptstouseSCPorSFTPwithoutusingipsshfiletransferwillcause the SCP or SFTP session to fail Depending on the client software in use you will receive an error message on the originating console for example IP file transfer not enabled on the switch There is a delay when SFTP is copying an image onto the switch and although the command prompt returns in a couple of seconds the switch may take approxima...

Page 389: ...data a crash data b crash data c crash data e crash data f crash data h crash data I crash data J crash data K crash data L crash log crash log a crash log b crash log c crash log e crash log f crash log h crash log I crash log J crash log K crash log L event log os primary secondary ssh mgr_keys authorized_keys oper_keys authorized_keys Once you have configured your switch for secure file transfe...

Page 390: ...06 11 00636 ssh sftp session from ffff 10 0 12 35 W 01 01 90 00 06 26 00641 ssh sftp read error Bad file number session aborted I 01 01 90 00 09 54 00637 ssh scp session from ffff 10 0 12 35 W 01 01 90 ssh scp read error Bad file number session aborted Not e The Bad file number is from the system error value and may differ depending on the cause of the failure In the third example the device file ...

Page 391: ...rating as a terminal Refer to the Installation and Getting Started Guide you received with the switch for information on connecting a PC as a terminal and running the switch console interface The switch software is stored on a disk drive in the PC The terminal emulator you are using includes the Xmodem binary transfer feature For example in the HyperTerminal application included with Windows NT yo...

Page 392: ... following prompt Continue reboot of system No Press the space bar once to change No to Yes then press Enter to begin the reboot 7 To confirm that the software downloaded correctly a From the Main Menu select 1 Status and Counters 1 General System Information b Check the Firmware revision line CLI Xmodem Download from a PC or UNIX Workstation to Primary or Secondary Flash Using Xmodem and a termin...

Page 393: ...cted flash Syntax reload Reboots from the flash image currently in use For more on these commands see Rebooting the Switch on page 6 18 Switch to Switch Download You can use TFTP to transfer a software image between two switches of the same series The menu interface enables you to transfer primary to primary or secondary to primary The CLI enables all combinations of flash location options Menu Sw...

Page 394: ...y flash memory has been updated with the new software youmustreboottheswitchtoimplementthenewlydownloadedsoftware Return to the Main Menu and press 6 for Reboot Switch You will then see this prompt Continue reboot of system No Press the space bar once to change No to Yes then press Enter to begin the reboot 8 To confirm that the software downloaded correctly a From the Main Menu select Status and ...

Page 395: ...te the following command in the destination switch s CLI Running Total of Bytes Downloaded Figure A 7 Switch To Switch from Primary in Source to Either Flash in Destination Downloading from Either Flash in the Source Switch to Either Flash in the Destination Switch Syntax copy tftp flash ip addr os primary os secondary primary secondary This command executed in the destination switch gives you the...

Page 396: ...he CLI commands described in this section you can copy software images from the switch to another device using tftp or xmodem Not e For details on how switch memory operates including primary and secondary flash refer to Chapter 6 Switch Memory and Configuration TFTP Copying a Software Image to a Remote Host Syntax copy flash tftp ip addr filename This command copies the primary flash image to a T...

Page 397: ...ute the following command Procurve copy xmodem flash Press Enter and start XMODEM on your host 2 After you see the above prompt press Enter 3 Execute the terminal emulator commands to begin the file transfer Transferring Switch Configurations Transfer Features Feature Page Use TFTP to copy from a remote host to a config file A 24 Use TFTP to copy a config file to a remote host A 26 Use Xmodem to c...

Page 398: ...ultiple Configuration Files on page 6 23 For example to upload the current startup configuration to a file named sw8200 in the configs directory on drive d in a TFTP server having an IP address of 10 28 227 105 ProCurve copy startup config tftp 10 28 227 105 d configs sw8200 TFTP Copying a Configuration File from a Remote Host Syntax copy tftp startup config running config ip address remote file p...

Page 399: ...address filename Copy a customized command file to the switch ProCurve config copy tftp show tech 10 10 10 3 commandfile1 Figure A 9 Example of Using the copy tftp show tech Command to Upload a Customized Command File Syntax show tech custom Executes the commands found in a custom file instead of the hard coded list Note Exit the global config mode if needed before executing show tech commands You...

Page 400: ...re on multiple configuration files refer to Multiple Configuration Files on page 6 23 For example to copy a configuration file to a PC serially connected to the switch 1 Determine the file name and directory location on the PC 2 Execute the following command 3 After you see the above prompt press Enter 4 Execute the terminal emulator commands to begin the file transfer Xmodem Copying a Configurati...

Page 401: ...ute the following command 2 After you see the above prompt press Enter 3 Execute the terminal emulator commands to begin the file transfer 4 When the download finishes you must reboot the switch to implement the newly downloaded software To do so use one of the following commands Syntax boot system flash primary secondary boot system flash config filename Switches boot from the designated configur...

Page 402: ...ning the reason for a system crash Crash Log Processor Specific operating data useful for determining the reason for a system crash The destination device and copy method options are as follows CLI key word is in bold Remote Host via TFTP Serially connected PC or UNIX workstation via Xmodem Copying Command Output to a Destination Device Syntax copy command output cli command tftp ip address filepa...

Page 403: ...odem filename These commands copy the Event Log content to a remote host or to a serially connected PC or UNIX workstation For example to copy the event log to a PC connected to the switch At this point press Enter and start the Xmodem command sequence in your terminal emulator Figure A 12 Example of Sending Event Log Content to a File on an Attached PC Copying Crash Data Content to a Destination ...

Page 404: ...content to a remote host or to a serially connected PC or UNIX workstation You can copy individual slot information or the management module mm switch information If you do not specify either the command defaults to the mm data For example to copy the switch s crash data to a file in a PC At this point press Enter and start the Xmodem command sequence in your terminal emulator Figure A 13 Example ...

Page 405: ... 10 Web Access B 10 Viewing Port and Trunk Group Statistics and Flow Control Status B 11 Menu Access to Port and Trunk Statistics B 12 CLI Access To Port and Trunk Group Statistics B 13 Web Browser Access To View Port and Trunk Group Statistics B 13 Viewing the Switch s MAC Address Tables B 14 Menu Access to the MAC Address Views and Searches B 14 CLI Access for MAC Address Views and Searches B 17...

Page 406: ...tch Operation Contents Interface Monitoring Features B 23 Menu Configuring Port and Static Trunk Monitoring B 24 CLI Configuring Port and Static Trunk Monitoring B 25 Web Configuring Port Monitoring B 28 Locating a Device B 28 B 2 ...

Page 407: ...ing the Event Log for Troubleshooting Switch Problems on page C 22 Alert Log Lists network occurrences detected by the switch in the Status Overview screen of the web browser interface page 5 20 Configurable trap receivers Uses SNMP to enable management sta tions on your network to receive SNMP traps from the switch Refer to SNMP Management Features on page 13 4 Port monitoring mirroring Copy all ...

Page 408: ...o VLANs are configured for the switch Port Status Menu CLI Displays the operational status of each port B 10 Web Port and Trunk Statistics Menu CLI Summarizes port activity and lists per port flow control status B 11 and Flow Control Status Web VLAN Address Table Menu CLI Lists the MAC addresses of nodes the switch has detected on B 14 specific VLANs with the corresponding switch port Port Address...

Page 409: ... at the Main Menu display the Status and Counters menu by select ing 1 Status and Counters Figure B 1 The Status and Counters Menu Each of the above menu items accesses the read only screens described on the following pages Refer to the online help for a description of the entries displayed in these screens B 5 ...

Page 410: ...Buiding A Software revision S 14 XX Base MAC Addr 001c2e 95b900 ROM Version S 14 01 Serial Number SG862II056 Up Time 46 hours Memory Total CPU Util 19 Free IP Mgmt Pkts Rx 532 398 Packet Total 6750 Pkts Tx 3005 Buffers Free 5093 Lowest 5030 Missed 0 Actions Back Help Return to previous screen Use arrow keys to change action selection and Enter to execute action Figure B 2 Example of General Switch...

Page 411: ...tch System Contact System Location MAC Age Time sec 300 Time Zone 0 Daylight Time Rule None Software revision S 14 XX Base MAC Addr 001635 b57cc0 ROM Version S 14 02 Serial Number LP621KI005 Up Time 10 days Memory Total 152 455 616 CPU Util 3 Free 110 527 264 IP Mgmt Pkts Rx 6 000 531 Packet Total 6750 Pkts Tx 10 133 Buffers Free 5086 Lowest 5086 Missed 0 Figure B 3 Example of Switch System Inform...

Page 412: ... command The settings are not persistent that is there are no changes to the configura tion Default Disabled ProCurve config task monitor cpu ProCurve config show cpu 2 percent busy from 2865 sec ago 1 sec ave 9 percent busy 5 sec ave 9 percent busy 1 min ave 1 percent busy CPU Description 99 Idle Figure B 4 Example of the task monitor cpu Command and show cpu Output Switch Management Address Info...

Page 413: ...se the same MAC address This includes both the statically configured VLANs and any dynamic VLANs existing on the switch as a result of GVRP operation Also the switches covered in this guide use a multiple forwarding database When using multiple VLANs and connecting a switch to a device that uses a single forwarding database such as a Switch 4000M there are cabling and tagged port VLAN requirements...

Page 414: ...and the console interface show the same port status data Menu Displaying Port Status From the Main Menu select 1 Status and Counters 4 Port Status Figure B 6 Example of Port Status on the Menu Interface CLI Access Syntax show interfaces brief Web Access 1 Click on the Status tab 2 Click on Port Status B 10 ...

Page 415: ...ecific port The menu interface and the web browser interface provide a dynamic display of counters summarizing the traffic on each port The CLI lets you see a static snapshot of port or trunk group statistics at a particular moment As mentioned above rebooting or resetting the switch resets the counters to zero You can also reset the counters to zero for the current session This is useful for trou...

Page 416: ...Port Counters on the Menu Interface To view details about the traffic on a particular port use the v key to highlight that port number then select Show Details For example selecting port A2 displays a screen similar to figure B 8 below Figure B 8 Example of the Display for Show details on a Selected Port This screen also includes the Reset action for the current session Refer to the Note on Reset ...

Page 417: ...command provides traffic details for the port s you specify To Reset the Port Counters for a Specific Port Syntax clear statistics port list This command resets the counters for the specified ports to zero for the current session See the Note on Reset on page B 11 Web Browser Access To View Port and Trunk Group Statistics 1 Click on the Status tab 2 Click on Port Counters 3 To refresh the counters...

Page 418: ...ach MAC address was learned Menu Access to the MAC Address Views and Searches Per VLAN MAC Address Viewing and Searching This feature lets you determine which switch port on a selected VLAN is being used to communi cate with a specific device on the network The per VLAN listing includes The MAC addresses that the switch has learned from network devices attached to the switch The port on which each...

Page 419: ...device 1 Proceeding from figure B 9 press S for Search to display the following prompt Enter MAC address _ 2 Type the MAC address you want to locate and press Enter The address and port number are highlighted if found If the switch does not find the MAC address on the currently selected VLAN it leaves the MAC address listing empty Located MAC Address and Corresponding Port Number Figure B 10 Examp...

Page 420: ...ecific Port 2 Use the Space bar to select the port you want to list or search for MAC addresses then press Enter to list the MAC addresses detected on that port Determining Whether a Specific Device Is Connected to the Selected Port Proceeding from step 2 above 1 Press S for Search to display the following prompt Enter MAC address _ 2 Type the MAC address you want to locate and press Enter The add...

Page 421: ...ing Port Numbers For example to list the learned MAC address on ports A1 through A4 and port A6 ProCurve show mac address a1 a4 a6 To List All Learned MAC Addresses on a VLAN with Their Port Numbers This command lists the MAC addresses associated with the ports for a given VLAN For example ProCurve show mac address vlan 100 Not e The switches coveredinthisguideoperate with a multiple forwarding da...

Page 422: ...cost priority state and designated bridge Syntax show spanning tree This command displays the switch s global and regional spanning tree status plus the per port spanning tree operation at the regional level Note that values for the following parameters appear only for ports connected to active devices Designated Bridge Hello Time PtP and Edge Figure B 12 Output from show spanning tree Command B 1...

Page 423: ... addresses per VLAN Number of report and query packets per group Querier access port per VLAN show ip igmp vlan id Per VLAN command listing above IGMP status for specified VLAN VID show ip igmp group ip addr Lists the ports currently participating in the specified group with port type Access type Age Timer data and Leave Timer data For example suppose that show ip igmp listed an IGMP group address...

Page 424: ...ry VLAN show vlan vlan id For the specified VLAN lists Name VID and status static dynamic Per Port mode tagged untagged forbid no auto Unknown VLAN setting Learn Block Disable Port status up down For example suppose that your switch has the following VLANs Ports VLAN VLANID 1 12 DEFAULT_VLAN 1 13 14 VLAN 33 33 15 20 VLAN 44 44 The next three figures show how you could list data on the above VLANs ...

Page 425: ...peration Status and Counters Data Because ports A1 and A2 are not members of VLAN 44 itdoesnotappear in this listing Figure B 15 Example of VLAN Listing for Specific Ports Figure B 16 Example of Port Listing for an Individual VLAN B 21 ...

Page 426: ...tus of the switch including summary graphs indicating the network utili zation on each of the switch ports symbolic port status indicators and the Alert Log which informs you of any problems that may have occurred on the switch For more information on this screen refer to chapter 5 Using the ProCurve Web Browser Interface Alert Log Port Status Indicators Port Utilization Graphs Figure B 17 Example...

Page 427: ... when it goes out a monitored port even if that port is configured as untagged If the packet is untagged it will remain untagged going out the monitor port The monitor port state tagged or untagged does not affect the tagging of the packet However egress mirroring does not reflect the tagged or untagged characteristic to the mirror port instead it reflects the tagged or untagged characteristic of ...

Page 428: ...wn in this procedure 1 From the Console Main Menu Select 2 Switch Configuration 3 Network Monitoring Port Enable monitoring by setting this parameter to Yes Figure B 18 The Default Network Monitoring Configuration Screen 2 In the Actions menu press E for Edit 3 If monitoring is currently disabled the default then enable it by pressing the Space bar or Y to select Yes 4 Press the down arrow key to ...

Page 429: ...ports and position the cursor at a port you want to monitor 7 Press the Space bar to select Monitor for each port and trunk that you want monitored Use the down arrow key to move from one interface to the next in the Action column 8 When you finish selecting ports to monitor press Enter then press S for Save to save your changes and exit from the screen 9 Return to the Main Menu CLI Configuring Po...

Page 430: ... assign port A6 as the monitoring port and configure the switch to monitor ports A1 A3 show monitor displays the following Port receiving monitored traffic Monitored Ports Figure B 20 Example of Monitored Port Listing Configuring the Monitor Port Syntax no mirror port port num This command assigns or removes a monitoring port and must be executed from the global configuration level Removing the mo...

Page 431: ...itor the port s and static trunk s available on the switch Elements in the monitor list can include port numbers and static trunk names at the same time Forexample withaportsuchasportA6configuredas themonitoring mirror port you would use either of the following commands to select these inter faces for monitoring A1 through A3 and A5 Trunk 2 ProCurve config int a1 a3 a5 trk2 monitor Figure B 21 Exa...

Page 432: ... For web based Help on how to use the web browser interface screen click on the button provided on the web browser screen Locating a Device If you are trying to locate a particular switch you can enter the chassislocate command The blue Locator LED will light up on that switch Syntax chassislocate blink on off Locate a device by using the blue Locate LED on the front panel blink 1 1440 Blinks the ...

Page 433: ... ProCurve config chassislocate blink 1 1440 Blink the chassis locate led default 30 minutes off Turn the chassis locate led off on 1 1440 Turn the chassis locate led on default 30 minutes ProCurve config chassislocate Figure B 23 The chassislocate command B 29 ...

Page 434: ...Monitoring and Analyzing Switch Operation Locating a Device B 30 ...

Page 435: ...ree Protocol MSTP and Fast Uplink Problems C 15 SSH Related Problems C 16 TACACS Related Problems C 17 TimeP SNTP or Gateway Problems C 19 VLAN Related Problems C 19 Fan Failure C 21 Using the Event Log for Troubleshooting Switch Problems C 22 Event Log Entries C 22 Menu Displaying and Navigating in the Event Log C 28 CLI Displaying the Event Log C 29 CLI Clearing Event Log Entries C 29 CLI Turnin...

Page 436: ...er C 46 Messages Sent to a Syslog Server C 47 Operating Notes for Debug and Syslog C 47 Diagnostic Tools C 49 Port Auto Negotiation C 50 Ping and Link Tests C 50 Web Executing Ping or Link Tests C 51 CLI Ping Test C 52 Link Tests C 53 Traceroute Command C 54 Viewing Switch Configuration and Operation C 58 CLI Viewing the Startup or Running Configuration File C 58 Web Viewing the Configuration File...

Page 437: ...age C 68 DNS Resolver C 71 Terminology C 71 Basic Operation C 71 Configuring and Using DNS Resolution with DNS Compatible Commands C 73 Configuring a DNS Entry C 74 Example Using DNS Names with Ping and Traceroute C 75 Viewing the Current DNS Configuration C 77 Operating Notes C 78 Event Log Messages C 79 C 3 ...

Page 438: ...ted by LED behavior cabling requirements and other potential hardware related problems refer to the Installation Guide you received with the switch Not e ProCurve periodically places switch software updates on the ProCurve Networking web site ProCurve recommends that you check this web site for software updates that may have fixed a problem you are experiencing For information on support and warra...

Page 439: ...ester to check your cables for compliance to the relevantIEEE802 3specification RefertotheInstallation Guideshipped with the switch for correct cable types and connector pin outs Use ProCurve Manager to help isolate problems and recommend solu tions Use the Port Utilization Graph and Alert Log in the web browser interface included in the switch to help isolate problems Refer to Chapter 5 Using the...

Page 440: ...agement Address Information also check the DHCP Bootp server configuration to verify correct IP addressing If you are using DHCP to acquire the IP address for the switch the IP address lease time may have expired so that the IP address has changed For more information on how to reserve an IP address refer to the documentation for the DHCP application that you are using If one or more IP Authorized...

Page 441: ...ing 2 Switch Configuration 5 IP Configuration Note If DHCP Bootp is used to configure the switch refer to the Note above If you are using DHCP to acquire the IP address for the switch the IP address lease time may have expired so that the IP address has changed For more information on how to reserve an IP address refer to the documentation for the DHCP application that you are using If one or more...

Page 442: ...y be occurring in the network These may be due to redundant links between nodes If you are configuring a port trunk finish configuring the ports in the trunk before connecting the related cables Otherwise you may inad vertently create a number of redundant links i e topology loops that will cause broadcast storms Turn on Spanning Tree Protocol to block redundant links i e topology loops Check for ...

Page 443: ...with this configuration it immediatelybeginssendingrequestpacketsonthenetwork Iftheswitchdoes not receive a reply to its DHCP Bootp requests it continues to periodically sendrequestpackets butwith decreasing frequency Thus ifa DHCP or Bootp server is not available or accessible to the switch when DHCP Bootp is first configured the switch may not immediately receive the desired configuration After ...

Page 444: ... Switch Management Address Information LACP Related Problems Unable to enable LACP on a port with the interface port number lacp command In this case the switch displays the following message Operation is not allowed for a trunked port You cannot enable LACP on a port while it is configured as static Trunk port To enable LACP on static trunked port first use the no trunk port number command to dis...

Page 445: ...ure that the VLAN exists as a static VLAN on the switch Refer to How 802 1X Authentication Affects VLAN Operation in the Access Security Guide for your switch During RADIUS authenticated client sessions access to a VLAN on the port used for the client sessions is lost If the affected VLAN is config uredasuntaggedontheport itmay be temporarilyblockedonthatportduring an802 1Xsession Thisisbecausethe...

Page 446: ...ticator active all ports configured with control unauthorized should be listed as Closed PortA9showsan Open statuseven though Access Control is set to Unauthorized Force Auth This is because the port access authenticator has not yet been activated Figure C 1 Authenticator Ports Remain Open Until Activated RADIUS server fails to respond to a request for service even though the server s IP address i...

Page 447: ...t list initialize If the port is force authorizedwithaaaport accessauthenticator port list controlauthorized command and port security is enabled on the port then executing initialize causes the port to clear the learned address and learn a new address from the first packet it receives after you execute initialize A trunked port configured for 802 1X is blocked If you are using RADIUS authenticati...

Page 448: ...sure that the radius server timeout period is long enough for network conditions Verify that the switch is using the same UDP port number as the server RADIUS server fails to respond to a request for service even though the server s IP address is correctly configured in the switch Use show radius to verify that the encryption key the switch is using is correct for the server being contacted If the...

Page 449: ...agged link between the devices Also if ports are available you can improve the bandwidth in this situation by using a port trunk Refer to Spanning Tree Operation with VLANs in the chapter titled Static Virtual LANs VLANs in the Advanced Traffic Management Guide for your switch Fast Uplink Troubleshooting Some of the problems that can result from incorrect usage of Fast Uplink MSTP include temporar...

Page 450: ...ting the Switch s Public and Private Key Pair in the SSH chapter of the Access Security Guide for your switch Switch does not detect a client s public key that does appear in the switch s public key file show ip client public key The client s public key entry in the public key file may be preceded by another entry that does not terminate with a new line CR In this case the switch interprets the ne...

Page 451: ...vent this problem TACACS Related Problems Event Log When troubleshooting TACACS operation check the switch s Event Log for indications of problem areas All Users Are Locked Out of Access to the Switch If the switch is func tioning properly but no username password pairs result in console or Telnet access to the switch the problem may be due to how the TACACS server and or the switch are configured...

Page 452: ...s tacacs server host command may not be correct Use the switch s show tacacs server command to list the TACACS server IP address The encryption key configured in the server does not match the encryption key configured in the switch by using the tacacs server key command Verify the key in the server and compare it to the key configured inthe switch Use showtacacs server tolistthe globalkey Use show...

Page 453: ...teway TimeP SNTP and Gateway access are through the primary VLAN which in the default configuration is the DEFAULT_VLAN If the primary VLAN has been moved to another VLAN it may be disabled or does not have ports assigned to it VLAN Related Problems None of the devices assigned to one or more VLANs on an 802 1Q compliant switch are being recognized If multiple VLANsare beingused on ports connectin...

Page 454: ...ring on different VLANs can appear where a device having one MAC address is a member of more than one 802 1Q VLAN and the switch porttowhichthedeviceislinkedisusingVLANs insteadofMSTPortrunking to establish redundant links to another switch If the other device sends traffic over multiple VLANs its MAC address will consistently appear in multiple VLANs on the switch port to which it is linked Note ...

Page 455: ...ontinual moves of MAC address A between ports VLAN 1 VLAN 2 Figure C 5 Example of Duplicate MAC Address Fan Failure When two or more fans fail a two minute timer starts After two minutes the switch is powered down and must be rebooted to restart it This protects the switch from possible overheating ProCurve recommends that you replace a failed fan tray assembly within one minute of removing it C 2...

Page 456: ...he contents of the Event Log are not erased if you Reboot the switch by choosing the Reboot Switch option from the menu interface Enter the reload command from the CLI Event Log Entries As shown in Figure C 6 each Event Log entry is composed of five or six fields depending on whether numbering is turned on or not Severity Date Time Event number System Module Event Message I 08 05 06 10 52 32 00063...

Page 457: ...accessonlyonportson which a single 802 1X capable client supplicant has entered valid RADIUS user credentials Access Security Guide addrmgr Address Table Manager Manages MAC addresses that the switch has learned and are stored in the switch s address table Management and Configuration Guide auth Authorization A connected client must receive authorization through web AMC RADIUS based TACACS based o...

Page 458: ...d receives packets between the CPU and the switch fault Fault Detection facility including response policy and the sensitivity level at which a network problem should generate an alert Management and Configuration Guide ffi Find Fix and Inform Event or alert log messages indicating a possible topology loop that cause excessive network activity andresultsinthenetworkrunningslow FFImessagesinclude e...

Page 459: ...t Guide lldp Link Layer Discovery Protocol Supports transmitting LLDP packets to neighbor devices and reading LLDP packets received from neighbor devices enabling a switch to advertise itself to adjacent devices and to learn about adjacent LLDP devices Management and Configuration Guide macauth Web and MAC authentication Port based security employed on the network edge to protect private networks ...

Page 460: ...porting flow sampling and standard MIBs Management and Configuration Guide sntp Simple Network Time Protocol Synchronizes and ensures a uniform time among interoperating devices Management and Configuration Guide ssh Secure Shell version 2 SSHv2 Provides remote access to management functions on a switch via encrypted paths between the switch and management station clients capable of SSH operation ...

Page 461: ... Advanced Traffic Management Guide telnet Session established on the switch from a remote device through the Telnet virtual terminal protocol Management and Configuration Guide tftp Trivial FileTransfer Protocol Supports thedownload of files to the switch from a TFTP network server Management and Configuration Guide timep Time Protocol Synchronizes and ensures a uniform time among interoperating d...

Page 462: ...ry 1 751 Log events on screen 690 704 Actions Back Next page Prev page End Help Return to previous screen Use up down arrow to scroll one line left right arrow keys to change action selection and Enter to execute action Figure C 7 Example of an Event Log Display The log status line below the recorded entries states the total number of events stored in the event log and which logged events are curr...

Page 463: ...search text value with a or r to further filter show logging command output Examples To display all Event Log messages that have system in the message text or module name enter the following command ProCurve show logging a system To display all Event Log messages recorded since the last reboot that have the word system in the message text or module name enter ProCurve show logging system CLI Clear...

Page 464: ...f a particular event or condition generates a message the switch initiates a log throttle period that applies to all recurrences of that event If the logged event recurs during the log throttle period the switch increments the counter initiated by the first instance of the event but does not generate a new message If the logged event repeats again after the log throttle period expires the switch g...

Page 465: ...f the same Send error during the third log throttle period for this event In this case the duplicate message would appear three times in the Event Log once for each log throttle period for the event being described and the Duplicate Message Counter would increment as shown in table C 2 The same operation would apply for messages sent to any configured SNMP trap receivers Table C 2 How the Duplicat...

Page 466: ...ions Use the debug command to configure messaging reports for the following event types Events recorded in the switch s Event Log LLDP events SSH events Use the logging command to select a subset of Event Log messages to send to an external device for debugging purposes according to Severity level System module Debug Syslog Destination Devices To use Debug Syslog messaging you must configure an ex...

Page 467: ... logging system module all pass commands debug Command all Sends debug logging to configured debug destinations for all Event Log options destination logging Disables or re enables Syslog logging on one or more Syslog servers configuredwiththelogging syslog ip addr command See DebugDestinations on page C 40 session Assigns or re assigns destination status to the terminal device that was most recen...

Page 468: ...e following switch models 8212zl switch Series 6400cl switches 6200yl Switch Series 5400zl switches Series 5300xl switches Series 4200vl switches Series 4100gl switches software release G 07 50 or greater Series 3500yl switches Series 3400cl switches Series 2910al switches Series 2900 switches Series 2800 switches Series 2610 switches Series 2600 switches and the Switch 6108 software release H 07 ...

Page 469: ...mand in Step a to configure additional Syslog servers You can configure up to a total of six servers When multiple server IP addresses are configured the switch sends the debug message types that you configure in Step 3 to all IP addresses 2 To use a CLI session on a destination device for debug messaging a Set up a serial Telnet or SSH connection to access the switch s CLI b Enter the debug desti...

Page 470: ...e system module If you configure a severity level system module logging destination or logging facility value and save the settings to the startup configuration for example by entering the write memory command the debug settings are saved after a system reboot power cycle or reboot and re activated on the switch As a result after switch startup one of the following situations may occur Only a part...

Page 471: ...nfig logging 10 28 38 164 ProCurve config write memory ProCurve config show debug Debug Logging Destination Logging 10 28 38 164 Facility user Severity debug System module all pass Enabled debug types event ProCurve config logging severity error ProCurve config logging system module iplock Displays the default debug configuration NoSyslogserverIP addresses or debug types are configured When you co...

Page 472: ...es in the switch s Event Log Debug Command At the manager level use the debug command to perform two main functions Specifies the types of event messages to be sent to an external destination Specifies the destinations to which selected message types are sent By default no debug destination is enabled and only Event Log messages are enabled to be sent Not e To configure a Syslog server use the log...

Page 473: ...n these conditions If no Syslog server address is configured and you enter the logging syslog ip addr command to configure a destination address If at least one Syslog server address is configured in the startup configuration and the switch is rebooted or reset Event log messages are the default type of debug message sent to configured debug destinations ip Displays debug messages for IPv4 ipv6 Di...

Page 474: ...ssages are configured to accept the debug level For more informa tion refer to Operating Notes for Debug and Syslog on page C 47 session Enables transmission of event notification messages to the CLI session that most recently executed this command The session can be on any one terminal emulation device with serial Telnet or SSH access to the CLI at the Manager level prompt ProCurve _ If more than...

Page 475: ...e desirable After a reboot messages remain in the Event Log and are not deleted However after a power recycle all Event Log messages are deleted If you configure a severity level and or system module to temporarily filter Event Log messages be sure to reset the values to their default settings by entering the no form of the following commands to ensure that Event Log messages of all severity level...

Page 476: ...ity level used to filter the Event Log messages sent to configured Syslog servers see Configuring the Severity Level for Event Log Messages Sent to a Syslog Server on page C 46 and Configuring the System Module Used to Select the Event Log Messages Sent to a Syslog Server on page C 47 TodisplaythecurrentlyconfiguredSyslogserversas wellasthetypesofdebug messages and the severity level and system mo...

Page 477: ...slog destinations with the no loggingcommand or a specified Syslog server destination with the no logging syslog ip address command does not delete the Syslog server IP addresses stored in the startup configuration To delete Syslog addresses in the startup configuration you must enter a no logging command followed by the write memory command To verify the deletion of a Syslog server address displa...

Page 478: ...ssages generated internally by Syslog lpr Line Printer subsystem news Netnews subsystem uucp uucp subsystem cron cron at subsystem sys9 cron at subsystem sys10 sys14 Reserved for system use local10 local17 Reserved for system use Use the no form of the command to remove the configured facility and reconfigure the default user value For a list of supported ProCurve switches refer to the Note on pag...

Page 479: ...syslog_one Figure C 11 Example of the Logging Command with a Control Description C a u t i o n Entering the no logging command removes ALL the syslog server addresses without a verification prompt Adding a Priority Description You can add a user friendly description for the set of syslog filter parameters using the priority descr option The description can be added with the CLI or SNMP The CLI com...

Page 480: ...iagnostic information Using the logging severity command you can select a set of Event Log messages according to their severity level and send them to a Syslog server Messages of the selected and higher severity willbe sent To configure a Syslog server see Configuring a Syslog Server on page C 41 Syntax no logging severity major error l warning info debug Configures the switch to send all Event Lo...

Page 481: ... module Configures the switch to send all Event Log messages being logged from the specified system module to configured Syslog servers Refer to Table C 1 on page C 27 for the correct value to enter for each system module Default all pass Reports all Event Log messages Use the no form of the command to remove the configured system module value and reconfigure the default value which sends Event Lo...

Page 482: ...bug messages All Syslog messages resulting from a debug operation have a debug severity level If you configure the switch to send debug messages to a Syslog server ensure that the server s Syslog application is configured to accept the debug severity level The default configuration for some Syslog applications ignores the debug severity level Duplicate IP addresses are not stored in the list of sy...

Page 483: ...View switch configuration files n a page C 58 page C 58 View switch show tech n a page C 59 operation View crash information and n a page C 62 command history View system information and n a page C 62 software version Useful commands in a n a page C 66 troubleshooting session Resetting factory default page C 67 page C 67 configuration Buttons Restoring a flash image n a page C 68 Port Status n a p...

Page 484: ... between your switch and another IEEE 802 3 compliant device on your network These tests can tell you whether the switch is communicating properly with another device Not e To respond to a Ping test or a Link test the device you are trying to reach must be IEEE 802 3 compliant Ping Test This is a test of the path between the switch and another device on the same or another IP network that can resp...

Page 485: ...itch An IP address is in the X X X X format where X is a decimal number between 0 and 255 A MACaddressismadeupof12hexadecimaldigits forexample 0060b0 080400 Number of Packets to Send is the number of times you want the switch to attempt to test a connection Web Executing Ping or Link Tests Figure C 13 Link and Ping Test Screen on the Web Browser Interface 5 Select the number of tries packets and t...

Page 486: ...ddress hostname switch num repetitions 1 10000 timeout 1 60 source ip address vlan id data size 0 65471 data fill 0 1024 ping6 ip address hostname switch num repetitions 1 10000 timeout 1 60 source ip address vlan id data size 0 65471 data fill 0 1024 Sends ICMP echo requests to determine if another device is alive Note For information about ping6 see the IPv6 Configuration Guide for your switch i...

Page 487: ...gure C 14 Examples of Ping Tests To halt a ping test before it concludes press Ctrl C Not e To use the ping or traceroute command with host names or fully qualified domain names refer to DNS Resolver on page C 71 Link Tests You can issue single or multiple link tests with varying repetitions and timeout periods The defaults are Repetitions 1 1 999 Timeout 5 seconds 1 256 seconds Syntax link mac ad...

Page 488: ...ch router hop between the switch and the destination address Note that every time you execute traceroute it uses the same default settings unless you specify otherwise for that instance of the command Syntax traceroute ip address hostname traceroute6 ip address hostname Lists the IP address or hostname of each hop in the route plus the time in microseconds for the traceroute packet reply to the sw...

Page 489: ...then traceroute lists the IP addresses for all hops it detects up to the maxttl limit For any instance of traceroute if you want a maxttl value other than the default you must specify that value Default 30 timeout 1 120 For the current instance of traceroute changes the timeout period the switch waits for each probe of a hop in the route For any instance of traceroute if you want a timeout value o...

Page 490: ...ceroute Enquiry Continuing from the previous example Figure C 16 above executing traceroute with an insufficient maxttl for the actual hop count produces an output similar to this Traceroute does not reach destination IP address because of low maxttl setting The asterisk indicates there was a timeout on the second probe to the third hop Figure C 17 Example of Incomplete Traceroute Due to Low Maxtt...

Page 491: ...te becomes blocked or otherwise fails results in an output marked by timeouts for all probes beyond the last detected hop For example with a maximum hop count of 7 maxttl 7 where the route becomes blocked or otherwise fails the output appears similar to this At hop 3 the first and third probes timed out but the second probe reached the router All further probes within the maxttl timed out without ...

Page 492: ...nfiguration File Using the CLI you can display either the running or the startup configuration For more information and examples of how to use these commands refer to Chapter 6 Switch Memory and Configuration Syntax write terminal Displays the running configuration show config Displays the startup configuration show running config Displays the running config file Web Viewing the Configuration File...

Page 493: ...and displays a single output of switch operat ing and running configuration data from several internal switch sources including Image stamp software version data Running configuration Event Log listing Boot History Port settings Status and counters port status IP routes Status and counters VLAN information GVRP support Load balancing trunk and LACP C 59 ...

Page 494: ...5086 4961 0 show flash Image Size Bytes Date Version Build Figure C 19 Example of Show Tech Command Saving show tech Command Output to a Text File When you enter the show tech command a summary of switch operational data is sent to your terminal emulator You can use your terminal emulator s text capture features to save the show tech data to a text file for viewing printing or sending to an associ...

Page 495: ...indow of the Hyperterminal Application 2 In the File field enter the path and file name in which you want to store the show tech output Figure C 21 Entering a Path and Filename for Saving show tech Output 3 Click Start to create and open the text file 4 From the global configuration context enter the show tech command ProCurve show tech The show tech command output is copied into the text file and...

Page 496: ... in the Redundancy Switch 8212zl chapter show history Displays the current command history This command output is used for reference or when you want to repeat a command show system information Displays globally configured parameters and information on switch operation see CLI Viewing and Configuring System Information in the Interface Access and System Information chapter show version Displays th...

Page 497: ...display selected portions of the output from a show command There is no limit to the number of characters that can be matched Only regular expressions are permitted symbols such as the asterisk cannot be substituted to perform more general matching include Only the lines that contain the matching pattern are displayed in the output exclude Only the lines that contain the matching pattern are not d...

Page 498: ...J8705A snmp server community notpublic Unrestricted vlan 1 name DEFAULT_VLAN untagged A1 A24 B1 B20 Displays all lines that don t contain ipv6 ip address dhcp bootp no untagged B21 B24 exit vlan 20 name VLAN20 untagged B21 B24 no ip address exit policy qos michael exit sequence 10 deny tcp 2001 db8 255 48 2001 db8 125 48 exit no autorun password manager ProCurve config Figure C 23 Example of Patte...

Page 499: ... ProCurve config Figure C 24 Example of Pattern Matching with Begin Option Figure C 25 is an example of the show arp command output and then the output displayed when the include option has the IP address of 15 255 128 1 as the regular expression ProCurve config show arp IP ARP table IP Address MAC Address Type Port 15 255 128 1 00000c 07ac00 dynamic B1 15 255 131 19 00a0c9 b1503d dynamic 15 255 1...

Page 500: ...kill Terminates a currently running remote troubleshooting session Use the show ip ssh command to list the current management sessions For more information see Denying Interface Access by Terminating Remote Management Sessions in the Interface Access and System Information chapter no page Toggles the paging mode for show commands between continuous listing and per page listing repeat Repeatedly ex...

Page 501: ...t button combination Not e ProCurve recommends that you save your configuration to a TFTP server before resetting the switch to its factory default configuration You can also save your configuration via Xmodem to a directly connected PC CLI Resetting to the Factory Default Configuration This command operates at any level except the Operator level Syntax erase startup configuration Deletes the star...

Page 502: ...cover from an Empty or Corrupted Flash State Use the switch s console serial port to connect to a workstation or laptop computer that has the following A terminal emulator program with Xmodem capability such as the Hyper Terminal program included in Windows PC software A copy of a good OS image file for the switch Not e The following procedure requires the use of Xmodem and copies an OS image into...

Page 503: ...l Disconnect ii Select File Properties iii Click on Configure iv Change the baud rate to 115200 v Click on OK In the next window click on OK again vi Select Call Connect vii Press Enter one or more times to display the prompt 5 Start the Console Download utility by typing do at the prompt and pressing Enter do 6 You will then see this prompt 7 At the above prompt a Type y for Yes b Select Transfer...

Page 504: ...ash Image Figure C 26 Example of Xmodem Download in Progress 8 When the download completes the switch reboots from primary flash using the OS image you downloaded in the preceding steps plus the most recent startup config file C 70 ...

Page 505: ...0 101 has a host name of device53 and resides in the evergreen trees org domain then the device s fully qualified domain name is device53 evergreen trees org and the DNS resolution of this name is 10 10 10 101 Host Name The unique leftmost label in a domain name assigned to a specific IP address in a DNS server configuration This enables the server to distinguish a device using that IP address fro...

Page 506: ...n accessible DNS server If an operator wants to use the switch to ping a target host in this domain by using the DNS name leader assigned by a DNS server to an IP address used in that domain then the operator can use either of the following commands ProCurve ping leader 10 28 229 220 is alive time 1 ms Host Name for the Desired Host Ping Response ProCurve ping leader mygroup procurve net Fully Qua...

Page 507: ...s second domain is accessible to the DNS server already configured on the switch a traceroute command using the target s fully qualified DNS name should succeed ProCurve traceroute remote 01 common group net traceroute to 10 22 240 73 1 hop min 30 hops max 5 sec timeout 3 probes 1 10 28 229 3 0 ms 0 ms 0 ms 2 10 71 217 1 0 ms 0 ms 0 ms 3 10 0 198 2 1 ms 0 ms 0 ms 4 10 22 240 73 0 ms 0 ms 0 ms Full...

Page 508: ...nfigures the access priority and IP address of a DNS server accessible to the switch These settings specify the relative priority of the DNS server when multiple servers are configured the IP address of the DNS server These settings must be configured before a DNS compatible command can be executed with host name criteria The switch supports three prioritized DNS server entries Configuring another...

Page 509: ... The domain suffix configured on the switch is not the domain in which the target host exists The switch supports one domain suffix entry and three DNS server IP address entries Refer to the preceding command description The no form of the command replaces the configured domain suffix with the null setting Default null Example Using DNS Names with Ping and Traceroute In the network illustrated in ...

Page 510: ...29 219 Switch IP Address 10 28 192 1 Document Server IP Address 10 28 229 219 With the above already configured the following commands enable a DNS compatible command with the host name docserver to reach the document server at 10 28 229 219 ProCurve config ip dns server address 10 28 229 10 ProCurve config ip dns domain name pubs outdoors com Figure C 30 Configuring Switch A in FigureC 29 To Supp...

Page 511: ...y Qualified Domain Name Figure C 32 Example of Ping and Traceroute Execution When Only the DNS Server IP Address Is Configured Viewing the Current DNS Configuration The show ip command displays the current domain suffix and the IP address of the highest priority DNS server configured on the switch along with other IP configuration information If the switch configuration currently includes a non de...

Page 512: ...ready used in the configuration for another address you must first use the no form of the command to remove the current address from the target priority The DNS server s and domain configured on the switch must be accessible to the switch but it is not necessary for any intermediate devices between the switch and the DNS server to be configured to support DNS operation When multiple DNS servers ar...

Page 513: ... incorrect server IP address can produce this result Unknown host host name The host name did not resolve to an IP address Some reasons for this occurring include The host name was not found The named domain was not found The domain suffix was expected but has not been configured If the server s IP address has been configured in the switch but the domain name has not been configured then the host ...

Page 514: ...Troubleshooting DNS Resolver C 80 ...

Page 515: ...ss Management Contents Overview D 2 Determining MAC Addresses D 3 Menu Viewing the Switch s MAC Addresses D 4 CLI Viewing the Port and VLAN MAC Addresses D 5 Viewing the MAC Addresses of Connected Devices D 6 D 1 ...

Page 516: ...overed in this guide use the same MAC address For internal switch operations One MAC address per port Refer to CLI Viewing the Port and VLAN MAC Addresses on page D 5 MAC addresses are assigned at the factory The switch automatically implements these addresses for VLANs and ports as they are added to the switch Not e The switch s base MAC address is also printed on a label affixed to the switch D ...

Page 517: ... interface to view the switch s base MAC address and the MAC address assigned to any VLAN you have configured on the switch The same MAC address is assigned to VLAN1 and all other VLANs configured on the switch Not e The switch s base MAC address is used for the default VLAN VID 1 that is always available on the switch This is true for dynamic VLANs as well the base MAC address is the same across ...

Page 518: ...s been changed by using the VLAN Names screen On the switches covered in this guide the VID VLAN identification number for the default VLAN is always 1 and cannot be changed To View the MAC Address and IP Address assignments for VLANs Configured on the Switch 1 From the Main Menu Select 1 Status and Counters 2 Switch Management Address Information If the switch has only the default VLAN the follow...

Page 519: ... regardless of which VLAN you select 1 If the switch is at the CLI Operator level use the enable command to enter the Manager level of the CLI 2 Type the following command to display the MAC address for each port on the switch ProCurve walkmib ifPhysAddress The above command is not case sensitive ProCurve config walkmib ifphysaddress ifPhysAddress 1 00 1f fe 74 b3 ff ifPhysAddress 2 00 1f fe 74 b3...

Page 520: ... switch detects the specified MAC address Returns the following message if the specified MAC address is not detected on any port in the switch MAC address mac addr not found vlan vid Lists the MAC addresses of the devices the switch has detected on ports belonging to the specified VLAN along with the number of the specific port on which each MAC address was detected To list the MAC addresses of de...

Page 521: ...k Series 4100gl Switches ProCurve AdvanceStack Routers ProCurve switches provide a way to automatically adjust the system clock for DaylightSavingsTime DST changes Tousethisfeatureyoudefinethemonth and date to begin and to end the change from standard time In addition to the value none no time changes there are five pre defined settings named Alaska Canada and Continental US Middle Europe and Port...

Page 522: ...d DST at 2am the first Sunday on or after March 1st Western Europe Begin DST at 2am the first Sunday on or after March 23rd End DST at 2am the first Sunday on or after October 23rd A sixth option named User defined allows you to customize the DST config uration by entering the beginning month and date plus the ending month and date for the time change The menu interface screen looks like this all ...

Page 523: ...he configured day is a Sunday the time changes at 2am on that day If the configured day is not a Sunday the time changes at 2am on the first Sunday after the configured day This is true for both the Beginning day and the Ending day With that algorithm one should use the value 1 to represent first Sunday of the month and a value equal to number of days in the month minus 6 to represent last Sunday ...

Page 524: ...Daylight Savings Time on ProCurve Switches E 4 ...

Page 525: ...F Power Saving Features Contents Configuring Power Saving for LEDs F 2 Show Savepower Status F 2 F 1 ...

Page 526: ...vepower led Turns power saving option on or off for the LEDs ProCurve config savepower led Figure F 1 Example of Setting savepower led Command The no form of the savepower led command cancels power saving mode and the LEDs are returned to their original state Show Savepower Status To display the configured status of the LED power saving option use the show savepower led command ProCurve config sho...

Page 527: ...ection SNMP notification 13 17 13 26 asterisk meaning in show config 6 27 meaning in traceroute C 56 authentication notification messages 13 17 13 26 authentication trap See also SNMP authorized IP managers SNMP blocking 13 3 auto MDI MDI X configuration display 10 21 operation 10 19 10 21 port mode display 10 21 Auto 10 12 4 12 7 12 18 autonegotiate 13 54 auto TFTP download to a redundant managem...

Page 528: ...n 66 6 38 file updating with Option 66 6 38 impacts of software download on A 4 IP 8 2 network monitoring B 23 Option 67 6 39 permanent 6 7 permanent change defined 6 5 port 10 1 port trunk group 12 1 port duplex 10 16 port speed 10 16 quick 3 8 reboot to activate changes 3 13 restoring factory defaults C 67 saving from menu interface 3 10 serial link 7 3 SNMP 13 4 13 5 13 11 SNMP communities 13 1...

Page 529: ... specific 4 15 copy command output A 28 crash data A 29 crash log A 30 event log output A 29 multiple config file tftp 6 35 software images A 22 tftp show tech A 25 copy tftp show tech A 25 CPU utilization B 6 cpu utilization data B 7 custom show tech A 25 customizing show command output 10 11 D date format events C 23 date configure 7 16 debug compared to event log C 32 destination logging C 33 d...

Page 530: ...ress configuration C 74 three entries supported C 74 three server entries supported C 74 traceroute C 76 VLAN best route selection C 78 documentation feature matrix xx latest versions xix printed in box publications xix release notes xix Domain Name Server See DNS download software A 19 software using TFTP A 4 switch to switch A 19 TFTP A 4 troubleshooting A 6 Xmodem A 17 See also switch software ...

Page 531: ...41 IGMP host not receiving C 9 not working C 9 statistics B 19 inactivity timeout 7 4 inactivity timer 7 8 Inbound Telnet Enabled parameter C 7 informs sending to trap receiver 13 20 SNMP 13 21 IP 8 7 CLI access 8 6 configuration 8 2 DHCP Bootp 8 2 duplicate address C 8 duplicate address DHCP network C 8 effect when address not used 8 11 features available with and without 8 11 gateway 8 3 gateway...

Page 532: ...datory data 13 50 advertisement optional data 13 51 advertisements delay interval 13 46 CDP neighbor data 13 76 chassis ID 13 50 chassis type 13 50 clear statistics counters 13 72 comparison with CDP data fields 13 77 configuration options 13 38 configuring optional data 13 51 data options 13 39 data read options 13 40 data unit 13 36 debug logging 13 40 debug messages C 33 C 34 default configurat...

Page 533: ...ansmit and receive 13 38 transmit receive modes 13 38 transmit receive modes per port 13 49 trap notice interval 13 49 trap notification 13 48 trap receiver data change notice 13 48 TTL 13 38 13 40 txonly 13 49 VLAN untagged 13 75 walkmib 13 40 with PoE 11 14 LLDP MED displaying speed 13 69 ELIN 13 63 enable or disable 13 38 endpoint support 13 54 fast start control 13 58 location data 13 62 medTl...

Page 534: ...ns authentication messages 13 17 13 26 configuring trap receivers 13 19 enabling for network security 13 26 link change traps 13 17 network security 13 26 O online Help See Help operating system See switch software operation not allowed LACP C 10 operator access 4 4 4 6 13 13 operator password 5 10 setting via web browser 5 8 operator privileges 4 4 4 6 Option 66 DHCP 6 37 OS version A 20 See also...

Page 535: ...10 14 web browser interface 5 17 web browser access 10 22 port configuration 12 1 port names friendly configuring 10 24 displaying 10 25 summary 10 23 port security port trunk restriction 12 3 trunk restriction 12 8 port trunk 12 2 bandwidth capacity 12 2 caution 12 3 12 9 12 17 CLI access 12 11 default trunk type 12 10 enabling dynamic LACP 12 15 IGMP 12 8 limit 12 2 limit combined 12 19 link req...

Page 536: ...using 6 4 faster boot time 6 21 from secondary flash 6 20 obtaining faster reboot time 6 19 scheduling remotely 6 22 via menu console 3 8 via menu interface 3 10 3 12 See also boot redo command description 4 16 reload 6 4 reload command 6 19 remote session terminate 7 9 repeat command description 4 16 Reset button 6 4 restoring factory default configuration C 68 reset operating system 3 12 reset p...

Page 537: ...3 14 configuring with the CLI 13 15 configuring with the menu 13 13 mapping 13 11 configure 13 4 13 5 configuring security groups 13 23 configuring SNMPv3 notification 13 23 configuring SNMPv3 users 13 23 configuring trap receivers 13 19 configusing trap receivers 13 19 DHCP snooping events 13 17 different versions 13 17 enabling informs 13 21 enabling network security traps 13 27 enabling SNMPv3 ...

Page 538: ... Window 5 12 switch console See console switch setup menu 3 8 switch software download using TFTP A 4 download failure indication A 7 download switch to switch A 19 download troubleshooting A 6 download using TFTP A 4 software image A 3 version A 6 A 18 Syslog debug severity level as default C 46 C 48 adding priority description C 45 compared to event log C 32 config friendly descriptions C 44 con...

Page 539: ...ling and disabling 9 20 manual config priority 8 12 poll interval 9 23 selecting 9 3 server address listing 9 9 9 19 show management 9 19 viewing and configuring menu 9 17 viewing CLI 9 19 timesync disabling 9 23 Time To Live 8 3 8 5 8 6 8 10 See also TTL time to live LLDP 13 38 Time To Live on primary VLAN 8 4 TLV 13 37 TLVs mandatory 13 75 traceroute C 76 asterisk C 56 blocked route C 57 fails C...

Page 540: ...Bootp 8 13 unrestricted write access 13 13 unusual network activity C 8 up time B 6 URL browser interface online help location 5 13 management 5 13 management server 5 12 5 13 ProCurve 5 13 13 4 support 5 12 5 13 USB copy command output A 28 copy crash data A 29 copy crash log A 30 copy event log output A 29 user name using for browser or console access 5 8 5 10 users SNMPv3 See SNMPv3 utilization...

Page 541: ...ing 5 13 online help inoperable 5 13 overview 5 16 Overview window 5 16 password lost 5 10 password setting 5 9 port status 5 19 port utilization 5 17 port utilization and status displays 5 17 screen elements 5 16 security 5 2 5 8 standalone 5 4 status overview screen 5 6 system requirements 5 4 troubleshooting access problems C 6 URL default 5 13 URL management server 5 14 URL support 5 14 web si...

Page 542: ...16 Index ...

Page 543: ......

Page 544: ...y L P The information contained herein is subject to change without notice The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services Nothing herein should be construed as constituting an additional warranty HP will not be liable for technical or editorial errors or omissions contained herein 5992 4947 November 2009 ...

Reviews:

No comments

Related manuals for PROCURVE 2520

3Com 3C16120 - SuperStack 3 Server Load Balancer Release Note preview
3C16120 - SuperStack 3 Server Load Balancer
Brand: 3Com Pages: 20
CSSN ScanShell 3000 User Manual preview
ScanShell 3000
Brand: CSSN Pages: 8
Xerox Phaser 340 Installer Installation preview
Phaser 340 Installer
Brand: Xerox Pages: 2
TruCluster 380578-B21 Supplementary Manual preview
380578-B21
Brand: TruCluster Pages: 88
Philips BS03313 Brochure preview
BS03313
Brand: Philips Pages: 2
Philips BS03210 Brochure preview
BS03210
Brand: Philips Pages: 2
Philips Cineos 42PF9831D Specifications preview
Cineos 42PF9831D
Brand: Philips Pages: 3
Philips BS01113 Brochure preview
BS01113
Brand: Philips Pages: 2
Philips 37-LCD 37PF9431D Specifications preview
37-LCD 37PF9431D
Brand: Philips Pages: 3
Philips 37-LCD 37PF9431D Software Upgrade Instructions preview
37-LCD 37PF9431D
Brand: Philips Pages: 3
Philips KBD-SFTCFG Installation Instructions Manual preview
KBD-SFTCFG
Brand: Philips Pages: 16
Philips 37-LCD 37PF9431D Service Manual preview
37-LCD 37PF9431D
Brand: Philips Pages: 201
Red Hat CERTIFICATE SYSTEM 7.2 - AGENT GUIDE Manual preview
CERTIFICATE SYSTEM 7.2 - AGENT GUIDE
Brand: Red Hat Pages: 73
Red Hat DEVICE-MAPPER MULTIPATH 5.2 Configuration And Administration Manual preview
DEVICE-MAPPER MULTIPATH 5.2
Brand: Red Hat Pages: 44
Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 5.2 Overview preview
CLUSTER SUITE FOR ENTERPRISE LINUX 5.2
Brand: Red Hat Pages: 78
Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION Admin Manual preview
CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
Brand: Red Hat Pages: 564
THOMSON LCP 400 User Manual preview
LCP 400
Brand: THOMSON Pages: 22
FieldServer FS-8700-66 Manual preview
FS-8700-66
Brand: FieldServer Pages: 29

Brands by name

Popular brands

Load more brands