background image

6-13

Quality of Service (QoS): Managing Bandwidth More Effectively

Preparation for Configuring QoS

 

Preparation for Configuring QoS

QoS operates in VLAN-tagged and VLAN-untagged environments. If your  
network does not use multiple VLANs, you can still implement the 802.1Q 
VLAN capability for packets to carry their 802.1p priority to the next 
downstream device. To do so, configure ports as VLAN-tagged members on 
the links between switches and routers in your network infrastructure.

Table 6-6. Summary of QoS Capabilities 

Steps for Configuring QoS on the Switch

1.

Determine the QoS policy you want to implement. This includes analyzing 
the types of traffic flowing through your network and identifying one or 
more traffic types to prioritize. In order of QoS precedence, these are:

a.

UDP/TCP applications

b.

Device Priority—destination or source IP address (Note that destina-
tion has precedence over source. See Table 6-5.)

c.

IP Type-of-Service Precedence Bits (Leftmost three bits in the ToS 
field of IP packets)

d.

VLAN

e.

Interface

For more on how QoS operates with the preceding traffic types, see 
‘‘Precedence Criteria for QoS types’’, on page 6-11.

Outbound Packet Options

Port Membership in VLANs

Tagged

Untagged

Control Port Queue Priority for Packet Types

Yes

Yes

Carry 802.1p Priority Assignment to Next Downstream Device

Yes

No

Carry DSCP Policy to Downstream Devices. The policy includes:

Yes 

1

Yes 

1

Assigning a ToS Codepoint 

Assigning an 802.1p Priority 

2

 to the Codepoint

1

 Except for non-IPv4 packets or packets processed using the QoS IP-Precedence method, 

which does not include the DSCP policy option. Also, to use a service policy in this manner, 
the downstream devices must be configured to interpret and use the DSCP carried in the IP 
packets.

This priority corresponds to the 802.1p priority scheme and is used to determine the packet’s 

port queue priority. When used in a VLAN-tagged environment, this priority is also assigned 
as the 802.1p priority carried outbound in packets having an 802.1Q field in the header.

Summary of Contents for ProCurve 2810-24G

Page 1: ...Advanced Traffic Management Guide 2810 www procurve com ProCurve Series 2810 Switches N 11 XX ...

Page 2: ......

Page 3: ...ProCurve Series 2810 Switches Advanced Traffic Management Guide July 2007 ...

Page 4: ...E Hewlett Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing performance or use of this material The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services Nothing herein should be construed as constituting an additional warranty HP shall ...

Page 5: ...s 1 3 Port Identity Examples 1 4 Sources for More Information 1 4 Need Only a Quick Start 1 6 IP Addressing 1 6 To Set Up and Install the Switch in Your Network 1 6 2 Static Virtual LANs VLANs Contents 2 1 Overview 2 2 Port Based Virtual LANs Static VLANs 2 3 Overview of Using VLANs 2 6 VLAN Support and the Default VLAN 2 6 The Primary VLAN 2 6 Per Port Static VLAN Configuration Options 2 8 Genera...

Page 6: ...1Q VLAN Tagging 2 26 The Secure Management VLAN 2 30 Preparation 2 32 Configuration 2 33 Operating Notes for Management VLANs 2 33 Effect of VLANs on Other Switch Features 2 34 Spanning Tree Operation with VLANs 2 34 IP Interfaces 2 35 VLAN MAC Addresses 2 35 Port Trunks 2 35 Port Monitoring 2 36 VLAN Restrictions 2 36 Jumbo Packet Support 2 36 3 GVRP Contents 3 1 Overview 3 2 Introduction 3 3 Gen...

Page 7: ...bling IGMP 4 11 How IGMP Operates 4 11 IGMP Operating Notes 4 12 Displaying IGMP Data 4 12 Supported Standards and RFCs 4 13 Operation With or Without IP Addressing 4 13 Automatic Fast Leave IGMP 4 14 Using Delayed Group Flush 4 17 Forced Fast Leave IGMP 4 17 Setting Fast Leave and Forced Fast Leave from the CLI 4 17 Setting Forced Fast Leave Using the MIB 4 18 Listing the MIB Enabled Forced Fast ...

Page 8: ... Per Port 5 22 Configuring Per Port Parameters 5 23 Configuring BPDU Filtering 5 26 Configuring BPDU Protection 5 27 Configuring Loop Protection 5 30 Configuring MST Instance Parameters 5 32 Configuring MST Instance Per Port Parameters 5 35 Enabling or Disabling Spanning Tree Operation 5 38 Enabling an Entire MST Region at Once or Exchanging One Region Configuration for Another 5 38 Displaying MST...

Page 9: ...P Address 6 29 QoS IP Type of Service ToS Policy and Priority 6 33 Assigning an 802 1p Priority to IPv4 Packets on the Basis of the ToS Precedence Bits 6 34 Assigning an 802 1p Priority to IPv4 Packets on the Basis of Incoming DSCP 6 35 Assigning a DSCP Policy on the Basis of the DSCP in IPv4 Packets Received from Upstream Devices 6 39 Details of QoS IP Type of Service 6 43 QoS VLAN ID VID Priorit...

Page 10: ...enu To Manage a Candidate Switch 7 16 Using the Commander To Manage The Stack 7 18 Using the Commander To Access Member Switches for Configuration Changes and Monitoring Traffic 7 25 Converting a Commander or Member to a Member of Another Stack 7 26 Monitoring Stack Status 7 27 Using the CLI To View Stack Status and Configure Stacking 7 31 Using the CLI To View Stack Status 7 33 Using the CLI To C...

Page 11: ...ix Web Viewing and Configuring Stacking 7 47 Status Messages 7 48 Index ...

Page 12: ...x ...

Page 13: ...ide a PDF file on the ProCurve Networking website This guide explains the configuration and operation of traffic management features such as spanning tree and VLANs Access Security Guide a PDF file on the ProCurve Networking website This guide explains the configuration and operation of access security and user authentication features on the switch Release Notes posted on the ProCurve web site to ...

Page 14: ...ion AdvancedTraffic Management Access Security Guide 802 1Q VLAN Tagging X 802 1p Priority X 802 1X Authentication X Authorized IP Managers X Config File X Copy Command X Debug X DHCP Configuration X DHCP Bootp Operation X Diagnostic Tools X Downloading Software X Event Log X Factory Default Settings X File Management X File Transfers X GVRP X IGMP X Interface Access Telnet Console Serial Web X IP...

Page 15: ...guration X Port Security X Port Status X Port Trunking LACP X Port Based Access Control X Port Based Priority 802 1Q X Quality of Service QoS X RADIUS Authentication and Accounting X Secure Copy X SFTP X SNMP X Software Downloads SCP SFTP TFTP Xmodem X Source Port Filters X Spanning Tree MSTP X SSH Secure Shell Encryption X SSL Secure Socket Layer X Feature Management and Configuration AdvancedTra...

Page 16: ...tem Information X TACACS Authentication X Telnet Access X TFTP X Time Protocols TimeP SNTP X Traffic Security Filters X Troubleshooting X VLANs X Web based Authentication X Xmodem X Feature Management and Configuration AdvancedTraffic Management Access Security Guide ...

Page 17: ...Feature Descriptions by Model 1 2 Command Syntax Statements 1 2 Command Prompts 1 3 Screen Simulations 1 3 Port Identity Examples 1 4 Sources for More Information 1 4 Need Only a Quick Start 1 6 IP Addressing 1 6 To Set Up and Install the Switch in Your Network 1 6 ...

Page 18: ...de uses the following conventions for command syntax and displayed information Feature Descriptions by Model In cases where a software feature is not available in all of the switch models coveredbythisguide thesectionheadingspecificallyindicateswhichproduct or product series offer the feature For example the switch model is highlighted here in bold italics Jumbo Packet Support on the 2810 Switch C...

Page 19: ... more port numbers Syntax aaa port access authenticator port list Command Prompts In the default configuration your switch displays one of the following CLI prompts ProCurve Switch 2810 To simplify recognition this guide uses ProCurve to represent command prompts for all models For example ProCurve You can use the hostname command to change the text in the CLI prompt Screen Simulations Figures con...

Page 20: ...mples apply equally to the stackable switches which for port identities typically use only numbers such as 1 3 5 15 etc Sources for More Information For additional information about switch operation and features not covered in this guide consult the following sources For information on which product manual to consult on a given software feature refer to Product Documentation on page xi Note For th...

Page 21: ... by help For example Figure 1 3 Getting Help in the CLI For information on specific features in the Web browser interface use the online help For more information refer to the Management and Configuration Guide for your switch For further information on ProCurve Networking switch technology visit the ProCurve Networking website at http www procurve com Online Help for Menu ...

Page 22: ... the Quick Installation Guide you received with the switch To Set Up and Install the Switch in Your Network Important Use the Quick Installation Guide shipped with your switch for the following Notes cautions and warnings related to installing and using the switch Instructions for physically installing the switch in your network Quickly assigning an IP address and subnet mask setting a Manager pas...

Page 23: ...ltiple Forwarding Database Operation 2 13 Menu Configuring VLAN Parameters 2 14 To Change VLAN Support Settings 2 14 Adding or Editing VLAN Names 2 16 Adding or Changing a VLAN Port Assignment 2 17 CLI Configuring VLAN Parameters 2 19 Web Viewing and Configuring VLAN Parameters 2 25 802 1Q VLAN Tagging 2 26 The Secure Management VLAN 2 30 Preparation 2 32 Configuration 2 33 Operating Notes for Man...

Page 24: ...vered by this manual For general information on how to use the switch s built in interfaces refer to these chapters in the Management and Configuration Guide for your switch Chapter 3 Using the Menu Interface Chapter 4 Using the Command Line Interface CLI Chapter 5 Using the Web Browser Interface Chapter 6 Switch Memory and Configuration ...

Page 25: ...VLANS You can config ure up to 256 VLANs on the switch 802 1Q compatibility enables you to assign each switch port to multiple VLANs if needed and the port based nature of the configuration allows interoperation with older switches that require a separate port for each VLAN General Use and Operation Port based VLANs are typically used to reduce broadcast traffic and to increase security A group of...

Page 26: ... Figure 2 1 Example of Routing Between VLANs via an External Router Overlapping Tagged VLANs A port on the switch can be a member of more than one VLAN if the device to which it is connected complies with the 802 1QVLANstandard Forexample aportconnectedtoacentralserverusing a network interface card NIC that complies with the 802 1Q standard can be a member of multiple VLANs allowing members of mul...

Page 27: ...VLAN Technology into Networks Running Legacy Untagged VLANs You can introduce 802 1Q compliant devices into net works that have built untagged VLANs based on earlier VLAN technology The fundamental rule is that legacy untagged VLANs require a separate link for each VLAN while 802 1Q or tagged VLANs can combine several VLANs in one link This means that on the 802 1Q compliant device separate ports ...

Page 28: ...s in the switch into one physical broadcast domain In the factory default state the default VLAN is the primary VLAN You can partition the switch into multiple virtual broadcast domains by adding one or more additional VLANs and moving ports from the default VLAN to the new VLANs You can change the name of the default VLAN but you cannot changethedefaultVLAN sVID whichisalways 1 Althoughyoucanremo...

Page 29: ...DHCP resolved parameters as the TimeP server address Default TTL and IP addressing including the Gateway IP address when the switch configuration specifies DHCP as the source for these values The default VLAN continues to operate as a standard VLAN except as noted above you cannot delete it or change its VID Any ports not specifically assigned to another VLAN will remain assigned to the Default VL...

Page 30: ...iguration with GVRP Disabled the default Example of Per Port VLAN Configuration with GVRP Enabled Enabling GVRP causes No to display as Auto Parameter Effect on Port Participation in Designated VLAN Tagged Allows the port to join multiple VLANs Untagged Allows VLAN connection to a device that is configured for an untagged VLAN instead of a tagged VLAN The switch allows no more than one untagged VL...

Page 31: ...g DHCP Bootp to acquire the switch s configuration packet time to live and TimeP information you must designate the VLAN on which DHCP is configured for this purpose as the primary VLAN In the factory default configuration the DEFAULT_VLAN is the primary VLAN IGMP and some other features operate on a per VLAN basis This means you must configure such features separately for each VLAN in which you w...

Page 32: ...Forwarding Database MAC Address Destination VLAN ID Destination Port MAC Address Destination VLAN ID Destination Port 0004ea 84d9f4 1 A5 0004ea 84d9f4 100 A9 0004ea 84d9f4 22 A12 0060b0 880af9 105 A10 0004ea 84d9f4 44 A20 0060b0 880a81 107 A17 0060b0 880a81 33 A20 This database allows multiple destinations for the same MAC address If the switch detects a new destination for an existing MACentry it...

Page 33: ... and 2 enable routing on the switch having the multiple forwarding database then on the switch having the single forwarding database the port and VLAN record it maintains for the connected multiple forwarding database switch can frequently change This causes poor performance and the appearance of an intermittent or broken connection Example of an Unsupported Configuration and How to Correct It The...

Page 34: ... that the multiple forward ing database switch is on port B1 VLAN 2 and the 8000M drops the packet instead of forwarding it 3 Later the multiple forwarding database switch transmits a packet to the 8000M through the VLAN 1 link and the 8000M updates its address table to indicate that the multiple forwarding database switch is on port A1 VLAN 1 instead of port B1 VLAN 2 Thus the 8000M s information...

Page 35: ...port or port trunk interface for each VLAN This results in a forwarding database having multiple instances of the same MAC address with different VLAN IDs and port numbers See table 2 6 The switches covered by this guide that use the same MAC address on all VLAN interfaces cause no problems The same port or port trunk interface for multiple tagged VLANs This results in a forwarding database having...

Page 36: ...LAN names and VIDs and then assigning one or more ports to each VLAN Note that each port can be assigned to multiple VLANs by using VLAN tagging See 802 1Q VLAN Tagging on page 2 26 To Change VLAN Support Settings This section describes Changing the maximum number of VLANs to support Changing the primary VLAN selection See Changing the Primary VLAN on page 2 22 1 From the Main Menu select 2 Switch...

Page 37: ... the VLAN support configuration and return to the VLAN Menu screen If you changed the value for Maximum VLANs to support you will see an asterisk next to the VLAN Support option see below Figure 2 9 VLAN Menu Screen Indicating the Need To Reboot the Switch If you changed the VLAN Support option you must reboot the switch before the Maximum VLANs change can take effect You can go on to configure ot...

Page 38: ...D 1 Name _ 3 Type in a VID VLAN ID number This can be any number from 2 to 4094 that is not already being used by another VLAN The switch reserves 1 for the default VLAN Remember that a VLAN must have the same VID in every switch in which you configure that same VLAN GVRP dynamically extends VLANs with correct VID numbering to other switches See chapter 3 GVRP 4 Press v to move the cursor to the N...

Page 39: ...dynamically due to GVRP operation 7 Return to the VLAN Menu to assign ports to the new VLAN s as described in the next section Adding or Changing a VLAN Port Assignment Adding or Changing a VLAN Port Assignment Use this procedure to add ports to a VLAN or to change the VLAN assign ment s for any port Ports not specifically assigned to a VLAN are automat ically in the default VLAN 1 From the Main M...

Page 40: ...neuntaggedVLANisallowedperport Also there must be at least one VLAN assigned to each port In the factory default configuration all ports are assigned to the default VLAN DEFAULT_VLAN For example if you want ports A4 and A5 to belong to both DEFAULT_VLAN and VLAN 22 and ports A6 and A7 to belong only to VLAN 22 you would use the settings in figure page 2 19 This example assumes the default GVRP set...

Page 41: ...the Main menu CLI Configuring VLAN Parameters In the factory default state all ports on the switch belong to the default VLAN DEFAULT_VLAN and are in the same broadcast multicast domain The default VLAN is also the default primary VLAN see The Primary VLAN on page 2 6 You can configure additional static VLANs by adding new VLAN names and then assigning one or more ports to each VLAN Note that each...

Page 42: ...fault configuration GVRP is disabled See chapter 3 GVRP Syntax show vlan Figure 2 14 Example of Show VLAN Listing GVRP Enabled show vlans below show vlan vlan id page 2 21 max vlans page 2 22 primary vlan vlan id page 2 22 no vlan vlan id page 2 23 name vlan name page 2 24 no tagged port list page 2 24 no untagged port list page 2 24 no forbid page 2 24 auto port list page 2 24 Available if GVRP e...

Page 43: ...VID to identify and display the data for a specific static or dynamic VLAN Syntax show vlan vlan id Figure 2 15 Example of Show VLAN for a Specific Static VLAN Figure 2 16 Example of Show VLAN for a Specific Dynamic VLAN Show VLAN lists this data when GVRP is enabled and at least oneportontheswitch has dynamically joined the designated VLAN ...

Page 44: ...oot the switch Syntax max vlans 1 256 For example to reconfigure the switch to allow 10 VLANs Figure 2 17 Example of Command Sequence for Changing the Number of VLANs Changing the Primary VLAN In the factory default configuration the default VLAN DEFAULT_VLAN is the primary VLAN However you can designate any static VLAN on the switch as the primary VLAN For more on the primary VLAN see The Primary...

Page 45: ...utomatically name the VLAN If the VLAN already exists the switch places you in the context level for that VLAN vlan vlan name Places you in the context level for that static VLAN For example to create a new static VLAN with a VID of 100 Figure 2 18 Example of Creating a New Static VLAN To go to a different VLAN context level such as to the default VLAN ProCurve vlan 100 vlan default_vlan ProCurve ...

Page 46: ...vlan id or from the context level of the specific VLAN Syntax name vlan name Changes the name of the existing static VLAN Avoid spaces and the following characters in the vlan name entry 2 and no tagged port list Configures the indicated port s as Tagged for the specified VLAN The no version sets the port s to either No or if GVRP is enabled to Auto no untagged port list Configures the indicated p...

Page 47: ... following commands At the config level use ProCurve config no vlan 100 tagged 1 5 or At the VLAN 100 context level use ProCurve vlan 100 no tagged 1 5 Not e You cannot use these commands with dynamic VLANs Attempting to do so results in the message VLAN already exists and no change occurs Web Viewing and Configuring VLAN Parameters In the web browser interface you can do the following Add VLANs R...

Page 48: ...for a port VLAN assignment where the port is connected to non 802 1Q compliant device or is assigned to only one VLAN Use the Tagged designation when the port is assigned to more than one VLAN or the port is connected to a device that does comply with the 802 1Q standard For example if port A7 on an 802 1Q compliant switch is assigned to only the Red VLAN the assignment can remain untagged because...

Page 49: ...signment per port Devices connected to these ports do not have to be 802 1Q compliant Because both the Red VLAN and the Green VLAN are assigned to port Y5 at least one of the VLANs must be tagged for this port In both switches The ports on the link between the two switches must be configured the same As shown in figure 2 19 above the Red VLAN must be untagged on port X7 and Y5 and the Green VLAN m...

Page 50: ...comply with the 802 1Q standard and are configured to use the correct VID then you can configure all VLAN assignments on a port as Tagged if doing so makes it easier to manage your VLAN assignments or for security reasons For example in the following network switches X and Y and servers S1 and S2 are 802 1Q compliant Server S3 could also be 802 1Q compliant but it makes no difference for this exam...

Page 51: ...ummarize Switch X Switch Y Port Red VLAN Green VLAN Port Red VLAN Green VLAN X1 Untagged Tagged Y1 Untagged Tagged X2 Untagged Tagged Y2 No Untagged X3 No Untagged Y3 No Untagged X4 Untagged No Y4 Untagged No Y5 Untagged Tagged No means the port is not a member of that VLAN For example port X3 is not a member of the Red VLAN and does not carry Red VLAN traffic Also if GVRP were enabled Auto would ...

Page 52: ... want to have access to the Management VLAN while at the same time allowing Man agement VLAN links between switches configured for the same Manage ment VLAN Only traffic from the Management VLAN can manage the switch which means that only the workstations and PCs connected to ports belonging to the Management VLAN can manage and reconfigure the switch Figure 2 22 illustrates use of the Management ...

Page 53: ...er Devices Hub Y Switch A Hub X Switch B Server Switch C Management Workstations Switches A B and C are connected by ports belonging to the management VLAN Hub X is connected to a switch port that belongs to the management VLAN As a result the devices connectedtoHubXare included in the management VLAN Other devices connected to the switches through ports that are not in the managementVLANare exclu...

Page 54: ...necting management stations to the Management VLAN can also be included in the above topology Note that any device connected to a hub in the Management VLAN will also have Management VLAN access 4 Configure the Management VLAN on the selected switch ports 5 Test the management VLAN from all of the management stations autho rized to use the Management VLAN including any SNMP based network managemen...

Page 55: ... member of My_VLAN on an adjacent switch Figure 2 24 Illustration of Configuration Example ProCurve config management vlan 100 ProCurve config vlan 100 tagged a1 ProCurve config vlan 100 tagged a2 Deleting the Management VLAN You can disable the Secure Manage ment feature without deleting the VLAN itself For example either of the following commands disables the Secure Management feature in the abo...

Page 56: ... the blocking of one or more links This may include the link carrying the Management VLAN which will cause loss of management access to some devices Figure 2 25 Example of Inadvertently Blocking a Management VLAN Link by Implementing Spanning Tree Effect of VLANs on Other Switch Features Spanning Tree Operation with VLANs Because the switch follows the 802 1Q VLAN recommendation to use single inst...

Page 57: ...s ports is up the IP interface for that VLAN is also activated Likewise when a VLAN is deactivated because all of its ports are down the corresponding IP interface is also deactivated VLAN MAC Addresses Some switch models use the same MAC address for all configured VLANs while other switch models use a different MAC address for each configured VLAN You can send an 802 2 test packet to the VLAN MAC...

Page 58: ...at least one VLAN In the factory default configuration all ports are assigned to the default VLAN DEFAULT_VLAN VID 1 A port can be assigned to several VLANs but only one of those assign ments can be untagged The Untagged designation enables VLAN oper ation with non 802 1Q compliant devices An external router must be used to communicate between tagged VLANs on the switch Before you can delete a VLA...

Page 59: ...rt Options for Dynamic VLAN Advertising and Joining 3 8 GVRP and VLAN Access Control 3 10 Port Leave From a Dynamic VLAN 3 10 Planning for GVRP Operation 3 10 Configuring GVRP On a Switch 3 11 Menu Viewing and Configuring GVRP 3 12 CLI Viewing and Configuring GVRP 3 13 Web Viewing and Configuring GVRP 3 16 GVRP Operating Notes 3 17 ...

Page 60: ...described in Chapter 2 Static Virtual LANs VLANs For general information on how to use the switch s built in interfaces refer to these chapters in the Management and Configuration Guide for your switch Chapter 3 Using the Menu Interface Chapter 4 Using the Command Line Interface CLI Chapter 5 Using the Web Browser Interface Chapter 6 Switch Memory and Configuration ...

Page 61: ...is operation reduces the chances for errors in VLAN configuration by automatically pro viding VLAN ID VID consistency across the network That is you can use GVRP to propagate VLANs to other GVRP aware devices instead of manually having to set up VLANs across your network After the switch creates a dynamic VLAN you can optionally use the CLI static vlan id command to convert it to a static VLAN or ...

Page 62: ...ugh GVRP from another device the switch begins advertising that VID out all of its ports except the port on which the VID was learned Core switch with static VLANs VID 1 2 3 Port 2 is a member of VIDs 1 2 3 1 Port 2 advertises VIDs 1 2 3 2 Port 1 receives advertise ment of VIDs 1 2 3 AND becomes a member of VIDs 1 2 3 3 Port 3 advertises VIDs 1 2 3 but port 3 is NOT a member of VIDs 1 2 3 at this ...

Page 63: ...e of GVRP Switch B above VLANs must be disabled in GVRP unaware devices to allow tagged packets to pass through A GVRP aware port receiving advertisements has these options If there is not already a static VLAN with the advertised VID on the receiving port then dynamically create the VLAN and become a member Switch A GVRP On Switch B No GVRP Switch C GVRP On Switch D GVRP On Tagged VLAN 22 Tagged ...

Page 64: ...ic VLAN Note that it is then necessary to assign ports to the VLAN in the same way that you would for a static VLAN that you created manually In the static state you can configure IP addressing on the VLAN and access it in the same way that you would any other static manually created VLAN Per Port Options for Handling GVRP Unknown VLANs An unknown VLAN is a VLAN that the switch learns of by receiv...

Page 65: ...f any unknown VLAN for which it receives an advertisement Allows the port to advertise other VLANs that have at least one other port on the same switch as a member Block PreventstheportfromjoininganynewdynamicVLANsforwhichitreceives an advertisement Allows the port to advertise other VLANs that have at least one other port as a member Disable Causes the port to ignore and drop all GVRP advertiseme...

Page 66: ...c VLAN configuration parameters as described in the following table Table 3 2 Controlling VLAN Behavior on Ports with Static VLANs Per Port Unknown VLAN GVRP Configuration Static VLAN Options Per VLAN Specified on Each Port 1 Port Activity Tagged or Untagged Per VLAN 2 Port Activity Auto2 Per VLAN Port Activity Forbid Per VLAN 2 Learn the Default The port Belongs to specified VLAN Advertises speci...

Page 67: ... other port on the same switch as a member The port Will not become a member of the specified VLAN Will not advertise this VLAN Will not become a member of dynamic VLANs for which it receives advertisements Will advertise dynamic VLANs that have at least one other port on the same switch as a member Disable The port Is a member of the specified VLAN Will ignore GVRP PDUs Will not join any advertis...

Page 68: ...A dynamic VLAN continues to exist on a port for as long as the port continues to receive advertisements of that VLAN from another device connected to that port or until you Convert the VLAN to a static VLAN See Converting a Dynamic VLAN to a Static VLAN on page 2 23 Reconfigure the port to Block or Disable Disable GVRP Reboot the switch The time to live for dynamic VLANs is 10 seconds That is if a...

Page 69: ...d along with the per VLAN parameters Tagged Untagged Auto and Forbid see table 3 2 on page 3 8 on each port 7 Dynamic VLANs will then appear automatically according to the config uration options you have chosen 8 Convert dynamic VLANs to static VLANs where you want dynamic VLANs to become permanent Configuring GVRP On a Switch The procedures in this section describe how to View the GVRP configurat...

Page 70: ...VRP Enabled field c Press the Space bar to select Yes d Press v again to display the Unknown VLAN fields Figure 3 5 Example Showing Default Settings for Handling Advertisements The Unknown VLAN fields enable you to configure each port to Learn Dynamically join any advertised VLAN and advertise all VLANs learned through other ports Block Do not dynamically join any VLAN but still advertise all VLAN...

Page 71: ...and Configuring GVRP GVRP Commands Used in This Section Displaying the Switch s Current GVRP Configuration This command shows whether GVRP is disabled along with the current settings for the maximum number of VLANs and the current Primary VLAN For more on the last two parameters see Port Based Virtual LANs Static VLANs on page 2 3 Syntax show gvrp Shows the current settings Figure 3 6 Example of S...

Page 72: ... Individual Ports When GVRP is enabled on the switch use the unknown vlans command to change the Unknown VLAN field for one or more ports You can use this command at either the Manager level or the interface context level for the desired port s Syntax interface port list unknown vlans learn block disable Changes the Unknown VLAN field setting for the specified port s For example to change and view...

Page 73: ...bled and port 1 configured to Learn for Unknown VLANs Switch A has GVRP enabled and has three static VLANs the default VLAN VLAN 222 and VLAN 333 In this scenario switch B will dynamically join VLAN 222 and VLAN 333 Figure 3 9 Example of Switches Operating with GVRP Enabled The show vlans command lists the dynamic and static VLANs in switch B after it has learned and joined VLAN 222 and VLAN 333 S...

Page 74: ...ic VLAN all ports on the switch are assigned to the VLAN in Auto mode Web Viewing and Configuring GVRP To view enable disable or reconfigure GVRP 1 Click on the Configuration tab 2 Click on VLAN Configuration and do the following a To enable or disable GVRP click on GVRP Enabled b To change the Unknown VLAN field for any port i Click on GVRP Security and make the desired changes ii Click on Apply ...

Page 75: ...of the switch s VLAN configuration Within the same broadcast domain a dynamic VLAN can pass through a device that is not GVRP aware This is because a hub or a switch that is not GVRP ware will flood the GVRP multicast advertisement packets out all ports GVRP assigns dynamic VLANs as Tagged VLANs To configure the VLAN as Untagged you must first convert it to a static VLAN Rebooting a switch on whic...

Page 76: ...3 18 GVRP Introduction ...

Page 77: ...4 12 Displaying IGMP Data 4 12 Supported Standards and RFCs 4 13 Operation With or Without IP Addressing 4 13 Automatic Fast Leave IGMP 4 14 Using Delayed Group Flush 4 17 Forced Fast Leave IGMP 4 17 Setting Fast Leave and Forced Fast Leave from the CLI 4 17 Setting Forced Fast Leave Using the MIB 4 18 Listing the MIB Enabled Forced Fast Leave Configuration 4 18 Configuring Per Port Forced Fast Le...

Page 78: ...e latest information on IGMP see the software release notes posted on the ProCurve Networking support web site at http www procurve com For general information on how to use the switch s built in interfaces refer to these chapters in the Management and Configuration Guide for your switch Chapter 3 Using the Menu Interface Chapter 4 Using the Command Line Interface CLI Chapter 5 Using the Web Brows...

Page 79: ...itch IGMP is useful in multimedia applications such as LAN TV desktop conferencing and collaborative computing where there is multipoint communication that is communication from one to many hosts or communication originating from many hosts and destined for many other hosts In such multipoint applications IGMP will be configured on the hosts and multicast traffic will be generated by one or more s...

Page 80: ...or multicast communication application Querier A required IGMP device that facilitates the IGMP protocol and traffic flow on a given LAN This device tracks which ports are connected to devices IGMP clients that belong to specific multicast groups and triggers updates of this information A querier uses data received from the queries to determine whether to forward or block multicast traffic on spec...

Page 81: ...rts to any of the following states Auto the default Causes the switch to interpret IGMP packets and to filter IP multicast traffic based on the IGMP packet information for ports belonging to a multicast group This means that IGMP traffic will be forwarded on a specific port only if an IGMP host or multicast router is connected to the port Blocked Causes the switch to drop all IGMP transmissions re...

Page 82: ...s except the port on which the packets entered the switch For more on this topic see Excluding Multicast Addresses from IP Multicast Filtering on page 4 22 For more information refer to How IGMP Operates on page 4 11 CLI Configuring and Displaying IGMP IGMP Commands Used in This Section show ip igmp configuration config vid config group ip address page 4 7 ip igmp page 4 8 high priority forward pa...

Page 83: ... this data as follows Figure 4 1 Example Listing of IGMP Configuration for All VLANs in the Switch The following version of the show ip igmp command includes the VLAN ID vid designation and combines the above data with the IGMP per port configuration Syntax show ip igmp config IGMP configuration for all VLANs on the switch Syntax show ip igmp vid config IGMP configuration for a specific VLAN on th...

Page 84: ...ntax no ip igmp For example here are methods to enable and disable IGMP on the default VLAN VID 1 ProCurve config vlan 1 ip igmp Enables IGMP on VLAN 1 ProCurve vlan 1 ip igmp Same as above ProCurve config no vlan 1 ip igmp Disables IGMP on VLAN 1 Not e If you disable IGMP on a VLAN and then later re enable IGMP on that VLAN the switch restoresthe last saved IGMP configurationfor thatVLAN For more...

Page 85: ...ith the above settings ProCurve config vlan 1 ProCurve vlan 1 ip igmp auto a1 a2 ProCurve vlan 1 ip igmp forward a3 a4 ProCurve vlan 1 ip igmp blocked a5 a6 Syntax vlan vid ip igmp Enables IGMP on the specified VLAN In a VLAN context use only ip igmp without the VLAN specifier auto port list Default operation Filter multicast traffic on the specified ports Forward IGMP traffic to hosts on the port...

Page 86: ...rity for IGMP traffic on VLAN 1 ProCurve vlan 1 ip igmp high priority forward Same as above command but in the VLAN 1 context level ProCurve vlan 1 no ip igmp high priority forward Returns IGMP traffic to normal priority ProCurve show ip igmp config Show command to display results of above high priority commands Configuring the Querier Function Initsdefaultconfiguration theswitch is capable of ope...

Page 87: ...IGMP Operates The Internet Group Management Protocol IGMP is an internal protocol of the Internet Protocol IP suite IP manages multicast traffic by using switches multicast routers and hosts that support IGMP In ProCurve s implementation of IGMP a multicast router is not necessary as long as a switch is configured to support IGMP with the querier feature enabled A set of hosts routers and or switc...

Page 88: ... cast traffic from a specific group it joins the group by sending an IGMP report join request to the network The multicast group specified in the join request is determined by the requesting application running on the IGMP client When a networking device with IGMP enabled receives the join request for a specific group it forwards any IP multicast traffic it receives for that group through the port...

Page 89: ...affic No support for the IGMPv3 Exclude Source or Include Source options in the Join Reports Rather the group is simply joined from all sources No support for becoming a version 3 Querier The switch will become a version 2 Querier in the absence of any other Querier on the network Not e IGMP is supported in the HP MIB rather than the standard IGMP MIBs as the latter reduce Group Membership detail ...

Page 90: ...ddressing Configured on the VLAN Available Without IP Addressing Operating Differences Without an IP Address Forward multicast group traffic to any port on the VLAN that has received a join request for that multicast group Yes None Forward join requests reports to the Querier Yes None Configure individual ports in the VLAN to Auto the default Blocked or Forward Yes None ConfigureIGMPtrafficforward...

Page 91: ...e table 4 2 above The feature can be enabled on these switches via an SNMP set of this object hpSwitchIgmpPortForceLeaveState vid port number However this is not recommended as this will increase the amount of multicast flooding during the period between the client s IGMP Leave and the Querier s processing of that Leave For more on this topic refer to Forced Fast Leave IGMP on page 4 17 ProCurve r...

Page 92: ... the multicast group it transmits a Leave Group message Because the switch knows that there is only one end node on port A3 it removes the client from its IGMP table and halts multicast traffic for that group to port A3 If the switch is not the Querier it does not wait for the actual Querier to verify that there are no other group members on port A3 If the switch itself is the Querier it does not ...

Page 93: ...ng multiple end nodes receives a Leave Group request from one end node for a given multicast group X Forced Fast Leave activates and waits a small amount of time to receive a join request from any other group X member on that port If the port does not receive a join request for that group within the forced leave interval the switch then blocks any further group X traffic to the port Setting Fast L...

Page 94: ...default VLAN Listing the MIB Enabled Forced Fast Leave Configuration The Forced Fast Leave configuration data is available in the switch s MIB and includes the state enabled or disabled for each port and the Forced Leave Interval for all ports on the switch To List the Forced Fast Leave State for all Ports in the Switch In the CLI use the walkmib command as shown below Syntax no ip igmp fastleave ...

Page 95: ...ingle Port See the Note on VLAN Numbers on page 4 18 Go to the switch s command prompt and use the getmib command as shown below Syntax getmib hpSwitchIgmpPortForcedLeaveState vlan number port number OR getmib 1 3 6 1 4 1 11 2 14 11 5 1 7 1 15 3 1 5 vlan number port number For example the following command to list the state for port A6 which in this case belongs to the default VLAN produces the in...

Page 96: ... VLAN Numbers on page 4 18 Syntax setmib hpSwitchIgmpPortForcedLeaveState vlan number port number i 1 2 OR setmib 1 3 6 1 4 1 11 2 14 11 5 1 7 1 15 3 1 5 vlan number port number i 1 2 where 1 Forced Fast Leave enabled 2 Forced Fast Leave disabled For example suppose that your switch has a six port gigabit module in slot A and port C1 is a member of the default VLAN In this case the port number is ...

Page 97: ...nd Prompt to disable the Querier capability for that VLAN Not e A Querier isrequiredfor properIGMPoperation For this reason ifyoudisable the Querier function on a switch ensure that there is an IGMP Querier and preferably a backup Querier available on the same VLAN If the switch becomes the Querier for a particular VLAN for example the DEFAULT_VLAN then subsequently detects queries transmitted fro...

Page 98: ...are reserved for predefined host groups IGMP does not filter these addresses so any packets the switch receives for such addresses are flooded out all ports assigned to the VLAN on which they were received except the port on which the packets entered the VLAN The following table lists the 32 well known address groups 8192 total addresses that IGMP does not filter on the switches covered in this gu...

Page 99: ...IGMP learns of a multicast group destination in this range In this case IGMP dynamically takes over the filtering function for the multicast destination address es for as long as the IGMP group is active If the IGMP group subsequently deactivates the switch returns filtering control to the static filter Reserved Addresses Excluded from IP Multicast IGMP Filtering Traffic to IP multicast groups in ...

Page 100: ...4 24 Multimedia Traffic Control with IP Multicast IGMP Excluding Multicast Addresses from IP Multicast Filtering ...

Page 101: ...g MSTP 5 17 Configuring MSTP Operation Mode and Global Parameters 5 19 Configuring MSTP Per Port 5 22 Configuring Per Port Parameters 5 23 Configuring BPDU Filtering 5 26 Configuring BPDU Protection 5 27 Configuring Loop Protection 5 30 Configuring MST Instance Parameters 5 32 Configuring MST Instance Per Port Parameters 5 35 Enabling or Disabling Spanning Tree Operation 5 38 Enabling an Entire MS...

Page 102: ...ns in a network Applying VLAN tagging to the ports in a multiple 802 1s Spanning Tree Protocol Default Menu CLI Web Viewing the MSTP Status and Configuration n a page 5 40 Enable Disable MSTP and Configure Global Parameters Disabled page 5 19 Configuring Basic Port Connectivity Parameters admin edge port No disabled auto edge port Yes enabled bpdu filter No disabled bpdu protection No disabled mch...

Page 103: ...ng of redundant links in one instance while allowing forwarding over the same links for non redundant use by another instance For example suppose you have three switches in a region configured with VLANs grouped into two instances as follows VLANs Instance 1 Instance 2 10 11 12 Yes No 20 21 22 No Yes ...

Page 104: ... 1 VLANs 10 11 12 Switch A Root for Instance 1 VLANs 10 11 12 Switch B Instance 1 VLANs 10 11 12 Switch C Instance 2 VLANs 20 21 22 Switch A Instance 2 VLANs 20 21 22 Switch B Root for Instance 2 VLANs 20 21 22 Switch C Switch A Root for Instance 1 Switch B Root for Instance 2 Path blocked for VLANs in instance 1 Path blocked for VLANs in instance 2 Region A Logical Topology Path blocked for VLANs...

Page 105: ...maximum value for the path cost allowed by 802 1D STP is 65535 devices running that version of spanning tree cannot be configured to match the values defined by MSTP at least for 10 Mbps and 100 Mbps ports In LANs where there is a mix of devices running 802 1D STP RSTP and or MSTP you should reconfigure the devices so the path costs match for ports with the same network speeds Port Type 802 1D STP...

Page 106: ...y Thus where a port belongs to multiple VLANs it may be dynamically blocked in one spanning tree instance but forwarding in another instance This achieves load balancing across the net work while keeping the switch s CPU load at a moderate level by aggregating multiple VLANs in a single spanning tree instance Like RSTP MSTP provides fault tolerance through rapid automatic reconfiguration if there ...

Page 107: ...ning Tree CIST The CIST identifies the regions in a network and administers the CIST root bridge for the network the root bridge for each region and the root bridge for each spanning tree instance in each region Common Spanning Tree CST The CST administers the connectivity among the MST regions STP LANs and RSTP LANs in a bridged network IST Instance MSTI Optional MSTI Optional IST Instance MSTI O...

Page 108: ...s in the network An STP or RSTP network operates as a single instance network A region can include two types of STP instances Internal Spanning Tree Instance IST Instance This is the default spanning tree instance in any MST region It provides the root switch for the region and comprises all VLANs configured on the switches in the region that are not specifically assigned to Multiple Spanning Tree...

Page 109: ...ncludes a Pending feature that enables you to exchange MSTP config urations with a single command Refer to Enabling an Entire MST Region at Once or Exchanging One Region Configuration for Another on page 5 38 Not e The switch automatically senses port identity and type and automatically defines spanning tree parameters for each type as well as parameters that applyacrosstheswitch Althoughthesepara...

Page 110: ... active path through the instance for as long as the original active path is down Note also that a given port may simultaneously operate in different states forwarding or blocking for different spanning tree instances within the same region This depends on the VLAN memberships to which the port is assigned For example if a port belongs to VLAN 1 in the IST instance of a region and also belongs to ...

Page 111: ...or any Multiple Spanning Tree instance MSTI in a region the regional root may be a different switch that is not necessarily connected to another region The MSTP switches block redundant links within each LAN segment across all instances and between regions to prevent any traffic loops As a result each individual instance spanning tree within a region deter mines its regional root bridge designated...

Page 112: ...region Otherwise the path to the root for a given VLAN will be broken if MSTP selects a spanning tree through a link that does not include that VLAN Terminology Bridge See MSTP Bridge Common and Internal Spanning Tree CIST Comprises all LANs STP and RSTP bridges and MSTP regions in a network The CIST automatically determines the MST regions in a network and defines the root bridge switch Problem A...

Page 113: ...regions MSTP Multiple Spanning Tree Protocol A network supporting MSTP allows multiple spanning tree instances within configured regions and a single spanning tree among regions STP bridges and RSTP bridges MSTP BPDU MSTP Bridge Protocol Data Unit These BPDUs carry region specific information such as the region identifier region name and revision number If a switch receives an MSTP BPDU with a reg...

Page 114: ... only one active physical communication path between any two regions or between an MST region and an STP or RSTP switch MSTP blocks any other physical paths as long as the currently active path remains in service Within a network an MST region appears as a virtual RSTP bridge to other spanning tree entities other MST regions and any switches running 802 1D or 802 1w spanning tree protocols Within ...

Page 115: ...1D or 802 1w STP BPDU packets as appropriate Because MSTP is so efficient at establishing the network path ProCurve highly recommends that you update all of your switches to support 802 1s MSTP For switches that do not support 802 1s MSTP ProCurve recommends that you update to RSTP to benefit from the convergence times of less than one second under optimal circumstances To make the best use of MST...

Page 116: ...on all MSTP switches in a given region supporting the same set of VLANs Within each region determine the VLAN membership for each spanning tree instance EachinstancerepresentsasingleforwardingpathforallVLANs in that instance There is one logical spanning tree path through the following Any inter regional links Any IST or MST instance within a region Any legacy 802 1D or 802 1w switch or group of s...

Page 117: ...VLANs you want MSTP to use The actual MSTP parameter descriptions are in the following sections Not e The switch supports MSTP configuration through the CLI After you specify MSTP and reboot the switch as described above the switch removes the Spanning Tree option from the Menu interface If you later reconfigure the switch to use STP or RSTP the switch returns the Spanning Tree option to the Menu ...

Page 118: ... can add more VIDs later if desired spanning tree instance 1 16 vlan vid To move a VLAN from one instance to another first use no spanning tree instance n vlan vid to unmap the VLAN from the current instance then add the VLAN to the other instance While the VLAN is unmapped from an MSTI it is associated with the region s IST instance 3 Configure the priority for each instance spanning tree instanc...

Page 119: ...vidual port configurations Command Page spanning tree config name ascii string page 5 20 spanning tree config revision revision number page 5 20 spanning tree max hops hop count page 5 21 spanning tree maximum age page 5 21 spanning tree force version stp compatible rstp operation mstp operation page 5 21 spanning tree hello time 1 10 page 5 22 spanning tree legacy mode page 5 22 spanning tree leg...

Page 120: ...me Note This option is available only when the switch is configured for MSTP operation Also there is no defined limit on the number of regions you can configure Syntax spanning tree config revision revision number This command configures the revision number you designate for the MST region in which you want the switch to reside This setting must be the same for all switches residing in the same re...

Page 121: ...ersions of spanning tree protocol or return to MSTP behavior The command is useful in test or debug applications and removes the need to reconfigure the switch for temporary changes in spanning tree operation stp compatible The switch applies 802 1D STP operation on all ports rstp operation The switch applies 802 1w operation on all ports except those ports where it detects a system using 802 1D S...

Page 122: ...for all ports on the switch configured with Use Global the default This parameter applies in MSTP RSTP and STP modes During MSTP operation you can override this global setting on a per port basis with this command spanning tree port list hello time 1 10 page 22 Default 2 Syntax spanning tree legacy mode Set spanning tree protocol to operate either in 802 1d legacy mode or in 802 1s native mode Syn...

Page 123: ...dge port has not been disabled the auto edge port setting controls the behavior of the port The no spanning tree port list admin edge port command disables edge port operation on the specified ports Syntax no spanning tree port list auto edge port Supports the automatic identification of edge ports The port will look for BPDUs for 3 seconds if there are none it begins forwarding packets If admin e...

Page 124: ...wnstream from each port in the port list A setting of global indicates that the ports in port list on the CIST root are using the value set by the global spanning tree hello time value page 5 24 When a given switch X is not the CIST root the per port hello time for all active ports on switch X is propagated from the CIST root and is the same as the hello time in use on the CIST root port in the cu...

Page 125: ... to the switch is priority multiplier x 16 For example if you configure 2 as the priority multiplier on a given port then the actual Priority setting is 32 Thus after you specify the port priority multiplier the switch displays the actual port priority and not the multiplier in the show spanning tree or show spanning tree port list displays You can view the actual multiplier setting for ports by e...

Page 126: ...oming BPDU frames For this scenario BPDU protection offers a more secure alternative imple menting port shut down and a detection alert when errant BPDU frames are received see page page 5 27 for details C a u t i o n Ports configured with the BPDU filter mode remain active learning and forward frames however spanning tree cannot receive or transmit BPDUs on the port The port remains in a forwardi...

Page 127: ...U protection is a security feature designed to protect the active STP topology by preventing spoofed BPDU packets from entering the STP domain In a typical implementation BPDU protection would be applied to edge ports connected to end user devices that do not run STP If STP BPDU packets are received on a protected port the feature will disable that port and alert the network manager via an SNMP tr...

Page 128: ...ning tree 1 10 bpdu protection ProCurve config spanning tree trap errant bpdu Management Station Event Log port X is disable by STP Fake STP BPDU End User SNMP Trap SNMP Trap SNMP Trap BPDU protection Switch STP Domain Syntax no spanning tree port list bpdu protection Enables disables the BPDU protection feature on a port Syntax no spanning tree port list bpdu protection timeout timeout Configures...

Page 129: ...ays a summary listing of ports with BPDU protection enabled To display detailed per port status information enter the specific port number s as shown in figure 5 4 below Figure 5 8 Example of Show Spanning Tree BPDU Protection Command BPDU protected ports are displayed as separate entries of the spanning tree category within the configuration file Figure 5 9 Example of BPDU Filters in the Show Con...

Page 130: ...cket was sent You can configure the disable timerparameter for the amount of time you want the port to remain disabled 0 to 604800 seconds If you configure a value of zero the port will not be re enabled To enable loop protection enter this command ProCurve config loop protect port list Syntax no loop protect port list receiver action send disable no disable transmit interval 1 10 disable timer 0 ...

Page 131: ...igure the time in seconds between the transmission of loop protection packets Default 5 seconds Syntax show loop protect port list Displays the loop protection status If no ports are specified the information is displayed only for the ports that have loop protec tion enabled ProCurve config show loop protect 1 4 Status and Counters Loop Protection Information Transmit Interval sec 5 Port Disable T...

Page 132: ...and places all statically configured VLANs on the switch into the IST instance This command creates a new MST instance MSTI and moves the VLANs you specify from the IST to the MSTI At least one VLAN must be mapped to a MSTI when you create it A VLAN cannot be mapped to more than one instance at a time You can create up to 16 MSTIs in a region Use the no form of the command to remove a VLAN from an...

Page 133: ...are one or more of the same VLAN s Traffic in VLANs assigned to a numbered STP instance in a given region moves to other regions through the root switch for that instance The priority range for an MSTP switch is 0 61440 However this command specifies the priority as a multiplier 0 15 of 4096 That is when you specify a priority multiplier value of 0 15 the actualpriority assigned to the switch for ...

Page 134: ... region to determine the root switch for the region The lower the priority value the higher the priority If there is only one switch in the region then that switch is the root switch for the region The root bridge in a region provides the path to connected regions for the traffic in VLANs assigned to the region s IST instance Traffic in VLANs assigned to a numbered STP instance in a given region m...

Page 135: ...ist path cost auto 1 200000000 This command assigns an individual port cost for the specified MST instance For a given port the path cost setting can be different for different MST instances to which the port may belong The switch uses the path cost to determine which ports are the forwarding ports in the instance that is which links to use for the active topology of the instance and which ports t...

Page 136: ...d to the switch is priority multiplier x 16 For example if you configure 2 as the priority multiplier on a given port in an MST instance then the actualPriority setting is 32 Thus after you specify the port priority multiplier in an instance the switch displays the actual port priority and not the multiplier in the show spanning tree instance 1 16 or show spanning tree port list instance 1 16 disp...

Page 137: ... to connected regions for the traffic in VLANs assigned to the region s IST instance The priority range for a port in a given MST instance is 0 240 However this command specifies the priority as a multiplier 0 15 of 16 That is when you specify a priority multiplier of 0 15 the actual priority assigned to the switch is priority multiplier x 16 For example configuring 5 as the priority multiplier on...

Page 138: ...djacent MSTP switches recalculate network paths to support the configuration changes invoked in a single switch Although MSTP employs RSTP operation the convergence time for implementing MSTP changes can be disruptive to your network However by using the spanning tree pending feature you can set up an MSTP on the switch and then invoke all instances of the new configuration at the same time instea...

Page 139: ...MST instance you want to configure 7 Use the show spanning tree pending command to review your pending configuration page 46 8 Use the spanning tree pending apply command to exchange the currently active MSTP configuration with the pending MSTP configuration Syntax spanning tree pending apply config name config revision instance reset apply Exchanges the currently active MSTP configuration with th...

Page 140: ...ist 1 16 44 show spanning tree mst config 45 show spanning tree pending instance ist mst config page 5 46 show spanning tree root history cst ist msti page 5 47 Syntax show spanning tree This command displays the switch s global and regional spanning tree status plus the per port spanning tree operation at the regional level Note that values for the following parameters appear only for ports conne...

Page 141: ...a IST Instance for the region in which the Switch Operates For Edge No admin edge port operation disabled indicates the port is configured for connecting to a LAN segment that includes a bridge or switch Yes indicates the port is configured for a host end node link Refer to the admin edge port description under Configuring MSTP Per Port on page 5 22 Yes means the switch is operating the port as if...

Page 142: ...laying Switch Statistics for a Specific MST Instance Figure 5 12 Example of MSTP Statistics for a Specific Instance on an MSTP Switch Syntax show spanning tree instance ist 1 16 This command displays the MSTP statistics for either the IST instance or a numbered MST instance running on the switch ...

Page 143: ...port parameter settings for the spanning tree region operation configured by the spanning tree port list command For information on these parameters refer to Configuring MSTP Per Port on page 5 22 Syntax show spanning tree port list config This command shows the same data as the above command but lists the spanning tree port parameter settings for only the specified port s and or trunk s You can l...

Page 144: ... specified instance The lower part of the output lists the spanning tree port settings for the specified instance Syntax show spanning tree port list config instance ist 1 16 This command shows the same data as the above command but lists the spanning tree port parameter settings for only the specified port s and or trunk s You can list data for a series of ports and port trunks by specifying the ...

Page 145: ... the switch s regional configuration Note The switch computes the MSTP Configuration Digest from the VID to MSTI configuration mappings on the switch itself As required by the 802 1s standard all MSTP switches within the same region must have the same VID to MSTI assignments and any given VID can be assigned to either the IST or one of the MSTIs within the region Thus the MSTP Configuration Digest...

Page 146: ...mmand Refer to Enabling an Entire MST Region at Once or Exchanging One Region Configuration for Another on page 5 38 Figure 5 16 Example of Displaying a Pending Configuration Syntax show spanning tree pending instance mst config instance 1 16 ist Lists region instance I D and VLAN information for the specified pending instance mst config Lists region IST instance VLAN s numbered instances and assi...

Page 147: ...ges History Syntax show spanning tree root history cst ist msti cst Displays the CST root changes history ist Displays the IST root changes history msti Displays the MSTI root changes history ProCurve config show spanning tree root history ist Status and Counters IST Regional Root Changes History MST Instance ID 0 Root Changes Counter 1 Current Root Bridge ID 32768 001659 9d0f00 Root Bridge ID Dat...

Page 148: ...t all The allocation of VLANs to MSTIs may not be identical among all switches in a region A Switch Intended To Operate Within a Region Does Not Receive Traffic from Other Switches in the Region An MSTP switch intended for a particular region may not have the same configuration name or region revisionnumberasthe otherswitchesintendedforthesame region TheMSTP Configuration Name and MSTP Configurati...

Page 149: ... Using QoS Types To Configure QoS for Outbound Traffic 6 18 Viewing the QoS Configuration 6 18 No Override 6 19 QoS UDP TCP Priority 6 20 Assigning 802 1p Priority Based on TCP or UDP Port Number 6 21 Assigning a DSCP Policy Based on TCP or UDP Port Number 6 22 QoS IP Device Priority 6 27 Assigning a Priority Based on IP Address 6 28 Assigning a DSCP Policy Based on IP Address 6 29 QoS IP Type of ...

Page 150: ...Assigning a DSCP Policy Based on the Source Port 6 54 Differentiated Services Codepoint DSCP Mapping 6 58 Default Priority Settings for Selected Codepoints 6 59 Quickly Listing Non Default Codepoint Settings 6 60 Note On Changing a Priority Setting 6 61 Example of Changing the Priority Setting on a Policy When One or More QoS Types Are Currently Using the Policy 6 62 IP Multicast IGMP Interaction ...

Page 151: ...nd devices are added to the network When not if network congestion occurs it is important to move traffic on the basis of relative importance However without Quality of Service QoS prioritization less important traffic can consume network bandwidth and slow down or halt the delivery of more important traffic That is without QoS most traffic received by the switch is forwarded with the same priorit...

Page 152: ...licies Honor New Priority Edge Switch Classify inbound traffic on these Class of Service CoS types IP device address VLAN ID VID Source Port Apply 802 1p priority to selected outbound traffic on tagged VLANs Downstream Switch Tagged VLANs on some or all inbound and outbound ports Classify inbound traffic on CoS types Change priority on selected CoS type s Forward with 802 1p priority Downstream Sw...

Page 153: ...while optimizing the use of existing resources and delaying the need for further investments in equipment and services That is QoS enables you to Specify which traffic has higher or lower priority regardless of current network bandwidth or the relative priority setting of the traffic when it is received on the switch Change upgrade or downgrade the priority of outbound traffic Override illegal pac...

Page 154: ...ible codepoints In the default QoS configuration for the switches covered in this chapter one codepoint 101110 is set for Expedited Forwarding All other codepoints are unused and listed with No override for a priority DSCP policy A DSCP configured with a specific 802 1p priority 0 7 Default No override Using a DSCP policy you can configure the switch to assign priority to IP packets That is for an...

Page 155: ... priority queue leaves the switch before any traffic in the port s medium priority queue and so on re marking DSCP re marking Assigns a new QoS policy to an outbound packet by changing the DSCP bit settings in the ToS byte tagged port membership Identifies a port as belonging to a specific VLAN and enables VLAN tagged packets belonging to that VLAN to carry an 802 1p priority setting when outbound...

Page 156: ...move at the four priority levels shown in table 6 1 above they still can carry an 802 1p priority that can be usedbydownstreamdeviceshavingmoreorlessthanthefourpriority levels in the switches covered by this guide Also if the packet enters the switch with an 802 1p priority setting QoS can override this setting if configured with an 802 1p priority rule to do so Not e If your network uses only one...

Page 157: ...0xl switches they are referred to as classifiers Also the 2810 switch searches for type matches in the opposite order of that used in the 5300xl switches For more on QoS operation for the 5300xl switches and the 3400cl switches refer to the Advanced Traffic Management Guide for these switch models Not e On Using Mult ipl e Cr iter ia ProCurve recommends that you configure a minimum number of the a...

Page 158: ...rmixing lower precedence types configured with DSCP policies and higher precedence types configured with 802 1p priority rules is not recommended as this can result in a packet with an 802 1p priority assigned by one type and a DSCP policy by another type This is because the search order would allow a lower precedence type configured with a DSCP policy to change both the DSCP and the 802 1p settin...

Page 159: ...cedence defaults to the IP Type of Service ToS type below 3 IP Type of Service IP ToS Takes precedence based on the TOS field in IP packets Applies only to IP packets The ToS field is configured by an upstream device or application before the packet enters the switch IP Precedence Mode QoS reads an inbound packet s IP precedence upper three bits in the Type of Service ToS byte and automatically as...

Page 160: ...the packet and it then leaves the switch through a port that is a tagged member of the VLAN then there is no change to its 802 1p priority setting If the packet leaves the switch through a port that is an untagged member of the VLAN the 802 1p priority is dropped Entering Inbound 802 1p Priority Outbound Port Queue Exiting Outbound 802 1p Priority 1 2 0 3 4 5 6 7 Low Normal Medium High 1 2 0 3 4 5...

Page 161: ...e 6 5 c IP Type of Service Precedence Bits Leftmost three bits in the ToS field of IP packets d VLAN e Interface For more on how QoS operates with the preceding traffic types see Precedence Criteria for QoS types on page 6 11 Outbound Packet Options Port Membership in VLANs Tagged Untagged Control Port Queue Priority for Packet Types Yes Yes Carry 802 1p Priority Assignment to Next Downstream Devi...

Page 162: ...S resource use QoS Options for Prioritizing Outbound Traffic QoS Types UDP TCP IP Device IP ToS Precedence VLAN ID Source Port Option 1 Configure 802 1p Priority Rules Only Prioritizetrafficbysendingspecificpackettypes determined by QoS type to different outbound port queues on the switch Rely on VLAN tagged ports to carry packet priority as an 802 1p value to downstream devices Yes Yes Yes 1 Yes ...

Page 163: ...case you should plan and configure your QoS resource usage first for the most important traffic type before configuring QoS resource usage for other traffic types If insufficient resources remain for all of the QoS implementation you want try spreading this implementation across multiple switches QoS Resource Usage and Monitoring Each of the five types of QoS features has a maximum number of rules...

Page 164: ...VLAN requires more rule resources than are available The policy will not be configured on any ports subject to the command The CLI displays a message similar to the following Unable to add this QoS rule Maximum number already reached Adding a Port to a QoS Configured VLAN Without Enough Rules Available When you add a port to an existing QoS configured VLAN the switch attempts to apply the VLAN s Q...

Page 165: ...S policy you want to implement Depending on your network topology and configuration you can free up rule resources by moving some policies to other devices Another alternative is to inspect the switch s existing QoS configuration for unnecessary entries or ineffi cient applications that could be removed or revised to achieve the desired policies with less resource usage Table 6 8 on page 6 15 or t...

Page 166: ... page 6 20 Refer to Online Help IP Device Priority Disabled page 6 27 IP Type of Service Priority Disabled page 6 33 VLAN ID Priority Disabled page 6 46 Interface Source Port Priority Disabled page 6 52 Syntax show qos priority type tcp udp port priority Displays the current TCP UDP port priority configuration Refer to figure 6 8 on page 6 26 device priority Displays the current device IP address ...

Page 167: ...in the 802 1Q tag in the packet s header VLAN Tagged packets received through an untagged port are handled in the switch with normal priority For example figure 6 4 below shows a qos VLAN priority output in a switch where nondefault priorities exist for VLANs 22 and 33 while VLAN 1 remains in the default configuration Figure 6 4 Example of the Show QoS Output for VLAN Priority vlan priority Displa...

Page 168: ...dresses comprise a ruleset Not e UDP TCP QoS applications do not support IPv4 packets with IP options or layer 2 SAP encapsulation For more information on packet type restrictions refer to Details of Packet Criteria and Restrictions for QoS Support on page 6 66 Options for Assigning Priority Priority control options for TCP or UDP packets carrying a specified TCP or UDP port number include 802 1p ...

Page 169: ... udp port number priority 0 7 Configures an 802 1p priority for outbound packets having the specified TCP or UDP application port number This priority determines the packet s queue in the outbound port to which it is sent If the packet leaves the switch on a tagged port it carries the 802 1p priority with it to the next downstream device Default Disabled Note On switches covered in this guide this...

Page 170: ...having the specified port number That is the switch 1 Selects an incoming IP packet if the TCP or UDP port number it carries matches the port number specified in the TCP or UDP type as shown in figure 6 5 above TCP UDP Port 802 1p Priority for TCP 802 1p Priority for UDP TCP Port 23 Telnet 7 7 UDP Port 23 Telnet 7 7 TCP Port 80 World Wide Web HTTP 2 2 UDP Port 80 World Wide Web HTTP 1 1 Indicates ...

Page 171: ...umber type you want to use for assigning a DSCP policy 2 Determine the DSCP policy for packets carrying the selected TCP or UDP port number a Determine the DSCP you want to assign to the selected packets This codepoint will be used to overwrite re mark the DSCP carried in packets received from upstream devices b Determine the 802 1p priority you want to assign to the DSCP 3 Configure the DSCP poli...

Page 172: ...nd Default No override for most codepoints See table 6 11 on page 6 59 Syntax qos udp port tcp port tcp or udp port number dscp codepoint Assigns a DSCP policy to outbound packets having the specified TCP or UDP application port number and overwrites the DSCP in these packets with the assigned codepoint value This policy includes an 802 1p priority and determines the packet s queue in the outbound...

Page 173: ...etermine whether the DSCPs already have priority assignments which could indicate use by existing applications Also a DSCP must have a priority configured before you can assign any QoS types to use it Figure 6 6 Display the Current DSCP Map Configuration Port Applications DSCP Policies DSCP Priority 23 UDP 000111 7 80 TCP 000101 5 914 TCP 000010 1 1001 UDP 000010 1 The DSCPs for this example have ...

Page 174: ...lay the result Figure 6 8 The Completed DSCP Policy Configuration for the Specified UDP TCP Port Applications The switch will now apply the DSCP policies in figure 6 8 to IPv4 packets received in the switch with the specified UDP TCP port applications This means the switch will Overwrite the original DSCPs in the selected packets with the new DSCPs specified in the above policies Assign the 802 1p...

Page 175: ...configured priority level Not e The switch does not allow a QoS IP device priority for the Management VLAN IP address if configured If there is no Management VLAN configured then the switch does not allow configuring a QoS IP device priority for the Default VLAN IP address IP address QoS does not support layer 2 SAP encapsulation For more information on packet type restrictions refer to Details of...

Page 176: ... priority ip address priority 0 7 Configures an 802 1p priority for outbound packets having the specified IP address This priority determines the packet s queue in the outbound port to which it is sent If the packet leaves the switch on a tagged port it carries the 802 1p priority with it to the next downstream device Default Disabled no qos device priority ip address Removes the specified IP devi...

Page 177: ...address it carries 2 Overwrites the packet s DSCP with the DSCP configured in the switch for such packets and assigns the 802 1p priority configured in the switch for the new DSCP Refer to Differentiated Services Codepoint DSCP Mapping on page 6 58 3 Forwards the packet through the appropriate outbound port queue N o t e o n C o m b i n i n g P o l i c y Typ e s Mixing ToS DSCP policies and 802 1p...

Page 178: ...sign the DSCP policy to packets with the specified IP address Syntax qos dscp map codepoint priority 0 7 This command is optional if a priority has already been assigned to the codepoint The command creates a DSCP policy by assigning an 802 1p priority to a specific DSCP When the switch applies this policy to a packet the priority determines the packet s queue in the outbound port to which it is s...

Page 179: ... using the same DSCP Refer to the Note On Changing a Priority Setting on page 6 61 Also a DSCP must have a priority configured before you can assign any QoS types to use it Figure 6 10 Display the Current DSCP Map Configuration no qos device priority ip address Deletes the specified IP address as a QoS type show qos device priority Displays a listing of all QoS Device Priority types currently in t...

Page 180: ...resses and display the result Figure 6 12 The Completed Device Priority Codepoint Configuration The switch will now apply the DSCP policies in figure 6 11 to IPv4 packets received on the switch with the specified IP addresses source or destination This means the switch will Overwrite the original DSCPs in the selected packets with the new DSCPs specified in the above policies Assign the 802 1p pri...

Page 181: ... priority Use the qos dscp map command to specify a priority for any codepoint page 6 58 Assign an 802 1p Priority This option reads the DSCP of an incoming IPv4 packet and without changing this codepoint assigns the 802 1p priority to the packet as configured in the DSCP Policy Table page 6 58 This means that a priority value of 0 7 must be configured for a DSCP before the switch will attempt to ...

Page 182: ...iff services as described below which automatically disables IP Precedence To disable IP Precedence without enabling the diff services option use this command Syntax qos type of service ip precedence Causes the switch to automatically assign an 802 1p priority to all IPv4 packets by computing each packet s 802 1p priority from the precedence bits the packet carries This priority determines the pac...

Page 183: ... packets with the desired priority regardless of whether 802 1Q tagged VLANs are in use Figure 6 14 Interior Switch B Honors the Policy Established in Edge Switch A To do so assign the desired 802 1p priority to the same codepoint that the upstream or edge switch assigns to the selected packets When the downstream switch receives an IPv4 packet carrying one of these codepoints it assigns the confi...

Page 184: ...s configured with No override are not used The codepoint is not configured for a new DSCP policy assignment Thus the switch does not allow the same incoming codepoint DSCP to be used simultaneously for directly assigning an 802 1p priority and also assigning a DSCP policy For a given incoming codepoint if you configure one option and then the other the second overwrites the first To use this optio...

Page 185: ...ty assignment in the DSCP table to No override Note that if this codepoint is in use as a DSCP policy for another diffserv codepoint you must disable or redirect the other diffserv codepoint s DSCP policy before you can disable or change the codepoint For example in figure 6 15 you cannot change the priority for the 000000 codepoint until you redirect the DSCP policy for 000001 away from using 000...

Page 186: ...iority To enable this operation you would configure an 802 1p priority of 7 for packets received with a DSCP of 000110 and then enable diff services Figure 6 15 Example Showing Codepoints Available for Direct 802 1p Priority Assignments Executingthiscommanddisplays the current ToS configuration and shows that the selected DSCP is not currently in use The 000110 codepoint is unused and thus availab...

Page 187: ... associated 802 1p priority You can use this option concurrently with the diffserv 802 1p priority option above as long as the DSCPs specified in the two options do not match To use this option to configure a change in policy 1 Identify a DSCP used to set a policy in packets received from an upstream or edge switch 2 Create a new policy by using qos dscp map codepoint priority 0 7 to configure an ...

Page 188: ...n a new previously configured DSCP policy to the packet The policy overwrites the current codepoint with the new codepoint and assigns the 802 1p priority specified by the policy Use the qos dscp map command to define the priority for the DSCPs page 6 58 no qos type of service Disables all ToS type operation Current ToS DSCP policies and priorities remain in the configuration and will become avail...

Page 189: ...xisting applications This is not a problem as long as the configured priorities are acceptable for all applications using the same DSCP Refer to the Note On Changing a Priority Setting on page 6 61 Also a DSCP must have a priority configured before you can assign any QoS types to use it Figure 6 17 Display the Current DSCP Map Configuration Received DSCP Policy DSCP 802 1p Priority Policy Name Opt...

Page 190: ...d with Optional Names in the DSCP Table 3 Assign the policies to the codepoints in the selected packet types Figure 6 19 Example of Policy Assignment to Outbound Packets on the Basis of the DSCP in the Packets Received from Upstream Devices The specified DSCP policies overwrite the original DSCPs on the selected packets and use the 802 1p priorities previously configured in the DSCP policies in st...

Page 191: ...riority 0 7 To use this option in the simplest case you would a Configure a specific DSCP with a specific priority in an edge switch b Configure the switch to mark a specific type of inbound traffic with that DSCP and thus create a policy for that traffic type c Configure the internal switches in your LAN to honor the policy For example you could configure an edge switch to assign a codepoint of 0...

Page 192: ...agged Port in a VLAN Depending on the value of the IP Precedence bits in the packet s ToS field the packet will go to one of four outbound port queues in the switch 1 2 low priority 0 3 normal priority 4 5 high priority 6 7 high priority For a given packet carrying a ToS codepoint that the switch has been configured to detect Change the codepoint according to the configured policy and assign the 8...

Page 193: ...next downstream device Refer to table 6 10 below Same as above plus the Priority value 0 7 will be used to set a corresponding 802 1p priority in the VLAN tag carried by the packettothenextdownstreamdevice WhereNo overrideisthe assigned priority the VLAN tag carries a 0 normal priority 802 1p setting if not prioritized by other QoS types Outbound Port ToS Option IP Precedence Value 0 7 Differentia...

Page 194: ...g a new DSCP and an associated 802 1p priority inbound packets must be IPv4 For operation when other QoS types apply to the same traffic refer to QoS Types for Prioritizing Outbound Packets on page 6 9 Not e QoS with VID priority applies to static VLANs only and applying QoS to dynamic VLANs created by GVRP operation is not supported A VLAN must exist while a subject of a QoS configuration and eli...

Page 195: ...longing to the specified VLAN This priority determines the packet s queue in the outbound port to which it is sent If the packet leaves the switch on a tagged port it carries the 802 1p priority with it to the next downstream device You can configure one QoS type for each VLAN ID Default No override no vlan vid qos Removes the specified VLAN ID as a QoS type and resets the priority for that VLAN t...

Page 196: ... on VLAN ID VID This option assigns a previously configured DSCP policy codepoint and 802 1p priority to outbound IP packets having the specified VLAN ID VID That is the switch 1 Selects an incoming IP packet on the basis of the VLAN ID it carries 2 Overwrites the packet s DSCP with the DSCP configured in the switch for such packets 3 Assigns the 802 1p priority configured in the switch for the ne...

Page 197: ...vices Codepoint DSCP Mapping on page 6 58 Not e A codepoint must have an 802 1p priority 0 7 before you can configure the codepoint for use in prioritizing packets by VLAN ID If a codepoint you want to use shows No override in the Priority column of the DSCP Policy table show qos dscp map then assign a priority before proceeding 4 Configure the switch to assign the DSCP policy to packets with the ...

Page 198: ...e Current Configuration in the DSCP Policy Table Syntax vlan vid qos dscp codepoint Assigns a DSCP policy to packets carrying the specified IP address and overwrites the DSCP in these packets with the assigned codepoint value This policy includes an 802 1p priority and determines the packet s queue in the outbound port to which it is sent If the packet leaves the switch on a tagged port it carries...

Page 199: ... selected VIDs and display the result Figure 6 26 The Completed VID DSCP Priority Configuration The switch will now apply the DSCP policies in figure 6 26 to packets received on the switch with the specified VLAN IDs This means the switch will Overwrite the original DSCPs in the selected packets with the new DSCPs specified in the above policies Assign the 802 1p priorities in the above policies t...

Page 200: ...outbound packets having the specified source port Configure this option by either specifying the source port ahead of the qos command or moving to the port context for the port you want to configure for priority For configuring multiple source ports with the same priority you may find it easier to use the interface port list command to go to the port context instead of individually configuring the...

Page 201: ...would then execute the following commands to prioritize traffic received on the above ports Figure 6 27 Configuring and Displaying Source Port QoS Priorities If you then decided to remove port 1 from QoS prioritization Figure 6 28 Returning a QoS Prioritized VLAN to No override Status Interface Source Port Priority 1 3 2 4 3 5 8 5 9 11 6 In this instance No override indicates that port A1 is not p...

Page 202: ...s is not recommended Refer to the Note on page 6 10 For more on DSCP refer to Terminology on page 6 6 Steps for Creating a Policy Based on Source Port Types Not e You can select one DSCP per source port Also configuring a new DSCP for a source port automatically overwrites replaces any previous DSCP or 802 1p priority configuration for that port 1 Identify the source port type to which you want to...

Page 203: ...h applies this priority to a packet the priority determines the packet s queue in the outbound port to which it is sent If the packet leaves the switch on a tagged port it carries the 802 1p priority with it to the next downstream device Default For most codepoints No override See figure 6 11 on page 6 59 on page 6 59 Syntax interface port list qos dscp codepoint Assigns a DSCP policy to packets f...

Page 204: ...acceptable for all applications using the same DSCP Refer to the Note On Changing a Priority Setting on page 6 61 Also a DSCP must have a priority configured before you can assign any QoS types to use it Figure 6 29 Display the Current Configuration in the DSCP Policy Table 2 Configure the priorities for the DSCPs you want to use Figure 6 30 Assign Priorities to the Selected DSCPs Source Port DSCP...

Page 205: ...naging Bandwidth More Effectively Using QoS Types To Configure QoS for Outbound Traffic 3 Assign the DSCP policies to the selected source ports and display the result Figure 6 31 The Completed Source Port DSCP Priority Configuration ...

Page 206: ...priority as indicated by No override in table 6 11 on page 6 59 You can list the current DSCP Policy table change the codepoint priority assignments and assign optional names to the codepoints Syntax show qos dscp map Displays the DSCP Policy Table qos dscp map codepoint priority 0 7 name ascii string Configures an 802 1p priority for the specified codepoint and optionally an identifying policy na...

Page 207: ... No override No override No override No override No override 1 No override 1 No override 2 No override No override No override 0 No override 0 No override 010110 010111 011000 011001 011010 011011 011100 011101 011110 011111 100000 100001 100010 100011 100100 100101 100110 100111 101000 101001 101010 3 No override No override No override 4 No override 4 No override 5 No override No override No ove...

Page 208: ...odepoint settings are true If you change all three settings to a priority of 3 and then execute writememory the switch will reflect these changes in the show config listing Figure 6 32 Example of Show Config Listing with Non Default Priority Settings in the DSCP Table Effect of No override In the QoS Type of Service differentiated services mode a No override assignment for the codepoint of an outb...

Page 209: ...evice priority show qos port priority show qos tcp udp port priority show qos vlan priority show qos type of service For example supposethat the 000001 codepointhas a priority of6 andseveral types use the 000001 codepoint to assign a priority to their respective types of traffic If you wanted to change the priority of codepoint 000001 you would do the following 1 Identify which QoS types use the c...

Page 210: ...es Are Currently Using the Policy Suppose that codepoint 000001 is in use by one or more types If you try to change its priority you see a result similar to the following Figure 6 33 Example of Trying To Change the Priority on a Policy In Use by a QoS Type In this case you would use steps similar to the following to change the priority 1 Identify which types use the codepoint you want to change ...

Page 211: ...ively Using QoS Types To Configure QoS for Outbound Traffic Figure 6 34 Example of a Search to Identify QoS Types Using a Codepoint You Want To Change Three types use the codepoint that is to be changed Two types do not use the codepoint that is to be changed ...

Page 212: ...cy assignment for the device priority type That is assign it to No override b Create a new DSCP policy to use for re assigning the remaining types c Assign the port priority type to the new DSCP policy d Assign the udp port 1260 type to an 802 1p priority 3 Reconfigure the desired priority for the 000001 codepoint ProCurve config qos dscp map 000001 priority 4 4 You could now re assign the types t...

Page 213: ...devices but the packet is serviced by the high priority queue when leaving the switch QoS Messages in the CLI IGMP High Priority QoSConfiguration Affects Packet Switch Port Output Queue Outbound 802 1p Setting Requires Tagged VLAN Not Enabled Yes Determined by QoS Determined by QoS Enabled See above para graph High As determined by QoS if QoS is active Message Meaning DSCP Policy decimal codepoint...

Page 214: ...and VLAN QoS the switches covered in this guide do not support QoS operation for SAP Encapsulated packets Thus the switch can use only VLAN QoS and source port QoS to prioritize SAP encapsu lated packets Packets with IP Option Fields in the Header UDP TCP QoS is not supported for IP packets carrying optional fields in their headers Packet Criteria or Restriction QoS Types DSCP Overwrite Re Marking...

Page 215: ...ion which generates an Event Log message When the authenticated host discon nects the port returns to the static QoS configuration Not Supported Use of an inbound 802 1p packet priority as a type for remapping a packet s outbound priority to different 802 1p priority For example where inbound packets carry an 802 1p priority of 1 QoS cannot be configureduse this priority as a type forchanging theo...

Page 216: ...6 68 Quality of Service QoS Managing Bandwidth More Effectively QoS Operating Notes and Restrictions ...

Page 217: ...ander Switch 7 14 Using the Menu To Manage a Candidate Switch 7 16 Using the Commander To Manage The Stack 7 18 Using the Commander To Access Member Switches for Configuration Changes and Monitoring Traffic 7 25 Converting a Commander or Member to a Member of Another Stack 7 26 Monitoring Stack Status 7 27 Using the CLI To View Stack Status and Configure Stacking 7 31 Using the CLI To View Stack S...

Page 218: ...k Management Contents Using the CLI To Disable or Re Enable Stacking 7 46 Transmission Interval 7 46 Stacking Operation with Multiple VLANs Configured 7 46 Web Viewing and Configuring Stacking 7 47 Status Messages 7 48 ...

Page 219: ...r any specialized cabling For an overview of stacking features refer to the table on page 7 4 For general information on how to use the switch s built in interfaces see Chapter 3 Using the Menu Interface Chapter 4 Using the Command Line Interface CLI Chapter 5 Using the Web Browser Interface Chapter 6 Switch Memory and Configuration ...

Page 220: ...s of all stacking enabled switches in the ip subnet n a page 7 34 configure stacking enable disable candidate Auto Join enabled Yes page 7 17 page 7 39 push a candidate into a stack n a page 7 17 page 7 40 configure a switch to be a commander n a page 7 14 page 7 35 push a member into another stack n a page 7 26 page 7 41 remove a member from a stack n a page 7 23 page 7 42 or page 7 43 pull a can...

Page 221: ...ich Devices Support Stacking As of April 2006 the following ProCurve devices support stacking ProCurve Switch 6108 ProCurve Switch 4104GL ProCurve Switch 4108GL ProCurve Switch 2810 ProCurve Switch 2650 ProCurve Switch 2626 ProCurve Switch 2512 ProCurve Switch 2524 ProCurve Switch 8000M ProCurve Switch 4000M ProCurve Switch 2424M ProCurve Switch 2400M ProCurve Switch 1600M Requires software releas...

Page 222: ...der s Manager password controls access to all stack Members Stack Consists of a Commander switch and any Member switches belonging to that Commander s stack Commander A switch that has been manually configured as the controlling device for a stack When this occurs the switch s stacking configuration appears as Commander Candidate A switch that is ready to join become a Member of a stack through ei...

Page 223: ...b browser interface window for a Commander switch differs in appearance from the same window for non commander switches See figure 7 38 on page 7 47 Member Switch 1 IP Address None Assigned Manager Password leader Candidate Switch IP Address None Assigned Manager Password francois Non Member Switch IP Address 14 28 227 105 Manager Password donald Member Switch 2 IP Address None Assigned Manager Pa...

Page 224: ...mit is exceeded it may take multiple attempts to add or move a member to any given stack Once a member is added to a stack it is not forgotten by the Commander Viewing Stack Status all only displays up to 100 devices Devices that are not members of a given stack may periodically drop out of the list when viewing Stack Status all If multiple VLANs are configured stacking uses only the primary VLAN ...

Page 225: ... and Operator passwords Ifacandidatehasapassword it cannot be automatically added to a stack In this case if you want the Candidate in a stack you must manually add it to the stack Uses standard SNMP community operation if the Candidate has its own IP addressing Member IP Addr Optional Configuring an IP address allows access via Telnet or web browser interface without going through theCommanderswi...

Page 226: ...k Management Overview of Configuring and Bringing Up a Stack This process assumes that All switches you want to include in a stack are connected to the same subnet broadcast domain IfVLANsare enabledonthe switchesyouwanttoinclude inthe stack then the ports linking the stacked switches must be on the primary VLAN in each switch which in the default configuration is the default VLAN If the primary V...

Page 227: ...P addressing and a stack name on the Commander 3 Set the Commander s Auto Grab parameter to Yes 4 Connect Candidate switches in their factory default configuration to the network This approach automatically creates a stack of up to 16 switches including the Commander However this replaces manual control with an automatic process that may bring switches into the stack that you did not intend to inc...

Page 228: ...see pages 7 14 through 7 38 for the menu interface and pages 7 31 through 7 43 for the CLI 1 Determine the naming conventions for the stack You will need a stack name Also to help distinguish one switch from another in the stack you can configure a unique system name for each switch Otherwise the system name for a switch appearing inthe Stacking Status screen appears as the stack name plus an auto...

Page 229: ...der to assign IP addressing or make other configuration changes 4 Make a record of any Manager passwords assigned to the switches intended for your stack that are not currently members You will use these passwords to enable the protected switches to join the stack 5 If you are using VLANs in the stacking environment you must use the default VLAN for stacking links For more information see Stacking...

Page 230: ... Stacking Using the Menu Interface To View and Configure a Commander Switch 1 Configure an IP address and subnet mask on the Commander switch See the chapter on IP addressing in the Management and Configuration Guide 2 Display the Stacking Menu by selecting Stacking in the Main Menu Figure 7 5 The Default Stacking Menu ...

Page 231: ... 4 Move the cursor to the Stack State field by pressing E for Edit Then use the Space bar to select the Commander option 5 Press the downarrow key to display the Commander configuration fields in the Stack Configuration screen Figure 7 7 The Default Commander Configuration in the Stack Configuration Screen 6 Enter a unique stack name up to 15 characters no spaces and press the downarrow key ...

Page 232: ...e Member switches from the list of discovered Candidates depending on your configuration choices Using the Menu To Manage a Candidate Switch Using the menu interface you can perform these actions on a Candidate switch Add push the Candidate into an existing stack Modify the Candidate s stacking configuration Auto Join and Transmission Interval Convert the Candidate to a Commander Disable stacking ...

Page 233: ...ng Stacking in the console Main Menu 2 Display the Stack Configuration menu by pressing 3 to select Stack Configuration Figure 7 8 The Default Stack Configuration Screen 3 Move the cursor to the Stack State field by pressing E for Edit 4 Do one of the following To disable stacking on the Candidate use the Space bar to select the Disabled option then go to step 5 Note Using the menu interface to di...

Page 234: ...onds Then go to step 5 5 Press Enter to return the cursor to the Actions line 6 Press S for Save to save your configuration changes and return to the Stacking menu Using the Commander To Manage The Stack The Commander normally operates as your stack manager and point of entry into other switches in the stack This typically includes Adding new stack members Moving members between stacks Removing me...

Page 235: ...ets to No so that it will not immediately rejoin a stack from which it has just departed A Manager password is set in the Candidate The stack is full Unless the stack is already full you can use the Stack Management screen to manually convert a Candidate to a Member If the Candidate has a Manager password you will need to use it to make the Candidate a Member of the stack 1 To add a Member start a...

Page 236: ... downarrow key to move the cursor to the Candidate Password field then type the password If the desired Candidate does not have a password go to step 6 6 Press Enter to return to the Actions line then press S for Save to complete the Add process for the selected Candidate You will then see a screen similar to the one in figure 7 11 below with the newly added Member listed Note If the message Unabl...

Page 237: ...ed VLAN on page 7 46 This procedure is nearly identical to manually adding a Candidate to a stack page 7 19 If the stack from which you want to move the Member has a Manager password you will need to know the password to make the move 1 To move a Member from one stack to another go to the Main Menu of the Commander in the destination stack and display the Stacking Menu by selecting 9 Stacking 2 To...

Page 238: ...You will then see a screen listing any available candidates See figure 7 10 on page 7 20 Note that you will not see the switch you want to add because it is a Member of another stack and not a Candidate 6 Either accept the displayed switch number or enter another available number The range is 0 15 with 0 reserved for the Commander 7 Use the downarrow key to move the cursor to the MAC Address field...

Page 239: ...r s interface and entering the MAC address of the destination stack Commander in the Member s Commander MAC Address field Using this method moves the Member to another stack without a need for knowing the Manager password in that stack but also blocks access to the Member from the original Commander Using the Commander s Menu To Remove a Stack Member These rules affect removals from a stack When a...

Page 240: ...of Stack Management Screen with Stack Members Listed 2 Use the downarrow key to select the Member you want to remove from the stack Figure 7 14 Example of Selecting a Member for Removal from the Stack 3 Type D for Delete to remove the selected Member from the stack You will then see the following prompt Figure 7 15 The Prompt for Completing the Deletion of a Member from the Stack Forstatusdescript...

Page 241: ...ander to access the Member s console interface for the same configu ration and monitoring that you would do through a Telnet or direct connect access 1 From the Main Menu select 9 Stacking 5 Stack Access You will then see the Stack Access screen Figure 7 16 Example of the Stack Access Screen Use the downarrow key to select the stack Member you want to access then press X foreXecute todisplay theco...

Page 242: ... Logout then Y for Yes c Press Return You should now see the Commander s Stack Access screen For an example see figure 7 16 on page 7 25 Converting a Commander or Member to a Member of Another Stack When moving a commander the following procedure returns the stack mem bers to Candidate status with Auto Join set to No and converts the stack Commander to a Member of another stack When moving a membe...

Page 243: ...nvironment see Stacking Operation with a Tagged VLAN on page 7 46 This can help you in such ways as determining the stacking configuration for individual switches identifying stack Members and Candidates and determining the status of individual switches in a stack See table 7 5 on page 7 27 Table 7 5 Stack Status Environments Screen Name Commander Member Candidate Stack Status This Switch Commande...

Page 244: ... 2 Stacking Status All You will then see a Stacking Status screen similar to the following Figure 7 18 Example of Stacking Status for All Detected Switches Configured for Stacking Viewing Commander Status This procedure displays the Commander and stack configuration plus information identifying each stack member To display the status for a Commander go to the console Main Menu for the switch and s...

Page 245: ... MAC address To display the status for a Member 1 Go to the console Main Menu of the Commander switch and select 9 Stacking 5 Stack Access 2 Use the downarrow key to select the Member switch whose status you want to view then press X for eXecute You will then see the Main Menu for the selected Member switch 3 In the Member s Main Menu screen select 9 Stacking 1 Stacking Status This Switch You will...

Page 246: ...king configuration To display the status for a Candidate 1 Use Telnet if the Candidate has a valid IP address for your network or a direct serial port connection to access the menu interface Main Menu for the Candidate switch and select 9 Stacking 1 Stacking Status This Switch You will then see the Candidate s Stacking Status screen Figure 7 21 Example of a Candidate s Stacking Screen ...

Page 247: ...us all Lists all stack Commanders Members and Candidates with their individual status no stack Any Stacking Capable Switch Enables or disables stacking on the switch Default Stacking Enabled no stackcommander stackname Candidate or Commander Converts a Candidate to a Commander or changes the stack name of an existing commander No form eliminates named stack and returns Commander and stack Members ...

Page 248: ...N assignments for a stack execute the show stack command in the Commander s CLI no stack join mac addr Candidate Causes the Candidate to join the stack whose Commander has the indicatedMAC address No form isusedin a Member to remove it from the stack of the Commander having the specified address Member Pushes the member to another stack whose Commander has the indicated MAC address no stack auto j...

Page 249: ...se the CLI in a to display the stack status for that switch In this case the switch is in the default stacking configuration Syntax show stack Figure 7 22 Example of Using the Show Stack Command To List the Stacking Configuration for an Individual Switch Viewing the Status of Candidates the Commander Has Detected This example illustrates how to list stack candidates the Commander has discovered in...

Page 250: ...mmand was executed is a candidate it is included in the Others category Syntax show stack all Figure 7 24 Result of Using the Show Stack All Command To List Discovered Switches in the IP Subnet Viewing the Status of the Commander and Current Members of the Commander s Stack The next example lists all switches in the stack of the selected switch Syntax show stack view Figure 7 25 Example of the Sho...

Page 251: ...ve an IP address in order for stacking to operate properly For more on the primary VLAN see The Primary VLAN on page 2 6 2 Configure a Manager password on the switch intended for commander The Commander s Manager password controls access to stack Mem bers For more on passwords see the local manager and operator pass word information in the Access Security Guide for your switch Configure the Stack ...

Page 252: ...e the new stack If you do not know the MAC address for the Commander of the current stack use show stack to list it Syntax no stack stack commander stack name Suppose forexample thataProCurveswitchnamed BeringSea isaMember of a stack named Big_Waters To use the switch s CLI to convert it from a stack Member to the Commander of a new stack named Lakes you would use the following commands The stack ...

Page 253: ...ual control over which switches join the stack and when they join This prevents the Commander from automatically trying to add every Candidate it finds that has Auto Join set to Yes the default for the Candidate If you want any eligible Candidate to automatically join the stack when the Commander discovers it configure Auto Grab in the Commander to Yes When you do so any Candidate discovered with ...

Page 254: ...overed Candidates with their MAC addresses execute show stack candidates from the Commander s CLI For example to list the discov ered candidates for the above Commander Figure 7 29 Example of How To Determine MAC Addresses of Discovered Candidates Knowing the available switch numbers SNs and Candidate MAC addresses you can proceed to manually assign a Candidate to be a Member of the stack Syntax s...

Page 255: ...the Com mander s Auto Grab parameter is set to Yes You can disable Auto Join on a Candidate if you want to prevent automatic joining in this case There is also the instance where a Candidate s Auto Join is disabled for example when a Commander leaves a stack and its members automatically return to Candidate status or if you manually remove a Member from a stack In this case you may want to reset A...

Page 256: ...CLI for the Candidate switch For example suppose that a Candidate named North Sea with Auto Join off and a valid IP address of 10 28 227 104 is running on a network You could Telnet to the Candidate use show stack all to determine the Commander s MAC address and then push the Candidate into the desired stack Figure 7 31 Example of Pushing a Candidate Into a Stack To verify that the Candidate succe...

Page 257: ... ProCurve config stack member 1 mac address 0060b0 df1a00 Where 1 is an unused switch number SN Since a password is not set on the Candidate a password is not needed in this example You could then use show stack all again to verify that the move took place Using a Member CLI To Push the Member into Another Stack You can use the Member s CLI to push a stack Member into a destination stack if you kn...

Page 258: ...o a Member Using the CLI To Remove a Member from a Stack You can remove a Member from a stack using the CLI of either the Commander or the Member Not e When you remove a Member from a stack the Member s Auto Join parameter is set to No Using the Commander CLI To Remove a Stack Member This option requires the switch number SN and the MAC address of the switch to remove Because the Commander propaga...

Page 259: ...ember 3 mac address 0030c1 7fc700 where 3 is the North Sea Member s switch number SN 0030c1 7fc700 is the North Sea Member s MAC address Using the Member s CLI To Remove the Member from a Stack Syntax no stack join mac addr To use this method you need the Commander s MAC address which is available using the show stack command in the Member s CLI For example Figure 7 35 Example of How To Identify t...

Page 260: ...SN assigned by the Commander to each member range 1 15 To find the switch number for the Member you want to access execute the show stack view command in the Commander s CLI For example suppose that you wanted to configure a port trunk on the switch named North Sea in the stack named Big_Waters Do do so you would go to the CLI for the Big_Waters Commander and execute show stack view to find the sw...

Page 261: ...y community is only on switch 3 you could not use the Commander IP address for gray community access from the management station Instead you would access switch 3 directly using the switch s own IP address For example snmpget MIB variable 10 31 29 15 gray Commander Switch IP Addr 12 31 29 100 Community Names blue red Member Switch 2 IP Addr None Community Names none Member Switch 3 IP Addr 12 31 2...

Page 262: ...ng on the switch before it can become a Candidate Member or Commander Disabling a Member Removes the Member from the stack and changes it to a stand alone nonstacking switch You must re enable stacking on the switch before it can become a Candidate Member or Commander Disabling a Candidate Changes the Candidate to a stand alone non stacking switch Syntax no stack Disables stacking on the switch st...

Page 263: ...der appears as shown above The interface for Members and Candidates appears the same as for a non stacking switches To view or configure stacking on the web browser interface 1 Click on the Configuration tab 2 Click on Stacking to display the stacking configuration for an individual switch and make any configuration changes you want for that switch 3 Click on Apply Changes to save any configuratio...

Page 264: ...nd the Member Commander Up The Member has stacking connectivity with the Commander None required Mismatch This may be a temporary condition while a Candidate is trying to join a stack If the Candidate does not join then stack configuration is inconsistent Initially waitforanupdate Ifcondi tion persists reconfigure the Commander or the Member Member Down A Member has become detached from the stack ...

Page 265: ...2 14 2 19 5 9 spanning tree protocol 5 10 VLAN 2 3 copyright 1 ii CoS See Class of Service D data driven IGMP 4 15 dedicated management VLAN 2 6 DHCP gateway ignored 2 7 disclaimer 1 ii domain 2 14 2 19 downstream device QoS definition 6 6 effect of priority settings 6 9 DSCP Policy Table 6 59 policy defined 6 6 See also priority E Exclude Source See IGMP F filters effect of IGMP 4 23 maximum allo...

Page 266: ...rs 4 23 Exclude Source 4 13 Fast Leave 4 14 forced fast leave 4 17 high priority forwarding 4 5 Include Source 4 13 IP multicast address range 4 23 leave group 4 12 maximum address count 4 23 multicast group 4 11 multimedia 4 3 operation 4 11 4 12 port states 4 5 query 4 11 report 4 12 status 4 12 supported standards and RFCs 4 13 traffic 4 5 Version 3 4 13 inbound port QoS definition 6 6 Include ...

Page 267: ...minating 6 46 VLAN ID priority 6 46 6 52 priority QoS device priority screen 6 27 IP address source and destination match 6 28 publication data 1 ii Q Quality of Service basic operation 6 7 configuring 6 13 6 18 configuring IP type of service 6 33 criteria for prioritizing outbound packets 6 9 definitions of terms 6 6 device priority screen 6 27 DSCP Policy Table 6 59 GVRP not supported 6 46 no ov...

Page 268: ...tion BPDU port protection 5 26 configuration exchanging 5 38 configuration MST instance 5 32 configuration MSTI per port 5 35 configuration port 5 22 CST 5 7 5 11 5 13 CST and legacy devices 5 11 CST view status 5 40 5 41 default configuration 5 9 designated bridge 5 11 5 13 designated port 5 11 disabling MSTP 5 38 display statistics and configuration 5 40 dynamic VLANs disallowed 5 8 edge port 5 ...

Page 269: ...h 5 13 regional root switch configuration 5 14 regions communication between 5 14 root bridge 5 7 root bridge per instance 5 11 root bridge per region 5 12 root port per instance 5 11 root switch instance 5 33 root switch IST instance 5 8 5 13 root switch MST instance 5 14 root switch regional 5 13 5 14 root CIST 5 22 root IST 5 13 root MSTI 5 10 routed traffic in a region 5 11 RSTP as a region 5 ...

Page 270: ...on port 2 28 notes on using 2 9 number allowed including dynamic 2 17 port assignment 2 17 port configuration 2 29 port monitoring 2 36 port restriction 2 36 port trunk 2 35 primary 2 7 7 10 7 35 7 47 primary VLAN 2 6 primary CLI command 2 20 2 22 primary select in menu 2 14 primary web configure 2 25 primary with DHCP 2 9 prioritizing traffic from with QoS 6 46 6 52 restrictions 2 36 See also GVR...

Page 271: ......

Page 272: ...t to change without notice Copyright 2007 Hewlett Packard Development Company L P Reproduction adaptation or translation without prior written permission is prohibited except as allowed under the copyright laws July 2007 Manual Part Number 5991 4733 ...

Reviews: