manualshive.com logo in svg

HP ProCurve 6108, Management And Configuration Manual

The HP ProCurve 6108 Access Security Manual is an essential resource for users of this powerful networking device. It provides comprehensive instructions and guidelines to ensure secure access to your network. Get your free download of this manual at manualshive.com, your go-to source for user manuals.

Share
Download
background image

Configuring for Network Management Applications 

CDP 

and “E” are 

not

 neighbors because the intervening CDP-disabled switch “D” 

does not forward CDP packets; i.e. is not transparent to CDP traffic. (For the 
same reason, switch “E” does not have any CDP neighbors.) 

CDP 

Switch "A" 

(CDP Running) 

CDP Neighbor Table 

Port  |  Data 

-------|--------------------

A1

 | 

Host 1 data 

A1 

|

 Host 2 data 

A1 

|

 Host 3 data 

A2 

|

 Switch "B" data 

CDP 

Workstation "1" 

(Host 1) 

(CDP Running)

Non-CDP Device "X" 

Such as a Non-CDP 

Hub or Switch 

CDP 

Workstation "2" 

(Host 2) 

(CDP Running)

Non-CDP Device "Y" 

Such as a Non-CDP 

Hub or Switch 

CDP 

Workstation "3" 

(Host 3) 

(CDP Running) 

CDP 

Switch "B" 

(CDP Running) 

CDP Neighbor Table 

Port  |  Data 

-------|--------------------

B1

 | 

Switch "A" data 

B7

 | 

Switch "C" data 

No CDP data for Switch 

"D"  because it has dis

abled CDP operation. 

Port A1 

Port B1 

CDP 

Switch "C" 

(CDP Running) 

CDP Neighbor Table 

Port  |  Data 

-------|--------------------

C3

 | 

Switch "B" data 

Port C3 

Port B7 

CDP-Disabled 

Switch "D" 

(No CDP Neighbor Table) 

This switch drops CDP packets. 

CDP 

Switch "E" 

(CDP Running) 

CDP Neighbor Table 

Empty-No CDP 

Neighbors 

Port A2 

Port D3 

Port D17 

Port E1 

"A", "1", "2", and "3" are CDP neighbors. 
"A" and "B" are CDP neighbors. 
"B" and "C" are CDP neighbors. 

Because "D" is CDP-capable, but has 
disabled CDP, it is not a CDP neighbor 
to either "B" or "E". 

Port B5 

Figure 11-12.  Example of Incoming CDP Packet Results 

11-28

Summary of Contents for ProCurve 6108

Page 1: ...Management and Configuration Guide www hp com go hpprocurve HP ProCurve Series 4100GL Switches Series 2600 Switches Switch 6108 ...

Page 2: ......

Page 3: ...HP ProCurve Series 4100GL Switches Series 2600 Switches Switch 6108 Management and Configuration Guide May 2003 ...

Page 4: ...tt Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing performance or use of this material Hewlett Packard Company shall not be liable for technical or editorial errors or omissions contained herein The information is provided as is without warranty of any kind and is subject to change without notice The warranties fo...

Page 5: ...es 1 4 Related Publications 1 4 Getting Documentation From the Web 1 6 Sources for More Information 1 7 Need Only a Quick Start 1 8 2 Selecting a Management Interface Contents 2 1 Overview 2 2 Understanding Management Interfaces 2 2 Advantages of Using the Menu Interface 2 3 Advantages of Using the CLI 2 4 Advantages of Using the HP Web Browser Interface 2 5 Advantages of Using HP TopTools for Hub...

Page 6: ...ntents 4 1 Overview 4 2 Accessing the CLI 4 2 Using the CLI 4 2 Privilege Levels at Logon 4 3 Privilege Level Operation 4 4 How To Move Between Levels 4 7 Listing Commands and Command Options 4 8 Displaying CLI Help 4 11 Configuration Commands and the Context Configuration Modes 4 13 CLI Control and Editing 4 16 5 Using the HP Web Browser Interface Contents 5 1 Overview 5 2 General Features 5 3 St...

Page 7: ...g 5 19 The Status Bar 5 22 Setting Fault Detection Policy 5 23 6 Switch Memory and Configuration Contents 6 1 Overview 6 2 Overview of Configuration File Management 6 2 Using the CLI To Implement Configuration Changes 6 5 Using the Menu and Web Browser Interfaces To Implement Configuration Changes 6 8 Configuration Changes Using the Menu Interface 6 8 Configuration Changes Using the Web Browser In...

Page 8: ... Friendly Port Names 7 15 Configuring Friendly Port Names 7 16 Displaying Friendly Port Names with Other Port Data 7 18 8 Configuring IP Addressing Contents 8 1 Overview 8 2 IP Configuration 8 3 Just Want a Quick Start with IP Addressing 8 4 IP Addressing with Multiple VLANs 8 4 IP Addressing in a Stacking Environment 8 5 Menu Configuring IP Address Gateway and Time To Live TTL 8 5 CLI Configuring...

Page 9: ...figuring TimeP 9 16 SNTP Unicast Time Polling with Multiple SNTP Servers 9 21 Address Prioritization 9 22 Adding and Deleting SNTP Server Addresses 9 22 Menu Interface Operation with Multiple SNTP Server Addresses Configured 9 24 SNTP Messages in the Event Log 9 24 10 Optimizing Traffic Flow with Port Controls Port Trunking and Port Based Priority Contents 10 1 Overview 10 2 Viewing Port Status an...

Page 10: ...ng Rules for Port Based Priority 10 36 Configuring and Viewing Port Based Priority 10 37 Messages Related to Prioritization 10 38 Troubleshooting Prioritization 10 38 11 Configuring for Network Management Applications Contents 11 1 Using SNMP Tools To Manage the Switch 11 2 Overview 11 2 SNMP Management Features 11 2 Configuring for SNMP Access to the Switch 11 3 Configuring for SNMP Version 3 Acc...

Page 11: ...n Outbound CDP Packets 11 36 CDP Neighbor Data and MIB Objects 11 37 Operating Notes 11 39 12 Port Based Virtual LANs VLANs and GVRP Contents 12 1 Overview 12 2 Port Based Virtual LANs Static VLANs 12 3 Overview of Using VLANs 12 6 VLAN Support and the Default VLAN 12 6 The Primary VLAN 12 6 Per Port Static VLAN Configuration Options 12 8 General Steps for Using VLANs 12 9 VLAN Operating Notes 12 ...

Page 12: ...and Features 13 3 IGMP Terms 13 4 IGMP Operating Features 13 5 CLI Configuring and Displaying IGMP 13 6 Web Enabling or Disabling IGMP 13 11 How IGMP Operates 13 11 Operation With or Without IP Addressing 13 13 Automatic Fast Leave IGMP 13 13 Forced Fast Leave IGMP 13 15 Configuring Per Port Forced Fast Leave IGMP 13 18 Using the Switch as Querier 13 19 Excluding Well Known or Reserved Multicast A...

Page 13: ... Menu Configuring 802 1D STP 14 18 CLI Configuring 802 1D STP 14 21 STP Fast Mode 14 25 Fast Uplink Spanning Tree Protocol STP 14 26 Terminology 14 28 Operating Rules for Fast Uplink 14 29 Menu Viewing and Configuring Fast Uplink STP 14 30 CLI Viewing and Configuring Fast Uplink STP 14 36 Operating Notes 14 39 Web Enabling or Disabling STP 14 40 15 HP ProCurve Stack Management Contents 15 1 Overvi...

Page 14: ...tatus and Configure Stacking 15 29 SNMP Community Operation in a Stack 15 43 Using the CLI To Disable or Re Enable Stacking 15 44 Transmission Interval 15 44 Stacking Operation with Multiple VLANs Configured 15 44 Web Viewing and Configuring Stacking 15 45 Status Messages 15 46 16 IP Routing Features Contents 16 1 Overview of IP Routing 16 2 IP Interfaces 16 2 IP Tables and Caches 16 3 IP Global P...

Page 15: ...e Download Rules A 3 Using TFTP To Download Switch Software from a Server A 3 Menu TFTP Download from a Server to Primary Flash A 4 CLI TFTP Download from a Server to Primary or Secondary Flash A 6 Using Xmodem to Download Switch Software From a PC or UNIX Workstation A 7 Menu Xmodem Download to Primary Flash A 7 CLI Xmodem Download from a PC or Unix Workstation to Primary or Secondary Flash A 8 S...

Page 16: ... Viewing the Switch s MAC Address Tables B 12 Spanning Tree Protocol STP Information B 17 Internet Group Management Protocol IGMP Status B 19 VLAN Information B 20 Web Browser Interface Status Information B 22 Port and Static Trunk Monitoring Features B 23 Menu Configuring Port and Static Trunk Monitoring B 24 CLI Configuring Port and Static Trunk Monitoring B 26 Web Configuring Port Monitoring B ...

Page 17: ...roblems C 16 TimeP SNTP or Gateway Problems C 18 VLAN Related Problems C 18 Using Logging To Identify Problem Sources C 21 Event Log Operation C 21 Debug and Syslog Operation C 25 Diagnostic Tools C 31 Port Auto Negotiation C 31 Ping and Link Tests C 32 Displaying the Configuration File C 36 CLI Administrative and Troubleshooting Commands C 39 Restoring the Factory Default Configuration C 40 Resto...

Page 18: ... This page is intentionally blank xvi ...

Page 19: ...ptions 1 2 Conventions 1 3 Command Syntax Statements 1 3 Command Prompts 1 3 Screen Simulations 1 4 Port Identity Convention for Examples 1 4 Related Publications 1 4 Getting Documentation From the Web 1 6 Sources for More Information 1 7 Need Only a Quick Start 1 8 1 1 ...

Page 20: ...tch operation A troubleshooting chapter is also included For information onother productdocumentation for the above switches refer to Related Publications on page 1 4 The Product Documentation CD ROM shipped with the switch includes a copy of this guide You can also download a copy from the HP ProCurve website http www hp com go hpprocurve See GettingDocumentationFrom the Web on page 1 6 About the...

Page 21: ...ed element in general text For example Use the copy tftp command to download the key from a TFTP server Italics indicate variables for which you must supply a value when executing the command For example in this command syntax port list indicates that you must provide one or more port numbers Syntax aaa port access authenticator port list Command Prompts In the default configuration your switch di...

Page 22: ...qually to the stackable switches which typically use only numbers such as 1 3 5 15 etc for port identities Related Publications Read Me First The Read Me First shipped with your switch provides soft ware update information product notes and other information A printed copy is shipped with your switch For the latest version refer to Getting Documentation From the Web on page 1 6 Installation and Ge...

Page 23: ...stem for the 5300XL switches HP provides a PDF version of this guide on the Product Documentation CD ROM shipped with the switch You can also download a copy from the HP ProCurve website See Getting Documentation From the Web on page 1 6 Release Notes Release notes are posted on the HP ProCurve website and provide information on new software updates New features and how to configure and use them S...

Page 24: ...on From the Web 1 Go to the HP ProCurve website at http www hp com go hpprocurve 2 Click on technical support 3 Click on manuals 4 Click on the product for which you want to view or download a manual 2 3 4 Figure 1 2 Finding Product Manuals on the HP ProCurve Website 1 6 ...

Page 25: ...LI type the command name followed by help For example Figure 1 4 Getting Help in the CLI If you need information on specific features in the HP Web Browser Interface hereafter referred to as the web browser interface use the online help available for the web browser interface For more information on web browser Help options refer to Online Help for the HP Web Browser Interface on page 5 11 If you ...

Page 26: ...Getting Started Guide you received with the switch To Set Up and Install the Switch in Your Network Important Use the Installation and Getting Started Guide shipped with your switch for the following Notes cautions and warnings related to installing and using the switch and its related modules Instructions for physically installing the switch in your network Quickly assigning an IP address and sub...

Page 27: ...nts Overview 2 2 Understanding Management Interfaces 2 2 Advantages of Using the Menu Interface 2 3 Advantages of Using the CLI 2 4 Advantages of Using the HP Web Browser Interface 2 5 Advantages of Using HP TopTools for Hubs Switches 2 6 2 1 ...

Page 28: ...rer page 2 5 HP TopTools for Hubs Switches an easy to use browser based network management tool that works with HP proactive networking features built into managed HP hubs and switches This manual describes how to use the menu interface chapter 3 the CLI chapter 4 the web browser interface chapter 5 and how to use these interfaces to configure and monitor the switch For information on how to acces...

Page 29: ...menu interface also provides access for Setup screen Switch and port statistic and counter Event Log display displays Switch and port Reboots status displays Software downloads Offers out of band access through the RS 232 connection to the switch so network bottlenecks crashes lack of configured or correct IP address and network downtime do not slow or prevent access Enables Telnet in band access ...

Page 30: ...uick detailed system configuration and management access to system operators and administrators experienced in command prompt interfaces Provides help at each level for determining available options and vari ables CLI Usage For information on how to use the CLI refer to chapter 3 Using the Command Line Interface CLI To perform specific procedures such as configuring IP addressing or VLANs use the ...

Page 31: ...iliar browser interface locations of window objects consistent with commonly used browsers uses mouse clicking for navigation no terminal setup Many features have all their fields in one screen so you can view all values at once More visual cues using colors status bars device icons and other graphical objects instead of relying solely on alphanumeric values Display of acceptable ranges of values ...

Page 32: ...bs and switches and proactively recommend network changestoincrease networkuptimeandoptimize performance Easytoinstall and use HP TopTools for Hubs Switches is the answer to your management challenges Figure 2 4 Example of HP TopTools Home Page Not e Although TopTools recognizes the Switch 2626 as an SNMP device custom ized device management is not supported for the Switch 2626 in HP TopTools for ...

Page 33: ...ork management PC including identity and status informa tion port counters port on off capability sensitivity thresholds for traps IP and security configuration device configuration report and other device features Enables policy based management through the Quality of Service feature QoS to establish traffic priority policies for controlling and improving throughput across all the HP switches in ...

Page 34: ...Selecting a Management Interface Advantages of Using HP TopTools for Hubs Switches This page is intentionally unused 2 8 ...

Page 35: ...ng and Ending a Menu Session 3 3 How To Start a Menu Interface Session 3 4 How To End a Menu Session and Exit from the Console 3 5 Main Menu Features 3 7 Screen Structure and Navigation 3 9 Rebooting the Switch 3 12 Menu Features List 3 14 Where To Go From Here 3 15 3 1 ...

Page 36: ...nt Spanning Tree operation SNMP community names IP authorized managers VLANs Virtual LANs and GVRP View status counters and Event Log information Update switch software Reboot the switch For a detailed list of menu features see the Menu Features List on page 3 14 Privilege Levels and Password Security HP strongly recommends that you configure a Manager password to help prevent unauthorized access ...

Page 37: ...witch interface overwrites earlier changes made through any other interface The Menu Interface and the CLI Command Line Interface both use the switch console To enter the menu from the CLI use the menu command To enter the CLI from the Menu interface select Command Line CLI option Starting and Ending a Menu Session You can access the menu interface using any of the following A direct serial connec...

Page 38: ...If you are using a PC terminal emulator or a terminal press Enter one or more times until a prompt appears 3 When the switch screen appears do one of the following If a password has been configured the password prompt appears Password _ Type the Manager password and press Enter Entering the Manager password gives you manager level access to the switch Entering the Operator password gives you opera...

Page 39: ...or more infor mation see the Installation and Getting Started Guide you received with the switch How To End a Menu Session and Exit from the Console The method for ending a menu session and exiting from the console depends on whether during the session you made any changes to the switch configu ration that require a switch reboot to activate Most changes via the menu interface need only a Save and...

Page 40: ...inal program turn off the terminal or quit the Telnet session 2 If you have made configuration changes that require a switch reboot thatis if anasterisk appearsnexttoaconfigureditemornexttoSwitch Configuration in the Main Menu a Return to the Main Menu b Press 6 to select Reboot Switch and follow the instructions on the reboot screen Rebooting the switch terminates the menu session and if you are ...

Page 41: ...isplaying and changing the current configuration settings See the Con tents listing at the front of this manual For a listing of features and parameters configurable through the menu interface see the Menu Fea tures List on page 3 14 Console Passwords Provides access to the screen used to set or change Manager level and Operator level passwords and to delete Manager and Operator password protectio...

Page 42: ...e 6 10 Download OS Enables you to download a new software version to the switch See Appendix A File Transfers Run Setup Displays the Switch Setup screen for quickly configuring basic switch parameters such as IP addressing default gateway logon default interface spanning tree and others See the Installation and Getting Started guide shipped with your switch Stacking Enables you to use a single IP ...

Page 43: ...nstructions Actions line Screentitle identifies the location within the menu structure Figure 3 4 Elements of the Screen Structure Forms Design The configuration screens in particular operate similarly to a number of PC applications that use forms for data entry When you first enter these screens you see the current configuration for the item you have selected To change the configuration the basic...

Page 44: ...er parameter value return to step 3 6 If you are finished editing parameters in the displayed screen press Enter to return to the Actions line and do one of the following To save and activate configuration changes press S for the Save action This saves the changes in the startup configuration and also implements the change in the currently running configuration See Chapter 6 Switch Memory and Conf...

Page 45: ...of the screen Highlight on any item in the Actions line indicates that the Actions line is active The Help line provides a brief descriptor of the highlighted Action item or parameter Figure 3 5 Example Showing How To Display Help To get Help on the actions or data fields in each screen Use the arrow keys or v to select an action or data field The help line under the Actions items describes the cu...

Page 46: ...re a reboot Resets statistical counters to zero Note that statistical counters can be reset to zero without rebooting the switch To Reboot the switch use the Reboot Switch option in the Main Menu Note that the Reboot Switch option is not available if you log on in Operator mode that is if you enter an Operator password instead of a manager password at the password prompt Reboot Switch option Figur...

Page 47: ...um VLANs to support parameter an asterisk appears next to the VLAN Support entry in the VLAN Menu screen below and alsonext to theSwitchConfiguration entry in the Main Menu as shown in figure 3 2 on page 3 6 Reminder to reboot the switch to activate configuration changes Asterisk indicates a configuration change that requires a reboot in order to take effect Figure 3 7 Indication of a Configuratio...

Page 48: ... Configuration System Information Port Trunk Settings Network Monitoring Port Spanning Tree Operation IP Configuration SNMP Community Names IP authorized Managers VLAN Menu Console Passwords Event Log Command Line CLI Reboot Switch Download OS Run Setup Stacking Stacking Status This Switch Stacking Status All Stack Configuration Stack Management Available in Stack Commander Only Stack Access Avail...

Page 49: ...tures To learn how to use the Event Log To learn how the CLI operates To download software the OS For a description of how switch memory handles configuration changes For information on other switch features and how to configure them RefertotheInstallationandGettingStartedGuide shipped with the switch Chapter 15 HP ProCurve Stack Management Appendix B Monitoring and Analyzing Switch Operation Refe...

Page 50: ...Using the Menu Interface Where To Go From Here This page is intentionally unused 3 16 ...

Page 51: ...Level Operation 4 4 Operator Privileges 4 4 Manager Privileges 4 5 How To Move Between Levels 4 7 Listing Commands and Command Options 4 8 Listing Commands Available at Any Privilege Level 4 8 Command Option Displays 4 10 Displaying CLI Help 4 11 Configuration Commands and the Context Configuration Modes 4 13 CLI Control and Editing 4 16 4 1 ...

Page 52: ...ng a terminal device to the switch or in band by using Telnet either from a terminal device or through the web browser interface Also if you are using the menu interface you can access the CLI by selecting the Command Line CLI option in the Main Menu Using the CLI The CLI offers these privilege levels to help protect the switch from unautho rized access 1 Operator 2 Manager 3 Global Configuration ...

Page 53: ...rd Without a Manager password configured anyone having serial port Telnet or web browser access to the switch can reach all CLI levels For more on setting passwords refer to the local manager and operator password chapter in the Access Security Guide for your switch When you use the CLI to log on to the switch and passwords are set you will be prompted to enter a password For example Password Prom...

Page 54: ...nded that you protect the switch from physical access by unauthorized persons If you are concerned about switch security and operation you should install the switch in a secure location such as a locked wiring closet Privilege Level Operation 2 Manager Level 3 Global Configuration Operator Privileges Manager Privileges 1 Operator Level 4 Context Configuration Level Figure 4 2 Access Sequence for P...

Page 55: ...changes to any of the switch s software features The prompt for the Global Configuration level includes the system name and config To select this level enter the config command at the Manager prompt For example HPswitch _ Enter config at the Manager prompt HPswitch config _The Global Config prompt Context Configuration level Provides all Operator and Manager privileges and enables you to make conf...

Page 56: ... the CLI interface to the menu interface Exit from the CLI interface and terminate the console session Terminate the current session same as logout Manager Privilege Manager HPswitch Perform system level actions such as system control monitoring Level and diagnostic commands plus any of the Operator level commands For a list of available commands enter at the prompt Global Configuration Level HPsw...

Page 57: ... HPswitch config HPswitch config vlan 10 HPswitch vlan 10 HPswitch vlan 10 interface e 3 HPswitch int 3 The CLI accepts e as the abbreviated form of ethernet HPswitch int 3 exit HPswitch config exit HPswitch exit HPswitch HPswitch int 3 end HPswitch or HPswitch config end HPswitch Moving Between the CLI and the Menu Interface When moving between interfaces the switch retains the current privilege ...

Page 58: ...s At any privilege level you can List all of the commands available at that level List the options for a specific command Listing Commands Available at Any Privilege Level At a given privilege level you can list and execute the commands that level offers plus all of the commands available at preceding levels For example at the Operator level you can list and execute only the Operator level command...

Page 59: ...t Configuration level produces similar results In a particular context level the first block of command in the listing are the commands that are most relevant to the current context Use Tab To Search for or Complete a Command Word You can use Tab to help you find CLI commands or to quickly complete the current word in a command To do so type one or more consecutive characters in a command and then...

Page 60: ...Pressing Tab after a completed command word lists the further options for that command HPswitch config stack Tab commander commander str join mac addr auto join transmission interval integer cr HPswitch config stack Command Option Displays Conventions for Command Option Displays When you use the CLI to listoptionsfor aparticular command youwillsee one ormore ofthefollowing conventions to help you ...

Page 61: ...ng CLI Help CLI Help provides two types of context sensitive information Command list with a brief summary of each command s purpose Detailed information on how to use individual commands Displaying Command List Help You can display a listing of command Help summaries for all commands available at the current privilege level That is when you are at the Operator level you can display the Help summa...

Page 62: ...h of the command string to identify the command along with help Syntax command string help For example to list the Help for the interface command in the Global Configuration privilege level Figure 4 7 Example of How To Display Help for a Specific Command A similar action lists the Help showing additional parameter options for a given command The following example illustrates how to list the Help f...

Page 63: ...guration mode or in selected context modes However using a context mode enables you to execute context specific commands faster with shorter command strings The configuration options include interface port or trunk group and VLAN context modes Port or Trunk Group Context Includes port or trunk specific commands that apply only to the selected port s or trunk group plus the global configuration Man...

Page 64: ...ontext plus the Manager Operator and contextcommandsyoucan execute at this level In the port context the first block of commands in the listingshow thecontext specificcommandsthatwillaffect only ports C3 C6 The remaining commands in the listing are Manager Operator and context commands Figure 4 9 Context Specific Commands Affecting Port Context 4 14 ...

Page 65: ...ig vlan 100 Command executed at configura tion level to enter VLAN 100 context HPswitch vlan 100 Resulting prompt showing VLAN 100 context HPswitch vlan 100 Lists commandsyoucanusein the VLAN context plus Manager Oper ator and context commands you can execute at this level In the VLAN context the first block of commands in the listing show the commandsthat will affect only vlan 100 The remaining c...

Page 66: ...racter Ctrl K Deletes from the cursor to the end of the command line Ctrl L or Ctrl R Repeats current command line on a new line Ctrl N or v Enters the next command line in the history buffer Ctrl P or Enters the previous command line in the history buffer Ctrl U or Ctrl X Deletes from the cursor to the beginning of the command line Ctrl W Deletes the last word typed Esc B Moves the cursor backwar...

Page 67: ...First HP Web Browser Interface Session 5 7 Viewing the First Time Install Window 5 7 Creating Usernames and Passwords in the Browser Interface 5 8 Online Help for the HP Web Browser Interface 5 11 Support Mgmt URLs Feature 5 12 Support URL 5 13 Help and the Management Server URL 5 13 Status Reporting Features 5 15 The Overview Window 5 15 The Port Utilization and Status Displays 5 16 The Alert Log...

Page 68: ...r interface session page 5 7 Creating usernames and passwords in the web browser interface page 5 8 Selecting the fault detection configuration for the Alert Log operation page 5 23 Getting access to online help for the web browser interface page 5 11 Description of the web browser interface Overview window and tabs page 5 15 Port Utilization and Status displays page 5 16 Alert Log and Alert types...

Page 69: ...AN Fault detection Port monitoring mirroring System information Enable Disable Multicast Filtering IGMP and Spanning Tree IP Stacking Support and management URLs Switch Security Usernames and passwords Switch Diagnostics Ping Link Test Device reset Configuration report Switch status Port utilization Port counters Port status Alert log Switch system information listing 5 3 ...

Page 70: ... Web Browser in a PC or UNIX Workstation This procedure assumes that you have a supported web browser installed on your PC or workstation and that an IP address has been configured on the switch For more on assigning an IP address refer to IP Configuration on page 8 3 1 Make sure the JavaTM applets are enabled for your browser If they are not use the options menu in your browser to do the followin...

Page 71: ...er to the information provided with HP TopTools for Hubs Switches Not e Although TopTools recognizes the Switch 2626 as an SNMP device custom ized device management is not supported for the Switch 2626 in HP TopTools for hubs and switches This procedure assumes that Youhave installedtherecommendedwebbrowser onaPC orworkstation that serves as your network management station The networked device you...

Page 72: ...Overview window displayed for the selected device as shown in figure 5 1 Not e If the Registration window appears click on the Status tab Alert Log First Time Install Alert Figure 5 1 Example of Status Overview Screen Not e The above screen appears somewhat different if the switch is configured as a stack Commander For an example see figure 2 3 on page 2 5 5 6 ...

Page 73: ...stall Window When you access the switch s web browser interface for the first time the Alert log contains a First Time Install alert as shown in figure 5 2 This gives you information about first time installations and provides an immediate opportunity to set passwords for security and to specify a Fault Detection policy which determines the types of messages that will be displayed in the Alert Log...

Page 74: ...y click on select the fault detection configuration in the second bullet in the window and go to the section Setting Fault Detection Policy on page 5 23 You can also access the password screen by clicking on the Configuration tab and then Fault Detection button Creating Usernames and Passwords in the Browser Interface You may want to create both a username and password to create access security fo...

Page 75: ...ll event entry double click on this event then in the resulting display click on the secure access to the device link Select the Security tab 2 Click in the appropriate box in the Device Passwords window and enter user names and passwords You will be required to repeat the password strings in the confirmation boxes Both the user names and passwords can be up to 16 printable ASCII characters 3 Clic...

Page 76: ...ss to all switch interfaces Once set you will be prompted to supply the password every time you try to access the switch through any of its interfaces The password you enter determines the capability you have during that session Entering the manager password gives you full read write capabilities Entering the operator password gives you read and limited write capabil ities Using the User Names If ...

Page 77: ...installed in a secure location such as a locked wiring closet Online Help for the HP Web Browser Interface Online Help is available for the web browser interface You can use it by clicking on the question mark button in the upper right corner of any of the web browser interface screens The Help Button Figure 5 5 The Help Button Context sensitive help is provided for the screen you are on Not e If ...

Page 78: ...etup theURL ofa networkmanagementstationrunning HP TopTools for Hubs Switches 3 Enter URLs for the support information source you want the switch to access when you click on the web browser interface Support tab the default is HP s ProCurve network products World Wide Web home page the URL of the network Management server or other source of the online help files for this web browser inter face The...

Page 79: ...he world wide web n The URL of a network management station running HP TopTools for Hubs Switches Providing Online Help The Help files are automatically available if you install HP TopTools for Hubs Switches on your network or if you already have Internet access to the World Wide Web The Help files are included with HP TopTools for Hubs Switches and are also automatically available from HP via the...

Page 80: ...ing URL in the Management Server URL field shown in figure 5 7 on page 5 14 http www hp com rnd device_help Enter IP address of HP TopTools network management station or URL of location of help files on HP s World Wide Web site here Figure 5 7 How To Access Web Browser Interface Online Help Policy Management and Configuration HP Top Tools for Hubs Switches can perform network wide policy managemen...

Page 81: ... page 5 19 The Status bar page 5 22 The Overview Window The Overview Window is the home screen for any entry into the web browser interface The following figure identifies the various parts of the screen Alert Log Control Bar Port Utiliza tion Graphs page 5 16 Active Tab Active Button Alert Log page 5 19 Port Status Indicators page 5 18 Button Bar Tab Bar Status Bar page 5 22 Figure 5 8 The Overvi...

Page 82: ...lor on many systems can signify either transmitted or received traffic Non Unicast Pkts Rx All multicast and broadcast traffic received by the port This indicator a gold color on many systems enables you to know at a glance the source of any non unicast traffic that is causing high utilization of the switch For example if one port is receiving heavy broadcast or multicast traffic all ports will be...

Page 83: ...lickonthebandwidthdisplaycontrolbuttonintheupperleftcorner of the graph The button shows the current scale setting such as 40 In the resulting menu select the bandwidth scale you want the graph to show 3 10 25 40 75 or 100 as shown in figure figure 5 10 Note that when viewing activity on a gigabit port you may want to select a lower value such as 3 or 10 This is because the bandwidth utilization o...

Page 84: ...cted to an active network device A cable may not be connected to the port or the device at the other end may be powered off or inoperable or the cable or connected device could be faulty Port Disabled the port has been configured as disabled through the web browser interface the switch console or SNMP network manage ment Port Fault Disabled a fault condition has occurred on the port that has cause...

Page 85: ... date and time the event was received by the web browser interface This value is shown in the format DD MM YY HH MM SS AM PM for example 16 Sep 99 7 58 44 AM Description A short narrative statement that describes the event For example Excessive CRC Alignment errors on port 8 Sorting the Alert Log Entries The alerts are sorted by default by the Date Time field with the most recent alert listed at t...

Page 86: ...unctioning NIC NIC driver or transceiver Excessive late collisions Late collisions collisions detected after transmitting 64 bytes have been detected on this port Possible causes include An overextended LAN topology Duplex mismatch full duplex configured on one end of the link half duplex configured on the other A misconfigured or faulty device connected to the port High collision or drop rate A l...

Page 87: ...tail View or separate window detailing information about the events The Detail View contains a description of the problem and a possible solution It also provides four management buttons Acknowledge Event removes the New symbol from the log entry Delete Event removes the alert from the Alert Log Cancel Button closes the detail view with no change to the status of the alert and returns you to the O...

Page 88: ... as shown in the following table Table 5 2 Status Indicator Key Color Switch Status Status Indicator Shape Blue Normal Activity First time installation information available in the Alert log Green Normal Activity Yellow Warning Red Critical System Name The name you have configured for the switch by using Identity screen system name command or the switch console System Information screen Most Criti...

Page 89: ...lerts reported to the Alert Log based on their level of severity Set this policy in the Fault Detection window figure 5 16 Figure 5 16 The Fault Detection Window The Fault Detection screen contains a list box for setting fault detection and response policy You set the sensitivity level at which a network problem should generate an alert and send it to the Alert Log To provide the most information ...

Page 90: ...ot of problems and you want to be informed of only the most severe ones Never Disables the Alert Log and transmission of alerts traps to the management server in cases where a network management tool such as HP TopTools for Hubs Switches is in use Use this option when you don t want to use the Alert Log The Fault Detection Window also contains three Change Control Buttons Apply Changes This button...

Page 91: ...ation Changes 6 8 Configuration Changes Using the Menu Interface 6 8 Using Save and Cancel in the Menu Interface 6 9 Rebooting from the Menu Interface 6 10 Configuration Changes Using the Web Browser Interface 6 11 Using Primary and Secondary Flash Image Options 6 12 Displaying the Current Flash Image Data 6 12 OS Downloads 6 14 Local OS Replacement and Removal 6 15 Rebooting the Switch 6 17 Opera...

Page 92: ...ment The switch maintains two configuration files the running config file and the startup config file Running Config File Controls switch operation When the switch reboots the contents of this file are erased and replaced by the contents of the startup config file Startup Config File Preserves the most recently saved configuration through any subsequent reboot Volatile Memory Flash Non Volatile Me...

Page 93: ...e or more changes to the running config file creates a new operating configuration Saving a new configurationmeans tooverwrite replace thecurrentstartup config file with the current running config file This means that if the switch subsequently reboots for any reason it will resume operation using the new configuration insteadof theconfigurationpreviously defined in the startup config file There a...

Page 94: ... save the change to the startup config file then the switch prompts you to save the change For example if you use the CLI to create VLAN 20 and then select the menu interface VLAN 20 is configured in the running config file but not in the startup config file In this case you will see HPswitch config vlan 20 HPswitch config menu Do you want to save current configuration y n If you type Y the switch...

Page 95: ...sting of the current running config file show config status Compares the startup config file to the running config file and lists one of the following results If the two configurations are the same you will see Running configuration is the same as the startup configuration If the two configurations are different you will see Running configuration has been changed and needs to be saved Not e Show c...

Page 96: ...guration the startup config file by executing the following command HPswitch config write memory The new mode auto 10 on port A5 is now saved in the startup config file and the startup config and running config files are identical If you subsequently reboot the switch the auto 10 mode configuration on port A5 will remain because it is included in the startup config file How To Cancel Changes You H...

Page 97: ...nning config file and will update the running config file to match the startup config file Not e If you use the CLI to make a change to the running config file you should either use the write memory command or select the save option allowed during a reboot figure 6 2 above to save the change to the startup config file That is if you use the CLI to change a parameter setting but then reboot the swi...

Page 98: ...current configuration and prevent a reboot Using the Menu and Web Browser Interfaces To Implement Configuration Changes The menu and web browser interfaces offer these advantages Quick easy menu or window access to a subset of switch configuration features See the Menu Features List on page 3 14 and the web browser General Features list on page Viewing several related configuration parameters in t...

Page 99: ...plements the changes in the running config file 2 Saves your changes to the startup config file If you decide not to save and implement the changes in the screen select Cancel to discard them and continue switch operation with the current oper ation For example suppose you have made the changes shown below in the System Information screen To save and implement the changes for all parameters in thi...

Page 100: ...fore rebooting the switch Rebooting from the Menu Interface Terminates the current session and performs a reset of the operating system Activates any configuration changes that require a reboot Resets statistical counters to zero Note that statistical counters can be reset to zero without rebooting the switch See Displaying Port Counters on To Display the Port Counter Summary Report on page B 11 T...

Page 101: ... screen and also next to the Switch Configuration entry in the Main menu as shown in figure 4 6 Reminder to reboot the switch to activate configuration changes Asterisk indicates a configuration change that requires a reboot in order to take effect Figure 6 6 Indication of a Configuration Change Requiring a Reboot Configuration Changes Using the Web Browser Interface You can use the web browser in...

Page 102: ...alysis and place another proven image in Primary flash to run your system The switch can use only one image at a time The following tasks involve primary secondary flash options Displaying the current flash image data and determining which OS ver sions are available OS downloads Local OS replacement and removal erasing System booting Displaying the Current Flash Image Data Use the commands in this...

Page 103: ...lash image and the switch is running on the version stored in the secondary flash image The unequal code size and differing dates indicate two differentversionsof the OS software Figure 6 8 Example Showing Different Flash Image Versions Determining Which Flash Image Versions Are Installed The show ver sion command displays which software version the switch is currently running and whether that ver...

Page 104: ...ownload to Primary Yes Yes Yes Yes Download to Secondary No Yes No Yes Boot from Primary Yes Yes Yes Yes Boot from Secondary No Yes No Yes The different OS download options involve different copy commands plus xmodem and tftp These topics are covered in Appendix A File Transfers Download Interruptions In most cases if a power failure or other cause interrupts a flash image download the switch rebo...

Page 105: ...s the file in the destination location with a copy of the file from the source location This means you do not have to erase the current image at the destination location before copying in a new image C a u t i o n Verify that there is an acceptable OS image in the source flash location from which you are going to copy Use the show flash command or if necessary the procedure under Determining Which...

Page 106: ... n do Before using this command in one flash image location primary or second ary ensure that you have a valid OS file in the other flash image location secondary orprimary Ifthe switchhasonly oneflashimage loaded ineither primary or secondary flash and you erase that image then the switch does not have an OS stored in flash In this case if you do not reboot or power cycle the switch you can recov...

Page 107: ...he Switch The switch offers reboot options through the boot and reload commands plus the options inherent in a dual flash image system Generally using boot provides more comprehensive self testing using reload gives you a faster reboot time Table 6 2 Comparing the Boot and Reload Commands Actions Included In Boot Included In Reload Note Save all configuration Optional Yes Config changes saved to t...

Page 108: ...lay Boot from primary flash Booting from a Specified Flash This version of the boot command gives you the option of specifying whether to reboot from primary or secondary flash and is the required command for rebooting from secondary flash This option also executes the complete set of subsystem self tests Syntax boot system flash primary secondary For example to reboot the switch from secondary fl...

Page 109: ... secondary flash Boot Attempts from an Empty Flash Location In this case the switch aborts the attempt and displays Image does not exist Operation aborted Interaction of Primary and Secondary Flash Images with the Current Configuration The switch has one startup config file page 6 2 which it always uses for reboots regardless of whether the reboot is from primary or secondary flash Also for reboot...

Page 110: ...Switch Memory and Configuration Using Primary and Secondary Flash Image Options This page is intentionally unused 6 20 ...

Page 111: ...Interface Access by Terminating Remote Management Sessions 7 8 System Information 7 9 Menu Viewing and Configuring System Information 7 10 CLI Viewing and Configuring System Information 7 11 Web Configuring System Parameters 7 14 Using Friendly Optional Port Names 7 15 Configuring and Operating Rules for Friendly Port Names 7 15 Configuring Friendly Port Names 7 16 Displaying Friendly Port Names w...

Page 112: ...Chapter 3 Using the Menu Interface Chapter 4 Using the Command Line Interface CLI Chapter 5 Using the HP Web Browser Interface Why Configure Interface Access and System Information The inter face access features in the switch operate properly by default However you can modify or disable access features to suit your particular needs Similarly you can choose to leave the system information parameter...

Page 113: ... Enabled page 7 4 page 7 6 Terminal type VT 100 page 7 6 Event Log event types to list All page 7 6 Displayed Events Baud Rate Speed Sense page 7 6 Flow Control XON XOFF page 7 6 In most cases the default configuration is acceptable for standard operation Not e Basic switch security is through passwords You can gain additional security using IP authorized managers However if unauthorized access to...

Page 114: ...Main Menu Select 2 Switch Configuration 1 System Information Interface Access Parameters Figure 7 1 The Default Interface Access Parameters Available in the Menu Interface 2 Press E for Edit The cursor moves to the System Name field 3 Use the arrow keys v to move to the parameters you want to change Refer to the online help provided with this screen for further information on configuration options...

Page 115: ...is com mand lists the current interface access parameter settings Syntax show console This example shows the switch s default console serial configuration Interface Access Enable Disable Console Control Options Event Log Event Types To List Figure 7 2 Listing of Show Console Command Reconfigure Inbound Telnet Access In the default configuration inbound Telnet access is enabled Syntax no telnet ser...

Page 116: ... or more console parameters with one console command Syntax console terminal vt100 ansi screen refresh 1 3 5 10 20 30 45 60 baud rate speed sense 1200 2400 4800 9600 19200 38400 57600 flow control xon xoff none inactivity timer 0 1 5 10 15 20 30 60 120 events none all non info critical debug Not e If you change the Baud Rate or Flow Control settings for the switch you should make the corresponding...

Page 117: ...itchimplementstheEventLogchangeimmediately Theswitchimplements the other console changes after executing write memory and reload Figure 7 3 Example of Executing the Console Command with Multiple Parameters You can also execute a series of console commands and then save the configuration and boot the switch For example Configure the individual parameters Save the changes Boot the switch Figure 7 4 ...

Page 118: ...d kill to terminate a currently running remote session Kill does not terminate a Console session on the serial port either through a direct connection or via a modem Syntax kill session number For example if you are using the switch s serial port for a console session and want to terminate a currently active Telnet session you would do the follow ing Session 2 is an active Telnet session The kill ...

Page 119: ...ended System Name Using a unique name helps you to identify individual devices in stacking environments and where you are using an SNMP network manage ment tool such as HP TopTools for Hubs Switches System Contact and Location This information is helpful for identifying the person administratively responsible for the switch and for identifying the locations of individual switches MAC Age Interval ...

Page 120: ...ne For more on this topic see appendix E Daylight Savings Time on HP ProCurve Switches Time Used in the CLI to specify the time of day the date and other system parameters Menu Viewing and Configuring System Information To access the system information parameters 1 From the Main Menu Select 2 Switch Configuration 1 System Information System Information Figure 7 6 The System Information Configurati...

Page 121: ...Menu CLI Viewing and Configuring System Information System Information Commands Used in This Section show system information below hostname below snmp server below contact location mac age time page 7 13 time time zone page 7 13 daylight time rule page 7 13 date page 7 13 time Listing the Current System Information Thiscommandliststhecurrent system information settings Syntax show system informati...

Page 122: ...me string snmp server contact system contact location system location Both fields allow up to 48 characters Blank spaces are not allowed in the variables for these commands For example to name the switch Blue with Ext 4474 as the system contact and North Data Room as the location New hostname contact and location data from previous commands Additional System Information Figure 7 8 System Informati...

Page 123: ...efined East of the 0 meridian the sign is West of the 0 meridian the sign is For example the time zone setting for Berlin Germany is 60 zone 1 or 60 minutes and the time zone setting for Vancouver Canada is 480 zone 8 or 480 minutes Toconfigurethetime zone anddaylighttime rule for Vancouver Canada HPswitch config time timezone 480 daylight time rule continental us and canada Configure the Time and...

Page 124: ...System Contact For access to the MAC Age Interval and the Time parameters use the menu interface or the CLI Configure System Parameters in the Web Browser Interface 1 Click on the Configuration tab 2 Click on System Info 3 Enter the data you want in the displayed fields 4 Implement your new data by clicking on Apply Changes To access the web based help provided for the switch click on in the web b...

Page 125: ...ch You can also assign the same name to multiple ports The friendly port names you configure appear in the output of the show name port list show config and show interface port number commands They do not appear in the output of other show commands or in Menu interface screens See Displaying Friendly Port Names with Other Port Data on page 7 18 Friendly port names are not a substitute for port num...

Page 126: ...write memory command Configuring Friendly Port Names Syntax interface e port list name port name string Assigns a port name to port list no interface e port list name Deletes the port name from port list Configuring a Single Port Name Suppose that you have connected port A3 on the switch to Bill Smith s workstation and want to assign Bill s name and workstation IP address 10 25 101 73 as a port na...

Page 127: ...ng the Same Name for Multiple Ports Suppose that you want to use ports A5 through A8 as a trunked link to a server used by a drafting group In this case you might configure ports A5 through A8 with the name Draft Server Trunk Figure 7 10 Example of Configuring One Friendly Port Name on Multiple Ports 7 17 ...

Page 128: ...traffic statistics for that port The friendly port name data comes from the running config file show config Includes friendly port names in the per port data of the resulting configuration listing show config data comes from the startup config file To List All Ports or Selected Ports with Their Friendly Port Names This command lists names assigned to a specific port Syntax show name port list List...

Page 129: ...ort Statistics Listings A friendly port name configured to a port is automatically included when you display the port s statistics output Syntax show interface port number Includes the friendly port name with the port s traffic statistics listing For example if you configure port A1 with the name O Connor_10 25 101 43 the show interface output for this port appears similar to the following Friendl...

Page 130: ...ly port names in a listing of all interfaces ports configured with non default settings Excludes ports that have neither a friendly port name nor any other non default configuration settings For example if you configure port A1 with a friendly port name This command sequence saves the friendly port name for port A1 in the startup config file but does not do so for the name entered for port A2 In t...

Page 131: ...onfiguring IP Address Gateway and Time To Live TTL 8 5 CLI Configuring IP Address Gateway and Time To Live TTL 8 7 Web Configuring IP Addressing 8 11 How IP Addressing Affects Switch Operation 8 11 DHCP Bootp Operation 8 12 Network Preparations for Configuring DHCP Bootp 8 15 IP Preserve Retaining VLAN 1 IP Addressing Across Configuration File Downloads 8 16 Globally Assigned IP Network Addresses ...

Page 132: ...y and VLAN 1 IP addressing Assign up to seven secondary IP addresses to a VLAN multinetting Why Configure IP Addressing In its factory default configuration the switch operates as a multiport learning bridge with network connectivity provided by the ports on the switch However to enable specific management access and control through your network you will need IP addressing Table 8 1 on page 8 12 s...

Page 133: ...to a device you can use the web browser interface to modify the initial IP configuration if needed For information on how IP addressing affects switch performance refer to How IP Addressing Affects Switch Operation on page 8 11 Multinetting Assigning Multiple IP Addresses to a VLAN For a given VLAN you can assign one primary IP address and up to seven secondary IP addresses This allows you to comb...

Page 134: ...d Guide you received with the switch IP Addressing with Multiple VLANs In the factory default configuration the switch has one permanent default VLAN named DEFAULT_VLAN that includes all ports on the switch Thus when only the default VLAN exists in the switch if you assign an IP address and subnet mask to the switch you are actually assigning the IP addressing to the DEFAULT_VLAN Not e s If multip...

Page 135: ...essing in a Stacking Environment If you are installing the switch into an HP ProCurve stack management environment entering an IP address may not be required See appendix 15 HP ProCurve Stack Management for more information Menu Configuring IP Address Gateway and Time To Live TTL Do one of the following To manually enter an IP address subnet mask set the IPConfig parameter to Manual and then manua...

Page 136: ...eed to change the packet Time To Live TTL setting select Default TTL and type in a value between 2 and 255 seconds 5 To configure IP addressing select IP Config and do one of the following If you want to have the switch retrieve its IP configuration from a DHCP or Bootp server at the IP Config field keep the value as DHCP Bootp and go to step 8 If you want to manually configure the IP information ...

Page 137: ...e DEFAULT_VLAN exists then its IP configuration applies to all ports in the switch Where multiple VLANs are configured the IP addressing is listed per VLAN The display includes switch wide packet time to live and if config ured the switch s default gateway and Timep configuration Syntax show ip For example in the factory default configuration no IP addressing assigned the switch s IP addressing ap...

Page 138: ...t VLAN then the VLAN ID is always 1 Not e The default IP address setting for the DEFAULT_VLAN is DHCP Bootp On additional VLANs you create the default IP address setting is Disabled Syntax vlan vlan id ip address ip address mask length or vlan vlan id ip address ip address mask bits or vlan vlan id ip address dhcp bootp This example configures IP addressing on the default VLAN with the subnet mask...

Page 139: ...iding secondary IP addressing The switch allows up to 512 secondary subnet address assignments to VLANs Syntax no vlan vlan id ip address ip address mask length no vlan vlan id ip address ip address mask bits For example if you wanted to multinet VLAN_20 VID 20 with its primary IP address and two secondary IP addresses shown below you would perform steps similar to the following For this example a...

Page 140: ...or Replacing IP Addresses in a Subnetted VLAN To remove an IP address from a subnetted VLAN use the no form of the IP address command shown on page 8 9 Generally to replace one IP address with another you should first remove the address you want to replace and then enter the new address However in a subnetted VLAN if you remove the primary IP address from a VLAN the next sequential secondary IP ad...

Page 141: ...ng only if the switch already has an IP address that is reachable through your network 1 Click on the Configuration tab 2 Click on IP Configuration 3 If you need further information on using the web browser interface click on to access the web based help available for the Switch 2512 2524 How IP Addressing Affects Switch Operation Without an IP address and subnet mask compatible with your network ...

Page 142: ...ommendationsfor changes to increase control and uptime Note Although TopTools recognizes the Switch 2626 as an SNMP device customized device management is not supported for the Switch 2626 in HP TopTools for hubs and switches TACACS RADIUS SSH SSL and 802 1X authentication CDP support Stacking Commander Telnet access to the CLI or the menu interface IGMP Timep server configuration TFTP download of...

Page 143: ...e switch does not receive a reply to its DHCP Bootp requests it continues to periodically send request packets but with decreasing frequency Thus if a DHCP or Bootp server is not available or accessible to the switch when DHCP Bootp is first configured the switch may not immediately receive the desired configuration After verifying that the server has become accessible to the switch reboot the swi...

Page 144: ...milar to this entry j4108switch ht ether ha 0030c1123456 ip 10 66 77 88 sm 255 255 248 0 gw 10 66 77 1 hn vm rfc1048 An entry in the Bootp table file etc bootptab to tell the switch or VLAN where to obtain a configuration file download would be similar to this entry j4108switch ht ether ha 0030c1123456 ip 10 66 77 88 sm 255 255 248 0 gw 10 66 77 1 lg 10 22 33 44 T144 switch cfg vm rfc1048 where j4...

Page 145: ...The Bootp server is accessible from the switch For DHCP operation A DHCP scope has been configured on the appropriate DHCP server The necessary network connections are in place A DHCP server is accessible from the switch Not e Designating a primary VLAN other than the default VLAN affects the switch s use of information received via DHCP Bootp For more on this topic see The Primary VLAN on page 12...

Page 146: ...nd reboots The switch adopts all other configuration parameters in the configuration file into the startup config file If the switch s current IP addressing for VLAN 1 is from a DHCP server IP Preserve is suspended In this case whatever IP addressing the config uration file specifies is implemented when the switch downloads the file and reboots If the file includes DHCP Bootp as the IP addressing ...

Page 147: ...101 DHCP Server Switch 2 VLAN 1 10 31 22 102 config IP Address Switches 1 through 3 copy and implement the config txt file from the TFTP server figure 8 8 but retain their current IP Switch 4 also copies and implements the config txtfilefromtheTFTPserver figure8 8 but acquires new IP addressing from the DHCP TFTP Server Management Station Figure 8 7 Example of IP Preserve Operation with Multiple S...

Page 148: ...es IP Preserve and implements the DHCP Bootp addressing and IP Gateway specified in this file because its last IP addressing was acquired from a DHCP Bootp server IP Preserve Command Figure 8 8 Configuration File in TFTP Server with DHCP Bootp Specified as the IP Addressing Source If you apply this configuration file to figure 8 7 switches 1 3 will still retain their manually assigned IP addressin...

Page 149: ... Bootp To summarize the IP Preserve effect on IP addressing If the switch received its most recent VLAN 1 IP addressing from a DHCP Bootp server it ignores the IP Preserve command when it downloads the configuration file and implements whatever IP addressing instructions are in the configuration file If the switch did not receive its most recent VLAN 1 IP addressing from a DHCP Bootp server it ret...

Page 150: ...ons Country Phone Number E Mail URL Organization Name Address United States Countries not in Europe or Asia Pacific 1 310 823 9358 icann icann org http www icann org The Internet Corporation for Assigned Names and Numbers ICANN 4676 Admiralty Way Suite 330 Marina Del Rey CA 90292 USA Europe 31 20 535 4444 ncc ripe net http www ripe net RIPE NCC Singel 258 1016 AB Amsterdam The Netherlands Asia Pac...

Page 151: ...SNTP Viewing Selecting and Configuring 9 4 Menu Viewing and Configuring SNTP 9 5 CLI Viewing and Configuring SNTP 9 8 TimeP Viewing Selecting and Configuring 9 14 Menu Viewing and Configuring TimeP 9 15 CLI Viewing and Configuring TimeP 9 16 SNTP Unicast Time Polling with Multiple SNTP Servers 9 21 Address Prioritization 9 22 Adding and Deleting SNTP Server Addresses 9 22 Menu Interface Operation ...

Page 152: ... time In the factory default configuration the time synchronization option is set to TimeP with the TimeP mode itself set to Disabled TimeP Time Synchronization You can either manually assign the switch to use a TimeP server or use DHCP to assign the TimeP server In either case the switch can get its time synchro nization updates from only one designated Timep server This option enhances security ...

Page 153: ...nd This option provides increased security over the Broadcast mode by specifying which time server to use instead of using the first one detected through a broadcast Overview Selecting a Time Synchronization Protocol or Turning Off Time Protocol Operation General Steps for Running a Time Protocol on the Switch 1 Select the time synchronization protocol SNTP or TimeP the default 2 Enable the protoc...

Page 154: ...een of the Menu interface set the Time Synch Method parameter to None then press Enter then S for Save In the Global config level of the CLI execute no timesync SNTP Viewing Selecting and Configuring SNTP Feature Default Menu CLI Web view the SNTP time synchronization configuration n a page 9 5 page 9 8 select SNTP as the time synchronization method timep page 9 6 page 9 9 ff disable time synchron...

Page 155: ... broadcast time update from the next server it detects Poll Interval seconds In Unicast Mode Specifies how often the switch polls the designated SNTP server for a time update In Broadcast Mode Specifies how often the switch polls the network broadcast address for a time update Server Address Used only when the SNTP Mode is set to Unicast Specifies the IP address of the SNTP server that the switch ...

Page 156: ...Time Sync Method field 4 Use the Space bar to select SNTP then press v once to display and move to the SNTP Mode field 5 Do one of the following Use the Space bar to select the Broadcast mode then press v to move the cursor to the Poll Interval field and go to step 6 For Broadcast mode details see SNTP Operating Modes on page 9 2 Use the Space bar to select the Unicast mode then do the following i...

Page 157: ...d testing SNTP operation to determine whether any change is necessary Note Using the menu to enter the IP address for an SNTP server when the switch already has one or more SNTP servers config ured causes the switch to delete the primary SNTP server from the server list and to select a new primary SNTP server from the IP address es in the updated list For more on this topic see SNTP Unicast Time P...

Page 158: ...uration This command lists both the time synchronization method TimeP SNTP or None and the SNTP configuration even if SNTP is not the selected time protocol Syntax show sntp For example if you configured the switch with SNTP as the time synchroni zation method then enabled SNTP in broadcast mode with the default poll interval show sntp lists the following Figure 9 2 Example of SNTP Configuration W...

Page 159: ...hod parameter Syntax timesync sntp Selects SNTP as the time protocol sntp broadcast unicast Enables the SNTP mode below and page 9 10 sntp server ip addr Required only for unicast mode page 9 10 sntp poll interval 30 720 Enabling the SNTP mode also enables the SNTP poll interval default 720 seconds page 9 12 Enabling SNTP in Broadcast Mode Because theswitchprovidesanSNTP polling interval default 7...

Page 160: ...nabling SNTP in Unicast Mode Like broadcast mode configuring SNTP for unicast mode enables SNTP However for Unicast operation you must also specify the IP address of at least one SNTP server The switch allows up to three unicast servers You can use the Menu interface or the CLI to configure one server or to replace an existing Unicast server with another To add a second or third server you must us...

Page 161: ...d accepts the current SNTP server version default 3 In this example the Poll Interval and the Protocol Version appear at their default settings Note Protocol Version appears only when there is an IP address configured for an SNTP server Figure 9 5 Example of Configuring SNTP for Unicast Operation If the SNTP server you specify uses SNTP version 4 or later use the sntp server command to specify the...

Page 162: ...peration For example to change the poll interval to 300 seconds HPswitch config sntp poll interval 300 Disabling Time Synchronization Without Changing the SNTP Configuration The recommended method for disabling time synchroniza tion is to use the timesync command to avoid changing the switch s SNTP configuration Syntax no timesync Halts time synchronization without changing the switch s SNTP confi...

Page 163: ...Disables SNTP by changing the SNTP mode configuration to Disabled For example if the switch is running SNTP in Unicast mode with an SNTP server at 10 28 227 141 and a server version of 3 the default no sntp changes the SNTP configuration as shown below and disables time synchronization on the switch Even though the Time Sync Mode is set to Sntp time synchronization is disabled because no sntp has ...

Page 164: ...ync Method parameter or the CLI timesync command DHCP When Timep is selected as the time synchronization method the switch attempts to acquire a Timep server IP address via DHCP If the switch receives a server address it polls the server for updates according to the Timep poll interval If the switch does not receive a Timep server IP address it cannot perform time synchronization updates Manual Wh...

Page 165: ...NTP None Figure 9 9 The System Information Screen Default Values 2 Press E for Edit The cursor moves to the System Name field 3 Use v to move the cursor to the Time Sync Method field 4 If TIMEP is not already selected use the Space bar to select TIMEP then press v once to display and move to the TimeP Mode field 5 Do one of the following Use the Space bar to select the DHCP mode then press v to mo...

Page 166: ...e the cursor to the PollInterval field then go to step 6 6 In the PollInterval field enter the time in minutes that you want for a TimeP Poll Interval Press Enter to return to the Actions line then S for Save to enter the new time protocol configuration in both the startup config and running config files CLI Viewing and Configuring TimeP CLI Commands Described in this Section show timep no timesyn...

Page 167: ...TimeP as the time synchroniza tion method then enable TimeP in DHCP mode with the default poll interval show timep lists the following Figure 9 10 Example of TimeP Configuration When TimeP Is the Selected Time Synchronization Method If SNTP is the selected time synchronization method show timep still lists the TimeP configuration even though it is not currently in use Even though in this example S...

Page 168: ...rotocol ip timep dhcp manual Enables the selected TimeP mode no ip timep Disables the TimeP mode no timesync Disables the time protocol Enabling TimeP in DHCP Mode Because the switch provides a TimeP polling interval default 720 minutes you need only these two commands for a minimal TimeP DHCP configuration Syntax timesync timep Selects TimeP as the time synchronization method ip timep dhcp Config...

Page 169: ...However for manual operation you must also specify the IP address of the TimeP server The switch allows only one TimeP server To enable the TimeP protocol Syntax timesync timep Selects Timep ip timep manual ip addr Activates TimeP in Manual mode with a specified TimeP server no ip timep Disables TimeP Note To change from one TimeP server to another you must 1 use the no ip timep command to disable...

Page 170: ... timep dhcp interval 1 9999 ip timep manual interval 1 9999 For example to change the poll interval to 60 minutes HPswitch config ip timep interval 60 Disabling Time Synchronization Without Changing the TimeP Configuration The recommended method for disabling time synchroniza tion is to use the timesync command This halts time synchronization without changing your TimeP configuration Syntax no tim...

Page 171: ...chronization on the switch Even though the Time Sync Mode is set to Timep time synchronization is disabled because no ip timep has disabled the TimeP Mode parameter Figure 9 15 Example of Disabling Time Synchronization by Disabling the TimedP Mode Parameter SNTPUnicastTimePollingwithMultiple SNTP Servers When running SNTP unicast time polling as the time synchronization method the switch requests ...

Page 172: ...econd lowest decimal value assigned as the next address and the third lowest decimal value as the last address If the first octet is the same between two of the addresses the second octet is compared and so on For example SNTP Server IP Address Server Ranking According to Decimal Value of IP Address 10 28 227 141 Primary 10 28 227 153 Secondary 10 29 227 100 Tertiary Adding and Deleting SNTP Serve...

Page 173: ...ting addresses with a new one you must delete the unwanted address before you configure the new one Deleting Addresses To delete an address you must use the CLI If there are multiple addresses and you delete one of them the switch re orders the address priority See Address Prioritization on page 9 22 Syntax no sntp server ip addr For example to delete the primary address in the above example and a...

Page 174: ...e following three SNTP server IP addresses configured 10 28 227 141 primary 10 28 227 153 secondary 10 29 227 100 tertiary If you use the Menu interface to add 10 28 227 160 the new prioritized list will be New Address List Address Status 10 28 227 153 New Primary The former primary 10 28 227 141 was deleted when you used the menu to add 10 28 227 160 10 28 227 160 New Secondary 10 29 227 100 Same...

Page 175: ...Group 10 16 CLI Viewing and Configuring a Static or Dynamic Port Trunk Group 10 18 Web Viewing Existing Port Trunk Groups 10 24 Trunk Group Operation Using LACP 10 24 Trunk Group Operation Using the Trunk Option 10 31 Trunk Operation Using the FEC Option 10 31 How the Switch Lists Trunk Data 10 32 Outbound Traffic Distribution Across Trunked Links 10 32 Configuring Port Based Priority for Incoming...

Page 176: ...nd traffic that either carries an 802 1Q VLAN tag with a priority of 0 zero or is not a tagged VLAN packet ViewingPortStatusandConfiguringPort Parameters Port Status and Configuration Features Feature Default Menu CLI Web viewing port status n a page 10 5 page 10 6 page 10 9 configuring ports See Table 10 10 page 10 5 page 10 8 page 10 9 1 on pages 10 3 and 10 4 Note On Connecting If the switch ei...

Page 177: ... half duplex or full duplex Note Ensure that the device attached to the port is configured for the same setting that you select here Also if Auto is used the device to which the port is connected must operate in compliance with the IEEE 802 3u Auto Negotiation standard for 100Base T networks If the other device does not comply with the 802 3u standard or is not set to Auto then the port configurat...

Page 178: ...ntrol Disabled default The port does not generate flow control packets and drops any flow control packets it receives Enabled The port uses 802 3x Link Layer Flow Control generates flow control packets and processes received flow control packets Withtheportmode settoAuto thedefault andFlowControlenabled theswitchnegotiates Flow Control on the indicated port If the port mode is not set to Auto or i...

Page 179: ...enu interface displays the status for ports and if configured a trunk group From the Main Menu select Status and Counters Port Status In this example ports A7 and A8 have previously been configured as a trunk group Figure 10 1 Example of the Port Status Screen Using the Menu To Configure Ports Not e The menu interface uses the same screen for configuring both individual ports and port trunk groups...

Page 180: ...then press S for Save CLI Viewing Port Status and Configuring Port Parameters Port Status and Configuration Commands show interfaces brief below show interface config page 10 8 interface page 10 8 From the CLI you can configure and view all port parameter settings and view all port status indicators Using the CLI To View Port Status Use the following commands to dis play port status and configurat...

Page 181: ...ow Interfaces Config Port Number and Type Yes Yes Enabled Y N Yes Yes Flow Control Yes Yes Status Up Down Yes No Mode Operating Yes No Intrusion Alert Yes No Mode Configured No Yes There is also the show interfaces e port number option which displays port statistics Refer to Viewing Port and Trunk Group Statistics and Flow Control Status on page B 9 The figures 10 3 and 10 4 list examples of the o...

Page 182: ...t for interface and an e for ethernet that is int e port list For example to configure ports C1 through C3 and port C6 for 100Mbps full duplex you would enter these commands HPswitch config int e c1 c3 c6 speed duplex 100 full Similarly to configure a single port with the settings in the above command you could either enter the same command with only the one port identified or go to the context le...

Page 183: ...or example to configure a broadcast limit of 20 for all ports on the switch HPswitch config broadcast limit 20 To display the current broadcast limit setting use one of the following com mands HPswitch show config Displays the startup config file The broadcast limit setting appears here if configured and saved to the startup config file HPswitch show running config Displays the running config file...

Page 184: ...p is a set of up to four ports configured as members of the same port trunk Note that the ports in a trunk group do not have to be consecutive For example Switch 1 Ports c1 c4 configured as a port trunk group The multiple physical links in a trunk behave as one logical link port c1 port c2 port c3 port c4 port c5 port c6 port c7 port n port a1 port a2 port a3 port a4 port a5 port a6 port a7 port n...

Page 185: ...or port trunking LACP IEEE 802 3ad page 10 24 Trunk non protocol page 10 31 FEC Fast EtherChannel page 10 31 The switch supports six trunk groups of up to four ports each Using the Link Aggregation Control Protocol LACP option you can include standby trunked ports in addition to the maximum of four actively trunking ports L A C P N o t e LACP operation requires full duplex FDx links For most insta...

Page 186: ...ple works if the ports are not already operating in a trunk To change the LACP option on ports already operating as a trunk you must first remove them from the trunk For example if ports C1 C4 were LACP active and operating in a trunk with another device you would do the following to change them to LACP passive HPswitch config no int e c1 c4 lacp Removes the ports from the trunk HPswitch config in...

Page 187: ...group to operate in a VLANother than the default VLAN and GVRP is disabled Refer to VLANs and Dynamic LACP on page 10 30 You want to use a monitor port on the switch to monitor an LACP trunk See Trunk Group Operation Using LACP on page 10 24 Trunk non protocol Provides manually configured static only trunking to Most HP switches and routing switches not running the 802 3ad LACP protocol Windows NT...

Page 188: ...r LACP All of the following operate on a per port basis regardless of trunk membership Enable Disable Flow control Flow Ctrl LACP is a full duplex protocol See Trunk Group Operation Using LACP on page 10 24 Trunk Configuration All ports in the same trunk group must be the same trunk type LACP Trunk or FEC All LACP ports in the same trunk group must be either all static LACP or all dynamic LACP A t...

Page 189: ...atic trunk of any type appears in the IGMP configuration display and you can configure IGMP for a static trunk in the same way that you would configure IGMP on a non trunked port Note that the switch lists the trunk by name such as Trk1 and does not list the individual ports in the trunk Also creating a new trunk automatically places the trunk in IGMP Auto status if IGMP is enabled for the default...

Page 190: ...igure Static Port Trunking This procedure uses the Port Trunk Settings screen to configure a static port trunk group on the switch 1 Follow the procedures in the Important note above 2 From the Main Menu Select 2 Switch Configuration 2 Port Trunk Settings 3 Press E for Edit and then use the arrow keys to access the port trunk parameters These two columns indicate static trunk status For dynamic LA...

Page 191: ...LAN capability built into the switch more than one VLAN can be assigned to a trunk See Port Based Virtual LANs Static VLANs on page 12 3 To return a port to a non trunk status keep pressing the Space bar until a blank appears in the highlighted Group value for that port Figure 10 7 Example of the Configuration for a Two Port Trunk Group 6 Move the cursor to the Type column for the selected port an...

Page 192: ... are operating properly CLI Viewing and Configuring a Static or Dynamic Port Trunk Group Trunk Status and Configuration Commands show trunks below show lacp page 10 20 trunk page 10 22 interface lacp page 10 22 Using the CLI To View Port Trunks You can list the trunk type and group for all ports on the switch or for selected ports You can also list LACP only status information for LACP configured ...

Page 193: ...ign using the Friendly Port Names feature See Using Friendly Optional Port Names on page 7 15 Port A6 does not appear in this listing because it is not assigned to a static trunk Figure 10 8 Example Listing Specific Ports Belonging to Static Trunks The show trunks e port list command in the above example includes a port list and thus shows trunk group information only for specific ports that have ...

Page 194: ...s Dynamic LACP trunking enables you to configure standby links for a trunk by including more than four ports in a dynamic LACP trunk configuration When four ports trunk links are up the remaining link s will be held in standby status If a trunked link that is Up fails it will be replaced by a standby link which maintains your intended bandwidth for the trunk See also the Standby entry under Port S...

Page 195: ...ur If you need to connect the ports before configuring them for trunking you can temporarily disable the ports until the trunk is configured See Using the CLI To Configure Ports on page 10 8 On the switches covered by this guide you can configure up to six port trunk groups having up to four links each with additional standby links if you re using LACP You can configure trunk group types as follow...

Page 196: ...youremoveaport from a trunkwhere STP is not inuse HPrecommends that you first disable the port or disconnect the link on that port Syntax no trunk port list This example removes ports C4 and C5 from an existing trunk group HPswitch config no trunk c4 c5 Enabling a Dynamic LACP Trunk Group In the default port configura tion all ports on the switch are set to LACP Passive However to enable the switc...

Page 197: ...ault tolerance Figure 10 12 Example of Criteria for Automatically Forming a Dynamic LACP Trunk Syntax interface port list lacp active This example uses ports C4 and C5 to enable a dynamic LACP trunk group HPswitch config interface c4 c5 lacp active Removing Ports from a Dynamic LACP Trunk Group To remove a port from dynamic LACP trunk operation you must turn off LACP on the port On aportinanoperat...

Page 198: ...e a port trunk group it does provide a view of an existing trunk group To view any port trunk groups Click on the Status tab Click on Port Status Trunk Group Operation Using LACP The switch can automatically configure a dynamic LACP trunk group or you can manually configure a static LACP trunk group Not e LACP requires full duplex FDx links of the same media type 10 100Base T 100FX etc andthe same...

Page 199: ...ult VLAN Thus if an LACP dynamic port forms using ports that are not in the default VLAN the trunk will automatically move to the default VLAN unless GVRP operation is configured to prevent this from occurring In some cases this can create a traffic loop in your network For more on this topic refer to VLANs and Dynamic LACP on page 10 30 In most cases trunks configured for LACP operate as describe...

Page 200: ...links are allowed in the trunk but with dynamic LACP you can configure one or more backup links that the switch automatically activates if a primary link fails To configure a link as a standby for an existing four port dynamic LACP trunk ensure that the ports in the standby link are configured the same as either of the above examples Displaying Dynamic LACP Trunk Data To list the configuration and...

Page 201: ...untrunked port Not e Passive and active LACP port will pause and listen for LACP packets once a link is established Once this pause is complete then the port if a trunk is not detected willbeplacedinforwardingmode Someend nodeapplicationshave been found to be sensitive to this pause and may require LACP to be disabled on the port The following table describes the elements of per port LACP operatio...

Page 202: ...ted to the network or a speed mismatch between a pair of linked ports Disabled The port cannot carry traffic Blocked LACP STP or FEC has blocked the port The port is not in LACP Standby mode This may be due to a trunk negotiation very brief or a configuration error such as differing port speeds on the same link or attempting to connect the switch to more than six trunks Standby The port is configu...

Page 203: ... to the port you must first remove the port s 802 1X configu ration and then re enable LACP active or passive on the port Port Security Configured on a Port To maintain security LACP is not allowed on ports configured for port security If you configure port security on a port on which LACP active or passive is configured the switch removes the LACP configuration displays a notice that LACP is disa...

Page 204: ... disabled configure the trunk as a static trunk If there are ports that you do not want on the default VLAN ensure that they cannot become dynamic LACP trunk members Otherwise a traffic loop can unexpectedly occur For example VLAN 1 Default VLAN VLAN 2 VLAN 1 Default VLAN VLAN 2 VLAN 1 Default VLAN VLAN 2 VLAN 1 Default VLAN VLAN 2 If the ports in VLAN 2 are configured to allow a dynamic trunk and...

Page 205: ...s independently of specific trunking protocols and does not use a protocol exchange with the device on the other end of the trunk With this choice the switch simply uses the SA DA method of distributing outbound traffic across the trunked ports without regard for how that traffic is handled by the device at the other end of the trunked links Similarly the switch handles incoming traffic from the t...

Page 206: ...the output from the CLI show lacp command Interface Option Dynamic LACP Trunk Group Static LACP Trunk Group Static Non Protocol or FEC Trunk Group Menu Interface CLI show trunk show interfaces show lacp show spanning tree show igmp show config No Yes Yes No Yes Yes No Yes Yes Yes Yes No No Yes Yes No Yes Yes No Yes Yes Outbound Traffic Distribution Across Trunked Links All three trunk group option...

Page 207: ...blem you can use the HP TopTools for Hubs Switches network management software available from Hewlett Packard to quickly and easily identify the sources of heavy traffic top talkers and make adjustments to improve performance For the Switch 2626 refer to the Note on page 2 6 Broadcasts multicasts and floods from different source addresses are dis tributed evenly across the links As links are added...

Page 208: ...he default port based priority the switch handles traffic received in untagged packets as Normal priority level 0 You can assign a priority level to Inbound untagged VLAN packets Inbound tagged VLAN packets having a priority level of 0 zero The switch does not alter the existing priority level of inbound tagged VLAN packets carrying a priority level of 1 7 Thus for example high priority tagged VLA...

Page 209: ...itches 1600M 2400M 2424M 4000M 8000M 2 As shown below these port queues map to the eight priority settings specified in the 802 1p standard Table 10 9 Mapping Priority Settings to Device Queues 802 1pPrioritySettingsUsed In Tagged VLAN Packets Switches with 3 Outbound Port Queues Queue Assignment in Downstream Devices With 4 Queues 8 Queues 2 Queues 1 low Low 1 1 1 2 low Low 1 2 1 0 normal priorit...

Page 210: ...when port based priority is configured as 0 7 an inbound untagged packet adopts the specified priority and is sent to the corresponding outbound queue on the outbound port See table 10 9 Mapping Priority Settings to Device Queues on page 10 35 If the outboundportis a taggedmemberofthe applicable VLAN thenthe packet carries a tag with that priority setting to the next downstream device On a given p...

Page 211: ... 0 priority on the designated ports as described under Operating Rules for Port Based Priority above interface e qos priority 0 Returns a port based priority setting to the default 0 for untagged packets received on the designated port s In this state the switch handles the untagged packets with Normal priority Refer to table 10 9 on page 10 35 show running config Lists any non default 1 7 port ba...

Page 212: ...based priorityon ports A9 A12 to 1 Low and saves the configuration changes to the startup config file Figure 10 15 Example of Configuring Non Default Prioritization on Untagged Inbound Traffic Messages Related to Prioritization Message Meaning priority level Unable to create The port s on which you are trying to configure a qos priority may belong to a port trunk Trunked ports cannot be configured...

Page 213: ...gement RMON 11 23 CDP 11 24 Introduction 11 24 CDP Terminology 11 25 General CDP Operation 11 26 Outgoing Packets 11 26 Incoming CDP Packets 11 27 Configuring CDP on the Switch 11 30 Viewing the Switch s Current CDP Configuration 11 31 Viewing the Switch s Current CDP Neighbors Table 11 31 Clearing Resetting the CDP Neighbors Table 11 32 Configuring CDP Operation 11 33 Effect of Spanning Tree STP ...

Page 214: ...ugh RMON Support page 11 23 To implement SNMP management the switch must have an IP address configured either manually or dynamically using DHCP or Bootp If multiple VLANs are configured each VLAN interface should have its own IP address For DHCP use with multiple VLANs see The Primary VLAN on page 12 6 Not e If you use the switch s Authorized IP Managers and Management VLAN features ensure that t...

Page 215: ...guring for SNMP Access to the Switch SNMP access requires an IP address and subnet mask configured on the switch See IP Configuration on page 8 3 If you are using DHCP Bootp to configure the switch ensure that the DHCP Bootp process provides the IP address See DHCP Bootp Operation on page 8 12 Once an IP address has been configured the main steps for configuring SNMP version 1 and version 2c acces...

Page 216: ...tp process provides the IP address See DHCP Bootp Operation on page 8 12 Once an IP address has been configured the main steps for configuring SNMP version 3 access management features are 1 Enable SNMPv3 for operation on the switch Refer to SNMP Version 3 Commands on page 11 5 2 Configure the appropriate SNMP users Refer to SNMP Version 3 Users on page 11 7 3 Configure the appropriate SNMP commun...

Page 217: ...ageswillmakethecommunitynamed public inaccessible to network management applications such as auto discovery traffic monitoring SNMP trap generation and threshold setting from operating in the switch Syntax no snmpv3 enable Enable and disable the switch for access from SNMPv3 agents This includes the creation of the a initial user record no snmpv3 only Enables or disables restrictions to access fro...

Page 218: ...of this dialog Not e For most SNMPv3 management software to be able to create new users they S N M P must have an initial user record clone These records can be downgraded Ve r s i o n 3 given less features but not upgraded with new features added For this reason Ini tia l User s it is recommended that a second user with SHA and DES are created at the time you enable SNMPv3 Enable SNMPv3 Createini...

Page 219: ...s Add or Deletes an user entry for snmpv3 Authorization and Privacy are optional but to use privacy you must use authorization When deleting a user only the user_name is required auth md5 sha auth_pass With authorization you can select either md5 authentication or sha authentication The auth_pass must be 6 32 characters in length and must be included when authentication is included Default None pr...

Page 220: ...r3 This defines which security model to use for the added user A SNMPv3 access Group should only use the ver3 security model To establish a user you must first add the user names to the list of known users Add user names with the snmpv3 user CLI command AdduserNetworkAdminwithno Authentication or Add user Network Mgr with authentication and privacy Privacy is used and the password is set privpass ...

Page 221: ...n page 11 10 Add NetworkAdmin to operator noauth group Add NetwrokMgr to managerpriv group Pre assigned groups for access by Version 2c and version 1 management applications Figure 11 3 Assign Users to group for SNMPv3 C a u t i o n Adding a user without authentication and or privacy to a group that requires it will cause the user to not be able to access the switch You should only add users to th...

Page 222: ...veryView commanagerrw Ver2c or Ver1 ManagerReadView ManagerWriteView commanagerr Ver2c or Ver1 ManagerReadView DiscoveryView comoperatorrw Ver2c or Ver1 OperatorReadView OperatorReadView comoperatorr Ver2c or Ver1 OperatorReadView DiscoveryView Each view allows you to view or modify a different set of MIBs Manager Read View access to all managed objects Manager Write View access to all managed obj...

Page 223: ...ut special mappings can be added with the snmpv3 community com mand Syntax no snmpv3 community This command maps or removes a mapping of a community name to a group access level To remove a mapping you only need the index_name index index name This is an index number or title for the mapping The values of 1 5 are reserved and can not be mapped name com name This is the community name that is being...

Page 224: ... Default Menu CLI Web show SNMP communities n a page page 11 13 11 15 configure identity information none page 11 16 configure community names public page page MIB view for a community name operator manager write access for default manager 11 13 11 16 community name unrestricted Use SNMP communities to restrict access tothe switch by SNMPmanagement stations by adding editing or deleting SNMP commu...

Page 225: ...rk management is a concern it is recommended that you change the write access for the public community to Restricted Menu Viewing and Configuring non SNMP version 3 Communities To View Edit or Add SNMP Communities 1 From the Main Menu Select 2 Switch Configuration 6 SNMP Community Names Note This screen gives an overview of the SNMP communities that are currently configured All fields in this scre...

Page 226: ... other fields Figure 11 6 The SNMP Add or Edit Screen Need Help If you need information on the options in each field press Enter to move the cursor to the Actions line then select the Help option on the Actions line When you are finished with Help press E for Edit to return the cursor to the parameter fields 3 Enter the name you want in the Community Name field and use the Space bar to select the ...

Page 227: ...names along with trap receivers and the setting for authentication traps see SNMP Notification and Traps on page 11 17 Syntax show snmp server community string This example lists the data for all communities in a switch that is both the default HPswitch public community name and another community named blue team Default Community and Settings Non Default Community and Settings Trap Receiver Data S...

Page 228: ... Optionally assigns an access level At the operator level the community can access all MIB objects except the CONFIG MIB At the manager level the community can access all MIB objects restricted unrestricted Optionally assigns MIB access type Assigning the restricted type allows the community to read MIB vari ables but not to set them Assigning the unrestricted type allows the community to read and...

Page 229: ...ter record for the target address with the snmpv3 params command Syntax no snmpv3 notify notify name tagvalue tag name This adds or deletes a notification request To remove a mapping you only need the notify name no snmpv3 targetaddress addr name params parms name IP Addr Add or delete an address where notification messages are sent filter none debug all not info critical This filter messages to r...

Page 230: ...er from the user table For more information on users see SNMP Version 3 Users on page 11 7 A completeparamscommand must also have a sec model and msg processing entry sec model ver1 ver2c ver3 This established the security model to use for messages passed to the targetaddress IF ver3 is used then the msg processing must also be ver3 msg processing ver1 ver2c ver3 noaut auth priv Establish the msg ...

Page 231: ... These traps cannot be redirected to other communities Thus if you change or delete the default public community name these traps will be lost Thresholds The switch automatically sends all messages resulting from thresholds to the network management station s that set the thresholds regardless of the trap receiver configuration In the default configuration there are no trap receivers configured an...

Page 232: ...ame data see SNMP Communities on page 11 11 Syntax show snmp server Displays current community and trap receiver data In the next example the show snmp server command shows that the switch has been previously configured to send SNMP traps to management stations belonging to the public red team and blue team communities Example of Community NameData See page 11 11 Example of Trap Receiver Data Auth...

Page 233: ...tation for receiving SNMP event log messages from the switch If you do not specify the event level then the switch does not send event log messages as traps You can specify up to 10 trap receivers network management stations Note In all cases the switch sends any threshold trap s to the network management station s that explicitly set the threshold s none all non info critical debug Options for se...

Page 234: ...you do not specify the event level none all non info critical debug then the switch does not send event log messages as traps Well Known traps and threshold traps if configured will still be sent Using the CLI To Enable Authentication Traps Not e For this feature to operate one or more trap receivers must be configured on the switch See Configuring Trap Receivers on page 11 21 Using the CLI To Ena...

Page 235: ...ments This allows for troubleshooting and optimizing your network The following RMON groups are supported EthernetStatistics exceptthenumbersofpacketsofdifferentframesizes Alarm History of the supported Ethernet statistics Event The RMON agent automatically runs in the switch Use the RMON manage ment station on your network to enable or disable specific RMON traps and events 11 23 ...

Page 236: ...discover devices running CDP in a network To make this data available the switch transmits information about itself via CDP packets to adjacent devices and also receives and stores information about adjacent devices running CDP This enables each CDP device to receive and maintain identity data on each of its CDP neighbors and pass this information off to an SNMP utility designed to query the CDP a...

Page 237: ...DP Neighbors table in the switch s MIB refer to the documentation provided with the particular SNMP utility For information on the object identifiers in the CDP MIB see CDP Neighbor Data and MIB Objects on page 11 37 CDP Terminology CDP Device A switch server router workstation or other device running CDP CDP Aware A device that has CDP in its operating code with CDP either enabled or disabled in ...

Page 238: ...witch B with CDP Running CDP Neighbor Table Switch C data Switch C with CDP Running CDP Neighbor Table Switch A data Switch B data Switch D data Switch D with CDP Running CDP Neighbor Table Switch C data Figure 11 10 Example of How the Switch Stores Data on Neighbor CDP Devices Outgoing Packets A switch running CDP periodically transmits a one hop CDP packet out each of its ports This packet conta...

Page 239: ...X out all ports Figure 11 11 Example of Outgoing CDP Packet Operation Incoming CDP Packets When a CDP enabled switch receives a CDP packet from another CDP device it enters that device s data in the CDP Neighbors table along with the port number where the data was received and does not forward the packet The switch also periodically purges the table of any entries that have expired The hold time f...

Page 240: ... CDP Hub or Switch CDP Workstation 3 Host 3 CDP Running CDP Switch B CDP Running CDP Neighbor Table Port Data B1 Switch A data B7 Switch C data No CDP data for Switch D because it has dis abled CDP operation Port A1 Port B1 CDP Switch C CDP Running CDP Neighbor Table Port Data C3 Switch B data Port C3 Port B7 CDP Disabled Switch D No CDP Neighbor Table This switch drops CDP packets CDP Switch E CD...

Page 241: ...g those reached through a device that is transparent to CDP but not to other CDP devices in the network Table 11 3 How Devices Handle Incoming CDP Packets Status of Device Receiving a CDP Packet Action of Receiving Device Running CDP Stores neighbor data in CDP Neighbor table Does not forward CDP packet CDP Disabled Drops CDP packet There is no CDP Neighbor table and no CDP neighbor data is stored...

Page 242: ...onds and the timer CDP Transmit Interval is 60 seconds Configuring CDP on the Switch Using CDP you can View the switch s current global and per port CDP configuration List the current contents of the switch s CDP Neighbors table that is view a listing of the CDP devices of which the switch is aware Enable or disable CDP Default Enabled Specify the hold time CDP packet time to live for CDP data del...

Page 243: ...port on which they were detected Syntax show cdp neighbors Lists the neighboring CDP devices the switch detects with a subset of the information collected from the device s CDP packet For more on this topic refer to table 11 4 CDP Neighbors Data on page 11 38 e port numb detail Lists the CDP aware device connected to the specified port Allows only one port at a time Using detail provides a longer ...

Page 244: ...orkstation Mgmt NIC 099a05 09df9 HP Switch 4000M HP J4821A Research 0060b0 889e43 HP Switch 4000M HP J4121A Support 0060b0 761a45 HP Switch 2512 HP J4812A Accounting 0030c1 7fcc40 Management Workstation Mgmt NIC 099a05 09df11 Non CDP Capable Hub Figure 11 16 Example of CDP Enabled Devices in a Topology for the Listing in Figure 11 15 Clearing Resetting the CDP Neighbors Table Syntax cdp clear Remo...

Page 245: ...iesto its CDP Neighborstable forany CDP packets it receives from other neighboring CDP devices Disabling CDP operation clears the switch s CDP Neighbors table prevents the switch from transmitting outbound CDP packets to advertise itself to neighboring CDP devices and causes the switchto drop inbound CDP packets from other devices without entering the data in the CDP Neighbors table Syntax no cdp ...

Page 246: ...CDP packets it receives from switch B Switch A CDP Enabled on Port A1 CDP Neighbor Table Port Data A1 Switch B data Switch B CDP Enabled on Port B5 CDP Neighbor Table Port Data B5 Switch A data CDP Enabled on both endsofthelinkbetween A and B Port A1 Port B5 Switch A CDPDisabledonPortA1 CDP Neighbor Table Empty for port A1 Switch B CDP Enabled on Port B5 CDP Neighbor Table Empty for Port B5 CDPdis...

Page 247: ... packets the switch transmits Syntax cdp holdtime 5 254 Changes the hold time for the switch s CDP packet informa tion in the CDP Neighbors table of another CDP aware device Default 180 seconds Range 10 255 seconds For example to configure a switch s outbound CDP packets to live for one minute in the CDP Neighbors table of neighboring CDP devices HPswitch config cdp holdtime 60 Effect of Spanning ...

Page 248: ...neighbor pair running STP with redundant links if one of the switches is the STP root it transmits CDP packets out all ports connecting the two switches while the other switch transmits CDP packets out only the unblocked port Thus the STP root switch will appear on multiple ports in the non root switch s CDP Neighbors table while the non root switch will appear on only one port in the root switch ...

Page 249: ...in its CDP table entry because in CDP switch Y the Primary VLAN does not have an IP address and the Blue_VLAN has a lower VID than the Red_VLAN Figure 11 20 Example of IP Address Selection when a CDP Neighbor Has Multiple VLANs with IP Addresses CDP Neighbor Data and MIB Objects The switch places the data received from inbound CDP packets into its MIB Management Information Base This data is avail...

Page 250: ...ches this is the value configured for the System Name parameter Included in the Device Name entry On the switch itself the receiving device the number of the port through which the CDP packet arrived On the source neighbor device the number of the port through which the CDP packet was sent Platform name designated by vendor 1 or R Router 2 Transparent Bridge 4 or B Source Route Bridge 8 or S Switc...

Page 251: ... Neighbor Data For the current switch MIB go to the HP ProCurve World Wide Web site at http ww hp com go hpprocurve Click on software then MIBs Operating Notes Neighbor Maximum The switch supports up to 60 entries neighbors in the CDP Neighbors table Remember that multiple CDP devices can be neighbors on the same port if they are connected to the switch through a non CDP device CDP Version Data Th...

Page 252: ...he hub itself were transparent to CDP Such hubs will appear in the switch s CDP Neighbor table and will also maintain a CDP neighbor table similar to that for switches For more information refer to the documentation provided for the specific hub Troubleshooting CDP Operation Turn to Using Logging To Identify Problem Sources on page C 21 11 40 ...

Page 253: ...Parameters 12 10 CLI Configuring VLAN Parameters 12 15 Web Viewing and Configuring VLAN Parameters 12 21 VLAN Tagging Information 12 22 The Secure Management VLAN 12 26 Effect of VLANs on Other Switch Features 12 30 VLAN Restrictions 12 31 GVRP 12 33 General Operation 12 34 Per Port Options for Handling GVRP Unknown VLANs 12 36 Per Port Options for Dynamic VLAN Advertising and Joining 12 38 GVRP a...

Page 254: ... with the switch s built in interfaces Port Based VLANs Page 12 3 GVRP Page 12 33 For general information on how to use the switch s built in interfaces see Chapter 3 Using the Menu Interface Chapter 4 Using the Command Line Interface CLI Chapter 5 Using the HP Web Browser Interface Chapter 6 Switch Memory and Configuration 12 2 ...

Page 255: ...ow traffic segments and to organize users from different LAN segments according to their need for common resources By default 802 1Q VLAN support is enabled They allow up to 30 port based VLANs default 8 The 802 1Q compatibility enables you to assign each switch port to multiple VLANs if needed and the port based nature of the configuration allows interoperation with older switches that require a ...

Page 256: ... A5 Port A6 Port A7 Switch with Two VLANs Configured Figure 12 1 Example of Routing Between VLANs via an External Router Overlapping Tagged VLANs A port on the switch can be a member of more than one VLAN if the device to which it is connected complies with the 802 1QVLANstandard Forexample aportconnectedtoacentralserverusing a network interface card NIC that complies with the 802 1Q standard can ...

Page 257: ...ultiple VLANs Through the Same Link Introducing Tagged VLAN Technology into Networks Running Legacy Untagged VLANs You can introduce 802 1Q compliant devices into net works that have built untagged VLANs based on earlier VLAN technology The fundamental rule is that legacy untagged VLANs require a separate link for each VLAN while 802 1Q or tagged VLANs can combine several VLANs in one link This me...

Page 258: ...n the switch belong to the default VLAN named DEFAULT_VLAN This places all ports in the switch into one physical broadcast domain In the factory default state the default VLAN is the primary VLAN You can partition the switch into multiple virtual broadcast domains by adding one or more additional VLANs and moving ports from the default VLAN to the new VLANs The switch supports up to 30 VLANs You c...

Page 259: ...h DHCP resolved parameters as the TimeP server address Default TTL and IP addressing including the Gateway IP address when the switch configuration specifies DHCP as the source for these values The default VLAN continues to operate as a standard VLAN except as noted above you cannot delete it or change its VID Any ports not specifically assigned to another VLAN will remain assigned to the Default ...

Page 260: ...P causes No to display as Auto Figure 12 1 Comparing Per Port VLAN Options With and Without GVRP Table 12 1 Per Port VLAN Configuration Options Parameter Effect on Port Participation in Designated VLAN Tagged Allows the port to join multiple VLANs Untagged Allows VLAN connection to a device that is configured for an untagged VLAN instead of a tagged VLAN The switch allows no more than one untagged...

Page 261: ...g VLANs with SNMP in an IP network each VLAN must have an IP address Refer to IP Configuration on page 8 3 VLAN Operating Notes If you are using DHCP Bootp to acquire the switch s configuration packet time to live and TimeP information you must designate the VLAN on which DHCP is configured for this purpose as the primary VLAN In the factory default configuration the DEFAULT_VLAN is the primary VL...

Page 262: ...ames and VIDs and then assigning one or more ports to each VLAN The switch accepts a maximum of 30 VLANs including the default VLAN and any dynamic VLANs the switch creates if you enable GVRP page 12 33 Note that each port can be assigned to multiple VLANs by using VLAN tagging See VLAN Tagging Information on page 12 22 To Change VLAN Support Settings This section describes Changing the maximum nu...

Page 263: ...ater you can increase this number but a switch reboot will be required at that time 3 Press Enter andthen S tosavetheVLANsupportconfigurationandreturn to the VLAN Menu screen If you changed the value for Maximum VLANs to support you will see an asterisk next to the VLAN Support option see below An asterisk indicates you must reboot the switch to implement the new Maximum VLANs setting Figure 12 6 ...

Page 264: ...d VLAN ID 802 1Q VLAN ID 1 Name _ 3 Type in a VID VLAN ID number This can be any number from 2 to 4094 that is not already being used by another VLAN The switch reserves 1 for the default VLAN Remember that a VLAN must have the same VID in every switch in which you configure that same VLAN GVRP dynamically extends VLANs with correct VID numbering to other switches See GVRP on page 12 33 4 Press v ...

Page 265: ... This includes any VLANs added dynamically due to GVRP operation 7 Return to the VLAN Menu to assign ports to the new VLAN s as described in the next section Adding or Changing a VLAN Port Assignment Adding or Changing a VLAN Port Assignment Use this procedure to add ports to a VLAN or to change the VLAN assign ment s for any port Ports not specifically assigned to a VLAN are automat ically in the...

Page 266: ...pace bar to make your assignment selection No Tagged Untagged or Forbid Not e For GVRP Operation If you enable GVRP on the switch No converts to Auto which allows the VLAN to dynamically join an advertised VLAN that has the same VID See Per Port Options for Dynamic VLAN Advertising and Joining on page 12 38 Untagged VLANs OnlyoneuntaggedVLANisallowedperport Also there must be at least one VLAN ass...

Page 267: ...enu The console then returns to the VLAN menu 3 Return to the Main menu CLI Configuring VLAN Parameters In the factory default state all ports on the switch belong to the default VLAN DEFAULT_VLAN and are in the same broadcast multicast domain The default VLAN is also the default primary VLAN see The Primary VLAN on page 12 6 You can configure up to 29 additional static VLANs by adding new VLAN na...

Page 268: ...e if GVRP enabled page 12 19 Available if GVRP enabled Displaying the Switch s VLAN Configuration The next command lists the VLANs currently running in the switch with VID VLAN name and VLAN status Dynamic VLANs appear only if the switch is running with GVRP enabled and one or more ports has dynamically joined an advertised VLAN In the default configuration GVRP is disabled See GVRP on page 12 33 ...

Page 269: ...VID to identify and display the data for a specific static or dynamic VLAN Syntax show vlan vlan id Figure 12 12 Example of Show VLAN for a Specific Static VLAN Show VLAN lists this data when GVRP is enabled and at least oneportontheswitch has dynamically joined the designated VLAN Figure 12 13 Example of Show VLAN for a Specific Dynamic VLAN 12 17 ...

Page 270: ...h Syntax max vlans 1 30 For example to reconfigure the switch to allow 10 VLANs Notethatyoucan execute these three steps at another time Figure 12 14 Example of Command Sequence for Changing the Number of VLANs Changing the Primary VLAN In the factory default configuration the default VLAN DEFAULT_VLAN is the primary VLAN However you can designate any static VLAN on the switch as the primary VLAN ...

Page 271: ...tomatically name the VLAN If the VLAN already exists the switch places you in the context level for that VLAN vlan vlan name Places you in the context level for that static VLAN For example to create a new static VLAN with a VID of 100 Creating the new VLAN Showing the result Figure 12 15 Example of Creating a New Static VLAN To go to a different VLAN context level such as to the default VLAN HPsw...

Page 272: ...lan id or from the context level of the specific VLAN Syntax name vlan name Changes the name of the existing static VLAN Avoid spaces and the following characters in the vlan name entry 2 and no tagged port list Configures the indicated port s as Tagged for the specified VLAN The no version sets the port s to either No or if GVRP is enabled to Auto no untagged port list Configures the indicated po...

Page 273: ...e following commands At the config level use HPswitch config no vlan 100 tagged 1 5 or At the VLAN 100 context level use HPswitch vlan 100 no tagged 1 5 Not e You cannot use these commands with dynamic VLANs Attempting to do so results in the message VLAN already exists and no change occurs Web Viewing and Configuring VLAN Parameters In the web browser interface you can do the following Add VLANs ...

Page 274: ...on for a port VLAN assignment where the port is connected to non 802 1Q compliant device or is assigned to only one VLAN Use the Tagged designation when the port is assigned to more than one VLAN or the port is connected to a device that does comply with the 802 1Q standard For example if port A7 on an 802 1Q compliant switch is assigned to only the Red VLAN the assignment can remain untagged beca...

Page 275: ...signment per port Devices connected to these ports do not have to be 802 1Q compliant Because both the Red VLAN and the Green VLAN are assigned to port Y5 at least one of the VLANs must be tagged for this port In both switches The ports on the link between the two switches must be configured the same As shown in figure 12 16 above the Red VLAN must be untagged on port X7 and Y5 and the Green VLAN ...

Page 276: ...comply with the 802 1Q standard and are configured to use the correct VID then you can configure all VLAN assignments on a port as Tagged if doing so makes it easier to manage your VLAN assignments or for security reasons For example in the following network switches X and Y and servers S1 and S2 are 802 1Q compliant Server S3 could also be 802 1Q compliant but it makes no difference for this exam...

Page 277: ...not a member of the Red VLAN and does not carry Red VLAN traffic Also if GVRP were enabled Auto would appear instead of No Not e VLAN configurations on ports connected by the same link must match Because ports X2 and Y5 are opposite ends of the same point to point connec tion both ports must have the same VLAN configuration that is both ports configure the Red VLAN as Untagged and the Green VLAN a...

Page 278: ...ffic from the Management VLAN can manage the switch which means that only the workstations and PCs connected to ports belonging to the Management VLAN can manage and reconfigure the switch Figure 12 19 illustrates use of the Management VLAN feature to support management access by a group of management workstations Links with Ports Belonging to the Management VLAN and other VLANs Links Between Port...

Page 279: ...t Workstation Marketing Shipping System Server on the DEFAULT_VLAN Figure 12 20 Example of Management VLAN Control in a LAN Table 12 2 VLAN Membership in Figure 12 20 Switch A1 A3 A6 A7 B2 B4 B5 B9 C2 C3 C6 C8 Management VLAN VID 7 Y N Y N Y N Marketing VLAN VID 12 N N N Y Y Shipping Dept VLAN VID 20 N Y N N N DEFAULT VLAN VID 1 Y Y Y Y N Y Y N N N N N N N N N Y Y N N N N N N Y Y Y Y Y Y Y Y Prepa...

Page 280: ...itch by using a Telnet connection through a port that is not in the Management VLAN then you will lose management contact with the switch if you log off your Telnet connection or execute write memory and reboot the switch Configuration Syntax no management vlan vlan id vlan name show vlan info Default Disabled For example suppose you have already configured a VLAN named My_VLAN with a VID of 100 N...

Page 281: ...he switch if you configure the Management VLAN to a VID that excludes the port through which you are connected to the switch you will continue to have access only until you terminate the session by logging out or rebooting the switch During a web browser session to the switch if you configure the Manage ment VLAN to a VID that excludes the port through which you are connected to the switch you wil...

Page 282: ...gnments instead of on a per VLAN basis This means that if redundant physical links exist between the switch and another 802 1Q device all but one link will be blocked regardless of whether the redundant links are in separate VLANs However you can use port trunking to prevent Spanning Tree from unnecessarily blocking ports and to improve overall network performance Refer to Spanning Tree Operation ...

Page 283: ...e VLANs Also a port trunk is tagged untagged or excluded from a VLAN in the same way as for individual untrunked ports Port Monitoring If you designate a port on the switch for network monitoring this port will appear in the Port VLAN Assignment screen and can be configured as a member of any VLAN For information on how broadcast multicast and unicast packets are tagged inside and outside of the V...

Page 284: ...er OS release if any of the following Hewlett Packard routers are installed in networks in which you will be using VLANs HP Router 440 formerly Router ER HP Router 470 formerly Router LR HP Router 480 formerly Router BR HP Router 650 Release A 09 74 is available on the World Wide Web at http www hp com go hpprocurve Click on software then routers 12 32 ...

Page 285: ...rtual LANs Static VLANs on page 12 3 GVRP uses GVRP Bridge Protocol Data Units GVRP BPDUs to adver tise static VLANs In this manual a GVRP BPDU is termed an advertisement Advertisements are sent outbound from ports on a switch to the devices directly connected to those ports GVRP enables the switch to dynamically create 802 1Q compliant VLANs on links with other devices running GVRP This enables t...

Page 286: ...at VID out all of its ports except the port on which the VID was learned Port6isstaticallyconfigured Core switch with static VLANs VID 1 2 3 Port 2 is a member of VIDs 1 2 3 1 Port 2 advertises VIDs 1 2 3 2 Port 1 receives advertise ment of VIDs 1 2 3 AND becomes a member of VIDs 1 2 3 3 Port 3 advertises VIDs 1 2 3 but port 3 is NOT a member of VIDs 1 2 3 at this point 4 Port 4 receives advertise...

Page 287: ... E GVRP On Tagged VLAN 33 Switch C Port 5 dynamically joins VLAN 22 Ports 11 and 12 belong to Tagged VLAN 33 Switch E Port 2 dynamically joins VLANs 22 and 33 Port 7 dynamically joins VLANs 33 and 22 Switch D Port 3 dynamically joins VLANs 22 and 33 Port 6 dynamically joins VLAN 22 and 33 1 5 12 11 2 7 3 6 Figure 12 24 Example of GVRP Operation Not e A port can learn of a dynamic VLAN through devi...

Page 288: ...it to a static VLAN Note that it is then necessary to assign ports to the VLAN in the same way that you would for a static VLAN that you created manually In the static state you can configure IP addressing on the VLAN and access it in the same way that you would any other static manually created VLAN Per Port Options for Handling GVRP Unknown VLANs An unknown VLAN is a VLAN that the switch learns ...

Page 289: ...oininganynewdynamicVLANsforwhichitreceives an advertisement Allows the port to advertise other VLANs that have at least one other port as a member Disable Causes the port to ignore and drop all GVRP advertisements it receives and also prevents the port from sending any GVRP advertisements The CLI show gvrp command and the menu interface VLAN Support screen show a switch s current GVRP configuratio...

Page 290: ...ng on your topology Enabling a Port for Dynamic Joins You can configure a port to dynami cally join a static VLAN The join will then occur if that port subsequently receives an advertisement for the static VLAN This is done by using the Auto and Learn options described in table 12 4 below Parameters for Controlling VLAN Propagation Behavior You can con figure an individual port to actively or pass...

Page 291: ...e dynamic VLANs that have at least one other port as a member The port Will become a member of specified VLAN if it receives advertisements for this VLAN Will advertise this VLAN Will not become a member of newdynamicVLANsforwhich it receives advertisements Will advertise dynamic VLANs that have at least one other port on the same switch as a member The port Will not become a member of the specifi...

Page 292: ...VRP advertisements and to dynamically join VLANs The two preceding sections describe the per port features you can use to control and limit VLAN propagation To summarize you can Allow a port to advertise and or join dynamic VLANs Learn mode the default Allow a port to send VLAN advertisements but not receive them from other devices that is the port cannot dynamically join a VLAN but other devices ...

Page 293: ...nable GVRP on all devices you want to use with dynamic VLANs and configure the appropriate Unknown VLAN parameter Learn Block or Disable for each port 6 Configure the static VLANs on the switch es where they are needed along with the per VLAN parameters Tagged Untagged Auto and Forbid see table 12 4 on page 12 39 on each port 7 Dynamic VLANs will then appear automatically according to the config u...

Page 294: ...o the GVRP Enabled field c Press the Space bar to select Yes d Press v again to display the Unknown VLAN fields The Unknown VLAN fields enable you to configure each port to Learn Dynamically join any advertised VLAN and advertise all VLANs learned through other ports Block Do not dynamically join any VLAN but still advertise all VLANs learnedthroughother ports Disable Ignore and drop all incoming ...

Page 295: ...wing and Configuring GVRP GVRP Commands Used in This Section show gvrp below gvrp page 12 44 unknown vlans page 12 44 Displaying the Switch s Current GVRP Configuration This command shows whether GVRP is disabled along with the current settings for the maximum number of VLANs and the current Primary VLAN For more on the last two parameters see Port Based Virtual LANs Static VLANs on page 12 3 Synt...

Page 296: ...e disables GVRP operation on the switch HPswitch config no gvrp Enabling and Disabling GVRP On Individual Ports When GVRP is enabled on the switch use the unknown vlans command to change the Unknown VLAN field for one or more ports You can use this command at either the Manager level or the interface context level for the desired port s Syntax interface port list unknown vlans learn block disable ...

Page 297: ...VRP enabled and port 1 configured to Learn for Unknown VLANs Switch A has GVRP enabled and has three static VLANs the default VLAN VLAN 222 and VLAN 333 In this scenario switch B will dynamically join VLAN 222 and VLAN 333 Switch A GVRP enabled 3 Static VLANs DEFAULT_VLAN VLAN 222 VLAN 333 Switch B GVRP enabled 1 Static VLANs DEFAULT_VLAN Port 1 Set to Learn Mode Figure 12 31 Example of Switches O...

Page 298: ... config static 333 When you convert a dynamic VLAN to a static VLAN all ports on the switch are assigned to the VLAN in Auto mode Web Viewing and Configuring GVRP To view enable disable or reconfigure GVRP 1 Click on the Configuration tab 2 Click on VLAN Configuration and do the following To enable or disable GVRP click on GVRP Enabled To change the Unknown VLAN field for any port i Click on GVRP ...

Page 299: ...nt part of the switch s VLAN configuration Within the same broadcast domain a dynamic VLAN can pass through a device that is not GVRP aware This is because a hub or a switch that is not GVRP ware will flood the GVRP multicast advertisement packets out all ports GVRP assigns dynamic VLANs as Tagged VLANs To configure the VLAN as Untagged you must first convert it to a static VLAN Rebooting a switch...

Page 300: ...Port Based Virtual LANs VLANs and GVRP GVRP This page is intentionally unused 12 48 ...

Page 301: ...ng and Displaying IGMP 13 6 Web Enabling or Disabling IGMP 13 11 How IGMP Operates 13 11 Operation With or Without IP Addressing 13 13 Automatic Fast Leave IGMP 13 13 Forced Fast Leave IGMP 13 15 Configuring Per Port Forced Fast Leave IGMP 13 18 Using the Switch as Querier 13 19 Excluding Well Known or Reserved Multicast Addresses from IP Multicast Filtering 13 20 13 1 ...

Page 302: ...Traffic Control with IP Multicast IGMP Use the switch to reduce unnecessary bandwidth usage on a per port basis by configuring IGMP controls For general information on how to use the switch s built in interfaces see Chapter 3 Using the Menu Interface Chapter 4 Using the Command Line Interface CLI Chapter 5 Using the HP Web Browser Interface Appendix C Switch Memory and Configuration 13 2 ...

Page 303: ...traffic it receives on a given VLAN through all ports on that VLAN except the port on which it received the traffic This can result in significant and unnecessary bandwidth usage in networks where IP multi cast traffic is a factor Enabling IGMP allows the ports to detect IGMP queries and report packets and manage IP multicast traffic through the switch IGMP is useful in multimedia applications suc...

Page 304: ...r multicast communication application Querier A required IGMP device that facilitates the IGMP protocol and traffic flow on a given LAN This device tracks which ports are connected to devices IGMP clients that belong to specific multicast groups and triggers updates of this information A querier uses data received from the queries to determine whether to forward or block multicast traffic on speci...

Page 305: ...o any of the following states Auto the default Causes the switch to interpret IGMP packets and to filter IP multicast traffic based on the IGMP packet information for ports belonging to a multicast group This means that IGMP traffic will be forwarded on a specific port only if an IGMP host or multicast router is connected to the port Blocked Causes the switch to drop all IGMP transmissions receive...

Page 306: ...rough all ports except the port on which the packets entered the switch For more on this topic see Excluding Well Known or Reserved Multicast Addresses from IP Multicast Filtering on page 13 20 For more information refer to How IGMP Operates on page 13 11 CLI Configuring and Displaying IGMP IGMP Commands Used in This Section show ip igmp configuration ip igmp high priority forward auto ethernet po...

Page 307: ...n which the specified multicast group IP address is registered For IGMP operating status see Internet Group Management Protocol IGMP Status on page B 19 For example suppose you have the following VLAN and IGMP configurations on the switch VLAN ID VLAN Name IGMP Enabled Forward with High Priority Querier 1 DEFAULT_VLAN Yes No No 22 VLAN 2 Yes Yes Yes 33 VLAN 3 No No No You could use the CLI to disp...

Page 308: ...ecently set or you can disable IGMP on a selected VLAN Note that this command must be executed in a VLAN context Syntax no ip igmp For example here are methods to enable and disable IGMP on the default VLAN VID 1 HPswitch config vlan 1 ip igmp Enables IGMP on VLAN 1 HPswitch vlan 1 ip igmp Same as above HPswitch config no vlan 1 ip igmp Disables IGMP on VLAN 1 Not e If you disable IGMP on a VLAN a...

Page 309: ...s that belong to the multicast group for which the traffic is intended Also forward any multicast traffic through any of these ports that is connected to a multicast router This is the default IGMP port configuration blocked port list Drop all multicast traffic received from devices on the specified ports and prevent any outgoing multicast traffic from moving through these ports forward port list ...

Page 310: ...for IGMP traffic on VLAN 1 HPswitch vlan 1 ip igmp high priority forward Same as above command but in the VLAN 1 context level HPswitch vlan 1 no ip igmp high priority forward Returns IGMP traffic to normal priority HPswitch show ip igmp config Show command to display results of above high priority commands Configuring the Querier Function Initsdefaultconfiguration theswitch is capable of operatin...

Page 311: ...t Protocol IP suite IP manages multicast traffic by using switches multicast routers and hosts that support IGMP In Hewlett Pack ard s implementation of IGMP a multicast router is not necessary as long as a switch is configured to support IGMP with the querier feature enabled A set of hosts routers and or switches that send or receive multicast data streams to or from the same source s is termed a...

Page 312: ...lient connected to a switch port needs to receive multicast traffic from a specific group it joins the group by sending an IGMP report join request to the network The multicast group specified in the join request is determined by the requesting application running on the IGMP client When a networking device with IGMP enabled receives the join request for a specific group it forwards any IP multica...

Page 313: ...s in the VLAN to Auto Yes None the default Blocked or Forward ConfigureIGMPtrafficforwardingtonormalor Yes None high priority forwarding Age Out IGMP group addresses when the last IGMP client on a port in the VLAN leaves the group Yes Requires that another IGMP device in the VLAN has an IP address and can operate as Querier This can be a multi cast router or another switch configured for IGMP oper...

Page 314: ...because the group is no longer registered the switch will then flood the multicast group to all ports For this reason the IGMP FastLeave feature is disabled by default on all HP ProCurve switches that do not support Data Driven IGMP including the switches covered in this guide The feature can be enabled on these switches via an SNMP set of the IgmpPortFastLeaveState vid port number object However ...

Page 315: ...verify that there are no other group members on port A3 If the switch itself is the Querier it does not query port A3 for the presence of other group members Note that Fast Leave operation does not distinguish between end nodes on the same port that belong to different VLANs Thus for example even if all of the devices on port A6 in figure 13 3 belong to different VLANs Fast Leave does not operate ...

Page 316: ...abled on the switch and because a discussion of internal VLAN numbers for multiple VLANs is beyond the scope of this document the discussion here concentrates on examples that use the default VLAN Listing the Forced Fast Leave Configuration The Forced Fast Leave configuration data is available in the switch s MIB Management Information Base and includes the state enabled or disabled for each port ...

Page 317: ...Forced Fast Leave is enabled on the corresponding port Ports 1 6 6 Port 109 1000T Module in Slot A Internal VLAN Number for the Default VLAN Note InternalVLANnumbersreflectthesequence in which VLANs are created and are not related to the unique VID assigned to each VLAN See the Note on VLAN Numbers on page 13 16 Sequential Port Numbers Figure 13 4 Example of a Forced Fast Leave Listing where all P...

Page 318: ...rced Fast Leave IGMP on Ports This proce dure enables or disables Forced Fast Leave on ports in a given VLAN See the Note on VLAN Numbers on page 13 16 Syntax setmib hpSwitchIgmpPortForcedLeaveState vlan number port number i 1 2 OR setmib 1 3 6 1 4 1 11 2 14 11 5 1 7 1 15 3 1 5 vlan number port number i 1 2 where 1 Forced Fast Leave enabled 2 Forced Fast Leave disabled For example suppose that you...

Page 319: ...rier operation in an IGMP enabled VLAN if it detects another Querier on the VLAN you can also use the Command Prompt to disable the Querier capability for that VLAN Not e A Querier isrequiredfor properIGMPoperation For this reason ifyoudisable the Querier function on a switch ensure that there is an IGMP Querier and preferably a backup Querier available on the same VLAN If the switch becomes the Q...

Page 320: ...own addresses and are reserved for pre defined host groups IGMP does not filter these addresses so any packets the switch receives for such addresses are flooded out all ports assigned to the VLAN on which they were received except the port on which the packets entered the VLAN The following table lists the 32 well known address groups 8192 total addresses that IGMP does not filter on the switches...

Page 321: ...s of a multicast group destination in this range In this case IGMP dynamically takes over the filtering function for the multicast destination address es for as long as the IGMP group is active If the IGMP group subsequently deacti vates the switch returns filtering control to the static filter Reserved Addresses Excluded from IP Multicast IGMP Filtering Traffic to IP multicast groups in the IP ad...

Page 322: ...Multimedia Traffic Control with IP Multicast IGMP Excluding Well Known or Reserved Multicast Addresses from IP Multicast Filtering This page is intentionally unused 13 22 ...

Page 323: ...RSTP 14 9 Optimizing the RSTP Configuration 14 9 CLI Configuring RSTP 14 10 Menu Configuring RSTP 14 16 Web Enabling or Disabling RSTP 14 17 802 1D Spanning Tree Protocol STP 14 18 Menu Configuring 802 1D STP 14 18 CLI Configuring 802 1D STP 14 21 STP Fast Mode 14 25 Fast Uplink Spanning Tree Protocol STP 14 26 Terminology 14 28 Operating Rules for Fast Uplink 14 29 Menu Viewing and Configuring Fa...

Page 324: ...ity 32768 max age 20 s hello time 2 s fwd delay 15 s path cost var priority 128 mode norm n a Default disabled page 14 18 page 14 10 page 14 18 page 14 22 page 14 40 page 14 18 page 14 23 page 14 18 page 14 24 page B 17 page B 17 n a Menu CLI Web page 14 16 page 14 10 n a page 14 16 page 14 11 page 14 17 reconfiguring whole switch Protocol Version RSTP page 14 16 page 14 12 n a values reconfigurin...

Page 325: ...le spanning tree operation in any switch that is part of a redundant physical link loop topology It is recommended that you do so on all switches belonging to a loop topology This topic is covered in more detail under How Spanning Tree Operates on page 14 4 As recommended in the IEEE 802 1Q VLAN standard the switch uses single instance STP As a result the switch generates untagged Bridge Protocol ...

Page 326: ...tes unblocks an available backup to serve as the new active path for as long as the original active path is down For example see the illustration on the next page node A switch A node B switch D switch B switch C 1 path cost 100 3 path cost 100 4 path cost 200 Active path from node A to node B 1 3 Backup redundant path from node A to node B 4 2 3 2 path cost 100 Figure 14 1 General Example of Redu...

Page 327: ...ree on the switch in a VLAN environment with redundant physical links you can prevent blocked redundant links by using a port trunk The following example shows how you can use a port trunk with 802 1Q tagged VLANs and spanning tree without unnecessarily blocking any links or losing any bandwidth Problem STP enabled with 2 separate non trunked links blocks a VLAN link Solution STP enabled with one ...

Page 328: ... from STP to RSTP on page 14 8 STP 802 1D TheIEEE802 1D versionofspanning treehas been inwide useandcan coexist in a network in which RSTP 802 1w has been introduced if your network currently uses 802 1D STP and you are not yet ready to implement RSTP you can apply STP to the switch until such time as you are ready to move ahead with RSTP STP offers the full range of STP features found in earlier ...

Page 329: ... operates For more on STP see the IEEE 802 1D standard Configuring Rapid Reconfiguration Spanning Tree RSTP This section describes the operation of the IEEE 802 1w Rapid Spanning Tree Protocol RSTP The next table shows where you can find information on specific features RSTP Feature Default Menu CLI Web Viewing the RSTP STP configuration n a enable disable RSTP STP disabled RSTP is selected as the...

Page 330: ...t RSTP RSTP can still be used on this switch RSTP automatically detects when the switch ports are connected to non RSTP devices in the spanning tree and communicates with those devices using 802 1D STP BPDU packets Because RSTP is so much more efficient at establishing the network path it is highly recommended that all your network devices be updated to support RSTP RSTP offers convergence times o...

Page 331: ...the configuration changes 1 Set the switch to support RSTP RSTP is the default CLI spanning tree protocol version rstp Menu Main Menu 2 Switch Configuration 4 Spanning Tree Operation select Protocol Version RSTP 2 Set the point to point mac value to false on all ports that are connected to shared LAN segments that is to connections to hubs CLI spanning tree ethernet port list point to point mac fo...

Page 332: ...mcheck mode norm fast show spanning tree both both both RSTP both both both RSTP STP both both RSTP STP RSTP RSTP RSTP STP Below on this page page 14 11 page 14 12 page 14 12 page 14 12 page 14 12 page 14 12 page 14 12 page 14 14 page 14 14 page 14 14 page 14 14 page 14 14 page 14 14 Referto 802 1DSpanning TreeProtocol STP on page 14 18 This command lists additional RSTP STP monitoring data that i...

Page 333: ...y Enabling or Disabling RSTP Issuing the command to enable spanning tree on the switch implements by default the RSTP version of spanning tree for all physical ports on the switch Disabling spanning tree removes protec tion against redundant network paths Syntax no spanning tree Abbreviation no span This command enables spanning tree with the current parameter settings or disables spanning tree us...

Page 334: ... compatible which forces the switch to communicate out all ports using operations that are compatible with IEEE 802 1D STP priority 32768 Specifies the protocol value used along with the switch MAC address to 8 as a step value determine which device in the spanning tree is the root The lower the priority value the higher the priority The value you enter has changed from the STP value The range is ...

Page 335: ...ng enabled on the switch Using this facility you can completely configure spanning tree the way you want and then enable it This method minimizes the impact on the network operation Syntax spanning tree protocol version rstp stp force version rstp operation stp compatible priority 0 15 maximum age 6 40 seconds hello time 1 10 seconds forward delay 4 30 seconds Defaults see the table on the previou...

Page 336: ... path cost 10 Mbps 2 000 000 Assigns an individual port cost that the switch uses to determine which ports 100 Mbps 200 000 are the forwarding ports The range is 1 to 200 000 000 or auto 1 Gbps 20 000 Bydefault thisparameterisautomaticallydeterminedbytheporttype asshown by thedifferentdefaultvalues Ifyou havepreviouslyconfigureda specificvalue for this parameter you can issue the command with the ...

Page 337: ...ents a greater range of path costs and new default path cost values to account for higher network speeds These values are different than the values defined by 802 1D STP as shown below Port Type 802 1D STP Path Cost RSTP Path Cost 10 Mbps 100 2 000 000 100 Mbps 10 200 000 1 Gbps 5 20 000 10 Gbps 2000 Because the maximum value for the path cost allowed by 802 1D STP is 65535 devices running that ve...

Page 338: ...ield 4 Press the Space bar to select the version of spanning tree you wish to run RSTP or STP Note Ifyouchangetheprotocolversion youwillhavetorebootthe switch for the change to take effect See step 9 and step 10 5 Press the Tab or down arrow key to go to the STP Enabled field Note that when you do this the remaining fields on the screen will then be appro priate for the version of spanning tree th...

Page 339: ... return to the Actions line and press S to save the currently displayed spanning tree settings and return to the Main Menu 10 If you have changed the Protocol Version in step 1 reboot the switch now by selecting 6 Reboot Switch Web Enabling or Disabling RSTP In the web browser interface you can enable or disable spanning tree on the switch If the default configuration is in effect such that RSTP i...

Page 340: ...t the 802 1D version of STP Figure 14 5 The Default Spanning Tree Operation Screen 2 Press E for Edit to highlight the Protocol Version field In the default configuration this field is set to RSTP 3 Press the Space bar once to change the field to STP This changes the Protocol Version selection to the 802 1D Spanning Tree Protocol 4 Press v to highlight the STP Enabled field 5 Press the Space bar t...

Page 341: ...Bar to select a value If you need information on STP parameters press Enter to select the Actions line then press H to get help 8 Repeat step 7 for each additional parameter you want to change Note For information on the Mode parameter see STP Fast Mode on page 14 25 9 When you are finished editing parameters press Enter to return to the Actions line 10 Press S to save the currently displayed STP ...

Page 342: ...he Configuration Menu Indicating a Reboot Is Needed to Implement a Configuration Change 11 Press 0 to return to the Main menu Figure 14 8 The Main Menu Indicating a Reboot Is Needed To Implement a Configuration Change 12 Press 6 to reboot the switch This implements the Protocol Version change steps 2 and 3 on page 14 18 14 20 ...

Page 343: ...m fast page 14 24 show spanning tree Lists additional STP data not covered in this chapter See Spanning Tree Protocol STP Information on page B 17 Viewing the Current STP Configuration Regardless of whether STP is disabled the default this command lists the switch s full STP configuration including general settings and port settings Syntax show spanning tree config When the switch is configured fo...

Page 344: ...ng tree protocol version stp write memory boot For example Figure 14 10 Steps for Changing Spanning Tree Operation to the 802 1D Protocol Enabling or Disabling Spanning Tree Operation on the Switch This command enables or disables spanning tree operation for either span ning treeversion STP 802 1DorRSTP 802 1w thedefault Beforeusingthis command ensure that the version of spanning tree you want to ...

Page 345: ...unless you have a strong understanding of how STP operates For more on STP see the IEEE 802 1D standard Reconfiguring General STP Operation on the Switch You can config ure one or more of the following parameters Table 14 3 General STP Operating Parameters Name Default Range Function priority 32768 0 65535 Specifies the priority value used along with the switch MAC address to determine which devic...

Page 346: ...ables STP if not already enabled and configures the following per port parameters Table 14 4 Per Port STP Parameters Name Default Range Function path cost Ethernet 100 1 65535 Assignsanindividualportcostthattheswitchuses 10 100Tx 10 100 Fx 10 Gigabit 5 to determine which ports are the forwarding ports priority 128 0 255 Used by STP to determine the port s to use for forwarding The port with the lo...

Page 347: ...s start up sequence whenever the network con nection is established on the port This includes for example when the switch or connected device is powered up or the network cable is connected A problem can arise from this long STP start up sequence because some end nodes are configured to automatically try to access a network server when ever the end node detects a network connection Typical server ...

Page 348: ...P on page 14 18 Syntax spanning tree port list mode fast norm For example to configure Fast mode for ports C1 C3 and C5 HPswitch config spanning tree c1 c3 c5 mode fast Fast Uplink Spanning Tree Protocol STP Fast Uplink STP is an option added to the switch s 802 1D STP to improve the recovery convergence time in wiring closet switches with redundant uplinks Specifically a switch having redundant l...

Page 349: ...sional Computing Series October 1999 Not e When properly implemented fast uplink STP offers a method for achieving faster failover times than standard STP and is intended for this purpose for instances where 802 1D STP has been chosen over 802 1w RSTP To use fast uplink STP configure fast uplink Mode Uplink only on the switch s upsteam ports that is two or more ports forming a group of redundant l...

Page 350: ...ningTreeProtocol STP inchapter9 Configuring Advanced Features in the Management and Configuration Guide for your switch tree uplink port upstream port A switch port linked to a port on another switch that is sequentially closer to the STP root device For example ports A and B in figure 14 11 on page 27 are uplink ports wiring closet switch Another term for an edge or leaf switch When single instan...

Page 351: ...ils then Switch 2 becomes the root switch The link between Switch 3 and Switch 2 begins forwarding The link between Switch 2 and the LAN begins forwarding Operating Rules for Fast Uplink A switch with ports configured for fast uplink must be an edge switch and not either an interior switch or the STP root switch Configure fast uplink on only the edge switch ports used for providing redundantSTPupl...

Page 352: ...nk Note also that fast uplink should not be configured on both ends of a point to point link but only on the uplink port of an edge switch Ensure that the switch you intend as a backup root device will in fact become the root if the primary root fails and that no ports on the backup root device are configured for fast uplink operation For example if the STP Priority is the same on all switches def...

Page 353: ...uration 4 Spanning Tree Operation 2 In the default STP configuration RSTP is the selected protocol version If this is the case on your switch you must change the Protocol Version to STP in order to use Fast Uplink STP If the Protocol Version is set to RSTP the default as shown in this example go to step 3 IftheProtocolVersionissettoSTP therestofthescreenwillappear as shown in figure 14 16 In this ...

Page 354: ...change and exit from the Spanning Tree Operation screen you will then see a screen with the following The asterisk indicates thatyoumustrebootthe switchtoimplementthe configuration change from RSTP to STP Figure 14 15 Changing from RSTP to STP Requires a System Reboot e Press 0 zero to return to the Main Menu then 6 to reboot the switch f After you reboot the switch enter the menu command at the C...

Page 355: ...14 16 The Spanning Tree Operation Screen 4 On the ports and or trunks you want to use for redundant fast uplink connections change the mode to Uplink In this example port A1 and Trk1 using ports A2 and A3 provide the redundant uplinks for STP a Press E for Edit then enable STP on the switch by using the Space bar to select Yes in the Spanning Tree Enabled field b Use Tab to move to the Mode field ...

Page 356: ...bled with Two Redundant Links Configured for Fast Uplink STP 5 Press S forSave tosavetheconfigurationchangestoflash non volatile memory To View Fast Uplink STP Status Continuing from figures 14 16 and 14 17 in the preceding procedure this task uses the same screen that you would use to view STP status for other operating modes 1 From the Main Menu select 1 Status and Counters 7 Spanning Tree Infor...

Page 357: ...fast uplink STP must never be the STP root device Figure 14 18 Example of STP Status with Trk1 Trunk 1 as the Path to the STP Root Device 2 Press S for Show ports to display the status of individual ports Links to PC or Workstation End Nodes Redundant STP Link in Fast Uplink Mode Redundant STP Link in Fast Uplink Mode Figure 14 19 Example of STP Port Status with Two Redundant STP Links 14 35 ...

Page 358: ...P Using the CLI to View Fast Uplink STP You can view fast uplink STP using the same show commands that you would use for standard STP opera tion Syntax show spanning tree Lists STP status show spanning tree config Lists STP configuration for the switch and for individual ports For example figures 14 20 and 14 21 illustrate a possible topology STP status listing and STP configuration for a switch w...

Page 359: ...esthecurrentlyactivepath to the STP root device RedundantSTPlinkintheBlocking state Links to PC or Workstation End Nodes Redundant STP link in the Forwarding state See the Root Port field above This is the currently active path to the STP root device Figure 14 21 Example of a Show Spanning Tree Listing for the Topology Shown in Figure 14 20 14 37 ...

Page 360: ...ast Uplink STP ThisexampleusestheCLI to configure the switch for the fast uplink operation shown in figures 14 20 14 21 and 14 22 The example assumes that ports A2 and A3 are already configured as members of the port trunk Trk1 and all other STP parameters are left in their default state Note that the default STP Protocol Version is RSTP Rapid STP or 802 1w Thus if the switch is set to the STP def...

Page 361: ...Reboots on Fast Uplink STP Operation When configured fast uplink STP operates on the designated ports in a running switch How ever if the switch experiences a reboot the fast uplink ports Mode Uplink use the longer forwarding delay used by ports on standard 802 1D STP non fast uplink This prevents temporary loops that could otherwise result while the switch is determining the STP status for all po...

Page 362: ...tingwillbeNorm regardless of whether one or more ports in the trunk are set to fast uplink Mode Uplink You must still specifically configure the trunk Mode setting to Uplink Similarly if you eliminate a trunk the Mode setting on the individual ports in the trunk will return to their previous settings For Troubleshooting Information on Fast Uplink Refer to Spanning Tree Protocol STP and Fast Uplink...

Page 363: ... Commander Switch 15 13 Using the Menu To Manage a Candidate Switch 15 15 Using the Commander To Manage The Stack 15 17 Using the Commander To Access Member Switches for Configuration Changes and Monitoring Traffic 15 23 Converting a Commander or Member to a Member of Another Stack 15 24 Monitoring Stack Status 15 25 Using the CLI To View Stack Status and Configure Stacking 15 29 SNMP Community Op...

Page 364: ...ches without the need for any specialized cabling page 15 3 For general information on how to use the switch s built in interfaces see Chapter 3 Using the Menu Interface Chapter 4 Using the Command Line Interface CLI Chapter 5 Using the HP Web Browser Interface Chapter 6 Switch Memory and Configuration 15 2 ...

Page 365: ...ember into another stack n a page15 24 page15 39 remove a member from a stack n a page15 21 page15 40 or page15 41 pull a candidate into a stack n a page15 17 page15 36 pull a member from another stack n a page15 19 page15 38 convert a commander or member to a n a page15 24 page15 39 member of another stack access member switches for n a page15 23 page15 42 configuration and traffic monitoring dis...

Page 366: ...port Stacking As of May 2003 the following HP ProCurve devices support stacking HP ProCurve Switch 6108 HP ProCurve Switch 2524 HP ProCurve Switch 4104GL HP ProCurve Switch 8000M HP ProCurve Switch 4108GL HP ProCurve Switch 4000M HP ProCurve Switch 2650 HP ProCurve Switch 2424M HP ProCurve Switch 2626 HP ProCurve Switch 2400M HP ProCurve Switch 2512 HP ProCurve Switch 1600M Requires software relea...

Page 367: ...d Switch C Switch B is a Candidate eligible to join the stack Commander Switch A Member Switch C Member Switch B After Switch B joins the stack thus changing from a Candidate to a Member of the stack Stack Stack Name Engineering Stack Name Engineering Figure 15 1 Illustration of a Switch Moving from Candidate to Member General Stacking Operation After you configure one switch to operate as the Com...

Page 368: ...er interface to access the user interface on any Member switch in the same stack Network Figure 15 2 Example of Stacking with One Commander Controlling Access to Wiring Closet Switches Interface Options You can configure stacking through the switch s menu interface CLI or the web browser interface For information on how to use the web browser interface to configure stacking see the online Help for...

Page 369: ...lways numbered 0 There is no limit on the number of stacks in the same IP subnet broadcast domain however a switch can belong to only one stack If multiple VLANs are configured stacking uses only the primary VLAN on any switch In the factory default configuration the DEFAULT_VLAN is the primary VLAN See Stacking Operation with Multiple VLANs Configured on page 15 44 and The Primary VLAN on page 12...

Page 370: ...on the switch auto matically acquires an IP address if your networkincludesDHCP service Ifacandidatehasapassword it cannot be automatically added to a stack In this case if you want the Candidate in a stack you must manually add it to the stack Stack Name N A Member IP Addr Optional Configuring an IP address allows access via Telnet or web browser interface without going through theCommanderswitch...

Page 371: ...ck Management Overview of Configuring and Bringing Up a Stack This process assumes that All switches you want to include in a stack are connected to the same subnet broadcast domain IfVLANsare enabledonthe switchesyouwanttoinclude inthe stack then the ports linking the stacked switches must be on the primary VLAN in each switch which in the default configuration is the default VLAN If the primary ...

Page 372: ...s Automatically add Candidate to Stack Causes the first 15 eligible discovered switches in the subnet to automatically join a stack Yes Yes default No default Manually add Candidate to Stack Prevent automatic joining of switches you don t want in the stack No default Yes default Optional Yes No Optional Yes Yes default or No Configured Prevent a switch from being a Candidate N A Disabled Optional ...

Page 373: ...es 15 13 through 15 36 for the menu interface and pages 15 29 through 15 41 for the CLI 1 Determine the naming conventions for the stack You will need a stack name Also to help distinguish one switch from another in the stack you can configure a unique system name for each switch Otherwise the system name for a switch appearing inthe Stacking Status screen appears as the stack name plus an automat...

Page 374: ...to assign IP addressing or make other configuration changes 4 Make a record of any Manager passwords assigned to the switches intended for your stack that are not currently members You will use these passwords to enable the protected switches to join the stack 5 If you are using VLANs in the stacking environment you must use the default VLAN for stacking links For more information see Stacking Ope...

Page 375: ...re a Commander Switch 1 Configure an IP address and subnet mask on the Commander switch See Chapter 8 Configuring IP Addressing 2 Display the Stacking Menu by selecting Stacking in the Main Menu Figure 15 5 The Default Stacking Menu 3 Display the Stack Configuration menu by pressing 3 to select Stack Configuration Figure 15 6 The Default Stack Configuration Screen 15 13 ...

Page 376: ...en press the downarrow key No the default prevents automatic joining of Candidates that have their Auto Join set to Yes Yes enables the Commander to automatically take a Candidate into the stack as a Member if the Candidate has Auto Join set to Yes the default Candidate setting and does not have a previously configured password 8 Accept or change the transmission interval default 60 seconds then p...

Page 377: ... table lists the Candidate s configuration options Table 15 4 Candidate Configuration Options in the Menu Interface Parameter Default Setting Other Settings Stack State Candidate Commander Member or Disabled Auto Join Yes No Transmission 60 Seconds Range 1 to 300 seconds Interval Using the Menu To Push a Switch Into a Stack Modify the Switch s Configuration or Disable Stacking on the Switch Use Te...

Page 378: ...ommander s stack i Use the space bar to select Member ii Press Tab once to display the Commander MAC Address param eter then enter the MAC address of the desired Commander To change Auto Join or Transmission Interval use Tab to select the desired parameter and To change Auto Join use the Space bar To change Transmission Interval type in the new value in the range of 1 to 300 seconds Note All switc...

Page 379: ...didate to a Stack In the default configuration you must manually add stack Members from the Candidate pool Reasons for a switch remaining a Candidate instead of becoming a Member include any of the following Auto Grab in the Commander is set to No the default Auto Join in the Candidate is set to No Note When a switch leaves a stack and returns to Candidate status its Auto Join parameter resets to ...

Page 380: ...n available switch number SN You have the optionofassigninganyotheravailablenumber Candidate List Figure 15 10 Example of Candidate List in Stack Management Screen 3 Either accept the displayed switch number or enter another available number The range is 0 15 with 0 reserved for the Commander 4 Use the downarrow key to move the cursor to the MAC Address field then type the MAC address of the desir...

Page 381: ...ded in step 6 Figure 15 11 Example of Stack Management Screen After New Member Added Using the Commander s Menu To Move a Member From One Stack to Another Where two or more stacks exist in the same subnet broadcast domain you can easily move a Member of one stack to another stack if the destination stack is not full If you are using VLANs in your stack environ ment see Stacking Operation with a Ta...

Page 382: ...to move and note its MAC address then press B for Back to return to the Stacking Menu 4 Display the Commander s Stack Management screen by selecting 4 Stack Management For an example of this screen see figure 15 9 on page 15 18 5 Press A for Add to add the Member You will then see a screen listing any available candidates See figure 15 10 on page 15 18 Note that you will not see the switch you wan...

Page 383: ... interface and entering the MAC address of the destination stack Commander in the Member s Commander MAC Address field Using this method moves the Member to another stack without a need for knowing the Manager password in that stack but also blocks access to the Member from the original Commander Using the Commander s Menu To Remove a Stack Member These rules affect removals from a stack When a Ca...

Page 384: ...the table on page 15 46 Stack Member List Figure 15 13 Example of Stack Management Screen with Stack Members Listed 2 Use the downarrow key to select the Member you want to remove from the stack Figure 15 14 Example of Selecting a Member for Removal from the Stack 3 Type D for Delete to remove the selected Member from the stack You will then see the following prompt Figure 15 15 The Prompt for Com...

Page 385: ... to access the Member s console interface for the same configu ration and monitoring that you would do through a Telnet or direct connect access 1 From the Main Menu select 9 Stacking 5 Stack Access You will then see the Stack Access screen For status descriptions see the table on page 15 46 Figure 15 16 Example of the Stack Access Screen Use the downarrow key to select the stack Member you want t...

Page 386: ...cess screen a Return to the Member s Main Menu b Press 0 for Logout then Y for Yes c Press Return You should now see the Commander s Stack Access screen For an example see figure 15 16 on page 15 23 Converting a Commander or Member to a Member of Another Stack When moving a commander the following procedure returns the stack mem bers to Candidate status with Auto Join set to No and converts the st...

Page 387: ...ment see Stacking Operation with a Tagged VLAN on page 15 44 This can help you in such ways as determining the stacking configuration for individual switches identifying stack Members and Candidates and determining the status of individual switches in a stack See table 15 5 on page 15 25 Table 15 5 Stack Status Environments Screen Name Commander Member Candidate Stack Status This Switch Commander ...

Page 388: ...ng and select 9 Stacking 2 Stacking Status All You will then see a Stacking Status screen similar to the following For status descriptions see the table on page 15 46 Figure 15 18 Example of Stacking Status for All Detected Switches Configured for Stacking Viewing Commander Status This procedure displays the Commander and stack configuration plus information identifying each stack member To displa...

Page 389: ...r s status IP address and MAC address To display the status for a Member 1 Go to the console Main Menu of the Commander switch and select 9 Stacking 5 Stack Access 2 Use the downarrow key to select the Member switch whose status you want to view then press X for eXecute You will then see the Main Menu for the selected Member switch 3 In the Member s Main Menu screen select 9 Stacking 1 Stacking St...

Page 390: ... configuration To display the status for a Candidate 1 Use Telnet if the Candidate has a valid IP address for your network or a direct serial port connection to access the menu interface Main Menu for the Candidate switch and select 9 Stacking 1 Stacking Status This Switch You will then see the Candidate s Stacking Status screen Figure 15 21 Example of a Candidate s Stacking Screen 15 28 ...

Page 391: ...ll Lists all stack Commanders Members and Candidates with their individual status no stack Any Stacking Capable Switch Enables or disables stacking on the switch Default Stacking Enabled no stackcommander stackname Candidate or Commander Converts a Candidate to a Commander or changes the stack name of an existing commander No form eliminates named stack and returns Commander and stack Members to C...

Page 392: ...view the list of SN assignments for a stack execute the show stack command in the Commander s CLI no stack join mac addr Candidate Causes the Candidate to join the stack whose Commander has the indicatedMAC address No form isusedin a Member to remove it from the stack of the Commander having the specified address Member Pushes the member to another stack whose Commander has the indicated MAC addre...

Page 393: ...e CLI in a to display the stack status for that switch In this case the switch is in the default stacking configuration Syntax show stack Figure 15 22 Example of Using the Show Stack Command To List the Stacking Configuration for an Individual Switch Viewing the Status of Candidates the Commander Has Detected This example illustrates how to list stack candidates the Commander has discovered in the...

Page 394: ... was executed is a candidate it is included in the Others category Syntax show stack all Figure 15 24 Result of Using the Show Stack All Command To List Discovered Switches in the IP Subnet Viewing the Status of the Commander and Current Members of the Commander s Stack The next example lists all switches in the stack of the selected switch Syntax show stack view Figure 15 25 Example of the Show S...

Page 395: ...der for stacking to operate properly For more on the primary VLAN see The Primary VLAN on page 12 6 2 Configure a Manager password on the switch intended for commander The Commander s Manager password controls access to stack Mem bers For more on passwords see the local manager and operator pass word information in the Access Security Guide for your switch Configure the Stack Commander Assigning a...

Page 396: ...er to the Commander of a New Stack This procedure requires that you first remove the Member from its current stack then create the new stack If you do not know the MAC address for the Commander of the current stack use show stack to list it Syntax no stack stack commander stack name Suppose for example that an HP switch named Bering Sea is a Member of a stack named Big_Waters To use the switch s C...

Page 397: ...s that may exist in the same subnet You cannot add a Candidate that the Commander has not discovered In its default configuration the Commander s Auto Grab parameter is set to No to give you manual control over which switches join the stack and when they join This prevents the Commander from automatically trying to add every Candidate it finds that has Auto Join set to Yes the default for the Cand...

Page 398: ...ly adds a new Member it assigns an SN from the available pool of unused SNs In this stack the only SNs in use are 0 and 1 so youcan useanySNnumberfrom 2through 15 for new Members The SN of 0 is always reserved for the stack Commander Figure 15 28 Example of How To Determine Available Switch Numbers SNs To display all discovered Candidates with their MAC addresses execute show stack candidates from...

Page 399: ...Using Auto Join on a Candidate In the default configuration a Candi date s Auto Join parameter is set to Yes meaning that it will automatically join a stack if the stack s Commander detects the Candidate and the Com mander s Auto Grab parameter is set to Yes You can disable Auto Join on a Candidate if you want to prevent automatic joining in this case There is also the instance where a Candidate s...

Page 400: ...date named North Sea with Auto Join off and a valid IP address of 10 28 227 104 is running on a network You could Telnet to the Candidate use show stack all to determine the Commander s MAC address and then push the Candidate into the desired stack 1 Telnet to the Candidate named North Sea 2 Use show stack all to display the Commander s MAC address 3 Set the Candidate CLI to Config mode 4 Execute ...

Page 401: ...ull the desired switch into the new stack HPswitch config stack member 1 mac address 0060b0 df1a00 Where 1 is an unused switch number SN Since a password is not set on the Candidate a password is not needed in this example You could then use show stack all again to verify that the move took place Using a Member CLI To Push the Member into Another Stack You can use the Member s CLI to push a stack ...

Page 402: ...youtoidentifytheMACaddressofthe Commander for the Big_Waters stack Adds the former Test Commander to the Big_Waters stack Figure 15 33 Example of Command Sequence for Converting a Commander to a Member Using the CLI To Remove a Member from a Stack You can remove a Member from a stack using the CLI of either the Commander or the Member Not e When you remove a Member from a stack the Member s Auto J...

Page 403: ...030c1 7fc700 where 3 is the North Sea Member s switch number SN 0030c1 7fc700 is the North Sea Member s MAC address Using the Member s CLI To Remove the Member from a Stack Syntax no stack join mac addr To use this method you need the Commander s MAC address which is available using the show stack command in the Member s CLI For example MAC Address of the Commander for the Stack Which the North Se...

Page 404: ...To find the switch number for the Member you want to access execute the show stack view command in the Commander s CLI For example suppose that you wanted to configure a port trunk on the switch named North Sea in the stack named Big_Waters Do do so you would go to the CLI for the Big_Waters Commander and execute show stack view to find the switch number for the North Sea switch The switch number ...

Page 405: ...elongstothepublicSNMPcommunitybecause it has IP addressing of its own But with the loss of stack Membership Switch 1 loses membership in the blue and red communities because they are not specifically configured in the switch If Member Switch 2 ceases to be a stack Member it loses membership in all SNMP communities If Member Switch 3 ceases to be a stack Member it loses membership in the blue and r...

Page 406: ... on the switch before it can become a Candidate Member or Commander Disabling a Member Removes the Member from the stack and changes it to a stand alone nonstacking switch You must re enable stacking on the switch before it can become a Candidate Member or Commander Disabling a Candidate Changes the Candidate to a stand alone non stacking switch Syntax no stack Disables stacking on the switch stac...

Page 407: ... appears as shown above The interface for Members and Candidates appears the same as for a non stacking switches To view or configure stacking on the web browser interface 1 Click on the Configuration tab 2 Click on Stacking to display the stackingconfiguration for an individual switch and make any configuration changes you want for that switch 3 Click on Apply Changes to save any configuration ch...

Page 408: ...he Member Commander Up The Member has stacking connectivity with the None required Commander Mismatch This may be a temporary condition while a Candidate is trying to join a stack If the Candidate does not join then stack configuration is inconsistent Initially waitforanupdate Ifcondi tion persists reconfigure the Commander or the Member Member Down A Member has become detached from the stack A po...

Page 409: ...s 16 10 Configuring ICMP 16 12 Configuring Static IP Routes 16 14 Static Route Types 16 14 Static IP Route Parameters 16 15 Static Route States Follow VLAN Interface States 16 15 Configuring a Static IP Route 16 16 Configuring the Default Route 16 16 Configuring a Null Route 16 17 Configuring IRDP 16 18 Enabling IRDP Globally 16 19 Enabling IRDP on an Individual VLAN Interface 16 19 Displaying IRD...

Page 410: ... single VLAN Default_VLAN on the routing switch In that configuration a single IP address serves as the manage ment access address for the entire routing switch If routing is enabled on the routing switch the IP address on the single VLAN also acts as the routing interface Each IP address range specified by an IP address and a subnet mask or mask bits must be in a single subnet and must be configu...

Page 411: ... Table The ARP cache contains entries that map IP addresses to MAC addresses Generally the entries are for devices that are directly attached to the routing switch ARP Cache The ARP cache contains dynamic learned entries The soft ware places a dynamic entry in the ARP cache when the routing switch learns a device s MAC address from an ARP request or ARP reply from the device The software can learn...

Page 412: ...ndependent value from 1 255 The IP route table is displayed by entering the CLI command show ip route from any context level in the console CLI Here is an example of an entry in the IP route table Destination Network Mask Gateway Type Sub Type Metric 1 1 0 0 255 255 0 0 99 1 1 2 connected 1 Figure 16 2 Example of IP Route Table Entry Each IP route table entry contains the destination s IP address ...

Page 413: ...ddress of a device on the network The router sends the IP address of a device in the ARP request and receives the device s MAC address in an ARP reply Enabled 16 7 ARP age The amount of time the device keeps a MAC address learned through ARPinthe device sARPcache Thedeviceresetsthetimertozeroeach time the ARP entry is refreshed and removes the entry if the timer reaches the ARP age 20 minutes 16 9...

Page 414: ...ation FortheSeries5300XLSwitches enter an explicit default route 0 0 0 0 0 0 0 0 or 0 0 0 0 0 as a static route in the IP route table None configured 16 16 Parameter Description Default See page IP Interface Parameters for Routing Switches Table 16 2 lists the interface level IP parameters for routing switches Table 16 2 IP Interface Parameters Routing Switches Parameter Description Default See pa...

Page 415: ...ARP is a standard IP protocol that enables an IP routing switch to obtain the MAC address of another device s interface when the routing switch knows the IP address of the interface ARP is enabled by default and cannot be disabled How ARP Works A routing switch needs to know a destination s MAC address when forwarding traffic because the routing switch encapsulates the IP packet in a Layer 2 packe...

Page 416: ...ess and MAC address A static entry enters the ARP cache from the static ARP table which is a separate table when the interface for the entry comes up To ensure the accuracy of the ARP cache each dynamic entry has its own age timer The timer is reset to zero each time the routing switch receives an ARP reply or ARP request containing the IP address and MAC address of the entry If a dynamic entry re...

Page 417: ...ng switch places an entry in the ARP cache it also starts an aging timer for the entry the aging timer ensures that the ARP cache does not retain learned entries that are no longer valid An entry can become invalid when the device with the MAC address of the entry is nolonger on the network The default ARP age is twenty minutes You can change the ARP age to a value of 1 240 minutes To change the A...

Page 418: ...he sub nets are on different network cables and thus is not answered An ARP request from one sub net can reach another sub net when both sub nets are on the same physical segment Ethernet cable since MAC layer broadcasts reach all the devices on the segment Proxy ARP is disabled by default on HP routing switches To enable Proxy ARP enter the following commands from the VLAN context level in the CL...

Page 419: ...warding for all types of IP directed broadcasts is disabled by default You can enable forwarding for all types if needed You cannot enable forwarding for specific broadcast types To enable forwarding of IP directed broadcasts enter the following CLI command HPswitch config ip directed broadcast Syntax no ip directed broadcast HP software makes the forwarding decision based on the routing switch s ...

Page 420: ...annot deliver to its destination the routing switch discards the packet and sends a message back to the device that sent the packet to the routing switch The message informs the device that the destination cannot be reached by the routing switch Address Mask replies You can enable or disable ICMP address mask replies Disabling Replies to Broadcast Ping Requests By default HP devices are enabled to...

Page 421: ...d in the destination IP address of the packet Port The destination host does not have the destination TCP or UDP port specified in the packet In this case the host sends the ICMP Port Unreachable message to the HP device which in turn sends the message to the host that sent the packet Protocol The TCP or UDP protocol on the destination host is not running This message is different from the Port Un...

Page 422: ... route table you are creating a static IP route This section describes how to add static routes to the IP route table Default network route This is a specific static route that the routing switch uses if other routes to the destination are not available See Configuring the Default Route on page 16 16 Static Route Types You can configure the following types of static IP routes Standard the static r...

Page 423: ...utingswitch uses to compare this route with routes from other route sources to the same destination before placing a route in the IP route table This param eter does not apply to routes that are already in the IP route table The default administrative distance for static IP routes is 1 The default metric and administrative distance values ensure that the routing switch always prefers static IP rou...

Page 424: ...e the mask 255 255 255 0 matches on all hosts within the Class C sub net address specified by the dest ip addr Alternatively you can use the CIDR notation and specify the number of bits in the network mask For example you can enter 209 157 22 0 24 instead of 209 157 22 0 255 255 255 0 The next hop ip addr is the IP address of the next router in the path to the destination Configuring the Default R...

Page 425: ... forwarding it To configure a null static route to drop packets destined for network 209 157 22 x enter the following commands HPswitch config ip route 209 157 22 0 255 255 255 0 reject HPswitch config write memory Syntax ip route ip addr ip mask reject or ip route ip addr mask bits reject Using this command the routing switch will drop packets that contain the specified IP address in the destinat...

Page 426: ...he following parameters If you enable IRDP on individual VLAN interfaces you can configure these parameters on an individual VLAN inter face basis Packet type The routing switch can send Router Advertisement messages as IP broadcasts or as IP multicasts addressed to IP multicast group 224 0 0 1 The default packet type is IP broadcast Hold time Each Router Advertisement message contains a hold time...

Page 427: ...eway The preference can be a number from 4294967296 to 4294967295 The default is 0 Enabling IRDP Globally To enable IRDP globally enter the following command HPswitch config ip irdp This command enables IRDP on the IP interfaces on all ports Each port uses the default values for the IRDP parameters Enabling IRDP on an Individual VLAN Interface To enable IRDP on an individual VLAN interface and con...

Page 428: ...sement to be valid When a host receives a new Router Advertisement message from the routing switch the host resets the hold time for the routing switch to the hold time specified in the new advertisement If the hold time of an advertisement expires the host discards the advertisement concluding that the router interface that sent the advertisement is no longer available The value must be greater t...

Page 429: ...nce number This parameter specifies the IRDP preference level of this routing switch If a host receives Router Advertisements from multiple routers the host selects the router interface that sent the message with the highest preference as the host s default gateway The valid range is 4294967296 to 4294967295 Default 0 Displaying IRDP Information To display IRDP information enter the following comm...

Page 430: ...nts The DHCP relay agent transfers the DHCP messages from DHCP clients located on a subnet without DHCP server to other subnets It also relays answers from DHCP servers to DHCP clients DHCP Packet Forwarding The DHCP relay agent on the routing switch forwards DHCP client packets to all DHCP servers that are configured in the table administrated for each VLAN Unicast Forwarding The packets are forw...

Page 431: ...d to the DHCP Client Enabling DHCP Relay To enable the DHCP Relay function for the routing switch at the Config CLI context level enter the command HPswitch config dhcp relay To disable the DHCP Relay function enter the command HPswitch config no dhcp relay Configuring a Helper Address At the VLAN configuration CLI context level enter the commands to add the DHCP server s IP address to the VLANs l...

Page 432: ...IP Routing Features Configuring DHCP Relay This page is intentionally unused 16 24 ...

Page 433: ...em Download from a PC or Unix Workstation to Primary or Secondary Flash A 8 Switch to Switch Download A 9 Menu Switch to Switch Download to Primary Flash A 9 CLI Switch To Switch Downloads A 10 Using the HP TopTools for Hubs Switches Utility A 11 Troubleshooting TFTP Downloads A 12 Transferring Switch Configurations A 13 Copying Diagnostic Data to a Remote Host PC or Unix Workstation A 16 Copying ...

Page 434: ...system Downloading Switch Software HP periodically provides switch software updates through the HP ProCurve website http www hp com go hpprocurve For more information see the support and warranty booklet shipped with the switch After you acquire a new switch software file you can use one of the following methods for downloading the switch software code to the switch Switch Software Download Featur...

Page 435: ...wnload is interrupted by a power failure the switch goes into boot ROM mode In this case use the boot ROM console to download a new switch software image to primary flash Refer to Restoring a Flash Image on page C 41 Using TFTP To Download Switch Software from a Server This procedure assumes that An switch software file for the switch has been stored on a TFTP server accessible to the switch The s...

Page 436: ...le Main Menu select Download OS to display this screen Figure A 1 Example of the Download OS Screen Default Values 2 Press E for Edit 3 Ensure that the Method field is set to TFTP the default 4 In the TFTP Server field type in the IP address of the TFTP server in which the switch software file has been stored 5 In the Remote File Name field type the name of the switch software file If you are usin...

Page 437: ...is prompt Continue reboot of system No Press the space bar once to change No to Yes then press Enter to begin the reboot Not e When you use the menu interface to download switch software the new image is always stored in primary flash Also using the Reboot Switch option in the Main Menu always reboots the switch from primary flash Rebooting the switch from the CLI gives you more options Refer to R...

Page 438: ...age currently in primary flash Figure A 3 Example of the Command to Download Switch Software 2 When the switch finishes downloading the switch software file from the server it displays this progress message Validating and Writing System Software to FLASH 3 When the switch is ready to activate the downloaded software you will see this message System software written to FLASH You will need to reboot...

Page 439: ...flash 1 From the console Main Menu select 7 Download OS 2 Press E for Edit 3 Use the Space bar to select XMODEM in the Method field 4 Press Enter then X for eXecute to begin the switch software download The following message then appears Press enter and then initiate Xmodem transfer from the attached computer 5 Press Enter and then execute the terminal emulator command s to begin Xmodem binary tra...

Page 440: ...odem flash primary secondary Note that if you do not specify the flash destination the Xmodem download defaults to primary flash For example to download a switch software file named G0103 swi from a PC running a terminal emulator program such as HyperTerminal to primary flash 1 Execute the following command in the CLI Figure A 4 Example of the Command to Download Switch Software Using Xodem 2 Exec...

Page 441: ...ptions on page 6 12 Switch to Switch Download You can use TFTP to transfer a switch software file between two HP ProCurve switches that use the same software code base The menu interface enables you to transfer primary to primary or secondary to primary The CLI enables all combinations of flash location options Menu Switch to Switch Download to Primary Flash Using the menu interface you can downlo...

Page 442: ...tem downloaded correctly a From the Main Menu select Status and Counters General System Information b Check the Firmware revision line CLI Switch To Switch Downloads You can download a switch software file between two switches that use the same code base and which are connected on your LAN To do so use a copy tftp command from the destination switch The options for this CLI feature include Copy fr...

Page 443: ... primary or secondary flash location for the destination the download automatically goes to primary flash For example to download switch software from secondary flash in a switch with an IP address of 10 28 227 103 to the secondary flash in the destination switch you would execute the following command in the destination switch s CLI Figure A 6 Switch to Switch from Either Flash in Source to Eithe...

Page 444: ...Event Log see Using Logging To Identify Problem Sources on page C 21 Some of the causes of download failures include Incorrect or unreachable address specified for the TFTP Server parameter This may include network problems Incorrect VLAN Incorrect name specified for the Remote File Name parameter or the specified file cannot be found on the TFTP server This can also occur if the TFTP server is a ...

Page 445: ...TFTP to copy a config file to a remote host use Xmodem to copy a configuration from a serially connected host to a config file Use Xmodem to copy a config file to a serially connected host n a below n a page A 14 n a page A 14 n a page A 15 Using the CLI commands described in this section you can copy switch configurations to and from a switch TFTP Copying a Configuration from a Remote Host Syntax...

Page 446: ...witch to a Serially Connected PC or Unix Workstation To use this method the switch must be connected via the serial port to a PC or Unix workstation to which you want to copy the configuration file You will need to Determine a filename to use Know the directory path you will use to store the the configuration file Syntax copy startup config running config xmodem pc unix For example to copy a confi...

Page 447: ...Syntax copy xmodem startup config pc unix For example to copy a configuration file from a PC serially connected to the switch 1 Execute the following command 2 After you see the above prompt press Enter 3 Execute the terminal emulator commands to begin the file transfer 4 When the download finishes you must reboot the switch to implement the newly dowloaded OS To do so use one of the following com...

Page 448: ...g Processor Specific operating data useful for determining the reason for a system crash Copying Command Output to a Destination Device This command directs the displayed output of a CLI command to a file in a destination device Syntax copy command output cli command tftp ip address filepath filename copy command output cli command xmodem For example to use Xmodem to copy the output of show config...

Page 449: ...o a Destination Device This command uses TFTP or Xmodem to copy the Crash Data content to a PC orUNIXworkstationonthenetwork Youcancopyindividualslotinformation or the master switch information If you do not specify either the command defaults to the master data Syntax copy crash data slot id master xmodem copy crash data slot id master tftp ip address filename where slot id a h and retrieves the ...

Page 450: ...ter data Syntax copy crash log slot id master tftp ip address filepath and filename copy crash log slot id master xmodem where slot id a h and retrieves the crash log or crash data from the processor on the module in the specified slot master Retrieves crash log or crash data from the switch s chassis processor For example to copy the Crash Log for slot C to a file in a PC connected to the switch ...

Page 451: ...and Trunk Group Statistics and Flow Control Status B 9 Viewing the Switch s MAC Address Tables B 12 Spanning Tree Protocol STP Information B 17 Internet Group Management Protocol IGMP Status B 19 VLAN Information B 20 Web Browser Interface Status Information B 22 Port and Static Trunk Monitoring Features B 23 Menu Configuring Port and Static Trunk Monitoring B 24 CLI Configuring Port and Static Tr...

Page 452: ...orts page B 9 Event Log Lists switch operating events Using Logging To Identify Problem Sources on page C 21 Alert Log Lists network occurrences detected by the switch in the Status Overview screen of the web browser interface page 5 6 Configurable trap receivers Uses SNMP to enable management sta tions on your network to receive SNMP traps from the switch SNMP Notification and Traps on page 11 17...

Page 453: ...b Menu CLI Menu CLI Menu CLI Menu CLI Menu CLI Web Access menu interface for status and counter data B 4 Lists switch level operating information B 5 Lists the MAC address IP address and IPX network number for B 6 each VLAN or if no VLANs are configured for the switch Lists the module type and description for each slot in which a B 7 module is installed Displays the operational status of each port...

Page 454: ... at the Main Menu display the Status and Counters menu by select ing 1 Status and Counters Figure B 1 The Status and Counters Menu Each of the above menu items accesses the read only screens described on the following pages Refer to the online help for a description of the entries displayed in these screens B 4 ...

Page 455: ... Access From the console Main Menu select 1 Status and Counters 1 General System Information Figure B 2 Example of General Switch Information This screen dynamically indicates how individual switch resources are being used See the online Help for details CLI Access Syntax show system information B 5 ...

Page 456: ...s 2 Switch Management Address Information Figure B 3 Example of Management Address Information with VLANs Configured This screen displays addresses that are important for management of the switch If multiple VLANs are not configured this screen displays a single IP address for the entire switch See the online Help for details CLI Access Syntax show management B 6 ...

Page 457: ...is feature to determine which slots have modules installed and which type s of modules are installed Menu Displaying Port Status From the Main Menu select 1 Status and Counters 3 Module Information Figure B 4 Example of Module Information in the Menu Interface CLI Access Syntax show module B 7 ...

Page 458: ...and the console interface show the same port status data Menu Displaying Port Status From the Main Menu select 1 Status and Counters 4 Port Status Figure B 5 Example of Port Status on the Menu Interface CLI Access Syntax show interfaces brief Web Access 1 Click on the Status tab 2 Click on Port Status B 8 ...

Page 459: ... specific port The menu interface and the web browser interface provide a dynamic display of counters summarizing the traffic on each port The CLI lets you see a static snapshot of port or trunk group statistics at a particular moment As mentioned above rebooting or resetting the switch resets the counters to zero You can also reset the counters to zero for the current session This is useful for t...

Page 460: ...of Port Counters on the Menu Interface To view details about the traffic on a particular port use the v key to highlight that port number then select Show Details For example selecting port A2 displays a screen similar to figure B 7 below Figure B 7 Example of the Display for Show details on a Selected Port This screen also includes the Reset action for the current session See the Note on Reset on...

Page 461: ...d provides traffic details for the port s you specify Syntax show interfaces ethernet port list To Reset the Port Counters for a Specific Port This command resets the counters for the specified ports to zero for the current session See the Note on Reset on page B 9 Syntax clear statistics ethernet port list Web Browser Access To View Port and Trunk Group Statistics 1 Click on the Status tab 2 Clic...

Page 462: ...resses on all ports on a specific VLAN n a page B 13 page B 15 viewing MAC addresses on a specific port n a page B 14 page B 15 searching for a MAC address n a page B 14 page B 16 These features help you to view The MAC addresses that the switch has learned from network devices attached to the switch The port on which each MAC address was learned B 12 ...

Page 463: ...r VLAN listing includes The MAC addresses that the switch has learned from network devices attached to the switch The port on which each MAC address was learned 1 From the Main Menu select 1 Status and Counters 5 VLAN Address Table 2 The switch then prompts you to select a VLAN 3 Use the Space bar to select the VLAN you want then press Enter The switch then displays the MAC address table for that ...

Page 464: ...er The address and port number are highlighted if found If the switch does not find the MAC address on the currently selected VLAN it leaves the MAC address listing empty Located MAC Address and Corresponding Port Number Figure B 9 Example of Menu Indicating Located MAC Address 3 Press P for Prev page to return to the full address table listing Port Level MAC Address Viewing and Searching This fea...

Page 465: ...S for Search to display the following prompt Enter MAC address _ 2 Type the MAC address you want to locate and press Enter The address is highlighted if found If the switch does not find the address it leaves the MAC address listing empty 3 Press P for Prev page to return to the previous per port listing CLI Access for MAC Address Views and Searches Syntax show mac address vlan vlan id ethernet po...

Page 466: ...s the MAC addresses associated with the ports for a given VLAN For example HPswitch show mac address vlan 100 Not e The switch operates with a multiple forwarding database architecture For more on this topic refer to Duplicate MAC Addresses Across VLANs on page C 19 To Find the Port On Which the Switch Learned a Specific MAC Address For example to find the port on which the switch learns a MAC add...

Page 467: ...on the switch to display the following data Figure B 12 Example of Spanning Tree Information Use this screen to determine current switch level STP parameter settings and statistics You can use the Show ports action at the bottom of the screen to display port level information and parameter settings for each port in the switch including port type cost priority operating state and designated bridge ...

Page 468: ...nd Counters Data Figure B 13 Example of STP Port Information CLI Access to STP Data This option lists the STP configuration root data and per port data cost priority state and designated bridge Syntax show spanning tree HPswitch show spanning tree B 18 ...

Page 469: ... addresses per VLAN Number of report and query packets per group Querier access port per VLAN show ip igmp vlan id Per VLAN command listing above IGMP status for specified VLAN VID show ip igmp group ip addr Lists the ports currently participating in the specified group with port type Access type Age Timer data and Leave Timer data For example suppose that show ip igmp listed an IGMP group address...

Page 470: ...Status static or dynamic Primary VLAN show vlan vlan id For the specified VLAN lists Name VID and status static dynamic Per Port mode tagged untagged forbid no auto Unknown VLAN setting Learn Block Disable Port status up down For example suppose that your switch has the following VLANs Ports VLAN VID 1 12 DEFAULT_VLAN 1 1 2 VLAN 33 33 3 4 VLAN 44 44 The next three figures show how you could list d...

Page 471: ... B 15 Example of VLAN Listing for the Entire Switch Listing the VLAN ID VID and Status for Specific Ports Because ports A1 and A2 are not members of VLAN 44 itdoesnotappear in this listing Figure B 16 Example of VLAN Listing for Specific Ports Listing Individual VLAN Status Figure B 17 Example of Port Listing for an Individual VLAN B 21 ...

Page 472: ...he status of the switch including summary graphs indicating the network utili zation on each of the switch ports symbolic port status indicators and the Alert Log which informs you of any problems that may have occurred on the switch For more information on this screen see chapter 5 Using the HP Web Browser Interface Port Utilization Graphs Port Status Indicators Alert Log Figure B 18 Example of a...

Page 473: ... B 27 page B 28 You can designate a port for monitoring incoming traffic of other ports and of static trunks on the switch The switch monitors the network activity by copying all traffic inbound on the specified interfaces to the designated monitoring port to which a network analyzer can be attached Not e Port trunks cannot be used as a monitoring port It is possible when monitoring multiple inter...

Page 474: ...an shown in this procedure 1 From the Console Main Menu Select 2 Switch Configuration 3 Network Monitoring Port Enable monitoring by setting this parameter to Yes Figure B 19 The Default Network Monitoring Configuration Screen 2 In the Actions menu press E for Edit 3 If monitoring is currently disabled the default then enable it by pressing the Space bar or Y to select Yes 4 Press the downarrow ke...

Page 475: ...g 6 Use the downarrow key to move the cursor to the Action column for the individual ports and position the cursor at a port you want to monitor 7 Press the Space bar to select Monitor for each port and trunk that you want monitored Use the downarrow key to move from one interface to the next in the Action column 8 When you finish selecting ports to monitor press Enter then press S for Save to sav...

Page 476: ...ned to receive monitored traffic and the ports and or trunks being monitored Syntax show monitor For example if you assign port A6 as the monitoring port and configure the switch to monitor ports A1 A3 show monitor displays the following Port receiving monitored traffic Monitored Ports Figure B 21 Example of Monitored Port Listing Configuring the Monitor Port This command assigns or removes a mon ...

Page 477: ...t numbers and static trunk names at the same time Forexample withaportsuchasportA6configuredas themonitoring mirror port you would use either of the following commands to select these ports and static trunks for monitoring A1 through A3 and A5 Trunks 1 and 2 From the global config level selects ports and trunks for monitoring sources Selects the interface context level then selects the ports as mo...

Page 478: ...ick on Monitor Port 3 To monitor one or more ports a Click on the radio button for Monitor Selected Ports b Select the port s to monitor 4 Click on Apply Changes To remove port monitoring 1 Click on the Monitoring Off radio button 2 Click on Apply Changes For web based Help on how to use the web browser interface screen click on the button provided on the web browser screen B 28 ...

Page 479: ... Tree Protocol STP and Fast Uplink Problems C 13 SSH Related Problems C 14 Stacking Related Problems C 15 TACACS Related Problems C 16 TimeP SNTP or Gateway Problems C 18 VLAN Related Problems C 18 Using Logging To Identify Problem Sources C 21 Event Log Operation C 21 Debug and Syslog Operation C 25 Diagnostic Tools C 31 Port Auto Negotiation C 31 Ping and Link Tests C 32 Displaying the Configura...

Page 480: ...klet shipped with the switch Troubleshooting Approaches Use these approaches to diagnose switch problems Check the HP ProCurve web site the web site may have software updates or other information to help solve your problem http www hp com go hpprocurve Check the switch LEDs The LEDs on the switch are a fundamental diagnostic tool They provide indications of proper switch operation and of any hardw...

Page 481: ...t Log Port Status and Port Counters screens Diagnostic tools Link test Ping test configuration file browser Switch Console For help in isolating problems use the easy to access switch console built into the switch or Telnet to the switch console See chapter 2 Using the Menu Interface and chapter 3 Using the Command Line Interface CLI for console operation information These tools are available thro...

Page 482: ...h Management Address Information also check the DHCP Bootp server configuration to verify correct IP addressing If you are using DHCP to acquire the IP address for the switch the IP address lease time may have expired so that the IP address has changed For more information on how to reserve an IP address refer to the documentation for the DHCP application that you are using If one or more IP Autho...

Page 483: ...selecting 2 Switch Configuration 5 IP Configuration Note If DHCP Bootp is used to configure the switch see the Note above If you are using DHCP to acquire the IP address for the switch the IP address lease time may have expired so that the IP address has changed For more information on how to reserve an IP address refer to the documentation for the DHCP application that you are using If one or mor...

Page 484: ...cast storms may be occurring in the network These may be due to redundant links between nodes If you are configuring a port trunk finish configuring the ports in the trunk before connecting the related cables Otherwise you may inad vertently create a number of redundant links i e topology loops that will cause broadcast storms Turn on Spanning Tree Protocol to block redundant links i e topol ogy l...

Page 485: ... immediatelybeginssendingrequestpacketsonthenetwork Iftheswitchdoes not receive a reply to its DHCP Bootp requests it continues to periodically sendrequestpackets butwith decreasing frequency Thus ifa DHCP or Bootp server is not available or accessible to the switch when DHCP Bootp is first configured the switch may not immediately receive the desired configuration After verifying that the server ...

Page 486: ...e Port in the CDP Neighbors Table Where CDP is running a switch or router that is the STP root transmits outbound CDP packets over all links including redun dant links that STP may be blocking in non root devices In this case the non root device shows an entry in its CDP Neighbors table for every port on which it receives a CDP packet from the root device See Effect of Spanning Tree STP On CDP Pac...

Page 487: ...port can create a traffic loop that can slow down or halt your network Before removing a port from a trunk HP recommends that you either disable the port or disconnect it from the LAN Port Based Access Control 802 1X Related Problems Note To list the 802 1X port access Event Log messages stored on the switch use show log 802 See also Radius Related Problems on page C 12 The switch does not receive...

Page 488: ...Access Security Guide for your switch The switch appears to be properly configured as a supplicant but cannot gain access to the intended authenticator port on the switch to which it is connected If aaa authentication port access is configured for Local ensure that you have entered the local login operator level username and password of the authenticator switch into the identity and secret parame ...

Page 489: ...in the switch Use show radius to verify that the encryption key RADIUS secret key the switch is using is correct for the server being contacted If the switch has only a global key configured then it either must match the server key or you must configure a server specific key If the switch already has a server specific key assigned to the server s IP address then it overrides the global key and mus...

Page 490: ...t the switch allows authentication but blocks the port To eliminate this prob lem either remove the port from the trunk or reconfigure the RADIUS server to avoid specifying a VLAN Radius Related Problems The switch does not receive a response to RADIUS authentication requests In this case the switch will attempt authentication using the secondary method configured for the type of access you are us...

Page 491: ... settings can adversely affect network performance you should avoid making changes without having a strong understanding of how STP operates To learn the details of STP operation refer to the IEEE 802 1D standard Broadcast Storms Appearing in the Network This can occur when there are physical loops redundant links in the topology Where this exists you should enable STP on all bridging devices in t...

Page 492: ...h has ports configured for fast uplink STP and has become the root device due to a failure in the original root device SSH Related Problems Switch access refused to a client Even though you have placed the cli ent s public key in a text file and copied the file using the copy tftp pub key file command into the switch the switch refuses to allow the client to have access If the source SSH client is...

Page 493: ...d RSA public key The public key file you are trying to download has one of the following problems A key in the file is too long The maximum key length is 1024 characters including spaces This could also mean that two or more keys are merged together instead of being separated by a CR LF There are more than ten public keys in the key file One or more keys in the file is corrupted or is not a valid ...

Page 494: ...e memory to save the authentication configuration to flash then pressing the Reset button or cycling the power reboots the switch with the boot up configuration Disconnect the switch from network access to any TACACS servers and then log in to the switch using either Telnet or direct console port access Because the switch cannot access a TACACS server it will default to local authentication You ca...

Page 495: ...h a port that is not allowed for the account The time quota for the account has been exhausted The time credit for the account has expired The access attempt is outside of the time frame allowed for the account The allowed number of concurrent logins for the account has been exceeded For more help refer to the documentation provided with your TACACS server application Unknown Users Allowed to Logi...

Page 496: ...runtaggedVLANoperationonthe same VLAN as the traffic from the monitored ports the traffic output from the monitor port is untagged If the monitor port is not a member of the same VLAN as the traffic from the monitored ports traffic from the monitored ports does not go out the monitor port None of the devices assigned to one or more VLANs on an 802 1Q compliant switch are being recognized If multip...

Page 497: ...ent VLANs can appear where a device having one MAC address is a member of more than one 802 1Q VLAN and the switch port to which the device is linked is using VLANs instead of STP or trunking to establish redundant links to another switch If the other device sends traffic over multiple VLANs its MAC address will consistently appear in multiple VLANs on the switch port to which it is linked Note th...

Page 498: ...Covered by this Guide Multiple Forwarding Database Switch with Single Forwarding Database MAC Address A VLAN 1 MAC Address A VLAN 2 Problem This switch detects continual moves of MAC address A between ports VLAN 1 VLAN 2 Figure C 5 Example of Duplicate MAC Address C 20 ...

Page 499: ...ormation Date is the date in mm dd yy format that the entry was placed in the log Time is the time in hh mm ss format that the entry was placed in the log System Module is the internal module such as ports for port manager that generated the log entry If VLANs are configured then a VLAN name also appears for an event that is specific to an individual VLAN Table C 1 on page C 22 lists the individua...

Page 500: ...nks bootp bootp addressing snmp SNMP communications console Console interface stack Stacking dhcp DHCP addressing stp Spanning Tree download file transfer sys system Switch management FFI Find Fix and Inform available in the telnet Telnet activity console event log and web browser interface alert log garp GARP GVRP tcp Transmission control igmp IP Multicast tftp File transfer for new OS or config ...

Page 501: ...splay is currently positioned To display various portions of the Event Log either preceding or following the currently visible portion use either the actions listed at the bottom of the display Next page Prev page or End or the keys described in the following table Table C 2 Event Log Control Keys Key Action N Advance the display by one page next page P Roll back the display by one page previous p...

Page 502: ...or all events recorded Syntax show logging a search text HPswitch show logging Lists recorded log messages since last reboot HPswitch show logging a Lists all recorded log messages including those before the last reboot HPswitch show logging a system Lists log messages with system in the text or module name HPswitch show logging system Lists all log messages since the last reboot that have system ...

Page 503: ...rvers or to another log facility Not e As of May 2003 the logging facility facility name option described on the next page is available only on the Series 2600 switches and the Switch 6108 running software release H 07 30 or greater For the latest feature information on HP ProCurve switches visit the HP ProCurve website and check the latest release notes covering the switch products in which you h...

Page 504: ...d While Syslog logging is enabled the switch attempts to send Syslog messages to all configured SyslogD server addresses and operates regardless of whether session logging is also enabled Default none Range 1 6 IP addresses facility facility name The logging facility specifies the destination subsystem the SyslogD server s must use All configured SyslogD servers must use the same subsystem HP reco...

Page 505: ...n previously disabledwithotherSyslog servers already configured in the switch Refer to the Syntax box under Configuring the Switch To Send Debug Messages to One or More SyslogDServers onpage C 26 The configured Syslog server IP addresses appear in the switch s configuration file This command shows that Syslog logging is enabled for the listed IP addresses Default Logging Facility Figure C 9 Exampl...

Page 506: ...rm of the command disables Syslog logging but retains the currently configured SyslogD server addresses in the switch configuration When Syslog log ging is currently disabled with one or more SyslogD servers configured this command enables Syslog log ging on the switch The show config command output includes the SyslogD server IP addresses currently con figured in the startup config file session E...

Page 507: ...ws Syslog Destination logging now disabled Session logging continues to operate Figure C 10 Example of Disabling Syslog Operation Viewing Debug Syslog and Session Status Use these commands to determine the current debug configuration and status Syntax show config running Lists the current startup config or running config file with any currently configured IP addresses for SyslogD servers The confi...

Page 508: ... config file they are saved across a reboot and the logging destination option remains enabled Otherwise the logging destination is disabled Session destination Disabled All event type Disabled Event event type If a Syslog server is configured in the startup config file resets to enabled regardless of prior setting Disabled if no Syslog server is configured Debug commands do not affect message out...

Page 509: ...ng n a page C 39 Commands Factory Default Config page C 40 Buttons page C 40 Port Status n a pages B 8 and B 9 pages B 8 and B 9 pages B 8 and B 9 Port Auto Negotiation When a link LED does not light indicating loss of link between two devices the most common reason is a failure of port auto negotiation between the connecting ports If a link LED fails to light when you connect the switch to a port...

Page 510: ... trying to reach must be IEEE 802 3 compliant Ping Test This is a test of the path between the switch and another device on the same or another IP network that can respond to IP packets ICMP Echo Requests Link Test This is a test of the connection between the switch and a desig nated network device on the same LAN or VLAN if configured During the link test IEEE 802 2 test packets are sent to the d...

Page 511: ...e number of Ping or Link packets that successfully completed the most recent test Failures indicates the number of Ping or Link packets that were unsuccessful in the last test Failures indicate connectivity or network performance prob lems such as overloaded links or devices DestinationIP MACAddress is the network address of the target or destination device to which you want to test a connection w...

Page 512: ...t settings click on the Defaults button CLI Ping or Link Tests Ping Tests You can issue single or multiple ping tests with varying repeti tions and timeout periods The defaults and ranges are Repetitions 1 1 999 Timeout 5 seconds 1 256 seconds Syntax ping ip address repetitions 1 999 timeout 1 256 Ping with Repetitions and Timeout Basic Ping Operation Ping Failure Ping with Repetitions Figure C 14...

Page 513: ...ds The defaults are Repetitions 1 1 999 Timeout 5 seconds 1 256 seconds Syntax link mac address repetitions 1 999 timeout 1 256 vlan vlan id Basic Link Test Link Test with Repetitions Link Test with Repetitions and Timeout Link Test Over a Specific VLAN Link Test Over a Specific VLAN Test Fail Figure C 15 Example of Link Tests C 35 ...

Page 514: ...lay either the running configuration or the startup configuration For more on these topics see appendix C Switch Memory and Configuration Syntax write terminal Displays the running config file show running config Displays the running config file show config Displays the startup config file Web Viewing the Configuration File To display the running configuration through the web browser interface 1 C...

Page 515: ...tacking status all Syntax show tech Executing show tech outputs a data listing to your terminal emulator However using your terminal emulator s text capture features you can also save show tech data to a text file for viewing printing or sending to an associate For example if your terminal emulator is the Hyperterminal application available with Microsoft Windows software you can copy the show tec...

Page 516: ... file 4 Execute show tech HPswitch show tech a Each time the resulting listing halts and displays MORE press the Space bar to resume the listing b When the CLI prompt appears the show tech listing is complete At this point click on Transfer Capture Text Stop in HyperTerminal to stop copying data into the text file created in the preceding steps Not e Remember to do the above step to stop HyperTerm...

Page 517: ...on Shows the software version currently running on the switch and the flash image from which the switch booted primary or secondary show boot history Displays the switch shutdown history show history Displays the current command history no page Toggles the paging mode for display commands between continuous listing and per page listing setup Displays the Switch Setup screen from the menu interface...

Page 518: ...ore resetting the switchto its factory default configuration Youcanalsosave your configuration via Xmodem to a directly connected PC Using the CLI This command operates at any level except the Operator level Syntax erase startup configuration Deletes the startup config file in flash so that the switch will reboot with its factory default configuration Not e The erase startup config command does no...

Page 519: ...ility such as the Hyper Terminal program included in Windows PC software A copy of a good OS image file for the switch Not e The following procedure requires the use of Xmodem and copies an OS image into primary flash only This procedure assumes you are using HyperTerminal as your terminal emu lator If you use a different terminal emulator you may need to adapt this procedure to the operation of y...

Page 520: ... Change the baud rate to 115200 v Click on OK In the next window click on OK again vi Select Call Connect vii Press Enter one or more times to display the prompt 5 Start the Console Download utility by typing do at the prompt and pressing Enter do 6 You will then see this prompt 7 At the above prompt a Type y for Yes b Select Transfer File in HyperTerminal c Enter the appropriate filename and path...

Page 521: ...ash Image Figure C 18 Example of Xmodem Download in Progress 8 When the download completes the switch reboots from primary flash using the OS image you downloaded in the preceding steps plus the most recent startup config file C 43 ...

Page 522: ...Troubleshooting Restoring a Flash Image This page is intentionally unused C 44 ...

Page 523: ...ed to the default VLAN VID 1 Additional MAC address es corresponding to additional VLANs you configure in the switch For internal switch operations One MAC address per port See CLI Viewing the Port and VLAN MAC Addresses on page D 4 MAC addresses are assigned at the factory The switch automatically implements these addresses for VLANs and ports as they are added to the switch Not e The switch s ba...

Page 524: ...dded VLANs n a D 3 D 4 viewportMACaddresses hexadecimalformat n a D 4 Use the menu interface to view the switch s base MAC address and the MAC address assigned to any non default VLAN you have configured on the switch Not e The switch s base MAC address is used for the default VLAN VID 1 that is always available on the switch Use the CLI to view the switch s port MAC addresses in hexadecimal forma...

Page 525: ...s been changed by using the VLAN Names screen On the switches covered by this guide the VID VLAN identification number for the default VLAN is always 1 and cannot be changed To View the MAC Address and IP Address assignments for VLANs Configured on the Switch 1 From the Main Menu Select 1 Status and Counters 2 Switch Management Address Information If the switch has only the default VLAN the follow...

Page 526: ...C addresses in the allotment and so on The switch s base MAC address is assigned to VLAN VID 1 and appears in the walkmib listing after the MAC addresses for the ports If multiple VLANs are configured the MAC addresses assigned to these VLANs appear after the base MAC address To display the switch s MAC addresses use the walkmib command at the command prompt Not e This procedure displays the MAC a...

Page 527: ...LANs ifPhysAddress 1 6 Ports A1 A6 in Slot 1 Addresses 7 24 in slot 1 and 25 48 in slot 2 are unused ifPhysAddress 49 51 Ports C1 C3 in Slot 3 Addresses 52 72 in slot 3 are unused ifPhysAddress 205 Base MAC Address MAC Address for default VLAN VID 1 Figure D 2 Example of Port MAC Address Assignments D 5 ...

Page 528: ...MAC Address Management Determining MAC Addresses This page is intentionally unused D 6 ...

Page 529: ... feature you define the month and date to begin and to end the change from standard time In addition to the value none no time changes there are five pre defined settings named Alaska Canada and Continental US Middle Europe and Portugal Southern Hemisphere Western Europe The pre defined settings follow these rules Alaska Begin DST at 2am the first Sunday on or after April 24th End DST at 2am the f...

Page 530: ...n Europe Begin DST at 2am the first Sunday on or after March 23rd End DST at 2am the first Sunday on or after October 23rd A sixth option named User defined allows you to customize the DST config uration by entering the beginning month and date plus the ending month and date for the time change The menu interface screen looks like this all month date entries are at their default values Select User...

Page 531: ... the configured day is a Sunday the time changes at 2am on that day If the configured day is not a Sunday the time changes at 2am on the first Sunday after the configured day This is true for both the Beginning day and the Ending day With that algorithm one should use the value 1 to represent first Sunday of the month and a value equal to number of days in the month minus 6 to represent last Sunda...

Page 532: ...Daylight Savings Time on HP ProCurve Switches This page is intentionally unused E 4 ...

Page 533: ... 19 11 22 See also SNMP authentication trap configuring 11 22 authorized IP managers SNMP blocking 11 2 auto negotiation 10 3 10 4 auto port setting 13 5 Auto 10 10 11 10 14 auto discovery 11 4 B bandwidth displaying utilization 5 16 blocked link from STP operation 14 5 blocked port from IGMP operation 13 5 from STP operation 14 4 boot effect on configuration 3 13 See also reboot boot ROM console ...

Page 534: ...artup to running 6 5 console 7 3 copying A 13 default route 16 16 DHCP Relay 16 22 download A 3 factory default 6 8 8 2 12 10 12 15 14 4 ICMP 16 12 IP 8 3 IP routing forwarding parameters 16 10 IP routing parameters 16 7 IRDP 16 18 network monitoring B 23 permanent 6 6 permanent change defined 6 4 port 10 1 port trunk groups 10 1 quick 3 8 reboot to activate 3 13 restoring factory defaults C 40 RS...

Page 535: ...k tests C 32 directed broadcasts 16 11 displaying information IRDP 16 21 DNS name 5 5 domain 12 10 12 15 Domain Name Server 5 5 download SNMP based A 11 switch to switch A 9 troubleshooting A 12 Xmodem A 7 download OS A 9 download TFTP A 3 A 4 downstream device QoS effect of priority settings 10 35 duplicate MAC address See MAC address Dyn1 See LACP E enabling RSTP CLI 14 11 menu interface 14 16 w...

Page 536: ... 34 forbid option 12 39 GARP 12 33 general operation 12 34 IP addressing 12 36 learn 12 37 learn block disable 12 39 menu configuring 12 42 non GVRP aware 12 47 non GVRP device 12 47 operating notes 12 47 port control options 12 40 port leave from dynamic 12 40 reboot switch 12 40 recommended tagging 12 40 standard 12 33 tagged dynamic VLAN 12 34 unknown VLAN 12 40 unknown VLAN options 12 36 VLAN ...

Page 537: ... 11 IP address assigning 16 7 CIDR notation 16 7 for SNMP management 11 2 multiple in a VLAN 8 9 removing or replacing 8 10 IP forwarding cache 16 4 IP global parameters 16 5 IP interface parameters 16 6 IP preserve DHCP server 8 16 overview 8 16 rules operating 8 16 summary of effect 8 19 IP route table 16 4 IP routing ARP age 16 9 ARP cache table 16 3 changing ARP parameters 16 7 configuring sta...

Page 538: ...address 8 14 B 5 D 1 duplicate C 13 C 19 learned B 12 B 13 port D 1 D 3 switch D 1 VLAN 12 31 D 1 management interfaces described 2 2 server URL 5 12 5 13 server URL default 5 14 management VLAN See VLAN manager access 11 12 manager password 5 8 5 10 maximum VLANs GVRP 12 47 media type port trunk 10 11 memory flash 3 10 6 2 startup configuration 3 10 menu interface configuration changes saving 3 1...

Page 539: ... IGMP 13 5 blocked by STP operation 14 4 blocked IGMP 13 5 broadcast limit 10 9 CLI access 10 6 context level 10 8 control configuration 10 1 counters B 9 counters reset B 9 fiber optic 10 4 forwarding IGMP 13 5 full duplex LACP 10 4 MAC address D 3 D 4 menu access 10 5 monitoring 12 31 network loop 14 4 queues See port based priority redundant path 14 4 state IGMP control 13 5 traffic patterns B ...

Page 540: ...n effect on event log C 21 primary VLAN See VLAN priority 13 5 Procurve HP URL 11 3 prompt C 41 Proxy ARP enabling 16 10 public SNMP community 11 4 Q query See IGMP quick configuration 3 8 quick start 1 8 8 4 R reboot 3 8 3 10 3 12 12 40 reboot actions causing 6 3 reboot effect on configuration 3 13 reconfigure 3 10 redundant path 14 4 spanning tree 14 4 remote session terminate 7 8 report See IGM...

Page 541: ...download A 11 SNMPv3 public community access caution 11 5 access 11 4 assigning users to groups 11 7 communities 11 11 enable command 11 6 enabling 11 5 group access levels 11 10 11 11 groups 11 9 network management problems with snmpv3 only 11 5 notification 11 17 restricted access option 11 5 set up 11 4 traps 11 17 users 11 4 SNTP 9 3 broadcast mode 9 2 9 9 broadcast mode requirement 9 3 config...

Page 542: ...witches 15 9 primary 15 45 See also virtual stacking standard MIB 11 3 starting a console session 3 4 startup config viewing 6 5 See also configuration static IP routes configuring 16 14 16 16 IP routing static route parameters 16 15 route types 16 14 static VLAN convert to 12 33 statistical sampling 11 2 statistics 3 7 B 3 statistics clear counters 3 12 6 10 status and counters access from consol...

Page 543: ...iver 11 19 SNMP 11 19 trap receiver 11 3 11 4 configuring 11 19 11 21 troubleshooting approaches C 2 browsing the configuration file C 36 console access problems C 4 diagnosing unusual network activity C 6 diagnostics tools C 31 fast uplink C 13 OS download A 12 ping and link tests C 32 restoring factory default configuration C 40 spanning tree C 13 SSH C 14 switch won t reboot shows prompt C 41 u...

Page 544: ...menu 12 11 primary web configure 12 21 primary with DHCP 12 9 reboot required 3 8 restrictions 12 31 See also GVRP spanning tree operation 14 5 stacking primary VLAN 12 7 static 12 3 12 7 12 10 12 15 subnet 8 9 support enable disable 3 8 switch capacity 12 3 tagged 12 4 tagging 12 22 12 24 tagging broadcast multicast and unicast traffic C 18 unknown VLAN 12 40 untagged 12 5 12 14 VID 12 3 12 23 VI...

Page 545: ...creen elements 5 15 security 5 2 5 8 standalone 5 4 status bar 5 22 status indicators 5 22 status overview screen 5 6 system requirements 5 4 troubleshooting access problems C 4 URL default 5 14 URL management server 5 14 URL support 5 14 web browser interface for configuring IGMP 13 11 STP 14 40 web site HP 11 3 world wide web site HP See HP Procurve write access 11 12 write memory 12 47 write me...

Page 546: ... This page is intentionally unused 14 Index ...

Page 547: ...ct to change without notice Copyright Hewlett Packard Company 2000 2003 Reproduction adaptation or translation without prior written permission is prohibited except as allowed under the copyright laws May 2003 Edition 1 Manual Part Number 5990 5998 ...

Reviews:

No comments

Related manuals for ProCurve 6108

Baracoda All in One Printer Communication Protocol Manual preview
All in One Printer
Brand: Baracoda Pages: 42
Yamaha mLAN Driver Manual Book preview
mLAN Driver
Brand: Yamaha Pages: 24
Yamaha DSP1D Supplementary Manual preview
DSP1D
Brand: Yamaha Pages: 5
ZyXEL Communications EOC350 Series Quick Start Manual preview
EOC350 Series
Brand: ZyXEL Communications Pages: 2
Dahua NVS0X04DH Quick Start Manual preview
NVS0X04DH
Brand: Dahua Pages: 24
C&H Active Module Carrier VX402C-64 User Manual preview
Active Module Carrier VX402C-64
Brand: C&H Pages: 32
Buffalo LinkStation Quick Setup Manual preview
LinkStation
Brand: Buffalo Pages: 2
Dust Networks SmartMesh IA-510 D2511 Manager'S Manual preview
SmartMesh IA-510 D2511
Brand: Dust Networks Pages: 30
Draytek Vigor 2700G Specifications preview
Vigor 2700G
Brand: Draytek Pages: 2
Genie IP8ESP User Manual preview
IP8ESP
Brand: Genie Pages: 6
Qlogic Storage Networking (Unified Fabric Pilot) Installation Manual preview
Storage Networking (Unified Fabric Pilot)
Brand: Qlogic Pages: 76
3Com 3C13640 Installation Manual preview
3C13640
Brand: 3Com Pages: 32
Avaya ERS 5510 Technical Configuration Manual preview
ERS 5510
Brand: Avaya Pages: 73
NETGEAR RH328 Reference Manual preview
RH328
Brand: NETGEAR Pages: 142
RR-Concepts StationMaster Manual preview
StationMaster
Brand: RR-Concepts Pages: 12
LevelOne NVR-0432 User Manual preview
NVR-0432
Brand: LevelOne Pages: 142
ORiNG IES-3082GC User Manual preview
IES-3082GC
Brand: ORiNG Pages: 101
Goonas LC180 User Manual preview
LC180
Brand: Goonas Pages: 13

Brands by name

Popular brands

Load more brands