manualshive.com logo in svg

HP ProCurve Series 2810, Management And Configuration Manual

The HP ProCurve Series 2810 is a reliable and high-performance network switch designed for enhanced access security. Ensure the seamless functioning of your network with the help of our comprehensive "Access Security Manual". Download this manual for free from our website and harness the full potential of your device.

Share
Download
background image

Troubleshooting 

Unusual Network Activity 

a server-specific key. If the switch already has a server-specific key assigned 
to the server’s IP address, then it overrides the global key and must match the 
server key. 

Global RADIUS Encryption Key 

Unique RADIUS Encryption Key for 
the RADIUS server at 10.33.18.119 

Figure C-3.  Example of How To List the Global and Server-Specific Radius 

Encryption Keys 

Also, ensure that the switch port used to access the RADIUS server is not 
blocked by an 802.1X configuration on that port. For example, 

show port-

access authenticator <

 port-list 

>

 gives you the status for the specified ports. 

Also, ensure that other factors, such as port security or any 802.1X configura­
tion on the RADIUS server are not blocking the link. 

The authorized MAC address on a port that is configured for both 
802.1X and port security either changes or is re-acquired after 
execution of 

aaa port-access authenticator < 

port-lis

t > initialize

If the port is 

force-authorized with 

aaa port-access authenticator <port-list> control authorized 

command and port security is enabled on the port, then executing 

initialize 

causes the port to clear the learned address and learn a new address from the 
first packet it receives after you execute 

initialize

A trunked port configured for 802.1X is blocked. 

If you are using 

RADIUS authentication and the RADIUS server specifies a VLAN for the port, 
the switch allows authentication, but blocks the port. To eliminate this prob­
lem, either remove the port from the trunk or reconfigure the RADIUS server 
to avoid specifying a VLAN. 

C-14 

Summary of Contents for ProCurve Series 2810

Page 1: ...Management and Configuration Guide 2810 www procurve com ProCurve Series 2810 Switches N 10 XX ...

Page 2: ......

Page 3: ...ProCurve Series 2810 Switches July 2006 Management and Configuration Guide ...

Page 4: ...onnection with the furnishing performance or use of this material The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services Nothing herein should be construed as constituting an additional warranty HP shall not be liable for technical or editorial errors or omissions contained herein Hewlett Packard assumes no responsi...

Page 5: ...een Simulations 1 3 Port Identity Examples 1 4 Sources for More Information 1 4 Need Only a Quick Start 1 6 IP Addressing 1 6 To Set Up and Install the Switch in Your Network 1 6 2 Selecting a Management Interface Contents 2 1 Overview 2 2 Advantages of Using the Menu Interface 2 3 Advantages of Using the CLI 2 4 Advantages of Using the Web Browser Interface 2 5 Advantages of Using ProCurve Manage...

Page 6: ... a Menu Session and Exit from the Console 3 5 Main Menu Features 3 7 Screen Structure and Navigation 3 9 Rebooting the Switch 3 12 Menu Features List 3 14 Where To Go From Here 3 15 4 Using the Command Line Interface CLI Contents 4 1 Overview 4 2 Accessing the CLI 4 2 Using the CLI 4 2 Privilege Levels at Logon 4 3 Privilege Level Operation 4 4 Operator Privileges 4 4 Manager Privileges 4 5 How To...

Page 7: ...Usernames and Passwords in the Browser Interface 5 8 Using the Passwords 5 10 Using the User Names 5 10 If You Lose a Password 5 11 Online Help for the Web Browser Interface 5 11 Support Mgmt URLs Feature 5 12 Support URL 5 13 Help and the Management Server URL 5 13 Using the PCM Server for Switch Web Help 5 15 Status Reporting Features 5 16 The Overview Window 5 16 The Port Utilization and Status...

Page 8: ... Secondary Flash Image Options 6 12 Displaying the Current Flash Image Data 6 12 Switch Software Downloads 6 14 Local Switch Software Replacement and Removal 6 15 Rebooting the Switch 6 17 Operating Notes 6 20 7 Interface Access and System Information Contents 7 1 Overview 7 2 Interface Access Console Serial Link Web and Telnet 7 3 Menu Modifying the Interface Access 7 4 CLI Modifying the Interfac...

Page 9: ...etaining VLAN 1 IP Addressing Across Configuration File Downloads 8 16 Operating Rules for IP Preserve 8 16 9 Time Protocols Contents 9 1 Overview 9 2 TimeP Time Synchronization 9 2 SNTP Time Synchronization 9 2 Overview Selecting a Time Synchronization Protocol or Turning Off Time Protocol Operation 9 3 General Steps for Running a Time Protocol on the Switch 9 3 Disabling Time Synchronization 9 3...

Page 10: ...s 10 7 Using the CLI To View Port Status 10 7 Displaying Spanning Tree Configuration Details 10 9 Using the CLI To Configure Ports 10 10 Using the CLI To Configure a Broadcast Limit 10 11 Configuring HP Auto MDIX 10 12 Manual Auto MDIX Override 10 12 Web Viewing Port Status and Configuring Port Parameters 10 15 Jumbo Packets 10 15 Terminology 10 16 Operating Rules 10 16 Configuring Jumbo Packet Op...

Page 11: ...view 11 2 Port Status and Configuration 11 2 Port Connections and Configuration 11 3 Link Connections 11 3 Port Trunk Options and Operation 11 3 Trunk Configuration Methods 11 4 Menu Viewing and Configuring a Static Trunk Group 11 8 CLI Viewing and Configuring a Static or Dynamic Port Trunk Group 11 10 Using the CLI To View Port Trunks 11 10 Using the CLI To Configure a Static or Dynamic Trunk Gro...

Page 12: ...ation Traps 12 23 Advanced Management RMON 12 24 LLDP Link Layer Discovery Protocol 12 25 Terminology 12 26 General LLDP Operation 12 27 Packet Boundaries in a Network Topology 12 27 Configuration Options 12 28 Options for Reading LLDP Information Collected by the Switch 12 30 LLDP Standards Compatibility 12 31 LLDP Operating Rules 12 31 Configuring LLDP Operation 12 32 Viewing the Current Configu...

Page 13: ...tion A 10 SCP SFTP Operating Notes A 10 a PC or UNIX Workstation A 11 Menu Xmodem Download to Primary Flash A 12 CLI Xmodem Download from a PC or Unix Workstation to Primary or Secondary Flash A 13 Switch to Switch Download A 14 Menu Switch to Switch Download to Primary Flash A 14 CLI Switch To Switch Downloads A 15 Using ProCurve Manager Plus to Update Switch Software A 16 Troubleshooting TFTP Do...

Page 14: ...Statistics B 11 CLI Access To Port and Trunk Group Statistics B 12 Web Browser Access To View Port and Trunk Group Statistics B 12 Viewing the Switch s MAC Address Tables B 13 Menu Access to the MAC Address Views and Searches B 13 CLI Access for MAC Address Views and Searches B 16 Spanning Tree Protocol STP Information B 17 Menu Access to STP Data B 17 CLI Access to STP Data B 18 Internet Group Ma...

Page 15: ...Problems C 18 TACACS Related Problems C 18 TimeP SNTP or Gateway Problems C 20 VLAN Related Problems C 20 Using Logging To Identify Problem Sources C 23 Event Log Operation C 23 Menu Entering and Navigating in the Event Log C 25 CLI C 26 Debug and Syslog Operation C 27 Diagnostic Tools C 34 Port Auto Negotiation C 34 Ping and Link Tests C 35 Web Executing Ping or Link Tests C 36 CLI Ping or Link T...

Page 16: ...C 44 D MAC Address Management Contents D 1 Overview D 2 Determining MAC Addresses in the Switch D 2 Menu Viewing the Switch s MAC Addresses D 3 CLI Viewing the Port and VLAN MAC Addresses D 4 Viewing the MAC Addresses of Connected Devices D 6 E Daylight Savings Time on ProCurve Switches Configuring Daylight Savings Time E 1 xiv ...

Page 17: ... a PDF file on the ProCurve Networking website This guide explains the configuration and operation of traffic management features such as spanning tree and VLANs Access Security Guide a PDF file on the ProCurve Networking website This guide explains the configuration and operation of access security and user authentication features on the switch Release Notes posted on the ProCurve web site to pro...

Page 18: ... Feature Management and Configuration AdvancedTraffic Management Access Security Guide 802 1Q VLAN Tagging X 802 1X Port Based Priority X Authentication X Authorized IP Managers X Config File X Copy Command X Debug X DHCP Configuration X DHCP Bootp Operation X Diagnostic Tools X Downloading Software X Event Log X Factory Default Settings X File Management X File Transfers X GVRP X IGMP X Interface...

Page 19: ... X Multicast Filtering X Network Management Applications LLDP SNMP X Passwords X Ping X Port Configuration X Port Security X Port Status X Port Trunking LACP X Port Based Access Control X Port Based Priority 802 1Q X Quality of Service QoS X RADIUS Authentication and Accounting X Secure Copy X SFTP X SNMP X Software Downloads SCP SFTP TFTP Xmodem X Source Port Filters X Spanning Tree MSTP X SSH Se...

Page 20: ...ement Access Security Guide SSL Secure Socket Layer X Stack Management Stacking X Syslog X System Information X TACACS Authentication X Telnet Access X TFTP X Time Protocols TimeP SNTP X Traffic Security Filters X Troubleshooting X VLANs X Web based Authentication X Xmodem X xviii ...

Page 21: ...ure Descriptions by Model 1 2 Command Syntax Statements 1 2 Command Prompts 1 3 Screen Simulations 1 3 Port Identity Examples 1 4 Sources for More Information 1 4 Need Only a Quick Start 1 6 IP Addressing 1 6 To Set Up and Install the Switch in Your Network 1 6 1 1 ...

Page 22: ...m the ProCurve website http www procurve com Conventions This guide uses the following conventions for command syntax and displayed information Feature Descriptions by Model In cases where a software feature is not available in all of the switch models coveredbythisguide thesectionheadingspecificallyindicateswhichproduct or product series offer the feature For example the switch model is highlight...

Page 23: ...rovide one or more port numbers Syntax aaa port access authenticator port list Command Prompts In the default configuration your switch displays one of the following CLI prompts ProCurve Switch 2810 To simplify recognition this guide uses ProCurve to represent command prompts for all models For example ProCurve You can use the hostname command to change the text in the CLI prompt Screen Simulation...

Page 24: ...s apply equally to the stackable switches which for port identities typically use only numbers such as 1 3 5 15 etc Sources for More Information For additional information about switch operation and features not covered in this guide consult the following sources For information on which product manual to consult on a given software feature refer to Product Documentation on page xv Note For the la...

Page 25: ...command name followed by help For example Figure 1 3 Getting Help in the CLI For information on specific features in the Web browser interface use the online help For informationon Help options see Online Help for the Web Browser Interface on page 5 1 For further information on ProCurve Networking switch technology visit the ProCurve website at http www procurve com 1 5 ...

Page 26: ...lation and Getting Started Guide you received with the switch To Set Up and Install the Switch in Your Network Important Use the Quick Installation Guide shipped with your switch for the following Notes cautions and warnings related to installing and using the switch Instructions for physically installing the switch in your network Quickly assigning an IP address and subnet mask setting a Manager ...

Page 27: ...face 2 5 Advantages of Using ProCurve Manager or ProCurve Manager Plus 2 6 Custom Login Banners for the Console and Web Browser Interfaces 2 9 Banner Operation with Telnet Serial or SSHv2 Access 2 10 Banner Operation with Web Browser Access 2 10 Configuring and Displaying a Non Default Banner 2 10 Example of Configuring and Displaying a Banner 2 11 Operating Notes 2 13 2 1 ...

Page 28: ...summary topology and mapping and device management ProCurve Manager Plus PCM a complete windows based network management solution that provides both the basic features offered with PCM as well as more advanced management features including in depth traffic analysis group and policy management config uration management device software updates and advanced VLAN management ProCurve includes a copy of...

Page 29: ...n Port Security Passwords Port and Static Trunk Group SNMP communities Stack Management Time protocols The menu interface also provides access for Setup screen Switch and port statistic and Event Log display counter displays Switch and port Reboots status displays Software downloads Offers out of band access through the RS 232 connection to the switch so network bottlenecks crashes lack of configu...

Page 30: ...nd diagnostic features Offers out of band access through the RS 232 connection or Telnet in band access Enables quick detailed system configuration and management access to system operators and administrators experienced in command prompt interfaces Provides help at each level for determining available options and vari ables CLI Usage For information on how to use the CLI refer to chapter 3 Using ...

Page 31: ...r browser interface locations of window objects consistent with commonly used browsers uses mouse clicking for navigation no terminal setup Many features have all their fields in one screen so you can view all values at once More visual cues using colors status bars device icons and other graphical objects instead of relying solely on alphanumeric values Display of acceptable ranges of values avai...

Page 32: ...er Plus PCM and PCM from a PC on the network to monitor traffic manage your hubs and switches and proactively recommend network changes to increase network uptime and optimize performance Easy to install and use PCM and PCM are the answers to your management challenges Figure 2 4 Example of the Home Page for ProCurve Manager Plus PCM and PCM enable greater control uptime and performance in your ne...

Page 33: ...evels physical view subnet view or VLAN view Device Management Many device focused tasks can be performed directly by the software or the user can access web browser and command line interfaces with the click of a button to manage individ ual devices from inside the tool Features and benefits of ProCurve Manager Plus All of the Features of ProCurve Manager Refer to the above listing In Depth Traff...

Page 34: ...n The modular software architecture of ProCurve Manager Plus enables ProCurve to offer network adminis trators add on software solutions that complement their needs Custom Login Banners for the Console and Web Browser Interfaces You can now configure the switch to display a login banner of up to 320 characters when an operator initiates a management session with the switch through any of the follo...

Page 35: ... appears in a dedicated banner window with a link to the Web agent home page Clicking on To Home Page clearsthebannerwindowandpromptstheuserforapassword ifconfigured Following entry of the correct username password information or if no username password is required the switch then displays either the Registra tion page or the switch s home page Note that if the banner feature is disabled or if the...

Page 36: ...e to edit the current line that is a line that has not been terminated by a CR LF However terminating a line in a banner by entering a CR LF prevents any further editing of that line To edit a line in a banner entry after terminating the line with a CR LF requires entering the delimiter described above and then re configuring new banner text The banner text string must terminate with the character...

Page 37: ... banner configuration use either the show banner motd or show running command ProCurve config show banner motd Banner Information Banner status Enabled Configured Banner This is a private system maintained by the Allied Widget Corporation Unauthorized use of this system can result in civil and criminal penalties Figure 2 Example of show banner motd Output 2 11 ...

Page 38: ...y the Allied Widget Corporation Unauthorized use of this system can result in civil and criminal penalites password manager password operator Figure 3 The Current Banner Appears in the Switch s Running Config File The next time someone logs onto the switch s management CLI the following appears The login screen displays the configured banner Entering a correct password clears the banner and displa...

Page 39: ...on The switch supports one banner at any time Configuring a new banner replaces any former banner configured on the switch If the switch is configured with ssh version 1 or ssh version 1 or 2 configuring the banner sets the SSH configuration to ssh version 2 and displays the following message in the CLI Warning SSH version has been set to v2 If a banner is configured the switch doesnotallow config...

Page 40: ...Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus This page is intentionally unused 2 14 ...

Page 41: ...Ending a Menu Session 3 3 How To Start a Menu Interface Session 3 4 How To End a Menu Session and Exit from the Console 3 5 Main Menu Features 3 7 Screen Structure and Navigation 3 9 Rebooting the Switch 3 12 Menu Features List 3 14 Where To Go From Here 3 15 3 1 ...

Page 42: ... names Time protocol IP authorized managers Ports VLANs Virtual LANs and Trunk groups GVRP View status counters and Event Log information Update switch software Reboot the switch For a detailed list of menu features see the Menu Features List on page 3 14 Privilege Levels and Password Security ProCurve strongly recom mends that you configure a Manager password to help prevent unauthorized access t...

Page 43: ...switch interface overwrites earlier changes made through any other interface The Menu Interface and the CLI Command Line Interface both use the switch console To enter the menu from the CLI use the menu command To enter the CLI from the Menu interface select CommandLine CLI option Starting and Ending a Menu Session You can access the menu interface using any of the following A direct serial connec...

Page 44: ...terminal emulator or a terminal press Enter one or more times until a prompt appears 3 When the switch screen appears do one of the following If a password has been configured the password prompt appears Password _ Type the Manager password and press Enter Entering the Manager password gives you manager level access to the switch Entering the Operator password gives you operator level access to th...

Page 45: ...or more information see the Installation and Getting Started Guide you received with the switch How To End a Menu Session and Exit from the Console The method for ending a menu session and exiting from the console depends on whether during the session you made any changes to the switch configu ration that require a switch reboot to activate Most changes via the menu interface need only a Save and ...

Page 46: ...inal program turn off the terminal or quit the Telnet session 2 If you have made configuration changes that require a switch reboot thatis if anasterisk appearsnexttoaconfigureditemornexttoSwitch Configuration in the Main Menu a Return to the Main Menu b Press 6 to select Reboot Switch and follow the instructions on the reboot screen Rebooting the switch terminates the menu session and if you are ...

Page 47: ...isplaying and changing the current configuration settings See the Con tents listing at the front of this manual For a listing of features and parameters configurable through the menu interface see the Menu Fea tures List on page 3 14 Console Passwords Provides access to the screen used to set or change Manager level and Operator level passwords and to delete Manager and Operator password protectio...

Page 48: ... OS Enables you to download a new software version to the switch See Appendix A File Transfers Run Setup Displays the Switch Setup screen for quickly configuring basic switch parameters such as IP addressing default gateway logon default interface spanning tree and others See the Installation and Getting Started guide shipped with your switch Stacking Enables you to use a single IP address and sta...

Page 49: ...nstructions Actions line Screentitle identifies the location within the menu structure Figure 3 4 Elements of the Screen Structure Forms Design The configuration screens in particular operate similarly to a number of PC applications that use forms for data entry When you first enter these screens you see the current configuration for the item you have selected To change the configuration the basic...

Page 50: ...er parameter value return to step 3 6 If you are finished editing parameters in the displayed screen press Enter to return to the Actions line and do one of the following To save and activate configuration changes press S for the Save action This saves the changes in the startup configuration and also implements the change in the currently running configuration See Chapter 6 Switch Memory and Conf...

Page 51: ...of the screen Highlight on any item in the Actions line indicates that the Actions line is active The Help line provides a brief descriptor of the highlighted Action item or parameter Figure 3 5 Example Showing How To Display Help To get Help on the actions or data fields in each screen Use the arrow keys or v to select an action or data field The help line under the Actions items describes the cu...

Page 52: ...re a reboot Resets statistical counters to zero Note that statistical counters can be reset to zero without rebooting the switch To Reboot the switch use the Reboot Switch option in the Main Menu Note that the Reboot Switch option is not available if you log on in Operator mode that is if you enter an Operator password instead of a manager password at the password prompt Reboot Switch option Figur...

Page 53: ... VLANs to support parameter an asterisk appears next to the VLAN Support entry in the VLAN Menu screen below and also next to the Switch Configuration entry in the Main Menu as shown in figure 3 2 on page 3 6 Reminder to reboot the switch to activate configuration changes Asterisk indicates a configuration change that requires a reboot in order to take effect Figure 3 7 Indication of a Configurati...

Page 54: ... Configuration System Information Port Trunk Settings Network Monitoring Port Spanning Tree Operation IP Configuration SNMP Community Names IP authorized Managers VLAN Menu Console Passwords Event Log Command Line CLI Reboot Switch Download OS Run Setup Stacking Stacking Status This Switch Stacking Status All Stack Configuration Stack Management Available in Stack Commander Only Stack Access Avail...

Page 55: ...nagement Guide To view and monitor switch status and Appendix B Monitoring and Analyzing Switch counters Operation To learn how to configure and use Refer to the Access Security Guide for your passwords and other security features switch To learn how to use the Event Log Using Logging To Identify Problem Sources on page C 23 To learn how the CLI operates Chapter 4 Using the Command Line Interface ...

Page 56: ...Using the Menu Interface Where To Go From Here This page is intentionally unused 3 16 ...

Page 57: ...Level Operation 4 4 Operator Privileges 4 4 Manager Privileges 4 5 How To Move Between Levels 4 7 Listing Commands and Command Options 4 8 Listing Commands Available at Any Privilege Level 4 8 Command Option Displays 4 10 Displaying CLI Help 4 11 Configuration Commands and the Context Configuration Modes 4 13 CLI Control and Editing 4 16 4 1 ...

Page 58: ... start a console session You can access the console out of band by directly connecting a terminal device to the switch or in band by using Telnet either from a terminal device or through the web browser interface Not e The serial port on the 2810 switch is an RJ45 port located in the lower left corner on the front panel of the switch Also if you are using the menu interface you can access the CLI ...

Page 59: ...Privilege Levels at Logon Privilege levels control the type of access to the CLI To implement this control you must set at least a Manager password Without a Manager password configured anyone having serial port Telnet or web browser access to the switch can reach all CLI levels For more on setting passwords refer to the local manager and operator password chapter in the Access Security Guide for ...

Page 60: ...mended that you protect the switch from physical access by unauthorized persons If you are concerned about switch security and operation you should install the switch in a secure location such as a locked wiring closet Privilege Level Operation 2 Manager Level 3 Global Configuration Operator Privileges Manager Privileges 1 Operator Level 4 Context Configuration Level Figure 4 2 Access Sequence for...

Page 61: ...n changes to any of the switch s software features The prompt for the Global Configuration level includes the system name and config To select this level enter the config command at the Manager prompt For example ProCurve _ Enter config at the Manager prompt ProCurve config _The Global Config prompt Context Configuration level Provides all Operator and Manager privileges and enables you to make co...

Page 62: ...erface to the menu interface logout Exit from the CLI interface and terminate the console session exit Terminate the current session same as logout Manager Privilege Manager ProCurve Perform system level actions such as system control monitoring Level and diagnostic commands plus any of the Operator level commands For a list of available commands enter at the prompt Global ProCurve config Execute ...

Page 63: ... ProCurve config ProCurve config vlan 10 ProCurve vlan 10 ProCurve vlan 10 interface e 3 ProCurve int 3 The CLI accepts e as the abbreviated form of ethernet ProCurve int 3 exit ProCurve config exit ProCurve exit ProCurve ProCurve int 3 end ProCurve or ProCurve config end ProCurve Moving Between the CLI and the Menu Interface When moving between interfaces the switch retains the current privilege ...

Page 64: ...tions At any privilege level you can List all of the commands available at that level List the options for a specific command Listing Commands Available at Any Privilege Level At a given privilege level you can list and execute the commands that level offers plus all of the commands available at preceding levels For example at the Operator level you can list and execute only the Operator level com...

Page 65: ... Listing When MORE appears there are more commands in the listing To list the next set of commands press the Space bar To list the remaining commands one by one repeatedly press Enter Typing at the Global Configuration level or the Context Configuration level produces similar results In a particular context level the first block of command in the listing are the commands that are most relevant to ...

Page 66: ...Tab the CLI completes the current word if you have typed enough of the word for the CLI to distinguish it from other possibilities including hyphenated exten sions For example ProCurve config port Tab ProCurve config port security _ Pressing Tab after a completed command word lists the further options for that command ProCurve config stack Tab commander commander str join mac addr auto join transm...

Page 67: ...laying CLI Help CLI Help provides two types of context sensitive information Command list with a brief summary of each command s purpose Detailed information on how to use individual commands Displaying Command List Help You can display a listing of command Help summaries for all commands available at the current privilege level That is when you are at the Operator level you can display the Help s...

Page 68: ...h of the command string to identify the command along with help Syntax command string help For example to list the Help for the interface command in the Global Configuration privilege level Figure 4 7 Example of How To Display Help for a Specific Command A similar action lists the Help showing additional parameter options for a given command The following example illustrates how to list the Help f...

Page 69: ...guration mode or in selected context modes However using a context mode enables you to execute context specific commands faster with shorter command strings The configuration options include interface port or trunk group and VLAN context modes Port or Trunk Group Context Includes port or trunk specific commands that apply only to the selected port s or trunk group plus the global configuration Man...

Page 70: ...ontext plus the Manager Operator and contextcommandsyoucan execute at this level In the port context the first block of commands in the listingshow thecontext specificcommandsthatwillaffect only ports C3 C6 The remaining commands in the listing are Manager Operator and context commands Figure 4 9 Context Specific Commands Affecting Port Context 4 14 ...

Page 71: ...ig vlan 100 Command executed at configura tion level to enter VLAN 100 context ProCurve vlan 100 Resulting prompt showing VLAN 100 context ProCurve vlan 100 Lists commandsyoucanusein the VLAN context plus Manager Oper ator and context commands you can execute at this level In the VLAN context the first block of commands in the listing show the commandsthat will affect only vlan 100 The remaining c...

Page 72: ...racter Ctrl K Deletes from the cursor to the end of the command line Ctrl L or Ctrl R Repeats current command line on a new line Ctrl N or v Enters the next command line in the history buffer Ctrl P or Enters the previous command line in the history buffer Ctrl U or Ctrl X Deletes from the cursor to the beginning of the command line Ctrl W Deletes the last word typed Esc B Moves the cursor backwar...

Page 73: ...swords in the Browser Interface 5 8 Using the Passwords 5 10 Using the User Names 5 10 If You Lose a Password 5 11 Online Help for the Web Browser Interface 5 11 Support Mgmt URLs Feature 5 12 Support URL 5 13 Help and the Management Server URL 5 13 Using the PCM Server for Switch Web Help 5 14 Status Reporting Features 5 15 The Overview Window 5 15 The Port Utilization and Status Displays 5 17 Po...

Page 74: ...nterface session page 5 7 Creating usernames and passwords in the web browser interface page 5 8 Selecting the fault detection configuration for the Alert Log operation page 5 23 Getting access to online help for the web browser interface page 5 11 Description of the web browser interface Overview window and tabs page 5 16 Port Utilization and Status displays page 5 17 Alert Log and Alert types pa...

Page 75: ...N Fault detection Port monitoring mirroring System information Enable Disable Multicast Filtering IGMP and Spanning Tree IP Stacking Support and management URLs Switch Security Usernames and passwords Switch Diagnostics Ping Link Test Device reset Configuration report Switch status Port utilization Port counters Port status Alert log Switch system information listing 5 3 ...

Page 76: ...le from your PC or workstation For more on assigning an IP address refer to IP Configuration on page 8 3 1 Ensure that the JavaTM applets are enabled for your browser For more information on this topic refer to your browser s online Help 2 Use the web browser to access the switch If your network includes a Domain Name Server DNS your switch s IP address may have a name associated with it for examp...

Page 77: ... The networked device you want to access has been assigned an IP address and optionally a DNS name and has been discovered by PCM or PCM For more on assigning an IP address refer to IP Configuration on page 8 3 To establish a web browser session with ProCurve PCM or PCM running do the following on the network management station 1 Make sure the JavaTM applets are enabled for your web browser If the...

Page 78: ...nterface Session with the Switch First Time Install Alert Alert Log Figure 5 1 Example of Status Overview Screen Not e The above screen appears somewhat different if the switch is configured as a stack Commander For an example see figure 2 3 on page 2 5 5 6 ...

Page 79: ... Window When you access the switch s web browser interface for the first time the Alert log contains a First Time Install alert as shown in figure 5 2 This gives you information about first time installations and provides an immediate opportunity to set passwords for security and to specify a Fault Detection policy which determines the types of messages that will be displayed in the Alert Log Doub...

Page 80: ...lick on select the fault detection configuration in the second bullet in the window and go to the section Setting Fault Detection Policy on page 5 23 You can also access the password screen by clicking on the Configuration tab and then Fault Detection button Creating Usernames and Passwords in the Browser Interface You may want to create both a username and password to create access security for y...

Page 81: ...event entry double click on this event then in the resulting display click on the secure access to the device link Select the Security tab 2 Click in the appropriate box in the Device Passwords window and enter user names and passwords You will be required to repeat the password strings in the confirmation boxes Both the user names and passwords can be up to 16 printable ASCII characters 3 Click o...

Page 82: ...to all switch interfaces Once set you will be prompted to supply the password every time you try to access the switch through any of its interfaces The password you enter determines the capability you have during that session Entering the manager password gives you full read write capabilities Entering the operator password gives you read and limited write capabil ities Using the User Names If you...

Page 83: ...rity in the chapter titled Configuring Username and Password Secu rity in the Access Security Guide for your switch Online Help for the Web Browser Interface Online Help is available for the web browser interface You can use it by clicking on the question mark button in the upper right corner of any of the web browser interface screens The Help Button Figure 5 5 The Help Button Context sensitive h...

Page 84: ...e support information source you want the switchtoaccesswhenyouclickonthewebbrowserinterface Support tab The default is the URL for the ProCurve Networking home page The URL of a PCM ProCurve Network Manager workstation or other server for the online Help files for this web browser interface The default setting accesses the switch s browser based Help on the ProCurve web site Note that if you inst...

Page 85: ...anagement Server URL The Management Server URL field specifies the URL the switch uses to find online Help for the web browser interface If you install PCM ProCurve Manager in your network the PCM manage ment station acts as the web browser Help server for the switch and automatically inserts the necessary URL in this field For more informa tion on this option refer to Using the PCM Server for Swi...

Page 86: ...terface Support Mgmt URLs Feature In the default configuration the switch uses the URL for accessing the web browser interface help files on the ProCurve web site Figure 5 7 How To Access Web Browser Interface Online Help 5 14 ...

Page 87: ...f the global properties globalprops prp in PCM to redirect the switches to the help files on the PCM server For example Global TempDir data temp Discovery DeviceHelpUrlRedirect http 15 29 37 12 8040 rnd device_help You will enter the IP address for your PCM server 8040 is the standard port number to use 4 Restart the Discovery process for the change to be applied Not e Changing the Discovery s Glo...

Page 88: ... 5 20 The Status bar page 5 22 The Overview Window The Overview Window is the home screen for any entry into the web browser interface The following figure identifies the various parts of the screen Alert Log Control Bar Port Utiliza tion Graphs page 5 17 Alert Log page 5 20 Port Status Indicators page 5 19 Button Bar Tab Bar Status Bar page 5 22 Active Button Active Tab Figure 5 8 The Status Over...

Page 89: ...ort with a breakdown of the packet types that have been detected unicast packets non unicast packets and error packets The Legend identifies traffic types and their associated colors on the bar graph Unicast Rx All Tx This is all unicast traffic received and all transmitted traffic of any type This indicator a blue color on many systems can signify either transmitted or received traffic Non Unicas...

Page 90: ...stently higher than 40 on any port click on the Port Counters button to get a detailed set of counters for the port To change the amount of bandwidth the Port Utilization bar graph shows Clickonthebandwidthdisplaycontrolbuttonintheupperleftcorner of the graph The button shows the current scale setting such as 40 In the resulting menu select the bandwidth scale you want the graph to show 3 10 25 40...

Page 91: ... enabled but is not connected to an active network device A cable may not be connected to the port or the device at the other end may be powered off or inoperable or the cable or connected device could be faulty Port Disabled the port has been configured as disabled through the web browser interface the switch console or SNMP network manage ment Port Fault Disabled a fault condition has occurred o...

Page 92: ... Time The date and time the event was received by the web browser interface This value is shown in the format DD MM YY HH MM SS AM PM for example 16 Sep 99 7 58 44 AM Description A short narrative statement that describes the event For example Excessive CRC Alignment errors on port 8 Sorting the Alert Log Entries The alerts are sorted by default by the Date Time field with the most recent alert li...

Page 93: ... Not e When troubleshooting the sources of alerts it may be helpful to check the switch s Port Status and Port Counter windows and the Event Log in the console interface By double clicking on Alert Entries the web browser interface displays a Detail View or separate window detailing information about the events The Detail View contains a description of the problem and a possible solution It also p...

Page 94: ...Alert Log Detail View The Status Bar The Status Bar is displayed in the upper left corner of the web browser interface screen Figure 5 15 shows an expanded view of the status bar Status Indicator Most Critical Alert Description Product Name Figure 5 15 Example of the Status Bar 5 22 ...

Page 95: ...ommand or the switch console System Information screen Most Critical Alert Description A brief description of the earliest unacknowledged alert with the current highest severity in the Alert Log appearing in the right portion of the Status Bar In instances where multiple critical alerts have the same severity level only the earliest unacknowledged alert is deployed in the Status bar Product Name T...

Page 96: ...y The Fault Detection settings are High Sensitivity This policy directs the switch to send all alerts to the Alert Log This setting is most effective on networks that have none or few problems Medium Sensitivity This policy directs the switch to send alerts related to network problems to the Alert Log If you want to be notified of problems which cause a noticeable slowdown on the network use this ...

Page 97: ...lt Detection Window also contains three Change Control Buttons Apply Changes This button stores the settings you have selected for all future sessions with the web browser interface until you decide to change them Clear Changes This button removes your settings and returns the settings for the list box to the level it was at in the last saved detection setting session Reset to Default Settings Thi...

Page 98: ...Using the Web Browser Interface Status Reporting Features This page is intentionally unused 5 26 ...

Page 99: ... 6 8 Configuration Changes Using the Menu Interface 6 8 Using Save and Cancel in the Menu Interface 6 9 Rebooting from the Menu Interface 6 10 Configuration Changes Using the Web Browser Interface 6 11 Using Primary and Secondary Flash Image Options 6 12 Displaying the Current Flash Image Data 6 12 Switch Software Downloads 6 14 Local Switch Software Replacement and Removal 6 15 Rebooting the Swit...

Page 100: ...he switch maintains two configuration files the running config file and the startup config file Volatile Memory Running Config File Controls switch operation When the switch reboots the contents of this file are erased and replaced by the contents of the startup config file Flash Non Volatile Memory Startup Config File Preserves the most recently saved configuration through any subsequent reboot C...

Page 101: ...e or more changes to the running config file creates a new operating configuration Saving a new configurationmeans tooverwrite replace thecurrentstartup config file with the current running config file This means that if the switch subsequently reboots for any reason it will resume operation using the new configuration insteadof theconfigurationpreviously defined in the startup config file There a...

Page 102: ...using write memory to save the change to the startup config file then the switch prompts you to save the change For example if you use the CLI to create VLAN 20 and then select the menu interface VLAN 20 is configured in the running config file but not in the startup config file In this case you will see ProCurve config vlan 20 ProCurve config menu Do you want to save current configuration y n If ...

Page 103: ...sting of the current running config file show config status Compares the startup config file to the running config file and lists one of the following results If the two configurations are the same you will see Running configuration is the same as the startup configuration If the two configurations are different you will see Running configuration has been changed and needs to be saved Not e Show c...

Page 104: ...guration the startup config file by executing the following command ProCurve config write memory The new mode auto 10 on port A5 is now saved in the startup config file and the startup config and running config files are identical If you subsequently reboot the switch the auto 10 mode configuration on port A5 will remain because it is included in the startup config file How To Cancel Changes You H...

Page 105: ...nning config file and will update the running config file to match the startup config file Not e If you use the CLI to make a change to the running config file you should either use the write memory command or select the save option allowed during a reboot figure 6 2 above to save the change to the startup config file That is if you use the CLI to change a parameter setting but then reboot the swi...

Page 106: ...current configuration and prevent a reboot Using the Menu and Web Browser Interfaces To Implement Configuration Changes The menu and web browser interfaces offer these advantages Quick easy menu or window access to a subset of switch configuration features See the Menu Features List on page 3 14 and the web browser General Features list on page Viewing several related configuration parameters in t...

Page 107: ...plements the changes in the running config file 2 Saves your changes to the startup config file If you decide not to save and implement the changes in the screen select Cancel to discard them and continue switch operation with the current oper ation For example suppose you have made the changes shown below in the System Information screen To save and implement the changes for all parameters in thi...

Page 108: ...fore rebooting the switch Rebooting from the Menu Interface Terminates the current session and performs a reset of the operating system Activates any configuration changes that require a reboot Resets statistical counters to zero Note that statistical counters can be reset to zero without rebooting the switch See Displaying Port Counters on To Display the Port Counter Summary Report on page B 12 T...

Page 109: ... screen and also next to the Switch Configuration entry in the Main menu as shown in figure 4 6 Reminder to reboot the switch to activate configuration changes Asterisk indicates a configuration change that requires a reboot in order to take effect Figure 6 6 Indication of a Configuration Change Requiring a Reboot Configuration Changes Using the Web Browser Interface You can use the web browser in...

Page 110: ...ge in Primary flash to run your system The switch can use only one image at a time The following tasks involve primary secondary flash options Displaying the current flash image data and determining which switch software versions are available Switch software downloads Replacing and removing erasing a local switch software version System booting Displaying the Current Flash Image Data Use the comm...

Page 111: ...on the version stored in the secondary flash image ProCurve config show flash Image Size Bytes Date Version Build Primary Image 3224515 03 17 06 N 10 XX 2624 Secondary Image 3220653 Boot Rom Version N 10 XA Current Boot Primary ProCurve config 02 15 06 N 10 XX 728 The unequal code size and differing dates indicate two differentversionsof the software Figure 6 8 Example Showing Different Flash Imag...

Page 112: ...stamp Boot Image Build Options Watchdog Figure 6 9 Determining the Software Version in Primary and Secondary Flash Switch Software Downloads The following table shows the switch s options for downloading a software version to flash and booting the switch from flash Table 6 1 Primary Secondary Memory Access Action Menu CLI Web Browser SNMP Download to Primary Yes Yes Yes Yes Download to Secondary N...

Page 113: ...e image file from an external source see Appendix A File Transfers Copying a Switch Software Image from One Flash Location to Another When you copy the flash image from primary to secondary or the reverse the switch overwrites the file in the destination location with a copy of the file from the source location This means you do not have to erase the current image at the destination location befor...

Page 114: ...A Current Boot Primary ProCurve The unequal code size differingdates and differing version numbers indicates two differentversionsof the software Figure 6 10 Example Indicating Two Different Software Versions in Primary and Secondary Flash Execute the copy command as follows ProCurve config copy flash flash primary Erasing the Contents of Primary or Secondary Flash This command deletes the softwar...

Page 115: ... software image in the selected flash in this case primary The prompt shows which flash location will be erased Figure 6 11 Example of Erase Flash Prompt 3 Type y at the prompt to complete the flash erase 4 Use show flash to verify erasure of the selected software flash image ProCurve show flash The 0 here shows that Compressed Primary Code size 0 primary flash has Compressed Secondary Code size 2...

Page 116: ...subsystem self tests Syntax boot Forexample toboottheswitchfromprimaryflashwithpendingconfiguration changes in the running config file Figure 6 13 Example of Boot Command Default Primary Flash In the above example typing either a y or n at the second prompt initiates the reboot operation Also if there are no pending configuration changes in the running config file then the reboot commences without...

Page 117: ...oot from secondary flash Booting from the Current Software Version Reload reboots the switch from the flash image on which the switch is currently running and saves to the startup config file any configuration changes currently in the running config file Because reload bypasses some subsystem self tests the switch reboots faster than if you use either of the boot command options Syntax reload For ...

Page 118: ...ry or secondary flash Also for rebooting purposes it is not necessary for the software image and the startup config file to support identical software fea tures For example suppose you have just downloaded a software upgrade that includes new features that are not supported in the software you used to create the current startup config file In this case the software simply assigns factory default v...

Page 119: ...Menu Modifying the Interface Access 7 4 CLI Modifying the Interface Access 7 5 Denying Interface Access by Terminating Remote Management Sessions 7 9 System Information 7 10 Menu Viewing and Configuring System Information 7 11 CLI Viewing and Configuring System Information 7 12 Web Configuring System Parameters 7 15 7 1 ...

Page 120: ...2 Using the Menu Interface Chapter 4 Using the Command Line Interface CLI Chapter 5 Using the Web Browser Interface Why Configure Interface Access and System Information The inter face access features in the switch operate properly by default However you can modify or disable access features to suit your particular needs Similarly you can choose to leave the system information parameters at their ...

Page 121: ...e 7 4 page 7 6 Terminal type VT 100 page 7 6 Event Log event types to list All page 7 6 Displayed Events Baud Rate Speed Sense page 7 6 Flow Control XON XOFF page 7 6 In most cases the default configuration is acceptable for standard operation Not e Basic switch security is through passwords You can gain additional security by using the security features described in the Access Security Guide for ...

Page 122: ...Select 2 Switch Configuration 1 System Information Interface Access Parameters Figure 7 1 The Default Interface Access Parameters Available in the Menu Interface 2 Press E for Edit The cursor moves to the System Name field 3 Use the arrow keys v to move to the parameters you want to change Refer to the online help provided with this screen for further information on configuration options for these...

Page 123: ...sts the current interface access parameter settings Syntax show console This example shows the switch s default console serial configuration Not e The serial connection for the 2810 switch is an RJ45 port located on the left front panel of the switch Interface Access Enable Disable Console Control Options Event Log Event Types To List Figure 7 2 Listing of Show Console Command Reconfigure Inbound ...

Page 124: ...ure Web Browser Access In the default configuration web browser access is enabled Syntax no web management To disable web browser access ProCurve config no web management To re enable web browser access ProCurve config web management Reconfigure the Console Serial Link Settings You can reconfigure one or more console parameters with one console command Syntax console terminal vt100 ansi screen ref...

Page 125: ...rite memory and then execute boot before the new console configuration will take effect To enable temporary and non disruptive changes to the terminal mode without requiring a reboot use the console local terminal command see page 7 8 For example to use one command to configure the switch with the following VT100 operation 19 200 baud No flow control 10 minute inactivity time Critical log events y...

Page 126: ...ersist across a reboot Syntax console local terminal vt100 none ansi Dynamically converts the terminal mode of a console session to the selected mode Executing console local terminal affects only the console session from which it is executed Rebooting the switch returns the terminal mode for the affected console session to the configured terminal mode This command does not change the configured co...

Page 127: ...anted control characters that may appear in some scripting languages Use this option when the configured terminal mode is either vt100 or ansi and you want to temporarily use the scripting mode ansi When invoked in a console session changes the terminal mode to ANSI for that console session Use this option when the configured terminal mode is either vt100 scripting mode or none and you want to tem...

Page 128: ... terminate a currently running remote session Kill does not terminate a Console session on the serial port either through a direct connection or via a modem Syntax kill session number For example if you are using the switch s serial port for a console session and want to terminate a currently active Telnet session you would do the follow ing Session 2 is an active Telnet session The kill 2 command...

Page 129: ...d System Name Using a unique name helps you to identify individual devices in stacking environments and where you are using an SNMP network manage ment tool such as ProCurve Manager System Contact and Location This information is helpful for identifying the person administratively responsible for the switch and for identifying the locations of individual switches MAC Age Interval The number of sec...

Page 130: ...ore on this topic see Appendix E Daylight Savings Time on ProCurve Switches Time Used in the CLI to specify the time of day the date and other system parameters Menu Viewing and Configuring System Information To access the system information parameters 1 From the Main Menu Select 2 Switch Configuration 1 System Information System Information Figure 7 6 The System Information Configuration Screen D...

Page 131: ...iewing and Configuring System Information System Information Commands Used in This Section show system information below hostname below snmp server below contact location mac age time page 7 15 time time zone page 7 15 daylight time rule page 7 15 date page 7 15 time Listing the Current System Information Thiscommandliststhecurrent system information settings Syntax show system information This ex...

Page 132: ...snmp server contact system contact location system location Both fields allow up to 48 characters Blank spaces are not allowed in the variables for these commands For example to name the switch Blue with Ext 4474 as the system contact and North Data Room as the location New hostname contact and location data from previous commands Additional System Information Figure 7 8 System Information Listing...

Page 133: ...f the 0 meridian the sign is West of the 0 meridian the sign is For example the time zone setting for Berlin Germany is 60 zone 1 or 60 minutes and the time zone setting for Vancouver Canada is 480 zone 8 or 480 minutes To configure the time zone and daylight time rule for Vancou ver Canada ProCurve config time timezone 480 daylight time rule continental us and canada Configure the Time and Date T...

Page 134: ...tact For access to the MAC Age Interval and the Time parameters use the menu interface or the CLI Configure System Parameters in the Web Browser Interface 1 Click on the Configuration tab 2 Click on System Info 3 Enter the data you want in the displayed fields 4 Implement your new data by clicking on Apply Changes To access the web based help provided for the switch click on in the web browser scr...

Page 135: ...u Configuring IP Address Gateway and Time To Live TTL 8 5 CLI Configuring IP Address Gateway and Time To Live TTL 8 7 Web Configuring IP Addressing 8 11 How IP Addressing Affects Switch Operation 8 11 DHCP Bootp Operation 8 12 Network Preparations for Configuring DHCP Bootp 8 15 IP Preserve Retaining VLAN 1 IP Addressing Across Configuration File Downloads 8 16 Operating Rules for IP Preserve 8 16...

Page 136: ...y and VLAN 1 IP addressing Assign up to seven secondary IP addresses to a VLAN multinetting Why Configure IP Addressing In its factory default configuration the switch operates as a multiport learning bridge with network connectivity provided by the ports on the switch However to enable specific management access and control through your network you will need IP addressing Table 8 1 on page 8 12 s...

Page 137: ...to a device you can use the web browser interface to modify the initial IP configuration if needed For information on how IP addressing affects switch performance refer to How IP Addressing Affects Switch Operation on page 8 11 Multinetting Assigning Multiple IP Addresses to a VLAN For a given VLAN you can assign one primary IP address and up to seven secondary IP addresses This allows you to comb...

Page 138: ...een see the Installation and Getting Started Guide you received with the switch IP Addressing with Multiple VLANs In the factory default configuration the switch has one permanent default VLAN named DEFAULT_VLAN that includes all ports on the switch Thus when only the default VLAN exists in the switch if you assign an IP address and subnet mask to the switch you are actually assigning the IP addre...

Page 139: ...urve stack management environ ment entering an IP address may not be required See the chapter on stack management in the Advanced Traffic Management Guide Menu Configuring IP Address Gateway and Time To Live TTL Do one of the following To manually enter an IP address subnet mask set the IPConfig parameter to Manual and then manually enter the IP address and subnet mask values you want for the swit...

Page 140: ...eed to change the packet Time To Live TTL setting select Default TTL and type in a value between 2 and 255 seconds 5 To configure IP addressing select IP Config and do one of the following If you want to have the switch retrieve its IP configuration from a DHCP or Bootp server at the IP Config field keep the value as DHCP Bootp and go to step 8 If you want to manually configure the IP information ...

Page 141: ...e DEFAULT_VLAN exists then its IP configuration applies to all ports in the switch Where multiple VLANs are configured the IP addressing is listed per VLAN The display includes switch wide packet time to live and if config ured the switch s default gateway and Timep configuration Syntax show ip For example in the factory default configuration no IP addressing assigned the switch s IP addressing ap...

Page 142: ...t VLAN then the VLAN ID is always 1 Not e The default IP address setting for the DEFAULT_VLAN is DHCP Bootp On additional VLANs you create the default IP address setting is Disabled Syntax vlan vlan id ip address ip address mask length or vlan vlan id ip address ip address mask bits or vlan vlan id ip address dhcp bootp This example configures IP addressing on the default VLAN with the subnet mask...

Page 143: ...iding secondary IP addressing The switch allows up to 512 secondary subnet address assignments to VLANs Syntax no vlan vlan id ip address ip address mask length no vlan vlan id ip address ip address mask bits For example if you wanted to multinet VLAN_20 VID 20 with its primary IP address and two secondary IP addresses shown below you would perform steps similar to the following For this example a...

Page 144: ...or Replacing IP Addresses in a Subnetted VLAN To remove an IP address from a subnetted VLAN use the no form of the IP address command shown on page 8 9 Generally to replace one IP address with another you should first remove the address you want to replace and then enter the new address However in a subnetted VLAN if you remove the primary IP address from a VLAN the next sequential secondary IP ad...

Page 145: ...g only if the switch already has an IP address that is reachable through your network 1 Click on the Configuration tab 2 Click on IP Configuration 3 If you need further information on using the web browser interface click on to access the web based help available for the switch How IP Addressing Affects Switch Operation Without an IP address and subnet mask compatible with your network the switch ...

Page 146: ...lem findingandreporting analysis andrecommendationsfor changes to increase control and uptime TACACS RADIUS SSH SSL and 802 1X authentication Multinetting on VLANs Stacking Commander Telnet access to the CLI or the menu interface IGMP Timep server configuration TFTP download of configurations and OS updates Ping test Although a Commander can operate without an IP address doing so makes it unavaila...

Page 147: ...not immediately receive the desired configuration After verifying that the server has become accessible to the switch reboot the switch to re start the process immediately DHCP Operation Depending on how the DHCP server is configured the switch may receive an IP address that is temporarily leased Periodically the switch may be required to renew its lease of the IP configuration Thus the IP address...

Page 148: ...255 255 248 0 gw 10 66 77 1 lg 10 22 33 44 T144 switch cfg vm rfc1048 where j2810switch is a user defined symbolic name to help you find the correct section of the bootptab file If you have multiple switches that will be using Bootp to get their IP configuration you should use a unique symbolic name for each switch ht is the hardware type For the switches covered in this guide set this to ether fo...

Page 149: ...nections are in place A DHCP server is accessible from the switch Not e Designating a primary VLAN other than the default VLAN affects the switch s use of information received via DHCP Bootp For more on this topic see the chapter on Virtual LANs in the Advanced Traffic Management Guide After you reconfigure or reboot the switch with DHCP Bootp enabled in a network providing DHCP Bootp service the ...

Page 150: ...nd reboots The switch adopts all other configuration parameters in the configuration file into the startup config file If the switch s current IP addressing for VLAN 1 is from a DHCP server IP Preserve is suspended In this case whatever IP addressing the config uration file specifies is implemented when the switch downloads the file and reboots If the file includes DHCP Bootp as the IP addressing ...

Page 151: ...Switch 4 VLAN 1 DHCP Switch 3 VLAN 1 10 31 22 103 Switch 1 VLAN 1 10 31 22 101 DHCP Server Switch 2 VLAN 1 10 31 22 102 config IP Address Switches 1 through 3 copy and implement the config txt file from the TFTP server figure 8 8 but retain their current IP Switch 4 also copies and implements the config txt file from the TFTP server figure 8 8 but acquires new IP addressing from the DHCP TFTP Serv...

Page 152: ...e Figure 8 8 Configuration File in TFTP Server with DHCP Bootp Specified as the IP Addressing Source If you apply this configuration file to figure 8 7 switches 1 3 will still retain their manually assigned IP addressing However switch 4 will be configured with the IP addressing included in the file J9022A Configuration Editor Created on release N 10 XX hostname ProCurve Switch time daylight time ...

Page 153: ...ver it ignores the IP Preserve command when it downloads the configuration file and implements whatever IP addressing instructions are in the configuration file If the switch did not receive its most recent VLAN 1 IP addressing from a DHCP Bootp server it retainsits currentIPaddressing when itdownloads the configuration file The content of the downloaded configuration file determines the IP addres...

Page 154: ...Configuring IP Addressing IP Preserve Retaining VLAN 1 IP Addressing Across Configuration File Downloads This page is intentionally unused 8 20 ...

Page 155: ...Configuring SNTP 9 8 Viewing the Current SNTP Configuration 9 8 Configuring Enabling or Disabling the SNTP Mode 9 9 TimeP Viewing Selecting and Configuring 9 14 Menu Viewing and Configuring TimeP 9 15 CLI Viewing and Configuring TimeP 9 16 Viewing the Current TimeP Configuration 9 17 Configuring Enabling or Disabling the TimeP Mode 9 18 SNTP Unicast Time Polling with Multiple SNTP Servers 9 21 Add...

Page 156: ...h the TimeP mode itself set to Disabled TimeP Time Synchronization You can either manually assign the switch to use a TimeP server or use DHCP to assign the TimeP server In either case the switch can get its time synchro nization updates from only one designated Timep server This option enhances security by specifying which time server to use SNTP Time Synchronization SNTP provides two operating m...

Page 157: ... or TimeP the default 2 Enable the protocol The choices are SNTP Broadcast or Unicast TimeP DHCP or Manual 3 Configure the remaining parameters for the time protocol you selected The switch retains the parameter settings for both time protocols even if you change from one protocol to the other Thus if you select a time protocol the switch uses the parameters you last configured for the selected pr...

Page 158: ...ion configuration n a page 9 5 page 9 8 select SNTP as the time synchronization method timep page 9 6 page 9 9 ff disable time synchronization timep page 9 6 page 9 12 enable the SNTP mode Broadcast Unicast or Disabled disabled broadcast n a page 9 6 page 9 9 unicast n a page 9 6 page 9 10 none disabled n a page 9 6 page 9 13 configure an SNTP server address for Unicast mode only none page 9 6 pag...

Page 159: ... broadcast time update from the next server it detects Poll Interval seconds In Unicast Mode Specifies how often the switch polls the designated SNTP server for a time update In Broadcast Mode Specifies how often the switch polls the network broadcast address for a time update Server Address Used only when the SNTP Mode is set to Unicast Specifies the IP address of the SNTP server that the switch ...

Page 160: ...Time Sync Method field 4 Use the Space bar to select SNTP then press v once to display and move to the SNTP Mode field 5 Do one of the following Use the Space bar to select the Broadcast mode then press v to move the cursor to the Poll Interval field and go to step 6 For Broadcast mode details see SNTP Operating Modes on page 9 2 Use the Space bar to select the Unicast mode then do the following i...

Page 161: ... and testing SNTP operation to determine whether any change is necessary Note Using the menu to enter the IP address for an SNTP server when the switch already has one or more SNTP servers config ured causes the switch to delete the primary SNTP server from the server list and to select a new primary SNTP server from the IP address es in the updated list For more on this topic see SNTP Unicast Tim...

Page 162: ...uration This command lists both the time synchronization method TimeP SNTP or None and the SNTP configuration even if SNTP is not the selected time protocol Syntax show sntp For example if you configured the switch with SNTP as the time synchroni zation method then enabled SNTP in broadcast mode with the default poll interval show sntp lists the following Figure 9 2 Example of SNTP Configuration W...

Page 163: ...hod parameter Syntax timesync sntp Selects SNTP as the time protocol sntp broadcast unicast Enables the SNTP mode below and page 9 10 sntp server ip addr Required only for unicast mode page 9 10 sntp poll interval 30 720 Enabling the SNTP mode also enables the SNTP poll interval default 720 seconds page 9 12 Enabling SNTP in Broadcast Mode Because theswitchprovidesanSNTP polling interval default 7...

Page 164: ...Enabling SNTP in Unicast Mode Like broadcast mode configuring SNTP for unicast mode enables SNTP However for Unicast operation you must also specify the IP address of at least one SNTP server The switch allows up to three unicast servers You canuse the Menuinterface or the CLI to configure one server or to replace an existing Unicast server with another To add a second or third server you must use...

Page 165: ...d accepts the current SNTP server version default 3 In this example the Poll Interval and the Protocol Version appear at their default settings Note Protocol Version appears only when there is an IP address configured for an SNTP server Figure 9 5 Example of Configuring SNTP for Unicast Operation If the SNTP server you specify uses SNTP version 4 or later use the sntp server command to specify the...

Page 166: ...peration For example to change the poll interval to 300 seconds ProCurve config sntp poll interval 300 Disabling Time Synchronization Without Changing the SNTP Configuration The recommended method for disabling time synchroniza tion is to use the timesync command to avoid changing the switch s SNTP configuration Syntax no timesync Halts time synchronization without changing the switch s SNTP confi...

Page 167: ...Disables SNTP by changing the SNTP mode configuration to Disabled For example if the switch is running SNTP in Unicast mode with an SNTP server at 10 28 227 141 and a server version of 3 the default no sntp changes the SNTP configuration as shown below and disables time synchronization on the switch Even though the Time Sync Mode is set to Sntp time synchronization is disabled because no sntp has ...

Page 168: ...ync Method parameter or the CLI timesync command DHCP When Timep is selected as the time synchronization method the switch attempts to acquire a Timep server IP address via DHCP If the switch receives a server address it polls the server for updates according to the Timep poll interval If the switch does not receive a Timep server IP address it cannot perform time synchronization updates Manual Wh...

Page 169: ...NTP None Figure 9 9 The System Information Screen Default Values 2 Press E for Edit The cursor moves to the System Name field 3 Use v to move the cursor to the Time Sync Method field 4 If TIMEP is not already selected use the Space bar to select TIMEP then press v once to display and move to the TimeP Mode field 5 Do one of the following Use the Space bar to select the DHCP mode then press v to mo...

Page 170: ...e the cursor to the PollInterval field then go to step 6 6 In the PollInterval field enter the time in minutes that you want for a TimeP Poll Interval Press Enter to return to the Actions line then S for Save to enter the new time protocol configuration in both the startup config and running config files CLI Viewing and Configuring TimeP CLI Commands Described in this Section show timep page 9 17 ...

Page 171: ...TimeP as the time synchroniza tion method then enable TimeP in DHCP mode with the default poll interval show timep lists the following Figure 9 10 Example of TimeP Configuration When TimeP Is the Selected Time Synchronization Method If SNTP is the selected time synchronization method showtimep still lists the TimeP configuration even though it is not currently in use Even though in this example SN...

Page 172: ...rotocol ip timep dhcp manual Enables the selected TimeP mode no ip timep Disables the TimeP mode no timesync Disables the time protocol Enabling TimeP in DHCP Mode Because the switch provides a TimeP polling interval default 720 minutes you need only these two commands for a minimal TimeP DHCP configuration Syntax timesync timep Selects TimeP as the time synchronization method ip timep dhcp Config...

Page 173: ...ddress of the TimeP server The switch allows only one TimeP server To enable the TimeP protocol Syntax timesync timep Selects Timep ip timep manual ip addr Activates TimeP in Manual mode with a specified TimeP server no ip timep Disables TimeP Not e To change from one TimeP server to another you must 1 use the no ip timep command to disable TimeP mode and then reconfigure TimeP in Manual mode with...

Page 174: ...nterval to 60 minutes ProCurve config ip timep interval 60 Disabling Time Synchronization Without Changing the TimeP Configuration The recommended method for disabling time synchroniza tion is to use the timesync command This halts time synchronization without changing your TimeP configuration Syntax no timesync For example suppose TimeP is running as the switch s time synchronization protocol wit...

Page 175: ...eter SNTPUnicastTimePollingwithMultiple SNTP Servers When running SNTP unicast time polling as the time synchronization method the switch requests a time update from the server you configured with either the Server Address parameter in the menu interface or the primary server in a list of up to three SNTP servers configured using the CLI If the switch does not receive a response from the primary s...

Page 176: ...and Deleting SNTP Server Addresses Adding Addresses As mentioned earlier you can configure one SNTP server address using either the Menu interface or the CLI To configure a second and third address you must use the CLI For example suppose you have already configured the primary address in the above table 10 28 227 141 To configure the remaining two addresses you would do the following Prioritizedl...

Page 177: ...onfigure an SNTP server IP address the new address writes over the current primary address if one is configured If there are multiple addresses configured the switch re orders the addresses according to the criteria described under Address Prioritization on page 9 21 For example suppose the switch already has the following three SNTP server IP addresses configured 10 28 227 141 primary 10 28 227 1...

Page 178: ...s in the Event Log SNTP Messages in the Event Log If an SNTP time change of more than three seconds occurs the switch s event log records the change SNTP time changes of less than three seconds do not appear in the Event Log 9 24 ...

Page 179: ...g Port Parameters 10 16 Jumbo Packets 10 16 Terminology 10 17 Operating Rules 10 17 Configuring Jumbo Packet Operation 10 18 Overview 10 18 Viewing the Current Jumbo Configuration 10 19 Enabling or Disabling Jumbo Traffic on a VLAN 10 21 Operating Notes for Jumbo Traffic Handling 10 21 Troubleshooting 10 23 QoS Pass Through Mode 10 24 General Operation 10 24 Priority Mapping With and Without QoS P...

Page 180: ...to Prioritization 10 31 Troubleshooting Prioritization 10 31 Using Friendly Optional Port Names 10 32 Configuring and Operating Rules for Friendly Port Names 10 32 Configuring Friendly Port Names 10 33 Displaying Friendly Port Names with Other Port Data 10 35 10 2 ...

Page 181: ...tatus and Configuring Port Parameters Port Status and Configuration Features Feature Default Menu CLI Web viewing port status n a page 10 5 page 10 7 page 10 15 configuring ports See Table 10 1 page 10 6 page 10 10 page 10 15 on pages 10 4 and 10 4 If the switch either fails to show a link between an installed transceiver and another device or demonstrates errors or other unexpected behavior on th...

Page 182: ...peration MDI X or MDI To see what the switch negotiates for the Auto setting use the CLI show interfaces brief command or the 3 Port Status option under 1 Status and Counters in the menu interface Auto 100 Uses 100 Mbps and negotiates with the port at the other end of the link for other port operation features Auto 1000 Uses 1000 Mbps and negotiates with the port at the other end of the link for o...

Page 183: ... at Auto the default Refer to Trunk Group Operation Using LACP on page 11 16 For more on port trunking see Chapter 11 Port Trunking Type This parameter appears in the CLI show trunk listing and for a port in a trunk group specifies the type of trunk group The default Type is passive LACP which can be displayed by using the CLI show lacp command For more on port trunking see Port Trunking on page C...

Page 184: ...ple of the Port Status Screen Using the Menu To Configure Ports Not e The menu interface uses the same screen for configuring both individual ports and port trunk groups For information on port trunk groups see Chapter 11 Port Trunking 1 From the Main Menu Select 2 Switch Configuration 2 Port Trunk Settings Figure 10 2 Example of Port Trunk Settings with a Trunk Group Configured 10 6 ...

Page 185: ...nfigure and view all port parameter settings and view all port status indicators Using the CLI To View Port Status Use the following commands to display port status and configuration show interfaces brief Lists the full status and configuration for all ports on the switch show interface config Lists a subset of the data shown by the show interfaces command above that is only the enabled disabled m...

Page 186: ...number option which displaysport statistics Refer to Viewing Port and Trunk Group Statistics and Flow Control Status on page B 10 The figures 10 3 through 10 6 list examples of the output of the above two commands for the same port configuration on two different switches Current Operating Mode Figure 10 3 Example Show Interface Command Listing Current Configured Mode Figure 10 4 Example Show Inter...

Page 187: ...FDx MDIX off 0 Figure 10 5 Example Show Interface Brief Command Listing ProCurve show interface config Port Settings Port Type Enabled Mode 1 100 1000T Yes Auto Disable Auto 2 100 1000T Yes Auto Disable Auto 3 100 1000T Yes Auto Disable Auto 4 100 1000T Yes Auto Disable Auto 5 100 1000T Yes Auto Disable Auto 6 100 1000T Yes Auto Disable Auto 7 100 1000T Yes Auto Disable Auto 8 100 1000T Yes Auto D...

Page 188: ...C3 and port C6 for 100 Mbps full duplex you would enter these commands ProCurve config int e c1 c3 c6 speed duplex 100 full Similarly to configure a single port with the settings in the above command you could either enter the same command with only the one port identified or go to the context level for that port and then enter the command For example to enter the context level for port C6 and the...

Page 189: ... 99 Configures the theoretical maximum bandwidth percentage that can be used on the specified switch port s for broadcasts and multicasts The switch drops any broadcast or multicast traffic exceeding that limit Zero 0 disables the feature on the specified port s For example to configure a broadcast limit of 45 on ports 1 10 in a switch covered in this guide Configures a broadcast limit of 45 on po...

Page 190: ...n MDI port If you connect a copper port using a straight through cable to a port on an end node such as a server or PC that uses MDI ports the switch port automatically operates as an MDI X port HP Auto MDIX was developed for auto negotiating devices and was shared with the IEEE for the development of the IEEE 802 3ab standard HP Auto MDIX and the IEEE 802 3ab Auto MDI MID X feature are completely...

Page 191: ...t configures the port for connecting to either a switch hub or other MDI X device with a crossover cable or to a PC or other MDI device with a straight through cable Syntax show interfaces config Lists the current per port Auto MDI MDI X configuration Syntax show interfaces brief Where a port is linked to another device this command lists the MDI mode the port is currently using In the case of por...

Page 192: ...g Mode Not e Port Response to Switch Software Updates Switch software updated from xx xx xx or earlier 1 Copper ports in auto negotiation still default to auto mdix mode 2 Copper ports in forced speed duplex default to mdix mode The default is auto mdix If the switch is reset to the factory defaults these ports are configured as auto mdix Use the following CLI command to change the setting for ind...

Page 193: ...mission Unit MTU is the maximum size IP packet the switch can receive for Layer 2 packets inbound on a port The switch drops any inbound packets larger than the MTU allowed on the port On ports operating at 10 Mbps or 100 Mbps the MTU is fixed at 1522 bytes However ports operating at 1 Gbps or 10 Gbps speeds accept forward packets of up to 9220 bytes including four bytes for a VLAN tag when config...

Page 194: ...low Control Disable flow control the default setting on any ports or trunks through which you want to transmit or receive jumbo packets Leaving flow control enabled on a port can cause a high rate of jumbo drops to occur on the port GVRP Operation A VLAN enabled for jumbo traffic cannot be used to create a dynamic VLAN A port belonging to a statically configured jumbo enabled VLAN cannot join a dy...

Page 195: ...through which you want the switch to accept inbound jumbo traffic For operation with GVRP enabled refer to the GVRP topic under Operating Rules above 2 Ensure that the ports through which you want the switch to receive jumbo packets are operating at least at gigabit speed Check the Mode field in the output for the show interfaces brief port list command 3 Use the jumbo command to enable jumbo pack...

Page 196: ...Syntax show vlans ports port list Lists the static VLANs to which the specified port s belong including the Jumbo column to indicate which VLANs are configured to support jumbo traffic Entering only one port in port list results in a list of all VLANs to which that port belongs Entering multiple ports in port list results in a superset list that includes the VLAN memberships of all ports in the li...

Page 197: ...e of Listing the VLAN Memberships for a Range of Ports Syntax show vlans vid This command shows port membership and jumbo configuration for the specified vid Lists the ports belonging to VLAN 100 and whether the VLAN is enabled for jumbo packet traffic Figure 10 12 Example of Listing the Port Membership and Jumbo Status for a VLAN 10 19 ...

Page 198: ... Voice VLAN packets are typically small and allowing a voice VLAN to accept jumbo packet traffic can degrade the voice transmission performance You can configure the default primary and or if configured the man agement VLAN to accept jumbo packets on all ports belonging to the VLAN When the switch applies the default MTU 1522 bytes to a VLAN all ports in the VLAN can receive incoming packets of up...

Page 199: ...200 and also share these VLANs with other ports you want excluded from jumbo traffic A solution is to create a third VLAN with the sole purpose of enabling jumbo traffic on the desired ports while leaving the other ports on the switch disabled for jumbo traffic That is VLAN 100 VLAN 200 VLAN 300 Ports 6 10 11 15 6 7 12 and 13 Jumbo No No Yes Enabled If there are security concerns with grouping the...

Page 200: ... all inbound jumbo packets The port may not be operating at 1 gigabit or higher Regardless of a port s configuration if it is actually operating at a speed lower than 1 gigabit it drops inbound jumbo packets For example if a port is configured for Auto mode speed duplex auto but has negotiated a 100 Mbps speed with the device at the other end of the link then the port cannot receive inbound jumbo ...

Page 201: ...oughtheswitch particularly when running traffic flows from 1000Base to either 100Base or 10Base connec tions QoS Pass Through mode is enabled by default If it has been disabled you can re enable it via the config context of the CLI by entering the CLI command qos passthrough mode followed by write memory and rebooting the switch QoS Pass Through mode when enabled results in the following general c...

Page 202: ...h Mode The switch supports 802 1p VLAN tagging which is used in conjunction with the outbound port priority queues to prioritize outbound traffic An 802 1Q VLAN tagged packet carries an 802 1p priority setting 0 7 If the switch receives a tagged packet it is placed into the appropriate queue based on the frame s 802 1p priority setting The mapping with without QoS Pass Through Mode is as follows 8...

Page 203: ...ch s CLI QoS passthrough mode cannot be enabled or disabled through either the switch s menu or web browser interfaces Once enabled this feature adds qos passthrough mode to the switch s startup configfile Forexample inanotherwisedefaultconfiguration executingshow config lists the startup config file with QoS pass through mode enabled as follows ProCurve Switch 2810 48G show config J9022A Configur...

Page 204: ...n a priority level to Inbound untagged VLAN packets Inbound tagged VLAN packets having a priority level of 0 zero The switch does not alter the existing priority level of inbound tagged VLAN packets carrying a priority level of 1 7 Thus for example high priority tagged VLAN traffic received on a port retains its priority in the switch However you have the option of configuring the port to assign a...

Page 205: ...specified in the 802 1p standard Table 10 3 Mapping Priority Settings to Device Queues 802 1pPrioritySettingsUsed In Tagged VLAN Packets Switches with 3 Outbound Queue Assignment in Downstream Devices With Port Queues 4 Queues 8 Queues 2 Queues 1 low 2 low Low Low Low Low Low Low 0 normal priority 3 Normal Normal Normal Normal 4 5 High High Medium Medium High High 6 7 high priority High High High ...

Page 206: ...uredas0 7 aninbound untagged packet adopts the specified priority and is sent to the corre spondingoutboundqueueontheoutboundport Seetable 10 3 Mapping Priority Settings to Device Queues on page 10 27 If the outbound port is a tagged member of the applicable VLAN then the packet carries a tag with that priority setting to the next downstream device Ona givenport whenport basedpriority isconfigured...

Page 207: ... described under Operating Rules for Port Based Priority above interface port qos priority 0 Returns a port based priority setting to the default 0 for untagged packets received on the designated port s In this state the switch handles the untagged packets with Normal priority Refer to table 10 3 on page 10 27 show running config Lists any non default 1 7 port based priority settings in the runnin...

Page 208: ...ority 1 no lacp Ports 1 3 are now configured to exit assign a priority level of 1 Low to interface 2 untagged incoming traffic Any qos priority 1 inbound tagged traffic retains its no lacp priority level while transiting the exit switch interface 3 qos priority 1 no lacp exit Figure 10 15 Example of Configuring Non Default Prioritization on Untagged Inbound Traffic Messages Related to Prioritizati...

Page 209: ...so assign the same name to multiple ports The friendly port names you configure appear in the output of the show name port list show config and show interface port number commands They do not appear in the output of other show commands or in Menu interface screens See Displaying Friendly Port Names with Other Port Data on page 10 34 Friendly port names are not a substitute for port numbers in CLI ...

Page 210: ...y command Configuring Friendly Port Names Syntax interface port list name port name string Assigns a port name to port list no interface port list name Deletes the port name from port list Configuring a Single Port Name Suppose that you have connected port A3 on the switch to Bill Smith s workstation and want to assign Bill s name and workstation IP address 10 25 101 73 as a port name for port A3 ...

Page 211: ...ame for Multiple Ports Suppose that you want to use ports A5 through A8 as a trunked link to a server used by a drafting group In this case you might configure ports A5 through A8 with the name Draft Server Trunk Figure 10 17 Example of Configuring One Friendly Port Name on Multiple Ports 10 33 ...

Page 212: ...stics for that port The friendly port name data comes from the running config file show config Includes friendly port names in the per port data of the resulting configuration listing show config data comes from the startup config file To List All Ports or Selected Ports with Their Friendly Port Names This command lists names assigned to a specific port Syntax show name port list Lists the friendl...

Page 213: ...cs Listings A friendly port name configured to a port is automatically included when you display the port s statistics output Syntax show interface port number Includes the friendly port name with the port s traffic statistics listing For example if you configure port A1 with the name O Connor_10 25 101 43 the show interface output for this port appears similar to the following Friendly Port Name ...

Page 214: ... in a listing of all interfaces ports configured with non default settings Excludes ports that have neither a friendly port name nor any other non default configuration settings For example if you configure port A1 with a friendly port name This command sequence saves the friendly port name for port A1 in the startup config file but does not do so for the name entered for port A2 In this case show...

Page 215: ... a Static Trunk Group 11 9 CLI Viewing and Configuring a Static or Dynamic Port Trunk Group 11 11 Using the CLI To View Port Trunks 11 11 Using the CLI To Configure a Static or Dynamic Trunk Group 11 14 Web Viewing Existing Port Trunk Groups 11 17 Trunk Group Operation Using LACP 11 17 Default Port Operation 11 20 LACP Notes and Restrictions 11 22 Trunk Group Operation Using the Trunk Option 11 24...

Page 216: ... trunk group Port trunking allows you to assign physical links to one logical link trunk that functions as a single higher speed link providing dramatically increased bandwidth This capability applies to connections between backbone devices as well as to connections in other network areas where traffic bottlenecks exist Port Trunking Support ProCurve 2810 Switch Ports per trunk maximum 8 Trunks pe...

Page 217: ...d duplex and flow control settings Not e Link Connections The switch does not support trunking through an intermediate non trunking device such as a hub or using more than one media type in a port trunk group Similarly all links in the same trunk group must have the same speed duplex and flow control Port Trunk Options and Operation The switch offers these options for port trunking LACP IEEE 802 3...

Page 218: ...lacp active Note that the above example works if the ports are not already operating in a trunk To change the LACP option on ports already operating as a trunk you must first disable the trunked ports that you want to reconfigure For example if ports C1 C4 were LACP active and operating in a trunk with another device you would do the following to change them to LACP passive 1 Go to the port contex...

Page 219: ... configured for a static LACP trunk You want to configure non default spanning tree STP or IGMP parameters on an LACP trunk group You want an LACP trunk group to operate in a VLAN other than the default VLAN and GVRP is disabled Refer to VLANs and Dynamic LACP on page 11 22 You want to use a monitor port on the switch to monitor an LACP trunk See Trunk Group Operation Using LACP on page 11 16 Trun...

Page 220: ...he following operate on a per port basis regardless of trunk membership Enable Disable Flow control Flow Ctrl LACP is a full duplex protocol See Trunk Group Operation Using LACP on page 11 16 Trunk Configuration All ports in the same trunk group must be the same trunk type LACP or Trunk All LACP ports in the same trunk group must be either all static LACP or all dynamic LACP A trunk appears as a s...

Page 221: ...pears in the IGMP configuration display and you can configure IGMP for a static trunk in the same way that you would configure IGMP on a non trunked port Note that the switch lists the trunk by name such as Trk1 and does not list the individual ports in the trunk Also creating a new trunk automatically places the trunk in IGMP Auto status if IGMP is enabled for the default VLAN A dynamic LACP trun...

Page 222: ...ng This procedure uses the Port Trunk Settings screen to configure a static port trunk group on the switch 1 Follow the procedures in the Important note above 2 From the Main Menu Select 2 Switch Configuration 2 Port Trunk Settings 3 Press E for Edit and then use the arrow keys to access the port trunk parameters These two columns indicate static trunk status For dynamic LACP trunk status use the ...

Page 223: ...and GVRP in the Advanced Traffic Management Guide To return a port to a non trunk status keep pressing the Space bar until a blank appears in the highlighted Group value for that port Figure 11 3 Example of the Configuration for a Two Port Trunk Group 6 Move the cursor to the Type column for the selected port and use the Space bar to select the trunk type LACP Trunk the default type if you do not ...

Page 224: ...ion Commands show trunks below show lacp page 11 12 trunk page 11 14 interface lacp page 11 14 Using the CLI To View Port Trunks You can list the trunk type and group for all ports on the switch or for selected ports You can also list LACP only status information for LACP configured ports Listing Static Trunk Type and Group for All Ports or Selected Ports Syntax show trunks port list Omitting the ...

Page 225: ...yPortNamesfeature See UsingFriendly Optional PortNames onpage10 31 Port A6 does not appear in this listing because it is not assigned to a static trunk Figure 11 4 Example Listing Specific Ports Belonging to Static Trunks The show trunks port list command in the above example includes a port list and thus shows trunk group information only for specific ports that have membership in a static trunk ...

Page 226: ...e than the maximum number of allowed ports in a dynamic LACP trunk configuration When the maximum number of allowed ports trunk links are up the remaining link s will be held in standby status If a trunked link that is Up fails it will be replaced by a standby link which maintains your intended bandwidth for the trunk See also the Standby entry under Port Status in table 11 5 LACP Port Status Data...

Page 227: ... on page 10 10 On the switches covered by this guide you can configure up to 24 port trunk groups having up to 8 links each with additional standby links if you re using dynamic LACP You can configure trunk group types as follows Trunk Type Trunk Group Membership TrkX Static DynX Dynamic LACP Yes Yes Trunk Yes No Not e Trunks configured as FEC Fast Ethernet Channel are not supported To configure p...

Page 228: ...runk where STP is not in use ProCurve recommends that you first disable the port or disconnect the link on that port Syntax no trunk port list This example removes ports C4 and C5 from an existing trunk group ProCurve config no trunk c4 c5 Enabling a Dynamic LACP Trunk Group In the default port configura tion all ports on the switch are set to LACP Passive However to enable the switch to automatic...

Page 229: ...xample of Criteria for Automatically Forming a Dynamic LACP Trunk Syntax interface port list lacp active This example uses ports C4 and C5 to enable a dynamic LACP trunk group ProCurve config interface c4 c5 lacp active Removing Ports from a Dynamic LACP Trunk Group To remove a port from dynamic LACP trunk operation you must turn off LACP on the port On aportinanoperating dynamic LACP trunk you ca...

Page 230: ...oes provide a view of an existing trunk group To view any port trunk groups Click on the Status tab Click on Port Status Trunk Group Operation Using LACP The switch can automatically configure a dynamic LACP trunk group or you can manually configure a static LACP trunk group Not e LACP requires full duplex FDx links of the same media type 10 100Base T 100FX etc andthe same speed and enforces speed...

Page 231: ...dynamic trunk forms using ports that are not in the default VLAN the trunk will automatically move to the default VLAN unless GVRP operation is configured to prevent this from occurring In some cases this can create a traffic loop in your network For more on this topic refer to VLANs and Dynamic LACP on page 11 22 In most cases trunks configured for LACP operate as described in table 11 4 on the n...

Page 232: ...one or more backup links that the switch automatically activates if a primary link fails To configure a link as a standby for an existing dynamic LACP trunk ensure that the ports in the standby link are configured the same as either of the above examples Displaying Dynamic LACP Trunk Data To list the configuration and status for a dynamic LACP trunk use the CLI show lacp command Note The dynamic t...

Page 233: ...ve and active LACP port will pause and listen for LACP packets once a link is established Once this pause is complete then the port if a trunk is not detected willbeplacedinforwardingmode Someend nodeapplicationshave been found to be sensitive to this pause and may require LACP to be disabled on the port The following table describes the elements of per port LACP operation To display this data for...

Page 234: ...a pair of linked ports Disabled The port cannot carry traffic Blocked LACP or STP has blocked the port The port is not in LACP Standby mode This may be due to a trunk negotiation very brief or a configuration error such as differing port speeds on the same link or attempting to connect the switch to more than the maximum number of supported trunks Standby The port is configured for dynamic LACP tr...

Page 235: ...rst remove the port s 802 1X configu ration and then re enable LACP active or passive on the port Port Security Configured on a Port To maintain security LACP is not allowed on ports configured for port security If you configure port security on a port on which LACP active or passive is configured the switch removes the LACP configuration displays a notice that LACP is disabled on the port s and e...

Page 236: ...RP is disabled configure the trunk as a static trunk If there are ports that you do not want on the default VLAN ensure that they cannot become dynamic LACP trunk members Otherwise a traffic loop can unexpectedly occur For example VLAN 1 Default VLAN VLAN 2 VLAN 1 Default VLAN VLAN 2 VLAN 1 Default VLAN VLAN 2 VLAN 1 Default VLAN VLAN 2 If the ports in VLAN 2 are configured to allow a dynamic trun...

Page 237: ...c TrkX LACP but any ports configured as standby LACP links will be ignored Trunk Group Operation Using the Trunk Option This method creates a trunk group that operates independently of specific trunking protocols and does not use a protocol exchange with the device on the other end of the trunk With this choice the switch simply uses the SA DA method of distributing outbound traffic across the tru...

Page 238: ...k depending on the rotation of path assign ments among the links in the trunk Likewise the switch distributes traffic for the same destination address but from different source addresses through different links Because the amount of traffic coming from or going to various nodes in a network can vary widely it is possible for one link in a trunk group to be fully utilized while others in the same t...

Page 239: ... C Y B X D Z 3 2 C C Figure 11 10 Example of Port Trunked Network Table 11 6 Example of Link Assignments in a Trunk Group SA DA Distribution Source Destination Link Node A Node W 1 Node B Node X 2 Node C Node Y 3 Node D Node Z 1 Node A Node Y 2 Node B Node W 3 11 25 ...

Page 240: ...Port Trunking Port Status and Configuration This page is intentionally unused 11 26 ...

Page 241: ...ities 12 12 Menu Viewing and Configuring non SNMP version 3 Communities 12 14 CLI Viewing and Configuring SNMP Community Names 12 16 SNMP Notification and Traps 12 18 Trap Features 12 20 Using the CLI To Enable Authentication Traps 12 23 Advanced Management RMON 12 24 LLDP Link Layer Discovery Protocol 12 25 Terminology 12 26 General LLDP Operation 12 27 Packet Boundaries in a Network Topology 12 ...

Page 242: ...ort Transmit and Receive Modes 12 39 Configuring Basic LLDP Per Port Advertisement Content 12 40 Configuring Support for Port Speed and Duplex Advertisements 12 42 Displaying Advertisement Data 12 43 Displaying Switch Information Available for Outbound Advertisements 12 44 Displaying LLDP Statistics 12 48 LLDP Operating Notes 12 51 LLDP and CDP Data Management 12 52 LLDP and CDP Neighbor Data 12 5...

Page 243: ... 12 24 To implement SNMP management the switch must have an IP address configured either manually or dynamically using DHCP or Bootp If multiple VLANs are configured each VLAN interface should have its own IP address For DHCP use with multiple VLANs see the chapter on VLANs in the Advanced Traffic Management Guide Not e If you use the switch s Authorized IP Managers and Management VLAN features en...

Page 244: ...abase of your SNMP network management tool you can copy the MIB file from the ProCurve Networking web site at http www procurve com Click on software then MIBs Configuring for SNMP Access to the Switch SNMP access requires an IP address and subnet mask configured on the switch For managed switches ProCurve recommends permanent IP addressing Refer to IP Configuration on page 8 3 Once an IP address ...

Page 245: ...page 8 3 If you are using DHCP Bootp to configure the switch ensure that the DHCP Bootp process provides the IP address See DHCP Bootp Operation on page 8 12 Once an IP address has been configured the main steps for configuring SNMP version 3 access management features are 1 Enable SNMPv3 for operation on the switch Refer to SNMP Version 3 Commands on page 12 6 2 Configure the appropriate SNMP use...

Page 246: ...d public inaccessible to network management applications such as auto discovery traffic monitoring SNMP trap generation and threshold setting Syntax no snmpv3 enable Enable and disable the switch for access from SNMPv3 agents This includes the creation of the initial user record no snmpv3 only Enables or disables restrictions to access from only SNMPv3 agents When enabled the switch rejects all no...

Page 247: ...ple of this dialog Not e S N M P Ve r s i o n 3 Ini tia l User s For most SNMPv3 management software to be able to create new users they must have an initial user record clone These records can be downgraded given fewer features but not upgraded with new features added For this reason ProCurve recommends that you create a second user with SHA and DES at when you enable SNMPv3 Enable Createinitialu...

Page 248: ...r Deletes an user entry for snmpv3 Authorization and Privacy are optional but to use privacy you must use authorization When deleting a user only the user_name is required auth md5 sha auth_pass With authorization you can select either md5 authentication or sha authentication The auth_pass must be 6 32 characters in length and must be included when authentication is included Default None priv priv...

Page 249: ...is defines which security model to use for the added user A SNMPv3 access Group should only use the ver3 security model To establish a user you must first add the user names to the list of known users Add user names with the snmpv3 user CLI command AdduserNetworkAdminwithno Authentication or Privacy Add user Network Mgr with authentication and privacy Privacy is used and the password is set privpa...

Page 250: ... page 12 11 Add NetworkAdmin to operator noauth group Add NetwrokMgr to managerpriv group Pre assigned groups for access by Version 2c and version 1 management applications Figure 12 3 Assign Users to group for SNMPv3 C a u t i o n Adding a user without authentication and or privacy to a group that requires it will cause the user to not be able to access the switch You should only add users to the...

Page 251: ...veryView commanagerrw Ver2c or Ver1 ManagerReadView ManagerWriteView commanagerr Ver2c or Ver1 ManagerReadView DiscoveryView comoperatorrw Ver2c or Ver1 OperatorReadView OperatorReadView comoperatorr Ver2c or Ver1 OperatorReadView DiscoveryView Each view allows you to view or modify a different set of MIBs Manager Read View access to all managed objects Manager Write View access to all managed obj...

Page 252: ...ut special mappings can be added with the snmpv3 community command Syntax no snmpv3 community This command maps or removes a mapping of a community name to a group access level To remove a mapping you only need the index_name index index name This is an index number or title for the mapping The values of 1 5 are reserved and can not be mapped name com name This is the community name that is being ...

Page 253: ... Default Menu CLI Web show SNMP communities n a page 12 14 page 12 16 configure identity information none page 12 17 configure community names MIB view for a community name operator manager write access for default community name public manager unrestricted page 12 14 page 12 17 Use SNMP communities to restrict access tothe switch by SNMPmanagement stations by adding editing or deleting SNMP commu...

Page 254: ...rk management is a concern it is recommended that you change the write access for the public community to Restricted Menu Viewing and Configuring non SNMP version 3 Communities To View Edit or Add SNMP Communities 1 From the Main Menu Select 2 Switch Configuration 6 SNMP Community Names Note This screen gives an overview of the SNMP communities that are currently configured All fields in this scre...

Page 255: ... other fields Figure 12 6 The SNMP Add or Edit Screen Need Help If you need information on the options in each field press Enter to move the cursor to the Actions line then select the Help option on the Actions line When you are finished with Help press E for Edit to return the cursor to the parameter fields 3 Enter the name you want in the Community Name field and use the Space bar to select the ...

Page 256: ...names along with trap receivers and the setting for authentication traps see SNMP Notification and Traps on page 12 18 Syntax show snmp server community string This example lists the data for all communities in a switch that is both the default ProCurve public community name and another community named blue team Default Community and Settings Non Default Community and Settings Trap Receiver Data S...

Page 257: ... Optionally assigns an access level At the operator level the community can access all MIB objects except the CONFIG MIB At the manager level the community can access all MIB objects restricted unrestricted Optionally assigns MIB access type Assigning the restricted type allows the community to read MIB variables but not to set them Assigning the unrestricted type allows the community to read and ...

Page 258: ...record for the target address with the snmpv3 params command Syntax no snmpv3 notify notify name tagvalue tag name This adds or deletes a notification request To remove a mapping you only need the notify name no snmpv3 targetaddress addr name params parms name IP Addr Add or delete an address where notification messages are sent filter none debug all not info critical This filter messages to restr...

Page 259: ...he user name should be a User from the user table For more information on users see SNMP Version 3 Users on page 12 8 A completeparamscommand must also have a sec model and msg processing entry sec model ver1 ver2c ver3 This established the security model to use for messages passed to the targetaddress IF ver3 is used then the msg processing must also be ver3 msg processing ver1 ver2c ver3 noaut a...

Page 260: ... These traps cannot be redirected to other communities Thus if you change or delete the default public community name these traps will be lost Thresholds The switch automatically sends all messages resulting from thresholds to the network management station s that set the thresholds regardless of the trap receiver configuration In the default configuration there are no trap receivers configured an...

Page 261: ...ame data see SNMP Communities on page 12 12 Syntax show snmp server Displays current community and trap receiver data In the next example the show snmp server command shows that the switch has been previously configured to send SNMP traps to management stations belonging to the public red team and blue team communities Example of Community NameData See page 12 12 Example of Trap Receiver Data Auth...

Page 262: ...ation for receiving SNMP event log messages from the switch If you do not specify the event level then the switch does not send event log messages as traps You can specify up to ten trap receivers network management stations Note In all cases the switch sends any threshold trap s to the network management station s that explicitly set the threshold s none all non info critical debug Options for se...

Page 263: ...you do not specify the event level none all non info critical debug then the switch does not send event log messages as traps Well Known traps and threshold traps if configured will still be sent Using the CLI To Enable Authentication Traps Not e For this feature to operate one or more trap receivers must be configured on the switch See Configuring Trap Receivers on page 12 22 Using the CLI To Ena...

Page 264: ...work segments This allows for troubleshooting and optimizing your network The following RMON groups are supported Ethernet Statistics except the numbers of packets of different frame sizes Alarm History of the supported Ethernet statistics Event The RMON agent automatically runs in the switch Use the RMON management station on your network to enable or disable specific RMON traps and events 12 24 ...

Page 265: ... page 12 35 LLDP packets Change the holdtime multiplier for LLDP Packets 4 seconds page 12 28 holdtime multiplier x refresh interval time to live Change the delay interval between advertisements 2 seconds page 12 36 Changing the reinitialization delay interval 2 seconds page 12 37 Configuring SNMP notification support Disabled page 12 38 Configuring transmit and receive modes tx_rx page 12 39 Conf...

Page 266: ...Switches covered in this guide IEEE 802 1AB LLDP Aware A device that has LLDP in its operating code regardless of whether LLDP is enabled or disabled LLDP Device A switch server router or other device running LLDP LLDP Neighbor An LLDP device that is either directly connected to another LLDP device or connected to that device by another non LLDP Layer 2 device such as a hub Note that an 802 1D com...

Page 267: ...ngth field in bytes and a field containing the actual data the unit is designed to carry as an alphanumeric string a bitmap or a subgroup of information Some TLVs include subelements that occur as separate data points in displays of information maintained by the switch for LLDP advertisements That is some TLVs include multiple data points or subelements General LLDP Operation An LLDP packet contai...

Page 268: ...ation in an LLDP packet outbound from the switch will be maintained in a neighbor LLDP device page 12 28 Transmit and Receive Mode With LLDP enabled the switch periodically transmits an LLDP advertisement packet out each active port enabled for outbound LLDP transmissions and receives LLDP advertisements on each active port enabled to receive LLDP traffic page 12 39 Per Port configuration options ...

Page 269: ...P neighbor retains the advertised data before discarding it Chassis Type2 6 N A Always Enabled Indicates the type of identifier used for Chassis ID Chassis ID6 N A Always Enabled Uses base MAC address of the switch Port Type3 6 N A Always Enabled Uses Local meaning assigned locally by LLDP Port Id6 N A Always Enabled Uses port number of the physical port In the switches covered in this guide this ...

Page 270: ...or an address configured for inclusion in advertisements Refer to IP Address Advertisements on page 12 31 Debug Logging You can enable LLDP debug logging to a configured debug destination Syslog server and or a terminal device by executing the debug lldp command For more on Debug and Syslog refer to the Troubleshooting appendix in the Management and Configuration Guide for your switch Note that th...

Page 271: ... default VLAN VID 1 and there is an IP address configured for the defaultVLAN thentheportadvertisesthisIPaddress Inthe defaultoperation the IP address that LLDP uses can be an address acquired by DHCP or Bootp You can override the default operation by configuring the port to advertise any IP address that is manually configured on the switch even if the port does not belong to the VLAN configured w...

Page 272: ...lldp config 12 34 no lldp run 12 35 lldp refresh interval 12 35 lldp holdtime multiplier 12 36 lldpTxDelay 12 36 lldpReinitDelay 12 37 lldp enable notification 12 38 lldpnotificationinterval 12 39 lldp admin status txonly rxonly tx_rx disable 12 39 lldp config port list IpAddrEnable 12 40 lldp config port list basicTlvEnable 12 41 Viewing the Current Configuration Displaying the Global LLDP Port A...

Page 273: ...dp config produces the following display when the switch is in the default LLDP configuration Med Topology Trap Enabled False True False False True False False Note This value corresponds to the lldp refresh interval command page 12 35 Figure 12 10 Example of Viewing the General LLDP Configuration 12 33 ...

Page 274: ...ation on the other configurable settings displayed by this command refer to Configuring Per Port Transmit and Receive Modes on page 12 39 The blank IpAddress field indicates that the default IP address will be advertised from this port Refer to page 12 40 Configuring a Remote Management Address for Outbound LLDP Advertisements This fieldappearswhendot3tlvenableis enabled on the switch which is the...

Page 275: ... configuration when LLDP is disabled After LLDP is disabled the information in the LLDP neighbors database remains until it times out Default Enabled For example to disable LLDP on the switch ProCurve config no lldp run Changing the Packet Transmission Interval This interval controls how often active ports retransmit advertisements to their neighbors Syntax lldp refresh interval 5 32768 Changes th...

Page 276: ...es the advertised data is deleted from the neighbor switch s MIB Default 4 Range 2 10 For example if the refresh interval on the switch is 15 seconds and the holdtime multiplier is at the default the Time to Live for advertisements transmitted from the switch is 60 seconds 4 x 15 To reduce the Time to Live you could lower the holdtime interval to 2 which would result in a Time to Live of 30 second...

Page 277: ...ou must first set the refresh interval to a minimum of 32 seconds 32 4 x 8 Figure 12 12 Example of Changing the Transmit Delay Interval Attempt to change the transmit delay interval shows that the refresh interval is less than 4 x delay interval Changes the refresh interval to 32 that is 32 4 x desired transmit delay interval Successfully changes the transmit delay interval to 8 Changing the Reini...

Page 278: ...einitdelay 0 i 5 Configuring SNMP Notification Support You can enable SNMP trap notification of LLDP data changes detected on advertisements received from neighbor devices and control the interval between successive notifications of data changes on the same neighbor Enabling LLDP Data Change Notification for SNMP Trap Receivers Syntax no lldp enable notification port list Enables or disables each ...

Page 279: ...5 seconds For example the following command limits change notification traps from a particular switch to one per minute ProCurve config setmib lldpnotificationinterval 0 i 60 lldpNotificationInterval 0 60 Configuring Per Port Transmit and Receive Modes These commands control advertisement traffic inbound and outbound on active ports Syntax lldp admin status port list txonly rxonly tx_rx disable Wi...

Page 280: ... a specific IP address in the outbound LLDP advertisements for specific ports Syntax no lldp config port list ipAddrEnable ip address Replaces the default IP address for the port with an IP address you specify This can be any IP address configured in a static VLAN on the switch even if the port does not belong to the VLAN configured with the selected IP address The no form of the command deletes t...

Page 281: ... use LLDP commands to configure their actual content port description TLV system name TLV system description TLV system capabilities TLV system capabilities Supported TLV subelement system capabilities Enabled TLV subelement port speed and duplex TLV subelement Syntax no lldp config port list basicTlvEnable TLV Type port_descr For outbound LLDP advertisements this TLV includes an alphanumeric stri...

Page 282: ...if you wanted to exclude the system name TLV from the outbound LLDP advertisements for all ports on a switch you would use this command ProCurve config no lldp config 1 24 basicTlvEnable system_name If you later decided to reinstate the system name TLV on ports 1 5 you would use this command ProCurve config lldp config 1 5 basicTlvEnable system_name Displaying Advertisement Data Command Page show ...

Page 283: ...port list option this command displays only the following port specific information that is currently available for outbound LLDP advertisements on the specified ports PortType PortId PortDesc Note This command displays the information available on the switch Use the lldp config port list command to change the selection of information that is included in actual outbound advertisements In the defau...

Page 284: ...n this topic refer to Remote Management Address on page 12 30 Figure 12 13 Example of Displaying the Global and Per Port Information Available for Outbound Advertisements Figure 12 14 Example of the Default Per Port Information Content for Ports 1 and 2 Displaying Advertisements Currently in the Neighbors MIB These commands display the content of the inbound LLDP advertisements received from other...

Page 285: ...he remote device may be connected to the switch in one of the following ways Through different VLANS using separate links This applies to switches that use the same MAC address for all configured VLANs Through different links in the same trunk Through different links using the same VLAN In this case spanning tree should be invoked to prevent a net work topology loop Note that LLDP packets travel o...

Page 286: ...obal Listing of Discovered Devices Example of an LLDP advertisement received from a 3400cl 48G neighbor on port 1 Figure 12 16 Example of a Per Port Listing of Advertisements Received from an LLDP Device Not e With both LLDP and read only CDP enabled on a switch port the port can read both LLDP and CDP advertisements and stores both types of data in its neighbordatabase WhenreadingCDPadvertisement...

Page 287: ... Count Shows the total of new LLDP neighbors detected since the last switch reboot Disconnecting then reconnecting a neighbor increments this counter Neighbor Entries Deleted Count Shows the number of neighbor deletions from the MIB for AgeOut Count and forced drops for all ports For example if the admin status for port on a neighbor device changes from tx_rx or txonly to disabled or rxonly then t...

Page 288: ...y supporting the maximum number of neighbors Refer to Neighbor Maximum on page 12 50 This can also be an indication of advertisement formatting problems in the neighbor device Frames Invalid Shows the total number of invalid LLDP advertisements received on the port An invalid advertisement can be caused by header formatting problems in the neighbor device TLVs Unrecognized Shows the total number o...

Page 289: ...s showing frames sent on a port but no frames received on that port indicates an active link with a device that either has LLDP disabled on the link or is not LLDP aware Figure 12 17 Example of a Global LLDP Statistics Display Figure 12 18 Example of a Per Port LLDP Statistics Display 12 49 ...

Page 290: ... only one IP address per port even if multiple IP addresses are configured by lldp config port list ipAddrEnable on a given port 802 1Q VLAN Information LLDP packets do not include 802 1Q header information and are always handled as untagged packets Effect of 802 1X Operation If 802 1X port security is enabled on a port and a connected device is not authorized LLDP packets are not transmitted or r...

Page 291: ...es this information as two separateentriesiftheadvertisementshavedifferenceschassisIDandport ID information If the chassis and port ID information are the same the switch stores this information as a single entry That is LLDP data overwrites the corre sponding CDP data in the neighbor database if the chassis and port ID information in the LLDP and CDP advertisements received from the same device i...

Page 292: ...nd CDP packets CDP Disabled n a NostorageofCDPdatafrom Floods inbound CDP packets neighbor devices from connected devices to outbound ports LLDP Enabled1 Generatesand Store inbound LLDP data No forwarding of inbound transmits LLDP packets LLDP packets outallportson the switch LLDP Disabled No packet No storage of LLDP data No forwarding of inbound generation from neighbor devices LLDP packets 1Bot...

Page 293: ...any data entry in the switch s CDP Neighbors table is configured in the device transmitting the CDP packet and cannot be controlled in the switch receiving the packet A switch reviews the list of CDP neighbor entries every three seconds and purges any expired entries Command Page show cdp 12 53 show cdp neighbors port list detail 12 54 detail port list no cdp run 12 55 no cdp enable port list 12 5...

Page 294: ...ing CDP devices the switch detects with a subset of the information collected from the device s CDP packet port numb detail Lists the CDP device connected to the specified port Allows only one port at a time Using detail provides a longer list of details on the CDP device the switch detects on the specified port detail port num Provides a list of the details for all of the CDP devices the switch d...

Page 295: ... Syntax no cdp run Enables or disables read only CDP operation on the switch Default Enabled For example to disable CDP read only operation on the switch ProCurve config no cdp run When CDP is disabled show cdp neighbors displays an empty CDP Neighbors table show cdp displays Global CDP information Enable CDP Yes No Enabling or Disabling CDP Operation on Individual Ports In the factory default con...

Page 296: ...Configuring for Network Management Applications LLDP Link Layer Discovery Protocol This page is intentionally unused 12 56 ...

Page 297: ... Workstation A 12 Menu Xmodem Download to Primary Flash A 13 CLI Xmodem Download from a PC or Unix Workstation to Primary or Secondary Flash A 14 Switch to Switch Download A 15 Menu Switch to Switch Download to Primary Flash A 15 CLI Switch To Switch Downloads A 16 Using ProCurve Manager Plus to Update Switch Software A 17 Troubleshooting TFTP Downloads A 18 Transferring Switch Configurations A 19...

Page 298: ...tch console interface the switch software is referred to as the OS for switch operating system Downloading Switch Software ProCurve Networking periodically provides switch software updates through the ProCurve website http www procurve com For more information see the support and warranty booklet shipped with the switch After you acquire a new switch software file you can use one of the following ...

Page 299: ...f a download is interrupted by a power failure the switch goes into boot ROM mode In this case use the boot ROM console to download a new switch software image to primary flash Refer to Restoring a Flash Image on page C 44 Using TFTP To Download Switch Software from a Server This procedure assumes that An switch software file for the switch has been stored on a TFTP server accessible to the switch...

Page 300: ...le Main Menu select Download OS to display this screen Figure A 1 Example of the Download OS Screen Default Values 2 Press E for Edit 3 Ensure that the Method field is set to TFTP the default 4 In the TFTP Server field type in the IP address of the TFTP server in which the switch software file has been stored 5 In the Remote File Name field type the name of the switch software file If you are usin...

Page 301: ...is prompt Continue reboot of system No Press the space bar once to change No to Yes then press Enter to begin the reboot Not e When you use the menu interface to download switch software the new image is always stored in primary flash Also using the Reboot Switch option in the Main Menu always reboots the switch from primary flash Rebooting the switch from the CLI gives you more options Refer to R...

Page 302: ...ns that the image you number of bytes transferred want to upload will replace the image currently in primary flash The Primary OS Image will be deleted continue y n y 01431K Figure A 3 Example of the Command to Download Switch Software 2 When the switch finishes downloading the switch software file from the server it displays this progress message Validating and Writing System Software to FLASH 3 ...

Page 303: ... There are differences in the way these clients work so be sure you also download the documentation As described earlier in this chapter you can use a TFTP client on the admin istrator workstation to update software images This is a plain text mechanism and it connects to a standalone TFTP server or another ProCurve switch acting as a TFTP server to obtain the software image file s Using SCP and S...

Page 304: ...secure copy is an implementation of the BSD rcp Berkeley UNIX remote copy command tunneled through an SSH connection SCP is used to copy files to and from the switch when security is required SCP works with both SSH v1 and SSH v2 Be aware that the most third party software application clients that support SCP use SSHv1 How It Works The general process for using SCP and SFTP involves three steps 1 ...

Page 305: ... open a terminal window and type in the following command ProCurve config ip ssh filetransfer Command Options If you need to enable SSH v2 which is required for SFTP enter this command ProCurve config ip ssh version 2 Note As a matter of policy administrators should not enable the SSHv1 only or the SSHv1 or v2 advertisement modes SSHv1 is supported on only some legacy switches such as the ProCurve...

Page 306: ...rt use the switch s local username password facility Otherwise you can use the switch s local public key for authentication Some clients such as PSCP PuTTY SCP automatically compare switch host keys for you Other clients require you to manually copy and paste keys to the HOME ssh known_hosts file Whatever SCP SFTP software tool you use after installing the client software you must verify that the ...

Page 307: ...cure encrypted environment and TFTP is no longer necessary Using Xmodem to Download Switch Software From a PC or UNIX Workstation This procedure assumes that The switch is connected via the Console RS 232 port to a PC operating as a terminal Refer to the Installation and Getting Started Guide you received with the switch for information on connecting a PC as a terminal and running the switch conso...

Page 308: ...er then Send File b Type the file path and name in the Filename field c In the Protocol field select Xmodem d Click on the Send button The download will then commence It can take several minutes depend ing on the baud rate set in the switch and in your terminal emulator 6 After the primary flash memory has been updated with the new operating system you must reboot the switch to implement the newly...

Page 309: ...4 Example of the Command to Download Switch Software Using Xmodem 2 Execute the terminal emulator commands to begin the Xmodem transfer For example using HyperTerminal a Click on Transfer then Send File b Type the file path and name in the Filename field c In the Protocol field select Xmodem d Click on the Send button The download can take several minutes depending on the baud rate used in the tra...

Page 310: ...ace you can download switch software from either the primary or secondary flash of one switch to the primary flash of another switch 1 From the switch console Main Menu in the switch to receive the down load select 7 Download OS screen 2 Ensure that the Method parameter is set to TFTP the default 3 In the TFTP Server field enter the IP address of the remote switch contain ing the switch software y...

Page 311: ...py tftp command from the destination switch The options for this CLI feature include Copy from primary flash in the source to either primary or secondary in the destination Copy from either primary or secondary flash in the source to either primary or secondary flash in the destination Downloading from Primary Only This command executed in the destina tion switch downloads the switch software from...

Page 312: ...ash location for the destination the download automatically goes to primary flash For example to download switch software from secondary flash in a switch with an IP address of 10 28 227 103 to the secondary flash in the destination switch you would execute the following command in the destination switch s CLI Figure A 6 Switch to Switch from Either Flash in Source to Either Flash in Destination U...

Page 313: ...Event Log see Using Logging To Identify Problem Sources on page C 23 Some of the causes of download failures include Incorrect or unreachable address specified for the TFTP Server parameter This may include network problems Incorrect VLAN Incorrect name specified for the Remote File Name parameter or the specified file cannot be found on the TFTP server This can also occur if the TFTP server is a ...

Page 314: ... file use TFTP to copy a config file to a n a page A 19 remote host use Xmodem to copy a n a page A 19 configuration from a serially connected host to a config file Use Xmodem to copy a config file n a page A 20 to a serially connected host Using the CLI commands described in this section you can copy switch configurations to and from a switch TFTP Copying a Configuration from a Remote Host Syntax...

Page 315: ...PC or Unix Workstation To use this method the switch must be connected via the serial port this is an RJ45 port on the front panel of the 2810 switch to a PC or Unix workstation to which you want to copy the configuration file You will need to Determine a filename to use Know the directory path you will use to store the the configuration file Syntax copy startup config running config xmodem pc uni...

Page 316: ...file Syntax copy xmodem startup config pc unix For example to copy a configuration file from a PC serially connected to the switch 1 Execute the following command 2 After you see the above prompt press Enter 3 Execute the terminal emulator commands to begin the file transfer 4 When the download finishes you must reboot the switch to implement the newly downloaded OS To do so use one of the followi...

Page 317: ...g Processor Specific operating data useful for determining the reason for a system crash Copying Command Output to a Destination Device This command directs the displayed output of a CLI command to a file in a destination device Syntax copy command output cli command tftp ip address filepath filename copy command output cli command xmodem For example to use Xmodem to copy the output of show config...

Page 318: ...estination Device This command uses TFTP or Xmodem to copy the Crash Data content to a PC or UNIX workstation on the network You can copy individual slot informa tion or the master switch information If you do not specify either the command defaults to the master data Syntax copy crash data slot id master xmodem copy crash data slot id master tftp ip address filename where slot id a h and retrieve...

Page 319: ...ter data Syntax copy crash log slot id master tftp ip address filepath and filename copy crash log slot id master xmodem where slot id a h and retrieves the crash log or crash data from the processor on the module in the specified slot master Retrieves crash log or crash data from the switch s chassis processor For example to copy the Crash Log for slot C to a file in a PC connected to the switch ...

Page 320: ...File Transfers Copying Diagnostic Data to a Remote Host PC or Unix Workstation This page is intentionally unused A 24 ...

Page 321: ...ss B 9 Viewing Port and Trunk Group Statistics and Flow Control Status B 10 Menu Access to Port and Trunk Statistics B 11 CLI Access To Port and Trunk Group Statistics B 12 Web Browser Access To View Port and Trunk Group Statistics B 12 Viewing the Switch s MAC Address Tables B 12 Menu Access to the MAC Address Views and Searches B 14 CLI Access for MAC Address Views and Searches B 16 Spanning Tre...

Page 322: ...eration Contents Port and Static Trunk Monitoring Features B 24 Menu Configuring Port and Static Trunk Monitoring B 25 CLI Configuring Port and Static Trunk Monitoring B 27 Web Configuring Port Monitoring B 29 Locating a Device B 29 B 2 ...

Page 323: ...g events Using Logging To Identify Problem Sources on page C 23 Alert Log Lists network occurrences detected by the switch in the Status Overview screen of the web browser interface page 5 6 Configurable trap receivers Uses SNMP to enable management sta tions on your network to receive SNMP traps from the switch SNMP Notification and Traps on page 12 18 Port monitoring mirroring Copy all traffic f...

Page 324: ...Menu CLI Lists the module type and description for each slot in which a B 8 module is installed Port Status Menu CLI Displays the operational status of each port B 9 Web Port and Trunk Statistics Menu CLI Summarizes port activity and lists per port flow control status B 10 and Flow Control Status Web VLAN Address Table Menu CLI Lists the MAC addresses of nodes the switch has detected on B 13 speci...

Page 325: ... at the Main Menu display the Status and Counters menu by select ing 1 Status and Counters Figure B 1 The Status and Counters Menu Each of the above menu items accesses the read only screens described on the following pages Refer to the online help for a description of the entries displayed in these screens B 5 ...

Page 326: ... Access From the console Main Menu select 1 Status and Counters 1 General System Information Figure B 2 Example of General Switch Information This screen dynamically indicates how individual switch resources are being used See the online Help for details CLI Access Syntax show system information B 6 ...

Page 327: ...s 2 Switch Management Address Information Figure B 3 Example of Management Address Information with VLANs Configured This screen displays addresses that are important for management of the switch If multiple VLANs are not configured this screen displays a single IP address for the entire switch See the online Help for details CLI Access Syntax show management B 7 ...

Page 328: ...is feature to determine which slots have modules installed and which type s of modules are installed Menu Displaying Port Status From the Main Menu select 1 Status and Counters 3 Module Information Figure B 4 Example of Module Information in the Menu Interface CLI Access Syntax show module B 8 ...

Page 329: ...and the console interface show the same port status data Menu Displaying Port Status From the Main Menu select 1 Status and Counters 4 Port Status Figure B 5 Example of Port Status on the Menu Interface CLI Access Syntax show interfaces brief Web Access 1 Click on the Status tab 2 Click on Port Status B 9 ...

Page 330: ... specific port The menu interface and the web browser interface provide a dynamic display of counters summarizing the traffic on each port The CLI lets you see a static snapshot of port or trunk group statistics at a particular moment As mentioned above rebooting or resetting the switch resets the counters to zero You can also reset the counters to zero for the current session This is useful for t...

Page 331: ...of Port Counters on the Menu Interface To view details about the traffic on a particular port use the v key to highlight that port number then select Show Details For example selecting port A2 displays a screen similar to figure B 7 below Figure B 7 Example of the Display for Show details on a Selected Port This screen also includes the Reset action for the current session See the Note on Reset on...

Page 332: ...ort s you specify Syntax show interfaces ethernet port list To Reset the Port Counters for a Specific Port This command resets the counters for the specified ports to zero for the current session See the Note on Reset on page B 10 Syntax clear statistics ethernet port list Web Browser Access To View Port and Trunk Group Statistics 1 Click on the Status tab 2 Click on Port Counters 3 To refresh the...

Page 333: ...ach MAC address was learned Menu Access to the MAC Address Views and Searches Per VLAN MAC Address Viewing and Searching This feature lets you determine which switch port on a selected VLAN is being used to communi cate with a specific device on the network The per VLAN listing includes The MAC addresses that the switch has learned from network devices attached to the switch The port on which each...

Page 334: ... device 1 Proceeding from figure B 8 press S for Search to display the following prompt Enter MAC address _ 2 Type the MAC address you want to locate and press Enter The address and port number are highlighted if found If the switch does not find the MAC address on the currently selected VLAN it leaves the MAC address listing empty Located MAC Address and Corresponding Port Number Figure B 9 Examp...

Page 335: ...ecific Port 2 Use the Space bar to select the port you want to list or search for MAC addresses then press Enter to list the MAC addresses detected on that port Determining Whether a Specific Device Is Connected to the Selected Port Proceeding from step 2 above 1 Press S for Search to display the following prompt Enter MAC address _ 2 Type the MAC address you want to locate and press Enter The add...

Page 336: ...on ports A1 through A4 and port A6 ProCurve show mac address a1 a4 a6 To List All Learned MAC Addresses on a VLAN with Their Port Numbers This command lists the MAC addresses associated with the ports for a given VLAN For example ProCurve show mac address vlan 100 Not e The switch operates with a multiple forwarding database architecture For more on this topic refer to Duplicate MAC Addresses Acro...

Page 337: ...on the switch to display the following data Figure B 12 Example of Spanning Tree Information Use this screen to determine current switch level STP parameter settings and statistics You can use the Show ports action at the bottom of the screen to display port level information and parameter settings for each port in the switch including port type cost priority operating state and designated bridge ...

Page 338: ...nd Counters Data Figure B 13 Example of STP Port Information CLI Access to STP Data This option lists the STP configuration root data and per port data cost priority state and designated bridge Syntax show spanning tree ProCurve show spanning tree B 18 ...

Page 339: ... addresses per VLAN Number of report and query packets per group Querier access port per VLAN show ip igmp vlan id Per VLAN command listing above IGMP status for specified VLAN VID show ip igmp group ip addr Lists the ports currently participating in the specified group with port type Access type Age Timer data and Leave Timer data For example suppose that show ip igmp listed an IGMP group address...

Page 340: ...static or dynamic Primary VLAN Syntax show vlan vlan id For the specified VLAN lists Name VID and status static dynamic Per Port mode tagged untagged forbid no auto Unknown VLAN setting Learn Block Disable Port status up down For example suppose that your switch has the following VLANs Ports VLAN VID 1 12 DEFAULT_VLAN 1 1 2 VLAN 33 33 3 4 VLAN 44 44 The next three figures show how you could list d...

Page 341: ... B 15 Example of VLAN Listing for the Entire Switch Listing the VLAN ID VID and Status for Specific Ports Because ports A1 and A2 are not members of VLAN 44 itdoesnotappear in this listing Figure B 16 Example of VLAN Listing for Specific Ports Listing Individual VLAN Status Figure B 17 Example of Port Listing for an Individual VLAN B 21 ...

Page 342: ...the status of the switch including summary graphs indicating the network utili zation on each of the switch ports symbolic port status indicators and the Alert Log which informs you of any problems that may have occurred on the switch For more information on this screen see chapter 5 Using the Web Browser Interface Port Status Indicators Alert Log Port Utilization Graphs Figure B 18 Example of a W...

Page 343: ...nbound ingress and outbound egress traffic of other ports and of static trunks on the switch The switch monitors the network activity by copying all inbound and outbound traffic on the specified interfaces to the designated monitoring port to which a network analyzer can be attached The instructions below apply to all of the switches covered in this manual Not e Port trunks cannot be used as a mon...

Page 344: ...an shown in this procedure 1 From the Console Main Menu select 2 Switch Configuration 3 Network Monitoring Port Enable monitoring by setting this parameter to Yes Figure B 19 The Default Network Monitoring Configuration Screen 2 In the Actions menu press E for Edit 3 If monitoring is currently disabled the default then enable it by pressing the Space bar or Y to select Yes 4 Press the down arrow k...

Page 345: ...ing 6 Use the down arrow key to move the cursor to the Action column for the individual ports and position the cursor at a port you want to monitor 7 Press the Space bar to select Monitor for each port and trunk that you want monitored Use the down arrow key to move from one interface to the next in the Action column 8 When you finish selecting ports to monitor press Enter then press S for Save to...

Page 346: ... assigned to receive monitored traffic and the ports and or trunks being monitored Syntax show monitor For example if you assign port A6 as the monitoring port and configure the switch to monitor ports A1 A3 show monitor displays the following Port receiving monitored traffic Monitored Ports Figure B 21 Example of Monitored Port Listing Configuring the Monitor Port This command assigns or removes ...

Page 347: ... port numbers and static trunk names at the same time Forexample withaportsuchasportA6configuredas themonitoring mirror port you would use either of the following commands to select these ports and static trunks for monitoring A1 through A3 and A5 Trunks 1 and 2 From the global config level selects ports and trunks for monitoring sources Selects the interface context level then selects the ports a...

Page 348: ... For web based Help on how to use the web browser interface screen click on the button provided on the web browser screen Locating a Device If you are trying to locate a particular switch you can enter the chassislocate command The blue Locator LED will light up on that switch Syntax chassislocate blink on off Locate a device by using the blue Locate LED on the front panel blink 1 1440 Blinks the ...

Page 349: ...cate blink 1 1440 Blink the chassis locate led default 30 minutes off Turn the chassis locate led off on 1 1440 Turn the chassis locate led on default 30 minutes ProCurve config chassislocate Figure B 24 The chassislocate command Locator LED Figure B 25 Location of the Locator LED B 29 ...

Page 350: ...Monitoring and Analyzing Switch Operation Locating a Device This page is intentionally unused B 30 ...

Page 351: ...dius Related Problems C 15 Spanning Tree Protocol STP and Fast Uplink Problems C 16 SSH Related Problems C 17 Stacking Related Problems C 18 TACACS Related Problems C 18 TimeP SNTP or Gateway Problems C 20 VLAN Related Problems C 20 Using Logging To Identify Problem Sources C 23 Event Log Operation C 23 Menu Entering and Navigating in the Event Log C 25 CLI C 26 Debug and Syslog Operation C 27 Dia...

Page 352: ... Viewing the Configuration File C 39 Listing Switch Configuration and Operation Details for Help in Troubleshooting C 40 CLI Administrative and Troubleshooting Commands C 42 Restoring the Factory Default Configuration C 43 Using the CLI C 43 Using the Clear Reset Buttons C 43 Restoring a Flash Image C 44 C 2 ...

Page 353: ...rranty booklet shipped with the switch Troubleshooting Approaches Use these approaches to diagnose switch problems Check the ProCurve web site the web site may have software updates or other information to help solve your problem http www procurve com Check the switch LEDs The LEDs on the switch are a fundamental diagnostic tool They provide indications of proper switch operation and of any hardwa...

Page 354: ... Browser Interface for operating information These tools are available through the web browser interface Port Utilization Graph Alert Log Port Status and Port Counters screens Diagnostic tools Link test Ping test configuration file browser Switch Console For help in isolating problems use the easy to access switch console built into the switch or Telnet to the switch console See chapter 2 Using th...

Page 355: ... The above messages indicate that the switch detected the following chassis conditions since the last reboot 1 16 2 An over temperature condition occurred on August 17 2003 at 11 28 05 meaning the switch was operating above its acceptable internal temper ature range The Failure value of 1 indicates this is the first over temperature condition to occur since the last reboot 3 The switch returned to...

Page 356: ...there are no fan failures ensure that the ambient temperature in the switch s operating area is not causing the over temperature condition If the condition persists remove power from the switch until you can find the cause and apply an effective remedy C 6 ...

Page 357: ...h Management Address Information also check the DHCP Bootp server configuration to verify correct IP addressing If you are using DHCP to acquire the IP address for the switch the IP address lease time may have expired so that the IP address has changed For more information on how to reserve an IP address refer to the documentation for the DHCP application that you are using If one or more IP Autho...

Page 358: ...selecting 2 Switch Configuration 5 IP Configuration Note If DHCP Bootp is used to configure the switch see the Note above If you are using DHCP to acquire the IP address for the switch the IP address lease time may have expired so that the IP address has changed For more information on how to reserve an IP address refer to the documentation for the DHCP application that you are using If one or mor...

Page 359: ...torms may be occurring in the network These may be due to redundant links between nodes If you are configuring a port trunk finish configuring the ports in the trunk before connecting the related cables Otherwise you may inad vertently create a number of redundant links i e topology loops that will cause broadcast storms Turn on Spanning Tree Protocol to block redundant links i e topol ogy loops C...

Page 360: ...ed with this configuration it immediatelybeginssendingrequestpacketsonthenetwork Iftheswitchdoes not receive a reply to its DHCP Bootp requests it continues to periodically sendrequestpackets butwith decreasing frequency Thus ifa DHCP or Bootp server is not available or accessible to the switch when DHCP Bootp is first configured the switch may not immediately receive the desired configuration Aft...

Page 361: ...e Management Address Information screen by clicking on 1 Status and Counters 2 Switch Management Address Information LACP Related Problems Unable to enable LACP on a port with the interface e port number lacp command In this case the switch displays the following message Operation is not allowed for a trunked port You cannot enable LACP on a port while it is configured as a static Trunk port To en...

Page 362: ... RADIUS server Ensure that the radius server timeout period is long enough for network conditions The switch does not authenticate a client even though the RADIUS server is properly configured and providing a response to the authentication request If the RADIUS server configuration for authenti cating the client includes a VLAN assignment ensure that the VLAN exists as a static VLAN on the switch ...

Page 363: ...plicant Statistics in the Access Security Guide for your switch The showport accessauthenticator port list command shows one or more ports remain open after they have been configured with control unauthorized 802 1X is not active on the switch After you execute aaa port access authenticator active all ports configured with control unauthorized should be listed as Closed PortA9showsan Open statusev...

Page 364: ... 1X configura tion on the RADIUS server are not blocking the link The authorized MAC address on a port that is configured for both 802 1X and port security either changes or is re acquired after execution of aaa port access authenticator port list initialize If the port is force authorizedwithaaaport accessauthenticator port list controlauthorized command and port security is enabled on the port t...

Page 365: ...sure that the radius server timeout period is long enough for network conditions Verify that the switch is using the same UDP port number as the server RADIUS server fails to respond to a request for service even though the server s IP address is correctly configured in the switch Use show radius to verify that the encryption key the switch is using is correct for the server being contacted If the...

Page 366: ...separate VLANs A solution is to use only one multiple VLAN tagged link between the devices Also if ports are available you can improve the band width in this situation by using a port trunk See the chapter on VLANs in the Advanced Traffic Management Guide Fast Uplink Troubleshooting Some of the problems that can result from incorrect usage of Fast Uplink STP include temporary loops and generation ...

Page 367: ...to Generating the Switch s Public and Private Key Pair in the Access Security Guide for your switch Switch does not detect a client s public key that does appear in the switch s public key file show ip client public key The client s public key entry in the public key file may be preceded by another entry that does not terminate with a new line CR In this case the switch interprets the next sequent...

Page 368: ...tacking oper ates on the primary VLAN which in the default configuration is the DEFAULT_VLAN However if another VLAN has been configured as the primary VLAN and the Commander is not on the primary VLAN then the Commander will not detect Candidates on the primary VLAN TACACS Related Problems Event Log When troubleshooting TACACS operation check the switch s Event Log for indications of problem area...

Page 369: ... that is it can ping the server then a configuration error may be the problem Some possibilities include The server IP address configured with the switch s tacacs server host command may not be correct Use the switch s show tacacs server command to list the TACACS server IP address The encryption key configured in the server does not match the encryption key configured in the switch by using the t...

Page 370: ...way Problems The Switch Cannot Find the Time Server or the Configured Gateway TimeP SNTP and Gateway access are through the primary VLAN which in the default configuration is the DEFAULT_VLAN If the primary VLAN has been moved to another VLAN it may be disabled or does not have ports assigned to it VLAN Related Problems Monitor Port When using the monitor port in a multiple VLAN environ ment the s...

Page 371: ..._1 VLAN_2 X 3 Untagged Tagged Y 7 Untagged Tagged Figure C 5 Example of Correct VLAN Port Assignments on a Link 1 If VLAN_1 VID 1 is configured as Untagged on port 3 on switch X then it must also be configured as Untagged on port 7 on switch Y Make sure that the VLAN ID VID is the same on both switches 2 Similarly if VLAN_2 VID 2 is configured as Tagged on the link port on switch A then it must al...

Page 372: ... single forwarding database for all VLANs may produce the impression that a connected device is moving among ports because packets with the same MAC addressbutdifferentVLANs are received on different ports You can avoid this problem by creating redundant paths using port trunks or spanning tree Server ProCurve SwitchesCovered by this Guide Multiple Forwarding Database Switch with Single Forwarding...

Page 373: ...mation Date is the date in mm dd yy format that the entry was placed in the log Time is the time in hh mm ss format that the entry was placed in the log System Module is the internal module such as ports for port manager that generated the log entry If VLANs are configured then a VLAN name also appears for an event that is specific to an individual VLAN Table C 1 on page C 24 lists the individual ...

Page 374: ...nks bootp bootp addressing snmp SNMP communications console Console interface stack Stacking dhcp DHCP addressing stp Spanning Tree download file transfer sys system Switch management FFI Find Fix and Inform available in the telnet Telnet activity console event log and web browser interface alert log garp GARP GVRP tcp Transmission control igmp IP Multicast tftp File transfer for new OS or config ...

Page 375: ...splay is currently positioned To display various portions of the Event Log either preceding or following the currently visible portion use either the actions listed at the bottom of the display Next page Prev page or End or the keys described in the following table Table C 2 Event Log Control Keys Key Action N Advance the display by one page next page P Roll back the display by one page previous p...

Page 376: ...or all events recorded Syntax show logging a search text ProCurve show logging Lists recorded log messages since last reboot ProCurve show logging a Lists all recorded log messages including those before the last reboot ProCurve show logging a system Lists log messages with system in the text or module name ProCurve show logging system Lists all log messages since the last reboot that have system ...

Page 377: ...e and involves the logging and debug destination commands Actions you can perform with Debug and Syslog operation include Configure the switch to send Event Log messages to one or more SyslogD servers Included is the option to send the messages to the user log facility default on the configured servers or to another log facility Not e As of April 2006 the logging facility facility name option desc...

Page 378: ...ination s Note This has no effect on event notification messages the switch routinely sends to the Event Log itself Also this debug type is automatically enabled in these cases If there is currently no Syslog server address configured and you use logging ip addr to configure an address If there is currently at least one Syslog server address configured and the switch is rebooted or reset Default D...

Page 379: ...end Syslog messages to all configured SyslogD server addresses and operates regardless of whether session logging is also enabled To configure multiple SyslogD servers repeat the com mand once for each server IP address Default none Range Up to six IP addresses facility facility name Specifies the destination subsystem the SyslogD server s must use All SyslogD servers must use the same subsystem P...

Page 380: ... previously disabledwithotherSyslog servers already configured in the switch Refer to the Syntax box under Configuring the Switch To Send Debug Messages to One or More SyslogDServers onpage C 29 The configured Syslog server IP addresses appear in the switch s configuration file This command shows that Syslog logging is enabled for the listed IP addresses Default Logging Facility Figure C 10 Exampl...

Page 381: ...rm of the command disables Syslog logging but retains the currently configured SyslogD server addresses in the switch configuration When Syslog log ging is currently disabled with one or more SyslogD servers configured this command enables Syslog log ging on the switch The show config command output includes the SyslogD server IP addresses currently con figured in the startup config file session E...

Page 382: ...g Syslog and Session Status Use these commands to determine the current debug configuration and status Syntax show config running Lists the current startup config or running config file with any currently configured IP addresses for SyslogD servers ProCurve config show Config Startup Configuration J9022A configuration Editor Created on release N 10 XX hostname ProCurve switch time daylight time ru...

Page 383: ...ion Debug Option Effect of a Reboot or Reset logging destination If any SyslogD server IP addresses are in the startup config file they are saved across a reboot and the logging destination option remains enabled Otherwise the logging destination is disabled Session destination Disabled All event type Disabled Event event type If a Syslog server is configured in the startup config file resets to e...

Page 384: ...gging for 30 seconds Diagnostic Tools Diagnostic Features Feature Default Menu CLI Web Port Autonegotiation n a n a n a n a Ping Test n a page C 37 page C 36 Link Test n a page C 37 page C 36 Display Config File n a page C 39 page C 39 Admin and Troubleshooting n a page C 42 Commands Factory Default Config page C 43 page C 43 Buttons Port Status n a pages B 9 pages B 9 pages B 9 and B 10 and B 10 ...

Page 385: ...cating properly with another device Not e To respond to a Ping test or a Link test the device you are trying to reach must be IEEE 802 3 compliant Ping Test This is a test of the path between the switch and another device on the same or another IP network that can respond to IP packets ICMP Echo Requests Link Test This is a test of the connection between the switch and a desig nated network device...

Page 386: ...ecent test Failures indicates the number of Ping or Link packets that were unsuccessful in the last test Failures indicate connectivity or network performance prob lems such as overloaded links or devices DestinationIP MACAddress is the network address of the target or destination device to which you want to test a connection with the switch An IP address is in the X X X X format where X is a deci...

Page 387: ...sts You can issue single or multiple ping tests with varying repeti tions and timeout periods The defaults and ranges are Repetitions 1 1 999 Timeout 5 seconds 1 256 seconds Syntax ping ip address repetitions 1 999 timeout 1 256 Ping with Repetitions and Timeout Basic Ping Operation Ping Failure Ping with Repetitions Figure C 15 Examples of Ping Tests To halt a ping test before it concludes press ...

Page 388: ...ds The defaults are Repetitions 1 1 999 Timeout 5 seconds 1 256 seconds Syntax link mac address repetitions 1 999 timeout 1 256 vlan vlan id Basic Link Test Link Test with Repetitions Link Test with Repetitions and Timeout Link Test Over a Specific VLAN Link Test Over a Specific VLAN Test Fail Figure C 16 Example of Link Tests C 38 ...

Page 389: ...lay either the running configuration or the startup configuration For more on these topics see appendix C Switch Memory and Configuration Syntax write terminal Displays the running config file show running config Displays the running config file show config Displays the startup config file Web Viewing the Configuration File To display the running configuration through the web browser interface 1 C...

Page 390: ...show tech Executing show tech outputs a data listing to your terminal emulator How ever using your terminal emulator s text capture features you can also save show tech data to a text file for viewing printing or sending to an associate For example if your terminal emulator is the Hyperterminal application available with Microsoft Windows software you can copy the show tech output to a file and th...

Page 391: ... file 4 Execute show tech ProCurve show tech a Each time the resulting listing halts and displays MORE press the Space bar to resume the listing b When the CLI prompt appears the show tech listing is complete At this point click on Transfer Capture Text Stop in HyperTerminal to stop copying data into the text file created in the preceding steps Not e Remember to do the above step to stop HyperTerm...

Page 392: ...on Shows the software version currently running on the switch and the flash image from which the switch booted primary or secondary show boot history Displays the switch shutdown history show history Displays the current command history no page Toggles the paging mode for display commands between continuous listing and per page listing setup Displays the Switch Setup screen from the menu interface...

Page 393: ...fore resetting the switch to its factory default configuration You can also save your configuration via Xmodem to a directly connected PC Using the CLI This command operates at any level except the Operator level Syntax erase startup configuration Deletes the startup config file in flash so that the switch will reboot with its factory default configuration Not e The erase startup config command do...

Page 394: ...ility such as the Hyper Terminal program included in Windows PC software A copy of a good OS image file for the switch Not e The following procedure requires the use of Xmodem and copies an OS image into primary flash only This procedure assumes you are using HyperTerminal as your terminal emu lator If you use a different terminal emulator you may need to adapt this procedure to the operation of y...

Page 395: ... Change the baud rate to 115200 v Click on OK In the next window click on OK again vi Select Call Connect vii Press Enter one or more times to display the prompt 5 Start the Console Download utility by typing do at the prompt and pressing Enter do 6 You will then see this prompt 7 At the above prompt a Type y for Yes b Select Transfer File in HyperTerminal c Enter the appropriate filename and path...

Page 396: ...ash Image Figure C 19 Example of Xmodem Download in Progress 8 When the download completes the switch reboots from primary flash using the OS image you downloaded in the preceding steps plus the most recent startup config file C 46 ...

Page 397: ...gement Contents Overview D 2 Determining MAC Addresses in the Switch D 2 Menu Viewing the Switch s MAC Addresses D 3 CLI Viewing the Port and VLAN MAC Addresses D 4 Viewing the MAC Addresses of Connected Devices D 6 D 1 ...

Page 398: ...addresses for VLANs and ports as they are added to the switch Not e The switch s base MAC address is also printed on a label affixed to the back of the switch Determining MAC Addresses in the Switch MAC Address Viewing Methods Feature Default Menu CLI Web view switch s base default vlan MAC address and the addressing for any added VLANs n a D 3 D 4 viewportMACaddresses hexadecimalformat n a D 4 Us...

Page 399: ...e VLAN named DEFAULT_VLAN unless the name has been changed by using the VLAN Names screen On the switches covered by this guide the VID VLAN identification number for the default VLAN is always 1 and cannot be changed To View the MAC Address and IP Address assignments for VLANs Configured on the Switch 1 From the Main Menu Select 1 Status and Counters 2 Switch Management Address Information If the...

Page 400: ... six MAC addresses in the allotment and so on The switch s base MAC address is assigned to VLAN VID 1 and appears in the walkmib listing after the MAC addresses for the ports If multiple VLANs are configured the MAC addresses assigned to these VLANs appear after the base MAC address To display the switch s MAC addresses use the walkmib command at the command prompt Not e This procedure displays th...

Page 401: ...ses 7 24 in slot 1 and 25 48 in slot 2 are unused ifPhysAddress 49 51 Ports C1 C3 in Slot 3 Addresses 52 72 in slot 3 are unused ifPhysAddress 205 Base MAC Address MAC Address for default VLAN VID 1 ifPhysAddress 226 237 MAC Addresses for non default VLANs Figure D 2 Example of Port MAC Address Assignments D 5 ...

Page 402: ... list Lists the MAC addresses of the devices the switch has detected on the specified port s mac addr Lists the port on which the switch detects the specified MAC address Returns the following message if the specified MAC address is not detected on any port in the switch MAC address mac addr not found vlan vid Lists the MAC addresses of the devices the switch has detected on ports belonging to the...

Page 403: ...sses of devices the switch has detected use the show mac address command For example ProCurve config show mac address Status and Counters Port Address Table MAC Address Located on Port 001e6 09620c 1 0001e7 61d4c0 2 0001e7 6025c0 3 Figure D 3 Displaying MAC Addresses Detected by a Switch D 7 ...

Page 404: ...MAC Address Management Viewing the MAC Addresses of Connected Devices This page is intentionally blank D 8 ...

Page 405: ...itches provide a way to automatically adjust the system clock for Daylight Savings Time DST changes To use this feature you define the month and date to begin and to end the change from standard time In addition to the value none no time changes there are five pre defined settings named Alaska Canada and Continental US Middle Europe and Portugal Southern Hemisphere Western Europe The pre defined s...

Page 406: ...on or after October 25th End DST at 2am the first Sunday on or after March 1st Western Europe Begin DST at 2am the first Sunday on or after March 23rd End DST at 2am the first Sunday on or after October 23rd A sixth option named User defined allows you to customize the DST config uration by entering the beginning month and date plus the ending month and date for the time change The menu interface ...

Page 407: ...d Ending day If the configured day is a Sunday the time changes at 2am on that day If the configured day is not a Sunday the time changes at 2am on the first Sunday after the configured day This is true for both the Beginning day and the Ending day With that algorithm one should use the value 1 to represent first Sunday of the month and a value equal to number of days in the month minus 6 to repre...

Page 408: ...Daylight Savings Time on ProCurve Switches Configuring Daylight Savings Time This page is intentionally unused E 4 ...

Page 409: ...3 See also reboot boot ROM console A 3 boot ROM mode C 44 Bootp Bootp table file 8 14 Bootptab file 8 14 effect of no reply C 9 operation 8 13 using with Unix systems 8 13 Bootp DHCP LLDP 12 40 broadcast limit 10 5 10 11 broadcast storm C 16 browser interface See web browser interface C CDP configuration viewing 12 53 data collection 12 52 default CDP operation 12 52 disabled 12 52 general operati...

Page 410: ...ure 7 15 debug command debug severity and Syslog servers C 34 event C 28 event log C 33 syntax C 28 debug logging configuration viewing C 32 general operation C 27 session not current C 33 status viewing C 32 Syslog configuration C 29 Syslog logging disabled C 29 Syslog server view configuration C 32 Syslog number of servers C 27 Telnet session C 27 debug logging LLDP 12 30 default gateway 8 3 def...

Page 411: ...creen 3 9 help online inoperable 5 13 IEEE 802 1d C 16 IEEE 802 3ab 10 4 IEEE P802 1AB D9 12 31 IGMP host not receiving C 10 not working C 10 statistics B 19 inactivity timeout 7 4 Inbound Telnet Enabled parameter C 8 Inconsistent value 12 37 invalid input 4 13 IP CLI access 8 7 configuration 8 3 DHCP Bootp 8 3 duplicate address C 9 duplicate address DHCP network C 9 effect when address not used 8...

Page 412: ...35 link serial 7 3 LLDP 802 1D compliant switch 12 50 802 1X blocking 12 32 802 1X effect 12 50 active port 12 26 adjacent device 12 26 advertisement 12 26 advertisement content 12 40 advertisement data 12 42 advertisement mandatory data 12 40 advertisement optional data 12 41 advertisements delay interval 12 36 CDP neighbor data CDP LLDP neighbor data 12 51 chassis ID 12 40 chassis type 12 40 cle...

Page 413: ... statistics displaying 12 47 system capabilities 12 41 system description 12 41 system name 12 41 terminology 12 26 time to live 12 28 12 36 TLV 12 27 transmission frequency 12 28 transmission interval change 12 35 transmit and receive 12 28 transmit receive modes 12 28 transmit receive modes per port 12 39 trap notice interval 12 39 trap notification 12 38 trap receiver data change notice 12 38 T...

Page 414: ...reating 5 8 delete 3 7 5 11 if you lose the password 5 11 lost 5 11 manager 5 8 operator 5 8 set 3 7 setting 5 9 using to access browser and console 5 10 PD 12 27 ping test description C 35 for troubleshooting C 35 port address table B 13 auto negotiation 10 4 broadcast limit 10 11 CLI access 10 7 context level 10 10 control configuration 10 1 11 1 counters B 10 counters reset B 10 fiber optic 10 ...

Page 415: ...shooting 10 30 viewing configuration 10 29 power interruption effect on event log C 23 ProCurve Networking support URL 5 13 prompt C 44 PSAP 12 27 Public Safety Answering Point 12 27 public SNMP community 12 5 publication data 1 ii Q quick configuration 3 8 quick start 1 6 8 4 R reboot 3 8 3 10 3 12 reboot actions causing 6 3 reboot effect on configuration 3 13 reconfigure 3 10 remote session term...

Page 416: ... 11 enabling and disabling 9 9 event log messages 9 24 menu interface operation 9 23 operating modes 9 2 poll interval 9 12 See also TimeP selecting 9 3 unicast mode 9 3 9 10 unicast time polling 9 21 unicast address priority 9 21 unicast deleting addresses 9 23 unicast replacing servers 9 22 viewing 9 4 9 8 software version B 6 sorting alert log entries 5 20 source port filter 10 21 spanning tree...

Page 417: ...e To Live 8 4 8 5 time to live LLDP 12 28 TLV 12 27 traffic monitoring 12 5 B 23 traffic port B 10 transceiver fiber optic 10 4 trap 5 25 authentication 12 20 authentication trap 12 23 CLI access 12 20 event levels 12 22 limit 12 20 receiver 12 20 SNMP 12 20 trap notification 12 38 trap receiver 12 4 12 5 configuring 12 20 12 22 troubleshooting approaches C 3 browsing the configuration file C 39 c...

Page 418: ...ent advantages 2 5 enabled 5 2 web browser access configuration 7 3 web browser enable disable 7 4 web browser interface access parameters 5 8 alert log 5 6 5 20 alert log details 5 21 bandwidth adjustment 5 18 bar graph adjustment 5 18 disable access 5 2 enabling 5 4 error packets 5 17 fault detection policy 5 8 5 23 fault detection window 5 23 features 2 5 first time install 5 7 first time tasks...

Page 419: ... This page is intentionally unused ...

Page 420: ...without notice Copyright 2000 2006 Hewlett Packard Development Company L P All rights reserved Reproduction adaptation or translation without prior written permission is prohibited except as allowed under the copyright laws July 2006 Manual Part Number 5991 4723 ...

Reviews:

No comments

Related manuals for ProCurve Series 2810

D-Link EasySmart DGS-1100-08 Manual preview
EasySmart DGS-1100-08
Brand: D-Link Pages: 44
pathway 7748 Manual preview
7748
Brand: pathway Pages: 28
GE T1000 Technical Manual preview
T1000
Brand: GE Pages: 302
IBM 8237 Installation And User Manual preview
8237
Brand: IBM Pages: 166
Ihse Draco major K474-U8/C8 User Manual preview
Draco major K474-U8/C8
Brand: Ihse Pages: 167
steute Ex 95 SB Mounting And Wiring Instructions preview
Ex 95 SB
Brand: steute Pages: 10
B&B Electronics Elinx EIR418-2SFP-T User Manual preview
Elinx EIR418-2SFP-T
Brand: B&B Electronics Pages: 25
CIS CIS-CRS328-24P Quick Start Manual preview
CIS-CRS328-24P
Brand: CIS Pages: 3
Micrel MIC2042 Manual preview
MIC2042
Brand: Micrel Pages: 15
Magnum M9-EKCS Quick Start Manual preview
M9-EKCS
Brand: Magnum Pages: 3
Cabletron Systems Cyber SWITCH 1000 User Manual preview
Cyber SWITCH 1000
Brand: Cabletron Systems Pages: 106
Delta Electronics AGC764V1 Installation Manual preview
AGC764V1
Brand: Delta Electronics Pages: 31
Lantech IES-5216DF User Manual preview
IES-5216DF
Brand: Lantech Pages: 30
Phonic MIDI HUB User Manual preview
MIDI HUB
Brand: Phonic Pages: 16
ETS SM8-RC Instructions preview
SM8-RC
Brand: ETS Pages: 2
socomec SIRCO 27DC3011 Quick Start Manual preview
SIRCO 27DC3011
Brand: socomec Pages: 6
Hored AI1010G-Apollo User Manual preview
AI1010G-Apollo
Brand: Hored Pages: 4
ATEN Altusen KN9008 User Manual preview
Altusen KN9008
Brand: ATEN Pages: 178

Brands by name

Popular brands

Load more brands