Hewlett Packard Enterprise Aruba 2530 Скачать руководство пользователя

Страница: 148 / 289

Troubleshooting MSTP operation

Table 15: Troubleshooting MSTP operation

Problem

Possible cause

Duplicate packets on a

VLAN, or packets not

arriving on a LAN at all.

The allocation of VLANs to MSTIs may not be identical among all switches in a

region.

A switch intended to

operate in a region

does not receive traffic

from other switches in

the region.

An MSTP switch intended for a particular region may not have the same

configuration name or region revision number as the other switches intended for

the same region. The MSTP configuration name (

spanning-tree config-name

command) and MSTP configuration revision number (

spanning-tree config-

revision

command) must be identical on all MSTP switches intended for the

same region.

Another possible cause is that the set of VLANs and VLAN ID-to-MSTI mappings

(

spanning-tree instance vlan

command) configured on the switch may not

match the set of VLANs and VLAN ID-to-MSTI mappings configured on other

switches in the intended region.

BPDU

BPDUs are data messages that are exchanged across the switches within an extended LAN that uses a

spanning tree protocol topology. BPDU packets contain information on ports, addresses, priorities, and

costs.

About BPDU protection

BPDU protection is a security feature designed to protect the active STP topology by preventing spoofed

BPDU packets from entering the STP domain. In a typical implementation, BPDU protection would be

applied to edge ports connected to end user devices that do not run STP. If STP BPDU packets are received

on a protected port, the feature will disable that port and alert the network manager via an SNMP trap as

shown below.

148

Aruba 2530 Advanced Traffic Management Guide for

ArubaOS-Switch 16.09

Содержание Aruba 2530

Страница 1: ...Aruba 2530 Advanced Traffic Management Guide for ArubaOS Switch 16 09 Part Number 5200 5889a Published September 2019 Edition 2 ...

Страница 2: ...Software Computer Software Documentation and Technical Data for Commercial Items are licensed to the U S Government under vendor s standard commercial license Links to third party websites take you outside the Hewlett Packard Enterprise website Hewlett Packard Enterprise has no control over and is not responsible for information outside the Hewlett Packard Enterprise website Acknowledgments Intel ...

Страница 3: ...ion options example 31 Configuring port based VLAN parameters 32 Using the CLI to configure port based and protocol based VLAN parameters 32 Creating a new static VLAN port based or protocol based CLI 32 Configuring or changing static VLAN per port settings CLI 34 Converting a dynamic VLAN to a static VLAN CLI 35 Deleting a static VLAN CLI 36 Deleting multiple VLANs 36 Using IP enable disable for ...

Страница 4: ...AN traffic 60 Sending heartbeat packets with a configured MAC Address 60 Displaying a VLAN MAC address configuration CLI 60 Chapter 3 GVRP 62 About GVRP 62 GVRP operational rules 62 Example of GVRP operation 62 Options for a GVRP aware port receiving advertisements 63 Options for a port belonging to a Tagged or Untagged static VLAN 63 IP addressing 63 Per port options for handling GVRP unknown VLA...

Страница 5: ...egistration modes 84 mvrp registration 84 show tech mvrp 84 MVRP limitations 87 MVRP statistics 88 Chapter 5 Multimedia traffic control with IP multicast IGMP 89 Operation and features 89 IGMP devices 89 IGMP operating features 90 CLI Configuring and displaying IGMP 90 Web Enabling and disabling IGMP 94 How IGMP operates 94 Message types 94 IGMP multicasting 94 Displaying IGMP data 95 Supported st...

Страница 6: ...egacy path cost values 118 Specifying the time interval between BPDU transmissions 118 Setting the hop limit for BPDUs 118 Setting the maximum age of received STP information 119 Manipulating the pending MSTP configuration 119 Setting the bridge priority for a region and determining the root switch 119 Enabling SNMP traps 120 Configuring MSTP per port parameters 120 Enabling immediate transition t...

Страница 7: ...ns in MSTP debug command output 143 Troubleshooting MSTP operation 148 BPDU 148 About BPDU protection 148 Viewing BPDU protection status 149 Configuring BPDU filtering 150 Viewing BPDU filtering 151 Configuring and managing BPDU protection 151 Viewing BPDU protection status 153 Re enabling a port blocked by BPDU protection 153 Enabling and disabling BPDU protection 153 Overview of MSTP BPDU thrott...

Страница 8: ...P 185 Assigning a DSCP policy on the basis of the DSCP in IPv4 packets received from upstream devices 187 Details of QoS IP ToS 189 Global Layer 3 protocol classifier 192 Global QoS classifier precedence 4 192 Assigning a priority for a global Layer 3 protocol classifier 192 QoS VLAN ID VID priority 193 Global QoS classifier precedence 5 193 Options for assigning priority 193 Assigning a priority ...

Страница 9: ...PVID mismatched links 222 Configuring STP loop guard 223 About RPVST 226 Comparing spanning tree options 226 Understanding how RPVST operates 227 Working with the default RPVST configuration 229 RPVST operating notes 229 Viewing RPVST statistics and configuration 231 Viewing global and VLAN spanning tree status 231 Viewing status for a specific VLAN 231 Viewing status for a specific port list 232 ...

Страница 10: ...oving a stack Member using the Commander s CLI 259 Removing a stack Member using the Member s CLI 259 Accessing Member switches for configuration changes and traffic monitoring CLI 260 Disabling or re enabling stacking CLI 261 Setting the transmission interval CLI 261 Using the Commander to manage the stack 261 About stack management 261 Components of Switch stack management 262 General stacking o...

Страница 11: ...group 283 Show smart link flush statistics 284 Show receive control 284 Show tech smart link 284 Clear command 285 Event Log 285 Chapter 13 Websites 286 Chapter 14 Support and other resources 287 Accessing Hewlett Packard Enterprise Support 287 Accessing updates 287 Customer self repair 288 Remote support 288 Warranty information 288 Regulatory information 289 Documentation feedback 289 Contents 1...

Страница 12: ...context of config where x represents the VLAN ID For example switch vlan 128 switch eth x eth x indicates the interface context of config where x represents the interface For example switch eth 48 switch Stack Stack indicates that stacking is enabled switch Stack config Stack config indicates the config context while stacking is enabled switch Stack stacking Stack stacking indicates the stacking c...

Страница 13: ...ndividual protocols Improving traffic control at the edge of networks by separating traffic of different protocol types Enhancing network security by creating subnets to control in band access to specific network resources Cross domain broadcast traffic in the switch is eliminated and bandwidth saved by not allowing packets to flood out all ports When configuring VLANs you will need to plan your V...

Страница 14: ...ns when you configure an IP address on a VLAN interface see the Comparing port based and protocol based VLAN table in Static VLAN operation Static VLAN operation Static VLANs are configured with a name VLAN ID number VID and port members For dynamic VLANs see GVRP 802 1Q compatibility enables you to assign each switch port to multiple VLANs 14 Aruba 2530 Advanced Traffic Management Guide for Aruba...

Страница 15: ...127 0 0 1 Each IP address configured on a VLAN interface must be unique in the switch it cannot be used by a VLAN interface or another loopback interface For more information see the chapter on Configuring IP Addressing in the ArubaOS Switch Basic Operation Guide Untagged VLAN Membership A port can be a member of one untagged port based VLAN All other port based VLAN assignments for that port must...

Страница 16: ...oute IPv4 traffic as follows Between multiple IPv4 protocol based VLANs Between IPv4 protocol based VLANs and port based VLANs Other protocol based VLANs require an external router for moving traffic between VLANs NOTE NETbeui and SNA are non routable protocols End stations intended to receive traffic in these protocols must be attached to the same physical network Commands for Configuring Static ...

Страница 17: ...ame VLAN Traffic moving between ports in the same VLAN is bridged or switched Traffic moving between different VLANs must be routed A static VLAN is an 802 1Q compliant VLAN configured with one or more ports that remain members regardless of traffic usage A dynamic VLAN is an 802 1Q compliant VLAN membership that the switch temporarily creates on a port to provide a link to another port either in ...

Страница 18: ...bles separating prioritizing and authenticating voice traffic moving through your network avoiding the possibility of broadcast storms affecting VoIP Voice over IP operation See Using voice VLANs on page 52 NOTE In a multiple VLAN environment that includes older switch models there may be problems related to the same MAC address appearing on different ports and VLANs on the same switch In such cas...

Страница 19: ...Options for routing between VLAN types in the switch Note that SNA and NETbeui are not routable protocol types End stations intended to receive traffic in these protocols must be attached to the same physical network Port Based IPX IPv4 IPv6 ARP AppleTalk SNA NETbeui Port Based Yes Yes Protocol IPX Yes IPX4 Yes Yes IPV6 Yes1 ARP Yes1 AppleTalk Yes1 SNA NETbeui 802 1Q VLAN tagging A port can be a m...

Страница 20: ...arly using 802 1Q compliant switches you can connect multiple VLANs through a single switch to switch link Connecting multiple VLANs through the same link Introducing tagged VLANs into legacy networks running only untagged VLANs You can introduce 802 1Q compliant devices into networks that have built untagged VLANs based on earlier VLAN technology The fundamental rule is that legacy untagged VLANs...

Страница 21: ...r of the VLAN indicated by the packet s VID the switch drops the packet Similarly the switch drops an inbound tagged packet if the receiving port is an untagged member of the VLAN indicated by the packet s VID Untagged packet forwarding If the only authorized inbound VLAN traffic on a port arrives untagged then the port must be an untagged member of that VLAN This is the case where the port is con...

Страница 22: ...t matches the protocol type of the incoming packet then the switch forwards the packet on that VLAN 3 If the port is a member of an untagged port based VLAN the switch forwards the packet to that VLAN Otherwise the switch drops the packet Figure 1 Untagged VLAN operation 22 Aruba 2530 Advanced Traffic Management Guide for ArubaOS Switch 16 09 ...

Страница 23: ...ave unpredictably on a VLAN if the VLAN spans multiple modules or port banks This also applies if a port on a different module or port bank is added to an existing VLAN Hewlett Packard Enterprise does not recommend configuring rate limiting on VLANs that include ports spanning modules or port banks In the following example ports 2 3 and 24 form one VLAN with ports 1 through 24 in the same port ban...

Страница 24: ...are assigned to port X7 at least one of the VLANs must be tagged for this port In switch Y VLANs assigned to ports Y1 Y4 can be untagged because there is only one VLAN assignment per port Devices connected to these ports do not have to be 802 1Q compliant Because both the Red VLAN and the Green VLAN are assigned to port Y5 at least one of the VLANs must be tagged for this port In both switches The...

Страница 25: ...ntagged member of only one such VLAN A port can be a tagged member of any port based VLAN A port can be a tagged member of any protocol based VLAN See above A given VLAN must have the same VID on all 802 1Q compliant devices in which the VLAN occurs Also the ports connecting two 802 1Q devices should have identical VLAN configurations If all end nodes on a port comply with the 802 1Q standard and ...

Страница 26: ...gned so one can be untagged and the other must be tagged on both ports Ports X3 and Y6 have two port based VLANs and one protocol based VLAN assigned Thus one port based VLAN assigned to this port can be untagged and the other must be tagged Also since these two ports share the same link their VLAN configurations must match In the table No means that the port is not a member of that VLAN For examp...

Страница 27: ...ry of a unique MAC address along with the source VLAN and source port on which it is found All VLANs on a switch use the same MAC address Thus connecting a multiple forwarding database switch to a single forwarding database switch where multiple VLANs exist imposes some cabling and port VLAN assignment restrictions The following table illustrates the functional difference between the two database ...

Страница 28: ...figuration As shown in the following figure two switches are connected using two ports on each and the MAC address table for Switch A will sometimes record the switch as accessed on port A1 VLAN 1 and at other times as accessed on port B1 VLAN 2 Procedure 1 PC A sends an IP packet to PC B 2 The packet enters VLAN 1 in the switch with the MAC address of the switch in the destination field Because t...

Страница 29: ...k with multiple tagged VLANs 3 To increase network bandwidth of the connection between devices use a trunk of multiple physical links Following these rules the switch forwarding database always lists the switch MAC address on port A1 and the switch will send traffic to either VLAN on the switch Figure 7 Solution for single forwarding to multiple forwarding database devices in a multiple VLAN envir...

Страница 30: ...ases in a multiple VLAN environment Configuring VLANs The CLI configures and displays port based and protocol based VLANs In the factory default state the switch is enabled for up to 256 VLANs all ports belong to the default primary VLAN and are in the same broadcast multicast domain You can reconfigure the switch to support more VLANs The maximum VLANs allowed varies according to the switch serie...

Страница 31: ...onfiguration options Parameter Effect on port participation in designated VLAN Tagged Allows the port to join multiple VLANs Untagged Allows VLAN connection to a device that is configured for an untagged VLAN instead of a tagged VLAN A port can be an untagged member of only one port based VLAN A port can be an untagged member of only one protocol based VLAN for any given protocol type For example ...

Страница 32: ... Each port can be assigned to multiple VLANs by using VLAN tagging see VLAN tagging rules on page 21 Using the CLI to configure port based and protocol based VLAN parameters In the factory default state all ports on the switch belong to the port based default VLAN DEFAULT_VLAN VID 1 and are in the same broadcast multicast domain The default VLAN is also the Primary VLAN You can configure additiona...

Страница 33: ...e last protocol type from the VLAN NOTE If you create an IPv4 protocol VLAN you must assign the ARP protocol option to it to provide IP address resolution Otherwise IP packets are not deliverable A Caution message appears in the CLI if you configure IPv4 in a protocol VLAN that does not already include the ARP protocol option The same message appears if you add or delete another protocol in the sa...

Страница 34: ...n 100 vlan default_vlan switch vlan 1 _ Configuring or changing static VLAN per port settings CLI Syntax vlan vid no vlan vid This command used with the options listed below changes the name of an existing static VLAN and the per port VLAN membership settings NOTE You can use these options from the configuration level by beginning the command with vlan vid or from the context level of the specific...

Страница 35: ...lue_Team and set ports A1 A5 to Tagged use the following commands switch config vlan 100 name Blue_Team switch config vlan 100 tagged a1 a5 Moving the context level To move to the vlan 100 context level and execute the same commands switch config vlan 100 switch vlan 100 name Blue_Team switch vlan 100 tagged a1 a5 Changing tagged ports Similarly to change the tagged ports in the above examples to ...

Страница 36: ...ing a static VLAN reassign all ports in the VLAN to another VLAN Deleting a static VLAN If ports B1 B5 belong to both VLAN 2 and VLAN 3 and ports B6 B10 belong to VLAN 3 deleting VLAN 3 causes the CLI to prompt you to approve moving ports B6 B10 to VLAN 1 the default VLAN Ports B1 B5 are not moved because they still belong to another VLAN switch config no vlan 3 The following ports will be moved t...

Страница 37: ...ou can administratively disable the IP address on specified VLANs with static IP addresses without removing the Layer 3 configuration The switch can be pre configured as a backup router then quickly transition from backup to active by re enabling Layer 3 routing on one or more VLANs While the switch is in backup mode it will still be performing Layer 2 switching A MIB object will be toggled to mak...

Страница 38: ... Disabled VLAN7 Manual 10 7 7 1 255 255 255 0 No No For IPv6 the Layer 3 Status field displays the status of Layer 3 on that VLAN Displaying IPv6 Layer 3 status for a VLAN switch config show ipv6 Internet IPv6 Service IPv6 Routing Disabled Default Gateway ND DAD Enabled DAD Attempts 3 Vlan Name DEFAULT_VLAN IPv6 Status Disabled Layer 3 Status Enabled Vlan Name layer3_off_vlan IPv6 Status Disabled ...

Страница 39: ...ange the Primary VLAN CLI use the following command primary vlan vid ascii name string In the default VLAN configuration the port based default VLAN DEFAULT_VLAN is the Primary VLAN This command reassigns the Primary VLAN function to an existing port based static VLAN The switch cannot reassign the Primary VLAN function to a protocol VLAN If you reassign the Primary VLAN to a non default VLAN to d...

Страница 40: ...tations Also test any Management VLAN links between switches NOTE If you configure a Management VLAN on a switch using a Telnet connection through a port not in the Management VLAN you will lose management contact with the switch if you log off your Telnet connection or execute write memory and reboot the switch Configuring an existing VLAN as the Management VLAN CLI Syntax management vlan vlan id...

Страница 41: ...agement VLAN If Blue_VLAN is configured as the Management VLAN and the DHCP server is also on Blue_VLAN Blue_VLAN receives an IP address Because DHCP Relay does not forward onto or off the Management VLAN devices on Red_VLAN cannot get an IP address from the DHCP server on Blue_VLAN Management VLAN and Red_VLAN does not receive an IP address DHCP server on a different VLAN from the Management VLAN...

Страница 42: ... IP addresses A client on a different Management VLAN from the DHCP server If Red_VLAN is configured as the Management VLAN and the client is on Red_VLAN but the DHCP server is on Blue_VLAN the client will not receive an IP address 42 Aruba 2530 Advanced Traffic Management Guide for ArubaOS Switch 16 09 ...

Страница 43: ...taining the IP address for a host that is on a different VLAN than the DHCP server switch config vlan 10 name VLAN 10 untagged 10 ip address 10 1 1 2 255 255 255 0 exit vlan 20 name VLAN 20 untagged 2 ip address 100 99 1 1 255 255 255 0 ip helper address 10 1 1 1 exit Disabling the Management feature CLI You can disable the Secure Management feature without deleting the VLAN Disabling the secure m...

Страница 44: ...fect after saving the configuration and rebooting the system switch config write memory switch config boot This will reboot the system from the primary image do you want to continue y n Y Error Messages An error message will be displayed if you set the max vlans value to a number that exceeds the allowable value for the switch series If you set the max vlans and later try to downgrade to an earlie...

Страница 45: ...n the management and configuration guide for your switch This example shows the listing from the show vlans command When GVRP is disabled the default Dynamic VLANs do not exist on the switch and do not appear in this listing For more information see GVRP on page 62 Displaying VLAN listing with GVRP enabled switch show vlans Status and Counters VLAN Information Maximum VLANs to support 256 Primary ...

Страница 46: ...tus Port Based Port Based static VLAN Protocol Protocol Based static VLAN Dynamic Port Based temporary VLAN learned through GVRP Voice Indicates whether a port based VLAN is configured as a voice VLAN Jumbo Indicates whether a VLAN is configured for jumbo packets For more on jumbos see Port Traffic Controls in the management and configuration guide for your switch Mode Indicates whether a VLAN is ...

Страница 47: ...tic or dynamic VLAN The following describes the fields displayed with this command see example output 802 1Q VLAN ID The VLAN identification number or VID Name The default or specified name assigned to the VLAN For a static VLAN the default name consists of VLAN x where x matches the VID assigned to that VLAN For a dynamic VLAN the name consists of GVRP_x where x matches the applicable VID Status ...

Страница 48: ...based Voice Yes Jumbo No Port Information Mode Unknown VLAN Status 12 Untagged Learn Up 13 Untagged Learn Up 14 Untagged Learn Up 15 Untagged Learn Down 16 Untagged Learn Up 17 Untagged Learn Up 18 Untagged Learn Up Displaying information for a specific dynamic VLAN The following example shows the information displayed for a specific dynamic VLAN The show vlans command lists this data when GVRP is...

Страница 49: ...e Default width id VLAN id 5 6 name VLAN name Vlan55 32 status Status Port based 10 voice Voice enabled No 5 jumbo Jumbos enabled No 5 ipconfig How the IP address was configured Manual Disabled DHCP BootP 10 ipaddr IPv4 ipaddr IPv6 The IP addresses 10 10 10 3 fe80 212 79ff fe8d 8000 15 for IPv4 46 for IPv6 ipmask The subnet masks 255 255 255 6 64 prefix for IPv6 is in format XX 15 proxyarp Whether...

Страница 50: ...nal width it is not truncated switch config show vlan custom id Status and Counters VLAN Information Custom view VLANID 1 33 44 switch config show vlan custom id 2 Status and Counters VLAN Information Custom view VL 1 33 44 Using pattern matching with the show VLANs custom command If a pattern matching command is in a search for a field in the output of the show vlan custom command and it produces...

Страница 51: ... address of the previously installed router on each VLAN interface of a routing switch Optionally configure the time interval to use for sending heartbeat packets with the configured MAC address Syntax ip recv mac address mac address interval seconds no ip recv mac address mac address interval seconds Configures a VLAN interface with the specified MAC address Enter the no version of the command to...

Страница 52: ...ome reasons for having multiple voice VLANs include Employing telephones with different VLAN requirements Better control of bandwidth usage Segregating telephone groups used for different exclusive purposes Where multiple voice VLANs exist on the switch you can use routing to communicate between telephones on different voice VLANs Tagged Untagged VLAN Membership If the appliances using a voice VLA...

Страница 53: ...agged The priority level set for voice VLAN traffic is carried to the next device You can enforce a QoS priority policy moving through the switch and network For more information see Using voice VLANs on page 52 Special VLAN types VLAN support and the default VLAN In the factory default configuration VLAN support is enabled and all ports on the switch belong to the port based default VLAN named DE...

Страница 54: ...y VLAN To display the current Primary VLAN use the CLI show vlan command NOTE If you configure a non default VLAN as the Primary VLAN you cannot delete that VLAN unless you first select a different VLAN to serve as primary If you manually configure a gateway on the switch it ignores any gateway address received via DHCP or Bootp The secure Management VLAN Configuring a secure Management VLAN creat...

Страница 55: ...p in Management VLAN control in a LAN Switch A1 A3 A6 A7 B2 B4 B5 B9 C2 C3 C6 C8 Management VLAN VID 7 Y N N Y Y Y N N Y N N N Marketing VLAN VID 12 N N N N N N N N N Y Y Y Shipping Dept VLAN VID 20 N Y Y N N N N N N N N N DEFAULT VLAN VID 1 Y Y Y Y Y Y Y Y Y Y Y Y See Configuring a secure Management VLAN CLI on page 40 for configuration details Operating notes for Management VLANs Use only a stat...

Страница 56: ...ntinue to have access only until you close the browser session or reboot the switch Enabling Spanning Tree between a pair of switches where there are multiple links using separate VLANs including the Management VLAN will force the blocking of one or more links This may include the link carrying the Management VLAN which will cause loss of management access to some devices Monitoring Shared Resourc...

Страница 57: ...pport normal IP network operation ARP must be one of these protocol types to support normal IP network operation Otherwise IP traffic on the VLAN is disabled If you configure an IPv4 protocol VLAN that does not include the ARP VLAN protocol the switch displays the following message which indicates a protocol VLAN configured with IPv4 but not ARP switch config vlan 97 protocol ipv4 IPv4 assigned wi...

Страница 58: ...ssign an IP address to the VLAN interface When you Ping that address ARP will resolve the IP address to this single MAC address In a topology where a switch has multiple VLANs and must be connected to a device having a single forwarding database some cabling restrictions apply For more on this topic see Multiple VLAN considerations on page 27 Port trunks When assigning a port trunk to a VLAN all p...

Страница 59: ...switch VLAN MAC address reconfiguration Switches use one unique MAC address for all VLAN interfaces If you assign an IP address to a VLAN interface ARP resolves the IP address to the MAC address of the routing switch for all incoming packets The Layer 3 VLAN MAC Configuration feature lets you reconfigure the MAC address used for VLAN interfaces using the CLI Packets addressed to the reconfigured L...

Страница 60: ...witch does not have the newly configured MAC address of the routing switch as a destination in its MAC address table it floods packets to all of its ports until a return packet allows the switch to learn the correct destination address As a result the performance of the switch is degraded as it tries to send Ethernet packets to an unknown destination address To allow connected switches to learn th...

Страница 61: ...Displaying a VLAN MAC address switch show ip recv mac address VLAN L3 Mac Address Table VLAN L3 Mac Address Timeout DEFAULT_VLAN 001635 024467 60 VLAN2 001635 437529 100 Chapter 2 VLANs 61 ...

Страница 62: ... increase the Maximum VLANs setting In the global config level of the CLI use max vlans Converting a dynamic VLAN to a static VLAN and then executing the write memory command saves the VLAN in the startup config file and makes it a permanent part of the switch s VLAN configuration Within the same broadcast domain a dynamic VLAN can pass through a device that is notGVRP aware This is because a half...

Страница 63: ...ging to a Tagged or Untagged static VLAN Send VLAN advertisements Receive advertisements for VLANs on other ports and dynamically join those VLANs Send VLAN advertisements but ignore advertisements received from other ports Avoid GVRP participation by not sending advertisements and dropping any advertisements received from other devices IP addressing A dynamic VLAN does not have an IP address and ...

Страница 64: ...versely if VLAN 22 was statically configured on switch C but port 5 was not a member port 5 would become a member when advertisements for VLAN 22 were received from switch A The CLI show gvrp command VLAN Support screen show a switch s current GVRP configuration including the Unknown VLAN settings Per port options for dynamic VLAN advertising and joining GVRP must be enabled and VLANs must be conf...

Страница 65: ...tions described in the table Controlling VLAN behavior on ports with static VLANs Parameters for controlling VLAN propagation behavior You can configure an individual port to actively or passively participate in dynamic VLAN propagation or to ignore dynamic VLAN GVRP operation These options are controlled by the GVRP Unknown VLAN and the static VLAN configuration parameters as described in the fol...

Страница 66: ...AN Will not advertise specified VLAN Can become a member of other dynamic VLANs for which it receives advertisements Will advertise a dynamic VLAN that has at least one other port on the same switch as a member Block The port Belongs to the specified VLAN Advertises this VLAN Will not become a member of new dynamic VLANs for which it receives advertisements Will advertise dynamic VLANs that have a...

Страница 67: ... are configured on a per port basis using the CLI The Tagged Untagged Auto and Forbid options are configured per static VLAN on every port Because dynamic VLANs operate as Tagged VLANs and because a tagged port on one device cannot communicate with an untagged port on another device Hewlett Packard Enterprise recommends that you use Tagged VLANs for the static VLANs you will use to generate advert...

Страница 68: ...he advertisements over a link can dynamically join the advertised VLAN A dynamic VLAN that is a VLAN learned through GVRP is tagged on the port on which it was learned Also a GVRP enabled port can forward an advertisement for a VLAN it learned about from other ports on the same switch internal source but the forwarding port will not itself join that VLAN until an advertisement for that VLAN is rec...

Страница 69: ...Tagged Untagged Auto and Forbid see Options for handling unknown VLAN advertisements and Controlling VLAN behavior on ports with static VLANs on each port 7 Dynamic VLANs will then appear automatically according to the chosen configuration options 8 Convert dynamic VLANs to static VLANs where dynamic VLANs are to become permanent Displaying switch current GVRP configuration CLI Syntax show gvrp Sh...

Страница 70: ...AN DEFAULT_VLAN GVRP Enabled No No Displaying GVRP status with GVRP enabled This example shows the output for the show gvrp command with GVRP enabled It includes non default settings for the Unknown VLAN field for some ports see Port number 3 4 5 below switch config show gvrp GVRP support Maximum VLANs to support 256 256 Primary VLAN DEFAULT_VLAN GVRP Enabled No Yes Port Type Unknown VLAN Join Lea...

Страница 71: ...ts for new VLANs CLI When GVRP is enabled on the switch use the unknown vlans command to change the Unknown VLAN field for one or more ports Syntax interface port list unknown vlans learn block disable Changes the Unknown VLAN field to control how one or more ports handle advertisements Use at either the Manager or interface context level for a port Changing the Unknown VLANs field In the followin...

Страница 72: ...ents Listing static and dynamic VLANs on a GVRP enabled switch CLI Syntax show vlans Lists all VLANs present in the switch Using the show vlans command In the following illustration switch B has one static VLAN the default VLAN with GVRP enabled and port 1 configured to Learn for Unknown VLANs Switch A has GVRP enabled and has three static VLANs the default VLAN VLAN 222 and VLAN 333 In this scena...

Страница 73: ...c VLAN you can use the following command to convert that dynamic VLAN to a static VLAN static vlan dynamic vlan id Converting a dynamic VLAN 333 to a static VLAN When converting a dynamic VLAN to a static VLAN as shown here all ports on the switch are assigned to the VLAN in Auto mode switch config static vlan 333 Chapter 3 GVRP 73 ...

Страница 74: ...h as normal fixed and forbid Supports MVRP objects on the following standard MIBs IEEE8021 Q BRIDGE MIB version 200810150000Z IEEE8021 BRIDGE MIB version 200810150000Z NOTE Supports other MVRP objects with the help of proprietary MIB HPE ICF MVRP MIB hpicfMvrp mib Supports on both physical and LAG ports which include the manual trunk static lacp and dynamic lacp trunks Supports High Availability h...

Страница 75: ...of all ports Rebooting a switch on which a dynamic VLAN exists deletes the VLAN However the dynamic VLAN reappears after the reboot if MVRP is enabled The switch again receives advertisement for the particular VLAN through a port configured to add dynamic VLANs By receiving advertisements from other devices running MVRP the switch learns of static VLANs on those devices and dynamically automatical...

Страница 76: ... 40 VLAN40 Port based No No Viewing the current MVRP configuration on a switch show mvrp Syntax show mvrp config state statistics Description Displays the MVRP settings and status Example output switch show mvrp config Show the MVRP configuration for all ports state Show the MVRP state statistics Show MVRP statistics show mvrp config Syntax show mvrp config Description Displays the MVRP configurat...

Страница 77: ...entifier or the VLAN name if configured switch config show mvrp state 1 ethernet PORT NUM switch config show mvrp state 1 Configuration and Status MVRP state for VLAN 1 Port VLAN Registrar Applicant Forbid State State Mode 1 1 MT QA No show mvrp statistics Syntax show MVRP statistics PORT LIST Description Displays the MVRP statistics Parameter PORT LIST Displays the MVRP statistics at the specifie...

Страница 78: ...lear mvrp statistics ethernet PORT LIST Enter a port number a list of ports or all for all ports switch clear mvrp statistics all debug mvrp Syntax debug mvrp all event packet state machine timer PORT LIST Description Enables debug messages Parameters all Display all MVRP debug messages event Display all MVRP event messages packet Display all MVRP packet messages state machine Display all MVRP sta...

Страница 79: ...e protocol Syntax mvrp enable disable no mvrp Description Enables MVRP globally on a switch MVRP must be enabled globally and at least on one interface The no form of the command disables MVRP Parameters enable Enable MVRP disable Disable MVRP Example output switch show mvrp config Configuration and Status MVRP Global MVRP status Enabled Port Status Periodic Registration Join Leave LeaveAll Period...

Страница 80: ...c Timer Type Time Timer Timer Timer 1 Enabled Enabled Normal 20 300 1000 100 2 Disabled Enabled Normal 20 300 1000 100 MVRP timers MVRP supports four types of timers Join Timer Leave Timer LeaveAll Timer Periodic Timer Join Timer The Join Timer controls the transmission of Join messages To avoid a PDU storm an MVRP participant waits for a duration of the Join Timer after sending a join message and...

Страница 81: ...r Type Time Timer Timer Timer 1 Enabled Enabled Normal 40 300 1000 100 2 Disabled Enabled Normal 20 300 1000 100 3 Disabled Enabled Normal 20 300 1000 100 Leave Timer The Leave Timer controls the time duration for which the Registrar state machine waits in the LV state before changing to the MT state The Leave Timer is started only when a leave message is received by the applicant state The attrib...

Страница 82: ...r is set to a random value T which ranges from LeaveAllTime T 1 5 LeaveAllTime where LeaveAll time is the configured LeaveAll time The default value is 1000 centiseconds This is a per port timer mvrp leaveall timer Syntax mvrp leaveall timer centiseconds no mvrp leaveall timer Description The LeaveAll Timer is the time duration between sending LeaveAll messages The LeaveAll Timer must be greater t...

Страница 83: ...er to set the interval to the default value Parameters centiseconds Set the Periodic Timer transmission interval for the port Usage mvrp periodic timer 100 1000000 The MVRP Periodic Timer ranges from 100 1000000 in centiseconds Example output switch eth 1 mvrp periodic timer 100 1000000 Set the periodic timer transmission interval for the port switch eth 1 mvrp periodic timer 300 switch eth 1 show...

Страница 84: ...scription Configures the port response to MRP messages Parameters normal Port response is normal for the incoming MRP messages fixed Ignores the MRP messages and remains registered Example output switch mvrp registration fixed The port ignores all MRP messages and remains registered normal The port responds normally to incoming MRP messages switch config interface A1 mvrp registration fixed switch...

Страница 85: ...7 0 Join Empty 1 519 Join In 658 697 Leave 0 0 Leaveall 28 37 mvrpDumpGlobalData MVRP global enabled status enabled MVRP enabled ports A1 Total MVRP enabled ports 1 Dyn trunk auto disable count 0 Total Static VLANs in system 1 Total Dynamic VLANs in system 1 Max VLANs supported 512 Display VLAN_GROUP to VLANs Mapping Group ID Mapped VLANs 0 1 4094 Display timer Ports Group ID Timer Value Display B...

Страница 86: ... Down Normal 0000 F6 Disable Down Normal 0000 F7 Disable Down Normal 0000 F8 Disable Down Normal 0000 F9 Disable Down Normal 0000 F10 Disable Down Normal 0000 F11 Disable Down Normal 0000 F12 Disable Down Normal 0000 F13 Disable Down Normal 0000 F14 Disable Down Normal 0000 F15 Disable Down Normal 0000 F16 Disable Down Normal 0000 F17 Disable Down Normal 0000 F18 Disable Down Normal 0000 F19 Disab...

Страница 87: ...12 20 300 1000 100 enabled F13 20 300 1000 100 enabled F14 20 300 1000 100 enabled F15 20 300 1000 100 enabled F16 20 300 1000 100 enabled F17 20 300 1000 100 enabled F18 20 300 1000 100 enabled F19 20 300 1000 100 enabled F20 20 300 1000 100 enabled F21 20 300 1000 100 enabled F22 20 300 1000 100 enabled F23 20 300 1000 100 enabled F24 20 300 1000 100 enabled mvrpmapringShow Mvrp list info Port A...

Страница 88: ... limited to 512 VLANs and 24 logical ports due to CPU and memory resource availability Table 8 MVRP supported ports Platforms Maximum MVRP ports supported Aruba 2530 24 Table 9 MVRP supported VLANs Platforms Maximum VLANs Maximum MSTP instance Maximum ports Aruba 2530 512 16 24 MVRP statistics The MVRP statistics generated using show mvrp statistics records any registration failures tracks MAC add...

Страница 89: ...her querier is detected the switch then also functions as the querier To disable the querier feature use the IGMP configuration MIB see Configuring the querier function in CLI Configuring and displaying IGMP NOTE IGMP configuration on the switch operates at the VLAN context level If you are not using VLANs then configure IGMP in VLAN 1 the default VLAN context IGMP devices IGMP device A switch or ...

Страница 90: ...addressing Helps conserve IP addresses by enabling IGMP to run on VLANs that do not have an IP address See Operation with or without IP addressing on page 95 Querier capability The switch performs this function for IGMP on VLANs having an IP address when no other device in the VLAN is acting as querier See Using the switch as querier on page 101 NOTE Whenever IGMP is enabled the switch generates a...

Страница 91: ...p igmp statistics switch config show ip igmp statistics IGMP Service Statistic Total VLAN s with IGMP enabled 33 Current count of multicast groups joined 21 IGMP Service Statistics VLAN ID VLAN Name Total Filtered Standard Static 1 DEFAULT_VLAN 52 50 0 2 300 Office Client 80 75 5 0 300 Data Center 1100 1000 99 1 Displaying igmp group address information Syntax show ip igmp groups switch config sho...

Страница 92: ...bling and disabling IGMP on the default VLAN VID 1 Command syntax Task vlan 1 ip igmp Enables IGMP on VLAN 1 switch vlan 1 ip igmp Disables IGMP on VLAN 1 switch config no vlan 1 ip igmp Disables IGMP on VLAN 1 NOTE If you disable IGMP on a VLAN and then later re enable IGMP on that VLAN the switch restores the last saved IGMP configuration for that VLAN For more information on switch memory opera...

Страница 93: ... igmp forward port list Forward all multicast traffic through the specified port For example to configure IGMP as follows for VLAN 1 on ports 1 6 Ports 1 2 Auto Ports 3 4 Forward Ports 5 6 Block Depending on privilege level use the following commands to configure IGMP on VLAN 1 switch config vlan 1 switch vlan 1 ip igmp auto 1 2 switch vlan 1 ip igmp forward 3 4 switch vlan 1 ip igmp blocked 5 6 A...

Страница 94: ...uters or switches that send or receive multicast data streams to or from the same sources is called a multicast group and all devices in the group use the same multicast group address Message types The multicast group running IGMP uses three message types to communicate Query A message sent from the querier multicast router or switch asking for a response from each host belonging to the multicast ...

Страница 95: ...plementation of IGMP supports the following standards and operating capabilities RFC2236 IGMP V 2 with backwards support for IGMP V 1 IETF draft for IGMP and MLD snooping switches for IGMP V1 V2 V3 Full IGMPv2 support and full support for IGMPv1 Joins Ability to operate in IGMPv2 querier mode on VLANs with an IP address The implementation is subject to the following restrictions Interoperability w...

Страница 96: ...e IGMP Yes Support automatic querier election No Querier operation not available Operate as the querier No Querier operation not available Available as a backup querier No Querier operation not available Automatic Fast Leave IGMP IGMP Operation Presents a Delayed Leave Problem Where multiple IGMP clients are connected to the same port on an IGMP device switch or router if only one IGMP client join...

Страница 97: ...atic Fast Leave does not activate regardless of whether one or more of these end nodes are IGMP clients In the following figure automatic Fast Leave operates on the switch ports for IGMP clients 3A and 5A but not on the switch port for IGMP clients 7A and 7B Server 7C and printer 7D Figure 12 Automatic Fast Leave IGMP Criteria When client 3A running IGMP is ready to leave the multicast group it tr...

Страница 98: ... not receive a join request for that group within the forced leave interval the switch then blocks any further group X traffic to the port Setting Fast Leave and Forced Fast Leave from the CLI Previous Fast Leave and Forced Fast Leave options for a port were set exclusively through the MIB The following commands now allow a port to be configured for Fast Leave or Forced Fast leave operation from t...

Страница 99: ...Fast Leave configuration data available in the switch MIB includes the state enabled or disabled for each port and the Forced Leave Interval for all ports on the switch To List the Forced Fast Leave State for all Ports in the Switch In the CLI use the walkmib command as shown below Enter either of the following walkmib commands generic or explicit walkmib hpSwitchIgmpPortForcedLeaveState generic c...

Страница 100: ...g Per Port Forced Fast Leave IGMP on Ports This procedure enables or disables Forced Fast Leave on ports in a given VLAN switch config setmib hpswitchigmpportforcedleavestate 1 6 i 1 hpSwitchIgmpPortForcedLeaveState 1 6 2 where 1 in 1 6 is the default VLAN 6 in 1 6 indicates port 6 and 2 verifies Forced Fast Leave disabled Syntax setmib hpSwitchIgmpPortForcedLeaveState vlan number port number i 1 ...

Страница 101: ...15 01 09 01 13 igmp DEFAULT_VLAN Other Querier detected I 01 15 01 09 01 13 igmp DEFAULT_VLAN This switch is no longer Querier In the above scenario if the other device ceases to operate as a querier on the default VLAN then the switch detects this change and can become the querier as long as it is not preempted by some other IGMP querier on the VLAN In this case the switch Event Log lists message...

Страница 102: ...the static filter unless IGMP learns of a multicast group destination in this range In this case IGMP dynamically takes over the filtering function for the multicast destination addresses for as long as the IGMP group is active If the IGMP group subsequently deactivates the switch returns filtering control to the static filter Reserved addresses excluded from IP multicast IGMP filtering Traffic to...

Страница 103: ...nce A spanning tree instance comprises a unique set of VLANs and belongs to a specific spanning tree region A region can comprise multiple spanning tree instances each with a different set of VLANs and allows one active path among regions in a network Applying VLAN tagging to the ports in a multiple instance spanning tree network enables blocking of redundant links in one instance while allowing f...

Страница 104: ...A multiple spanning tree application 104 Aruba 2530 Advanced Traffic Management Guide for ArubaOS Switch 16 09 ...

Страница 105: ... spanning tree parameters for each type and parameters that apply across the switch Although these parameters can be adjusted HPE strongly recommends leaving these settings in their default configurations unless the proposed changes have been supplied by an experienced network administrator who has a strong understanding of the IEEE 802 1D w s standards and operation 802 1s Multiple Spanning Tree ...

Страница 106: ...nning tree instance that communicates with STP and RSTP environments The MSTP configuration commands operate exactly like RSTP commands and MSTP is backward compatible with the RSTP enabled and STP enabled switches in your network CAUTION Spanning tree interprets a switch mesh as a single link Because the switch automatically gives faster links a higher priority the default MSTP parameter settings...

Страница 107: ...in MSTI x in the same region the port may apply different states to traffic for these two different instances Within a region traffic routed between VLANs in separate instances can take only one physical path To ensure that traffic in all VLANs within a region can travel between regions all of the boundary ports for each region should belong to all VLANs configured in the region Otherwise traffic ...

Страница 108: ...TP structure on page 105 MSTP operation with 802 1Q VLANs As indicated in the preceding sections within a given MST instance a single spanning tree is configured for all VLANs included in that instance This means that if redundant physical links exist in separate VLANs within the same instance MSTP blocks all but one of those links However you can prevent the bandwidth loss caused by blocked redun...

Страница 109: ...MSTP is the implementation of a larger range of port path costs which accommodates higher network speeds However this can create some incompatibility between devices running the older 802 1D STP You can adjust to this incompatibility by implementing the global spanning tree legacy path cost command RSTP and MSTP implement a greater range of path costs than 802 1D STP and use different default path...

Страница 110: ...All switches in a region must be configured with the same VLAN ID to MSTI mappings and the same MSTP configuration identifiers region name and revision number Flexibility By preconfiguring identical VLAN ID to MSTI mappings on all switches in an MST region you can combine switches that support different maximum numbers of VLANs Network stability You can reduce the interruptions in network connecti...

Страница 111: ... ID to MSTI assignments exist on each MSTP switch in a region Before a static VLAN is configured or a dynamic VLAN is learned on the switch use the spanning tree instance vlan command to map VLANs to each MST instance in the region Later when the VLAN is created the switch automatically assigns it to the MST instance to which you had previously mapped it Configuring MSTP instances with the VLAN ra...

Страница 112: ... files id act pri sec name 1 config1 2 config2 3 2 To save a configuration file for software version K 12 43 for example type switch config copy config config1 config configK1243 cfg Choose any name for the saved configuration file that you prefer 3 Display the configuration files as shown in the following example Note the newly created configuration file listed switch config show config files Con...

Страница 113: ...tiple Spanning Tree Instances MSTIs described below Within a region the IST instance provides a loop free forwarding path for all VLANs associated with it VLANs that are not associated with an MSTI are by default associated with the IST instance Note that the switch automatically places dynamic VLANs resulting from GVRP operation in the IST instance Dynamic VLANs cannot exist in an MSTI described ...

Страница 114: ...ce Determine the designated bridge and designated port for each LAN segment Determine which VLANs to assign to each instance and use port trunks with 802 1Q VLAN tagging where separate links for separate VLANs would result in a blocked link preventing communication between nodes on the same VLAN See MSTP operation with 802 1Q VLANs Identify the edge ports connected to end nodes and enable the admi...

Страница 115: ...lt setting is clearly indicated by the circumstances of individual links Other features you might consider include BPDU Filtering or BPDU Protection these provide additional per port control over spanning tree operations and security on the switch 3 Configure MST instances Configure one instance for each VLAN group that you want to operate as an active topology within the region to which the switc...

Страница 116: ... MST region with another switch The default name is a text string using the hexadecimal representation of the switch s MAC address The no form of the command overwrites the currently configured name with the default name NOTE This option is available only when the switch is configured for MSTP operation There is no defined limit on the number of regions you can configure Designating the revision n...

Страница 117: ...r 802 1w spanning tree protocols is not required NOTE Even when mstp operation is selected if the switch detects an 802 1D BPDU or an 802 1w BPDU on a port it communicates with the device linked to that port using STP or RSTP BPDU packets Also if errors are encountered as described in Configuring MSTP at a glance on page 114 setting force version to stp compatible forces the MSTP switch to communi...

Страница 118: ...panning tree hello time 1 10 If MSTP is running and the switch is operating as the CIST Common and Internal Spanning Tree root for your network this command specifies the time in seconds between transmissions of BPDUs for all ports on the switch configured with the Global option the default This parameter applies in MSTP RSTP and STP modes During MSTP operation you can override this global setting...

Страница 119: ...ry switch running an instance of MSTP has a Bridge Identifier which is a unique identifier that helps distinguish this switch from all others The switch with the lowest Bridge Identifier is elected as the root for the tree The Bridge Identifier is composed of a configurable priority component 2 bytes and the bridge s MAC address 6 bytes You can change the priority component provides flexibility in...

Страница 120: ...e Loop Guard option new root Enables SNMP notification when a new root is elected on any VLAN configured for MSTP on the switch root guard Enables SNMP notification when a root guard inconsistency is detected Default for all of the above options Disabled The no form of the command disables traps on the switch Configuring MSTP per port parameters In an MSTP topology per port parameters are set in t...

Страница 121: ...ult MSTP parameter settings are usually adequate for spanning tree operation Because incorrect MSTP settings can adversely affect network performance do not change the MSTP settings from their default values unless you have a strong understanding of how spanning tree operates Default Enabled The no form of this command disables auto edge port operation on the specified ports Specifying the interva...

Страница 122: ...0 Mbps 200000 1 Gbps 20000 Default Auto Informing the switch of the device type to which a port connects Syntax spanning tree port list point to point mac true false auto Informs the switch of the type of device to which a specific port connects Parameters true Default Indicates a point to point link to a device such as a switch bridge or end node false Indicates a connection to a half duplex repe...

Страница 123: ...uperior STP BPDUs The port is assigned an alternate port role and enters a blocking state if it receives superior STP BPDUs A superior BPDU contains both better information on the root bridge and path cost to the root bridge which would normally replace the current root bridge selection The superior BPDUs received on a port enabled as root guard are ignored All other BPDUs are accepted and the ext...

Страница 124: ...T instance Only IST VLANs can be directly mapped to other instances When VLANs are mapped to an instance they are automatically unmapped from the instance they were mapped to before Any MSTP instance can have all the VLANs configured in the switch Enable event logging Syntax no spanning tree log state transitions instance 1 64 ist vlan Description By default port state change for IST is added in l...

Страница 125: ...e than one instance You can create up to 16 MSTIs in a region The no form of the spanning tree instance vlan command removes one or more VLANs from the specified MSTI If no VLANs are specified the no form of the command deletes the specified MSTI When you remove a VLAN from an MSTI the VLAN returns to the IST instance where it can remain or be reassigned to another MSTI configured in the region If...

Страница 126: ...e no form of the command deletes the specified MSTI When you remove a VLAN from an MSTI the VLAN returns to the IST instance where it can remain or be re assigned to another MSTI configured in the region NOTE Starting in software release 13 x x you can enter the spanning tree instance vlan command before a static or dynamic VLAN is configured on the switch to preconfigure VLAN ID to MSTI mappings ...

Страница 127: ...stance Syntax spanning tree instance ist 1 16 port list path cost auto 1 200000000 Assigns an individual port cost for the IST or for the specified MST instance For a given port the path cost setting can be different for different MST instances to which the port may belong The switch uses the path cost to determine which ports are the forwarding ports in the instance that is which links to use for...

Страница 128: ...of other ports in the IST to determine which port is the root port for the IST instance The lower the priority value the higher the priority The IST root port or trunk in a region provides the path to connected regions for the traffic in VLANs assigned to the region s IST instance The priority range for a port in a given MST instance is 0 240 However this command specifies the priority as a multip...

Страница 129: ...guration changes invoked in a single switch Although MSTP employs rapid spanning tree operation the convergence time for implementing MSTP changes can be disruptive to your network However by using the spanning tree pending feature you can set up an MSTP on the switch and then invoke all instances of the new configuration at the same time instead of one at a time Syntax no spanning tree pending ap...

Страница 130: ...currently active MSTP configuration with the pending MSTP configuration use the spanning tree pending apply command Viewing MSTP statistics NOTE SNMP MIB Support for MSTP is a superset of the STP 802 1D and RSTP 802 1w protocols and uses the MIB objects defined for these two protocols Viewing global MSTP status The following commands display the MSTP statistics for the connections between MST regi...

Страница 131: ...status Viewing detailed port information The following commands display the MSTP statistics for the connections between MST regions in a network Syntax show spanning tree detail Chapter 6 Multiple instance spanning tree operation 131 ...

Страница 132: ... spanning tree instance commands Viewing status for a specific MST instance The following commands display the MSTP statistics for a specified MST instance Syntax show spanning tree instance ist 1 16 Displays the MSTP statistics for either the IST instance or a numbered MST instance running on the switch Syntax show spanning tree instance ist 1 16 detail Displays status on all active ports for a s...

Страница 133: ...00 3 10 100TX Auto 112 Designated Forwarding 1cc1de 02a700 4 10 100TX Auto 128 Disabled Disabled Viewing the MSTP configuration MSTP configuration can be viewed at the global per instance and regional level Viewing the global MSTP configuration This command displays the switch s basic and MST region spanning tree configuration including basic port connectivity settings Syntax show spanning tree co...

Страница 134: ...ning tree config instance ist 1 16 The upper part of this output shows the instance data for the ist or for the specified instance The lower part of the output lists the spanning tree port settings for the specified instance Syntax show spanning tree port list config instance ist 1 16 This command shows the same data as the preceding command but lists the spanning tree port parameter settings for ...

Страница 135: ...es within the same region must have the same VID to MSTI assignments and any given VID can be assigned to either the IST or one of the MSTIs within the region Thus the MSTP Configuration Digest must be identical for all MSTP switches intended to belong to the same region When comparing two MSTP switches if their Digest identifiers do not match they cannot be members of the same region Viewing a re...

Страница 136: ...MST Configuration Name New Version_01 MST Configuration Revision 1 IST Mapped VLANs 1 2 4 4094 Instance ID Mapped VLANs 3 3 MSTP operating rules All switches in a region must be configured with the same set of VLANs the same MST configuration name and MST configuration number Within a region a VLAN can be allocated to either a single MSTI or to the region s IST instance All switches in a region mu...

Страница 137: ...ions uses a single spanning tree If a port on a switch configured for MSTP receives a legacy STP 802 1D or RSTP 802 1w BPDU it automatically operates as a legacy port In this case the MSTP switch interoperates with the connected STP or RSTP switch as a separate MST region Within an MST region there is one logical forwarding topology per instance and each instance comprises a unique set of VLANs Wh...

Страница 138: ...hange history for the root bridge of a spanning tree network including MST regions and STP and RSTP bridges ist Displays the change history for the root bridge in the IST instance of an MST region mst instance id Displays the change history for the root bridge in an MST instance where instance id is an ID number from 1 to 16 Use the show spanning tree root history command to view the number and da...

Страница 139: ...I root switch using the spanning tree instance priority command mac address is the MAC address of the root bridge switch Viewing show spanning tree root history CST output Viewing show spanning tree root history IST output Chapter 6 Multiple instance spanning tree operation 139 ...

Страница 140: ... errant bpdu Disabled new root Disabled root guard Disabled loop guard Disabled Viewing debug counters for all MST instances The show spanning tree debug counters command allows you to display the aggregate values of all MSTP debug counters that are maintained on a switch These aggregate values are a summary of the information collected from all ports and from all spanning tree instances that forw...

Страница 141: ...nce command allows you to display the aggregate values of all MSTP debug counters maintained on a switch for a specified spanning tree instance These aggregate values are a summary of information collected from all ports that have VLANs assigned to the specified instance Use this command to troubleshoot the global MSTP diagnostic information displayed in show spanning tree debug counters command o...

Страница 142: ...ce Use this command to troubleshoot at a finer level the more general MSTP diagnostic information displayed in the show spanning tree debug counters instance command output when you suspect unauthorized MSTP activity on one or more MST ports in an MST instance Syntax show spanning tree debug counters instance instance id ports port list Displays debug counters for MSTP activity on the specified po...

Страница 143: ...05 34 Viewing debug counters output for one port in an MST instance The following example shows spanning tree debug counters instance ports command output for one port in an MST instance switch config show spanning tree debug counters instance 2 ports a15 Status and Counters MSTI Port s Debug Counters Information MST Instance ID 2 Port A15 Counter Name Value Last Updated Starved MSTI MSGs 0 Exceed...

Страница 144: ...tor as the receiving bridge but the value of the Configuration Digest field VLAN ID assignments to regional IST and MST instances is different This difference indicates a probable configuration error in MST region settings on the communicating bridges The received BPDU is still processed by MSTP This counter is maintained by the CIST default MST instance 0 on a per port basis Looped back BPDUs Tim...

Страница 145: ...ual to 1 This may occur if the receiving bridge is located too far from the CIST regional root bridge beyond the configured size of the MST region on the CIST regional root bridge or if a BPDU packet with invalid CIST regional root bridge information is continuously circulating between bridges in the MST Region and needs to be aged out This counter is maintained by the CIST default MST instance 0 ...

Страница 146: ... transmitted through the port number of CFG RST or MST BPDUs transmitted with the Topology Change Acknowledge flag set This counter is maintained by the CIST default MST instance 0 on a per port basis Topology Change ACKs Rx Times the Topology Change acknowledgement is received on the port number of CFG RST or MST BPDUs received with the Topology Change Acknowledge flag set This counter is maintai...

Страница 147: ... CIST default MST instance 0 on a per port basis MST BPDUs Rx 802 1s MST BPDUs that are received on the port This counter is maintained by the CIST default MST instance 0 on a per port basis MSTI MSGs Tx Times that a configuration message for a specific MSTI was encoded in 802 1s MST BPDUs that are transmitted through the port This counter is maintained on a per MSTI per port basis MSTI MSGs Rx Ti...

Страница 148: ...that the set of VLANs and VLAN ID to MSTI mappings spanning tree instance vlan command configured on the switch may not match the set of VLANs and VLAN ID to MSTI mappings configured on other switches in the intended region BPDU BPDUs are data messages that are exchanged across the switches within an extended LAN that uses a spanning tree protocol topology BPDU packets contain information on ports...

Страница 149: ...w spanning tree bpdu protection Displays a summary listing of ports with BPDU protection enabled To display detailed per port status information enter the specific port numbers as shown here Figure 18 Viewing BPDU protection status Chapter 6 Multiple instance spanning tree operation 149 ...

Страница 150: ...he switch at a time To prevent the spread of errant BPDU frames To eliminate the need for a topology change when a port s link status changes For example ports that connect to servers and workstations can be configured to remain outside of spanning tree operations To protect the network from denial of service attacks that use spoofing BPDUs by dropping incoming BPDU frames For this scenario BPDU p...

Страница 151: ... entries of the spanning tree category within the configuration file Configuring and managing BPDU protection BPDU protection is a security feature designed to protect the active STP topology by preventing spoofed BPDU packets from entering the STP domain In a typical implementation BPDU protection would be applied to edge ports connected to end user devices that do not run STP If STP BPDU packets...

Страница 152: ...t Configures the duration of time when protected ports receiving unauthorized BPDUs will remain disabled The default value of 0 zero sets an infinite timeout that is ports that are disabled by bpdu protection are not by default re enabled automatically Default 0 Range 0 65535 seconds Syntax no spanning tree trap errant bpdu Enables disables the sending of errant BPDU traps CAUTION This command sho...

Страница 153: ... disabled unless BPDU Protection is removed from the switch or by configuring a nonzero BPDU protection timeout For example if you want to re enable protected ports 60 seconds after receiving a BPDU you would use this command switch config spanning tree bpdu protection timeout 60 Enabling and disabling BPDU protection Syntax no spanning tree port list bpdu protection Enables or disables BPDU prote...

Страница 154: ...message is logged and an SNMP notification trap is generated 3 The port remains disabled until re enabled manually by a network administrator using the interface port list enable command NOTE To re enable the BPDU protected ports automatically configure a timeout period using the spanning tree bpdu protection timeout command Overview of MSTP BPDU throttling When an STP enabled switch is hit by an ...

Страница 155: ...MSTP mode by default Configuring MSTP BPDU throttling The CLI allows you to configure MSTP BPDU throttling Configuring MSTP BPDU throttling Syntax no spanning tree bpdu throttle Throttle Value Configures BPDU throttling on a device BPDU throttling limits the number of BPDUs that are sent to the switch s CPU The result prevents high CPU utilization on the switch when the network undergoes a broadca...

Страница 156: ...rotection If a switch in the core of a network receives Per Vlan Spanning Tree PVST BPDUs and forwards the unrecognized PVST BPDUs on to MSTP only switches those switches then disconnect themselves from the network This can create instability in the network infrastructure When the PVST protection feature is enabled on a port and a PVST BPDU is received on that port the interface on which the PVST ...

Страница 157: ...t protection Enables or disables PVST protection on the port s specified The command indicates which ports are not expected to receive any PVST BPDUs Default Disabled on all ports Enabling PVST protection To enable the PVST protection feature on ports 4 through 8 enter switch config spanning tree 4 8 pvst protection To disable the PVST protection feature on a port for example port 4 enter switch c...

Страница 158: ...ible to use the following automatic re enable timer command switch config spanning tree bpdu protection timeout 120 Viewing ports configured with PVST protection and filtering Viewing all ports with PVST protection enabled switch config show spanning tree pvst protection Status and Counters PVST Port s BPDU Protection Information BPDU Protection Timeout sec 0 PVST Protected Ports 5 6 Viewing all p...

Страница 159: ...Viewing if PVST protection is enabled Yes Chapter 6 Multiple instance spanning tree operation 159 ...

Страница 160: ...icast MAC address from the client authenticated MAC address To ensure that client authenticated edge ports get blocked when loops occur you should enable loop protection on those ports On ports connected to unmanaged devices Spanning tree cannot detect the formation of loops where there is an unmanaged device on the network that does not process spanning tree packets and simply drops them Loop pro...

Страница 161: ...oop protection packets are not transmitted Default send disable trap loop detected Configures loop protection traps for SNMP indicating when a loop has been detected on a port disable timer 0 604800 Configures how long in seconds a port is disabled when a loop has been detected A value of zero disables the auto re enable function Default Timer is disabled transmit interval 1 10 Configures the time...

Страница 162: ...fig loop protect vlan 20 30 Changing modes for loop protection When changing from VLAN mode to port mode you are prompted with the message shown below The VLANs will no longer be configured for loop protection Changing modes for loop protection switch config loop protect mode port Any Loop Protect enabled VLAN will be deleted Do you want to continue Y N N Viewing loop protection status in port mod...

Страница 163: ...0 30 Loop Loop Detected Loop Time Since Rx Port Port Protect Detected on VLAN Count Last Loop Action Status 1 Yes Yes 20 1 45s send disable Down 2 Yes No 0 send disable Up STP loop guard Spanning Tree STP is used to ensure a loop free topology over the LAN Occasionally a hardware or software failure can cause STP to fail creating STP forwarding loops that can cause network failures where unidirect...

Страница 164: ...tch config spanning tree 2 loop guard switch config show spanning tree Multiple Spanning Tree MST Information STP Enabled Yes Force Version MSTP operation IST Mapped VLANs 1 4094 Switch MAC Address 0024a8 d13a40 Switch Priority 32768 Max Age 20 Max Hops 20 Forward Delay 15 Topology Change Count 1 Time Since Last Change 20 mins CST Root MAC Address 001083 847000 CST Root Priority 0 CST Root Path Co...

Страница 165: ...ult Path Costs 802 1t 802 1t MST Configuration Name 0024a8d13a40 MST Configuration Revision 0 Switch Priority 32768 Forward Delay 15 15 Hello Time 2 2 Max Age 20 20 Max Hops 20 20 Path Prio Admin Auto Admin Hello Root Loop TCN BPDU Port Type Cost rity Edge Edge PtP Time Guard Guard Guard Flt 1 100 1000T Auto 128 No Yes True Global No No No No 2 100 1000T Auto 128 No Yes True Global No Yes No No 3 ...

Страница 166: ...nfig show spanning tree 2 Multiple Spanning Tree MST Information STP Enabled Yes Force Version MSTP operation IST Mapped VLANs 1 4094 Switch MAC Address 0024a8 d13a40 Switch Priority 32768 Max Age 20 Max Hops 20 Forward Delay 15 Topology Change Count 1 Time Since Last Change 58 mins CST Root MAC Address 001083 847000 CST Root Priority 0 CST Root Path Cost 60000 CST Root Port 1 IST Regional Root MA...

Страница 167: ...l are global The trap option refers to an SNMP trap Regardless of how the receiver action and trap options are configured all detected loops will be logged in the switch s event log The no loop protect port command will not remove a receive action configuration line from the running configuration unless this option is set to receive action send disable If loop protect is enabled in port mode it ca...

Страница 168: ...asis of relative importance However without QoS prioritization less important traffic consumes network bandwidth and slows down or halts the delivery of more important traffic Without QoS most traffic received by the switch is forwarded with the same priority it had upon entering the switch In many cases such traffic is normal priority and competes for bandwidth with all other normal priority traf...

Страница 169: ...w policies and yet other downstream switches can be configured to honor the new policies Preserving QoS in outbound traffic in a VLAN QoS is implemented in the form of rules or policies that are configured on the switch Although you can use QoS to prioritize traffic only while it moves through the switch you derive the maximum benefit by using QoS in an 802 1Q VLAN environment with 802 1p priority...

Страница 170: ...ronment with VLAN tagged ports if QoS is not configured on the switch but is configured on an upstream device the priorities carried in the packets determine the forwarding queues in the switch Configuring a priority for outbound packets and a service priority policy for use by downstream devices DSCP Policy This feature enables you to set a priority policy in outbound IP packets You can configure...

Страница 171: ... port 4 queues Outbound port 2 queues 1 1 1 1 2 2 0 3 2 3 4 4 5 3 2 5 6 6 7 4 7 8 If a packet is not in a VLAN tagged port environment then the QoS settings in the table above control only to which outbound queue the packet goes Without VLAN tagging no 802 1p priority is added to the packet for downstream device use But if the packet is in a VLAN tagged environment then the above setting is also a...

Страница 172: ...ket type increases the complexity of the possible outcomes and consumes switch resources Packet classifiers and evaluation order The switches covered in this guide provide six types of globally configured QoS classifiers match criteria to select packets for QoS traffic marking The switches covered in this guide provide six QoS classifiers packet criteria you can use to configure QoS priority Table...

Страница 173: ...be changed NOTE Intermixing lower precedence types configured with DSCP policies and higher precedence types configured with 802 1p priority rules is not recommended as this can result in a packet with an 802 1p priority assigned by one type and a DSCP policy by another type This is because the search order would allow a lower precedence type configured with a DSCP policy to change both the DSCP a...

Страница 174: ...rity destination or source IP address Note that destination has precedence over source See the table below c IP ToS Precedence Bits Leftmost three bits in the ToS field of IP packets d IP ToS Differentiated Service bits Leftmost 6 bits in the ToS field of IP packets e Layer 3 Protocol Priority f VLAN Priority requires at least one tagged VLAN on the network g Source Port h Incoming 802 1p Priority...

Страница 175: ...policy implied by the codepoint 3When using a global QoS IP Precedence classifier the 802 1p priority is automatically assigned to matching packets based on the IP precedence bit set in the packet header 3 If you want 802 1p priority settings to be included in outbound packets ensure that tagged VLANs are configured on the appropriate downstream links 4 Determine the actual QoS configuration chang...

Страница 176: ... No override By default the show command outputs automatically list No override for priority options that have not been configured This means that if you do not configure a priority for a specific option QoS does not prioritize packets to which that option applies resulting in the No override state IP packets received through a VLAN tagged port are managed using the 802 1p priority they carry in t...

Страница 177: ...51 Dynamic and Private Ports 49152 65535 For more information including a listing of UDP TCP port numbers go to the Internet Assigned Numbers Authority IANA website at http www iana org Then click Protocol Number Assignment Services P under Directory of General Assigned Numbers Port Numbers Assigning an 802 1p priority for a global TCP UDP classifier To mark matching TCP or UDP packets with an 802...

Страница 178: ...s a listing of all TCP and UDP QoS classifiers currently in the running config file Operating notes on using TCP UDP port ranges Only six concurrent policies are possible when using unique ranges The number of policies allowed is less if ACLs are also using port ranges No ranges allowed that include any port numbers configured as part of another QoS application port number policy An error message ...

Страница 179: ...ure 1 Selects an incoming IP packet if the TCP or UDP port number it carries matches the port number specified in the TCP or UDP classifier as shown in the figure in Operating notes on using TCP UDP port ranges 2 Overwrites re marks the packet s DSCP with the new DSCP configured for matching packets 3 Assigns the 802 1p priority associated with the new DSCP see Differentiated Services Codepoint DS...

Страница 180: ...de in the Priority column of the DSCP Policy table using the show qos dscp map command you must first configure a priority for the codepoint before proceeding using the qos dscp map priority command qos dscp map codepoint priority 0 7 Optional This command is required only if an 802 1p priority is not already assigned to the specified codepoint in the DSCP Policy table Valid values for a DSCP code...

Страница 181: ...UDP ports If you specify a range the minimum port number must precede the maximum port number in the range dscp codepoint overwrites the DSCP codepoint in the IPv4 ToS byte or IPv6 Traffic Class byte of matching packets with the specified value Valid values for the DSCP codepoint are as follows A binary value for the 6 bit codepoint from 000000 to 111111 A decimal value from 0 low priority to 63 h...

Страница 182: ... config show qos dscp map DSCP 802 p priority mappings NOTE qos type of service diff services must be configured before DSCP is honored on inbound traffic DSCP CodePoint DSCP Value 802 1p tag DSCP Policy name 000000 0 0 cs0 000001 1 No override 000010 2 No override 000011 3 No override 000100 4 No override 000101 5 No override 000110 6 No override 000111 7 No override 001000 8 1 cs1 001001 9 No ov...

Страница 183: ... to the selected packets Global IP device classifier Global QoS classifier precedence 2 The global IP device classifier enables you to configure up to 250 IP addresses to select IP packets according to source or destination address NOTE QoS IP device restriction The switch does not allow a QoS IP device priority for the Management VLAN IP address if configured If no Management VLAN is configured t...

Страница 184: ... the desired 802 1p priorities for the codepoints you want to use for either option See Differentiated Services Codepoint DSCP mapping on page 200 for more information Unless IP Precedence mode and Diffserv mode are both disabled the default setting enabling one automatically disables the other NOTE Mixing ToS DSCP policies and 802 1p priorities is not recommended Assigning an 802 1p priority to I...

Страница 185: ...forward these packets with the desired 802 1p priority For example if an edge switch A marks all packets received on port 5 with a particular DSCP you can configure a downstream interior switch B to handle such packets with the desired priority regardless of whether 802 1Q tagged VLANs are in use Figure 29 Interior switch B honors the policy established in edge switch A To do so assign the desired...

Страница 186: ...in the priority assigned in the upstream or edge switch or assign a new priority 3 Use qos dscp map codepoint priority 0 7 to assign the 802 1p priority you want to the specified DSCP 4 Enable diff services if not already enabled Syntax qos type of service diff services codepoint Causes the switch to read the codepoint DSCP of an incoming IPv4 packet and when a match occurs assign a corresponding ...

Страница 187: ...the codepoints available for 802 1p priority assignments Figure 31 ToS configuration that enables both 802 1p priority and DSCP policy assignment Assigning a DSCP policy on the basis of the DSCP in IPv4 packets received from upstream devices The preceding section describes how to forward a policy set by an edge or upstream switch This option changes a DSCP policy in an IPv4 packet by changing its ...

Страница 188: ...rrent codepoint and then use the new codepoint to assign a new previously configured DSCP policy to the packet The policy overwrites the current codepoint with the new codepoint and assigns the 802 1p priority specified by the policy Syntax no qos type of service Disables all ToS classifier operation Current ToS DSCP policies and priorities remain in the configuration and will become available if ...

Страница 189: ...am devices is shown below The specified DSCP policies overwrite the original DSCPs on the selected packets and use the 802 1p priorities previously configured switch config qos type of service diff services 001100 dscp 17 switch config qos type of service diff services 001101 dscp 16 switch config show qos type of service Type of Service Differentiated Services Codepoint DSCP Policy Priority 00000...

Страница 190: ...ices and applications The following figure shows an example of the ToS byte in the header for an IPv4 packet and illustrates the diffserv bits and precedence bits in the ToS byte Note that the Precedence bits are a subset of the Differentiated Services bits Figure 32 The ToS codepoint and precedence bits 190 Aruba 2530 Advanced Traffic Management Guide for ArubaOS Switch 16 09 ...

Страница 191: ...he switch through a queue as defined in the table in Overview of QoS settings on page 170 If No override the default has been configured for a specified codepoint then the packet is not prioritized by ToS and by default is sent to the normal priority queue IP packet sent out an untagged port in a VLAN Same as above plus the IP Precedence value 0 7 will be used to set a corresponding 802 1p priorit...

Страница 192: ...es the packet s queue in the outbound port to which it is sent If the packet leaves the switch on a tagged port it carries the 802 1p priority with it to the next downstream device You can configure one QoS classifier for each protocol type Default No override Syntax no qos protocol ip ipx arp appletalk sna netbeui Disables use of the specified protocol as a QoS classifier and resets the protocol ...

Страница 193: ...new DSCP and 802 1p priority For operation when other QoS classifiers apply to the same traffic see Classifiers for prioritizing outbound packets on page 172 NOTE QoS with VID priority applies to static VLANs only and applying QoS to dynamic VLANs created by GVRP operation is not supported A VLAN must exist while a subject of a QoS configuration and eliminating a VLAN from the switch causes the sw...

Страница 194: ... Procedure 1 For example suppose that you have the following VLANs configured on the switch and want to prioritize them as shown switch config show vlan Status and Counters VLAN Information Maximum VLANs to support 8 Primary VLAN DEFAULT_VLAN 802 1Q VLAN ID Name Status 1 DEFAULT_VLAN static 22 VLAN_22 static 2 You would then execute the following commands to prioritize the VLANs by VID switch conf...

Страница 195: ...ets This codepoint will be used to overwrite the DSCP carried in packets received through the source port from upstream devices b Determine the 802 1p priority you want to assign to the DSCP 3 Configure the DSCP policy by using qos dscp map to configure the priority for each codepoint see Differentiated Services Codepoint DSCP mapping on page 200 for more information 4 Configure the switch to assi...

Страница 196: ...ll Overwrite the original DSCPs in the selected packets with the new DSCPs specified in the above policies Assign the 802 1p priorities in the above policies to the appropriate packets QoS source port priority Global QoS classifier precedence 6 The QoS source port option enables you to use a packet s source port on the switch as a QoS classifier Where a particular source port classifier has the hi...

Страница 197: ...onfigures an 802 1p priority for packets entering the switch through the specified source ports This priority determines the packet queue in the outbound ports to which traffic is sent If a packet leaves the switch on a tagged port it carries the 802 1p priority with it to the next downstream device You can configure one QoS classifier for each source port or group of source ports Default No overr...

Страница 198: ...icy codepoint and 802 1p priority to outbound IP packets received from the specified sourceports That is the switch Procedure 1 Selects an incoming IP packet on the basis of its source port on the switch 2 Overwrites the packet s DSCP with the DSCP configured in the switch for such packets 3 Assigns 802 1p priority configured in the switch for the new DSCP see Differentiated Services Codepoint DSC...

Страница 199: ... s queue in the outbound port to which it is sent If the packet leaves the switch on a tagged port it carries the 802 1p priority with it to the next downstream device Default No override Syntax no interface port list qos Removes QoS classifier for the specified source ports Syntax show qos port Displays a listing of all source port QoS classifiers currently in the running config file For example ...

Страница 200: ... No override in the Priority column of the DSCP map show qos dscp map then you must assign a 0 7 priority before proceeding qos dscp map priority command The DSCP Policy Table associates an 802 1p priority with a specific ToS byte codepoint in an IPv4 packet This enables you to set a LAN policy that operates independently of 802 1Q VLAN tagging In the default state most of the 64 codepoints do not...

Страница 201: ...depoint priority 0 7 These policies are not in effect unless you have either applied the policies to a QoS classifier or configured QoS Type of Service to be in diff services mode Quickly listing non default codepoint settings The DSCP Policy Table in Differentiated Services Codepoint DSCP mapping lists the switch s default codepoint priority settings If you change the priority of any codepoint se...

Страница 202: ...rded on a tagged port member of a VLAN 0 zero normal Forwarded on an Untagged port member of a VLAN None Note on changing a priority setting If a QoS classifier is using a policy codepoint and associated priority in the DSCP Policy table you must delete or change this usage before you can change the priority setting on the codepoint Otherwise the switch blocks the change and displays this message ...

Страница 203: ...he 000001 dscp 1 codepoint switch config qos dscp map 1 priority 4 4 You could now re assign the classifiers to the original policy codepoint or leave them as currently configured IP Multicast IGMP interaction with QoS IGMP high priority forward causes the switch to service the subscribed IP multicast group traffic at high priority even if QoS on the switch has relegated the traffic to a lower pri...

Страница 204: ...d with the qos watch queue command Ports that have not been configured display zero values for the queue counts Monitoring egress queues on a port switch config show interface queues 5 Status and Counters Queue Counters for port 5 Name MAC Address 001c2e 95ab3f Link Status Up Port Totals Since boot or last clear Rx Ucast Pkts 142 181 Tx Ucast Pkts 552 Rx B Mcast Pkts 10 721 488 Tx B Mcast Pkts 11 ...

Страница 205: ...currently defined traffic templates and their status switch config show qos traffic template System default template default tcgt Template Name Status Queues example Valid 4 dot1q tcgt predefined Valid 4 default tcgt predefined Active 4 To display detailed information about a single traffic template enter the show qos traffic template template name command List of the currently defined traffic tem...

Страница 206: ...r status active valid or invalid When executed with the name of a specific traffic template detailed information for that traffic template is displayed After executing the qos traffic template template name command in the global configuration context you are in traffic template context and can begin modifying a newly created template or an existing template Creating a new traffic template and ente...

Страница 207: ...fies an 802 1p priority to assign this queue This command may be repeated to assign multiple priorities to the same queue name namestring Assigns a documentary label to the traffic group Maximum length is 40 characters The no form of the command removes the descriptive name from the group Moving a priority from one traffic group to another Typically when modifying a traffic template priorities are...

Страница 208: ...d load tcg 4 6 7 control tcg After modifying a traffic template you must apply it to the switch to activate the new mapping See Applying a traffic template on page 208 Applying a traffic template After creating a traffic template with the desired queue assignments you must apply it The same traffic templates is applied to the all ports on the switch A reboot is required for the new template to tak...

Страница 209: ...ds qos trust Syntax qos trust default dot1p dscp ip prec none device none DEVICE TYPE Description Set the QoS Trust Mode configuration for the port Parameters default Trust 802 1p priority and preserve DSCP or IP ToS device DEVICE TYPE On approved devices trust IP ToS Differentiated Services in IP packets and use the DSCP MAP to remark the 802 1p priority If the DSCP codepoint does not have an ass...

Страница 210: ...apped factory default configuration legacy Restore the legacy default behavior partial mapping used in earlier code releases Show commands show qos trust Syntax show qos trust device PORT Description Shows port based QoS trust configuration Parameters device Show list of trusted devices per port port Show trusted devices on a single port Usage show qos trust device ethernet PORT LIST show qos trus...

Страница 211: ...02 1p user priorities By default the switches covered in this guide use four queues Change the default QoS queue configuration to four queue mode or two queue mode to increase the available bandwidth per queue Use the following commands to change the number of queues per port and display the current priority queue configuration on the switch Syntax qos queue config 2 queues 4 queues queue servicin...

Страница 212: ...te to be used on all ports to define the mapping of 802 1p packet priority values to outbound queues Syntax show qos queue config Displays the current qos queue configuration Mapping of outbound port queues This table shows the mapping of 802 1p priorities to outbound port queues Table 25 Mapping 802 1p priorities to outbound port queues 802 1p priority 4 Queues 2 Queues 1 lowest 1 1 2 0 normal 2 ...

Страница 213: ...iguration per queue Viewing QoS queue configuration switch show qos queue config Outbound Port Queue Configuration 802 1p Queue Priority 1 0 3 2 4 7 QoS operating notes and restrictions All switches For explicit QoS support of IP subnets Hewlett Packard Enterprise recommends forcing IP subnets onto separate VLANs and then configuring VLAN based classifiers for those VLANs For devices that do not s...

Страница 214: ...priority of 1 QoS cannot be configured use this priority as a classifier for changing the outbound priority to 0 214 Aruba 2530 Advanced Traffic Management Guide for ArubaOS Switch 16 09 ...

Страница 215: ...an example you can substitute the actual values for your switch as shown in the table to do a similar calculation In a stack of 4 with 2x2920 24 and 1 trunk interface Trk1 configured x will be 24 24 1 49 Therefore the maximum allowed vPorts is 299 Switch show spanning tree system limits rapid pvst Spanning Tree Information STP Enabled No Mode MSTP RPVST Enabled VLANs 1 4 20 23 Switch MAC Address 4...

Страница 216: ...x of RPVST enabled and disabled VLANs Additional configuration options include Configuring BPDU filtering Allowing traffic on VLAN ID PVID mismatched links Configuring STP loop guard Configuring RPVST at a glance The general steps for configuring RPVST via the CLI are Procedure 1 Select RPVST as the active spanning tree mode by entering the following command spanning tree mode rapid pvst To begin ...

Страница 217: ...mand does not enable disable spanning tree It sets the mode which is operational once spanning tree is enabled using spanning tree enable The no form of the command changes the spanning tree mode to the default mode MSTP Configuring global spanning tree Syntax spanning tree extend system id Creates a unique bridge identifier for each VLAN by adding the VLAN ID vid value to the priority field of th...

Страница 218: ...llo time 1 10 Specifies the time in seconds between transmissions of BPDUs on the specified VLAN s when the switch is root for those VLAN s Default 2 Range 1 10 Syntax spanning tree vlan vid list forward delay 4 30 Sets the time in seconds the switch waits before transitioning from listening to learning and from learning to forwarding states Default 15 Range 4 30 Syntax spanning tree vlan vid list...

Страница 219: ...d list root primary secondary no spanning tree vlan vid list root primary secondary Specifies the switch as the primary or secondary root bridge for the specified VLAN s Otherwise by default the root bridge for each VLAN will be determined by the lowest MAC address in that topology The no form of the command returns the determination of root to the lowest MAC address criterion Configuring per port...

Страница 220: ...fied ports Syntax spanning tree port list auto edge port no spanning tree port list auto edge port Enables or disables the automatic identification of edge ports The port will look for BPDUs for 3 seconds If there are none it begins forwarding packets If admin edge port is enabled for a port the setting for auto edge port is ignored whether set to yes or no If admin edge port is set to No and auto...

Страница 221: ... on RPVST switch ports that are connected to devices located in other administrative network domains to ensure the stability of the core RPVST network topology so that undesired or damaging influences external to the network do not enter Default Disabled Syntax spanning tree port list tcn guard When tcn guard is enabled for a port it causes the port to stop processing or propagating received topol...

Страница 222: ...a VLAN ID mismatch PVST blocks the link resulting in traffic on the mismatched VLANs being dropped However there can be instances where traffic passing between mismatched VLANs on a link is desirable When enabled on the switch the ignore pvid inconsistency command allows this behavior That is where the ports on both ends of a point to point link are untagged members of different VLANs enabling ign...

Страница 223: ...figuring STP loop guard Spanning tree is used to ensure a loop free topology over the LAN Occasionally a hardware or software failure can cause STP to fail creating STP forwarding loops that can cause network failures where unidirectional links are used The non designated port transitions in a faulty manner because the port is no longer receiving STP BPDUs STP Loop Guard causes the non designated ...

Страница 224: ...651c0 VLAN ID 20 RPVST Enabled Enabled Root MAC Address 0024a8 d13a40 Root Priority 32 768 Root Path Cost 20 000 Root Port 1 Operational Hello Time secs 2 Topology Change Count 2 Time Since Last Change 9 secs Designated Port Type Cost Priority Role State Bridge 1 100 1000T 20000 128 Root Forwarding 0024a8 d13a40 20 10 100TX 200000 128 Alternate Blocking 002347 587b80 After configuring loop guard B...

Страница 225: ...t 20 goes into the inconsistent state and ceases to forward traffic as displayed in the following show spanning tree output for VLAN 20 switch config show spanning tree vlan 20 Spanning Tree Information STP Enabled No Yes Mode RPVST Extended System ID Enabled Ignore PVID Inconsistency Disabled Switch MAC Address 002347 c651c0 VLAN ID 20 RPVST Enabled Enabled Root MAC Address 0024a8 d13a40 Root Pri...

Страница 226: ...spanning tree throughout a bridged network This protocol maps one loop free logical topology on a given physical topology This results in the least optimal link utilization and longest convergence times The 802 1s multiple spanning tree protocol MSTP uses multiple spanning tree instances with separate forwarding topologies Each instance is composed of one or more VLANs which significantly improves...

Страница 227: ...ing tree instances RPVST can result in an increased load on the switch s CPU Understanding how RPVST operates RPVST applies one RSTP tree per VLAN Each of these RSTP trees can have a different root switch and span the network through shared or different links As shown in the following diagram since the active paths for traffic on different VLANs can use the same for different links multiple topolo...

Страница 228: ...switch B and switch D is only blocked for VLAN 10 traffic but VLAN 20 traffic goes through that link Similarly the link between switch A and switch C is blocked only for VLAN 20 traffic but VLAN 10 traffic goes through that link Here traffic passes through all the available links and network availability and bandwidth utilization increase Another major advantage of RPVST is that it localizes topol...

Страница 229: ...ently configured spanning tree parameter settings when spanning tree is disabled Thus if you disable then later re enable spanning tree the parameter settings will be the same as before spanning tree was disabled CAUTION The switch automatically senses port identity and type and automatically defines spanning tree parameters for each type and parameters that apply across the switch Although these ...

Страница 230: ...ter Multicast in rapid PVST mode The multicast MAC address value cannot be set to the PVST MAC address 01 00 0c cc cc cd GVRP Spanning tree mode cannot be set to RPVST when GVRP is enabled and GVRP cannot be enabled when RPVST is enabled RPVST operating limits Virtual ports vPorts on a switch are determined by the number of physical ports on the switch plus other factors Exceeding the recommended ...

Страница 231: ...itch MAC Address 0024a8 d13a40 Root Guard Ports Loop Guard Ports TCN Guard Ports BPDU Protected Ports 23 24 BPDU Filtered Ports 23 24 Auto Edge Ports 1 24 A1 A4 Admin Edge Ports VLAN Root Mac Root Root Root Hello ID Address Priority Path Cost Port Time sec 10 0024a8 d13a40 32 768 0 This switch is root 2 20 0024a8 d13a40 32 768 0 This switch is root 2 Viewing status for a specific VLAN Syntax show ...

Страница 232: ...rt list Syntax show spanning tree port list Displays the spanning tree status for the designated port s You can list data for a series of ports and port trunks by specifying the first and last port or trunk of any consecutive series of ports and trunks For example to display data for port 20 24 and trk1 you would use this command show spanning tree 20 42 trk1 Viewing status for a specific port lis...

Страница 233: ... Guard No Loop Guard No Admin Edge Port No Admin PointToPoint MAC Yes VLAN Port Port Port Designated Hello Oper Oper ID Path Cost Priority State Bridge Time Edge PtP 20 20000 128 Forwarding 0024a8 d13a40 2 No Yes Viewing the global RPVST configuration Syntax show spanning tree config Displays the switch s basic and per VLAN spanning tree configuration The upper part of the output shows the switch ...

Страница 234: ...d last port or trunk of any consecutive series of ports and trunks For example to display data for ports 9 11 12 21 and trk1 use this command show spanning tree 9 11 12 21 trk1 config Viewing the global RPVST configuration per port switch show spanning tree 9 11 12 21 22 2 trk1 config Spanning Tree Information STP Enabled No Yes Mode RPVST Switch MAC Address 002347 587b80 RPVST Enabled VLANs 10 20...

Страница 235: ...0 128 No Yes True No No No No No Viewing the global RPVST configuration per VLAN Syntax show spanning tree config vlan vlan id Lists the spanning tree port parameter settings for only the specified VLAN Viewing the global RPVST configuration per VLAN switch config show spanning tree config vlan 20 Spanning Tree Information STP Enabled No Yes Mode RPVST Extended System ID Enabled Ignore PVID Incons...

Страница 236: ...U Filtering No Root Guard No TCN Guard No Loop Guard No Admin Edge Port No Admin PointToPoint MAC Yes VLAN Port Port Port Designated Hello Oper Oper ID Path Cost Priority State Bridge Time Edge PtP 20 20000 128 Forwarding 0024a8 d13a40 2 No Yes Viewing BPDU protection status on specific ports switch show spanning tree bpdu protection 11 12 21 24 Status and Counters STP BPDU Protection Information ...

Страница 237: ...ended vPort total per switch or for modular switches per module Syntax show spanning tree system limits rapid pvst Displays the RPVST VLAN and virtual port vPort status on the switch Viewing RPVST VLAN and vPort system limits switch config show spanning tree system limits rapid pvst Spanning Tree Information STP Enabled Yes Mode RPVST RPVST Enabled VLANs 20 Switch MAC Address 002347 c651c0 Count o...

Страница 238: ...LAN on a per module basis or a per group of ports basis Operational Virtual Ports The number of ports belonging to each PVST enabled VLAN on a per module basis or a per group of ports basis This value should not exceed the recommended maximum vPort limit Recommended Maximum Virtual Ports The maximum recommended number of vPort instances that should be allowed on the switch Exceeding this limit can...

Страница 239: ...switches The switch wide active vPort count there is a vPort count per port module determined by the number of ports per line card that are members of each VLAN Also on modular switches if a VLAN includes a trunk configured with ports on more than one module then one vPort is counted for each module on which the trunk exists regardless of how many ports are included in the trunk For example in the...

Страница 240: ...ry vlan vlan id Displays the last 10 root bridge changes on a specified VLAN configured with RPVST Included are the timestamp and Root Bridge ID recorded at each root bridge change Use the show spanning tree root history command to view the number and dates of changes in the assignment of a root bridge Possible intrusion into your VLAN network may occur if an unauthorized external device gains acc...

Страница 241: ...op Guard option new root Enables SNMP notification when a new root is elected on any VLAN configured for RPVST on the switch root guard Enables SNMP notifications when a root guard inconsistency is detected topology change Enables notifications sent when a topology change occurs topology change history Shows the spanning tree topology history changes Default for all of the above options Disabled T...

Страница 242: ...alid BPDUs 0 Errant BPDUs 0 Looped back BPDUs 0 Starved BPDUs 18 Exceeded Max Age BPDUs 3 Topology Changes Detected 9 Topology Changes Tx 9 Topology Changes Rx 4 Topology Change ACKs Tx 0 Topology Change ACKs Rx 6 TCN BPDUs Tx 4 TCN BPDUs Rx 0 CFG BPDUs Tx 0 CFG BPDUs Rx 0 RST BPDUs Tx 0 RST BPDUs Rx 0 RPVST BPDUs Tx 1881 RPVST BPDUs Rx 2617 Viewing debug counters per VLAN Syntax show spanning tre...

Страница 243: ...n 20 Status and Counters RPVST Debug Counters Information VLAN ID 20 Port 9 Counter Name Value Last Updated Invalid BPDUs 0 04 16 2012 22 27 15 Errant BPDUs 0 04 16 2012 22 27 15 Looped back BPDUs 0 04 16 2012 22 27 15 Starved BPDUs 5 05 01 2012 21 48 11 Exceeded Max Age BPDUs 0 04 16 2012 22 27 15 Topology Changes Detected 9 05 04 2012 21 54 05 Topology Changes Tx 5 05 05 2012 22 04 49 Topology C...

Страница 244: ...Message Age value greater than the configured value of the Max Age parameter spanning tree maximum age command This may occur if the receiving bridge is located too far from the root bridge beyond the configured size of the spanning tree domain on the root bridge or if a BPDU packet with invalid root information is continuously circulating between bridges in a spanning tree domain and needs to be ...

Страница 245: ...ough the port This counter is maintained on a per port per VLAN basis RST BPDUs Rx 802 1w RST BPDUs that are received on the port This counter is maintained on a per port per VLAN basis RPVST event log messages Event Log message STP enabled disabled on a VLAN Spanning tree Protocol enabled disabled on vlan vlan id Switch does not receive BPDUs from peer on a particular VLAN and port VLAN vlan id s...

Страница 246: ...o commands described next affect debug operation for RPVST For further information on debug operation see the ArubaOS Switch Management and Configuration Guide for your switch Syntax spanning tree clear debug counters ports port list vlan vid list Clears all spanning tree debug counters unless specific ports and VLANs are specified ports port list Clears spanning tree debug counters on the specifi...

Страница 247: ...eived filter port port list vlan vid list Limits packets displayed to those generated on the specified ports If the vlan option is used then packets displayed are further limited to the ports on the specified VLANs The no form of the command disables display of RPVST debug messages on the destination device Chapter 9 Rapid per VLAN spanning tree RPVST operation 247 ...

Страница 248: ...mes that All switches to include in a stack are connected to the same subnet broadcast domain If VLANs are enabled on the switches to include in the stack then the ports linking the stacked switches must be on the primary VLAN in each switch If the primary VLAN is tagged then each switch in the stack must use the same VLAN ID VID for the primary VLAN Options for configuring a commander and candida...

Страница 249: ...P addressing and a stack name on the Commander 3 Set the Commander s Auto Grab parameter to Yes 4 Connect Candidate switches in their factory default configuration to the network This approach automatically creates a stack of up to 16 switches including the Commander However this replaces manual control with an automatic process that may bring switches into the stack that you did not intend to inc...

Страница 250: ...ically or manually pulling Candidate switches into a stack leave such switches in their default stacking configuration to access Candidate switches through your network before they join the stack assign IP addresses to these devices Otherwise IP addressing is optional for Candidates and Members NOTE Once a Candidate becomes a member you can access it through the Commander to assign IP addressing o...

Страница 251: ...tches discovered in the same subnet Viewing the status of an individual switch Syntax show stack Lists the stacking configuration for an individual switch Displaying show stack output switch config show stack Stacking Stacking Status This Switch Stack State Commander Transmission Interval 60 Stack Name Big_Waters Number of members 14 Auto Grab Yes Members unreachable 0 SN MAC Address System Name D...

Страница 252: ...thers 0060b0 889e00 DEFAULT_CONFIG Candidate Viewing the status of the Commander and current members of the Commander s stack CLI Syntax show stack view Lists all switches in the stack of the selected switch Using the show stack view command to list the stack assigned to the selected commander switch config show stack view Stack Members SN MAC Address System Name Device Type Status 0 1cc1de cfbc80...

Страница 253: ...der s Manager password controls access to stack Members For more on passwords see the local manager and operator password information in the ArubaOS Switch Access Security Guide for your switch Making a switch a Commander CLI Syntax stack commander name str Assigns a stack name to a switch makes it a Commander and automatically creates a stack Creating a Commander switch To create a Commander swit...

Страница 254: ...d switches to a stack by adding discovered Candidates or by moving switches from other stacks that may exist in the same subnet NOTE You cannot add a Candidate that the Commander has not discovered In its default configuration the Commander s Auto Grab parameter is set to No to give you manual control over which switches join the stack and when they join This prevents the Commander from automatica...

Страница 255: ...nder CLI For example to list discovered candidates for the above Commander Finding MAC addresses Knowing the available switch numbers SNs and Candidate MAC addresses you can manually assign a Candidate to be a Member of the stack Syntax stack member switch number mac address mac addr password password str For example if the switch in the above output did not have a Manager password and you want to...

Страница 256: ...s Syntax stack auto join no stack auto join Enables Auto Join on a Candidate The no version disables Auto Join on a Candidate Using a Candidate CLI to push the Candidate into a stack Use this method if any of the following apply The Candidate s Auto Join is set to Yes and you do not want to enable Auto Grab on the Commander or the Candidate s Auto Join is set to No Either you know the MAC address ...

Страница 257: ...ion Commander CLI to pull a member from another stack Syntax stack member switch number mac address password password str In the destination Commander finds the MAC address of the Member you want to pull into the destination stack Stack output with two stacks in the subnet Suppose that you create a new Commander with a stack name of Cold_Waters and want to move a switch named Bering Sea into this ...

Страница 258: ...tack eliminates the stack and returns its Members to the Candidate pool with Auto Join disabled On using the no stack command on a commander all members will continue to show the commander entry for 125 seconds After the countdown timer expires on each member for the commander the members will no longer show the commander entry To identify the MAC address of the destination Commander use the show ...

Страница 259: ...to list the stack Members Syntax no stack member switch num mac address mac addr Removes the specified Member from the stack A commander and three switches in a stack Suppose you want to use the Commander to remove the North Sea member from the following stack Execute this command to remove the North Sea switch from the stack switch config no stack member 3 mac address 0030c1 7fc700 where 3 is the...

Страница 260: ...an unsigned integer assigned by the Commander to each member range 1 15 To find the switch number for the Member you want to access execute the show stack view command in the Commander s CLI A stack showing switch number SN assignments Suppose you want to configure a port trunk on the switch named North Sea in the stack named Big_Waters To do so go to the CLI for the Big_Waters Commander and execu...

Страница 261: ... a stand alone non stacking switch Syntax no stack Disables stacking on the switch stack Enables stacking on the switch Setting the transmission interval CLI All switches in a stack must be set to the same transmission interval to help ensure proper stacking operation Hewlett Packard Enterprise recommends that you leave this parameter set to the default 60 seconds Syntax stack transmission interva...

Страница 262: ...manual methods A switch configured as a Candidate is not in a stack Member A switch that has joined a stack and is accessible from the stack Commander Figure 41 A switch moving from Candidate to Member General stacking operation After you configure one switch to operate as the Commander of a stack additional switches can join the stack by either automatic or manual methods After a switch becomes a...

Страница 263: ... be disabled Stacking has no effect on the normal operation of the switch in your network A stack requires one Commander switch Only one Commander allowed per stack All switches in a particular stack must be in the same IP subnet broadcast domain A stack cannot cross a router A stack accepts up to 16 switches numbered 0 15 including the Commander always numbered 0 The stacking feature supports up ...

Страница 264: ...cking operation with multiple VLANs configured on page 266 and The primary VLAN on page 53 Stacking allows intermediate devices that do not support stacking This enables you to include switches that are distant from the Commander Figure 43 A non stacking device used in a stacking environment 264 Aruba 2530 Advanced Traffic Management Guide for ArubaOS Switch 16 09 ...

Страница 265: ... member In the factory default configuration the switch automatically acquires an IP address if your network includes DHCP service Stack Name N A n a Passwords optional If the Candidate becomes a stack Member it assumes the Commander s Manager and Operator passwords If a candidate has a password it cannot be automatically added to a stack In this case if you want the Candidate in a stack you must ...

Страница 266: ... Packard Enterprise recommends that you leave Auto Grab disabled on all Commander switches and manually add Members to their stacks Similarly if you plan to install a stack in a subnet broadcast domain where stacking capable switches are not intended for stack membership you should set the Stack State parameter in the Stack Configuration screen to Disabled on those particular switches Stacking ope...

Страница 267: ...it for an update If the condition persists re configure the Commander or the Member Member Down A Member has become detached from the stack A possible cause is an interruption to the link between the Member and the Commander Check the connectivity between the Commander and the Member Member Up The Commander has stacking connectivity to the Member None required Rejected The Candidate has failed to ...

Страница 268: ...ue community snmpget MIB variable 10 31 29 100 blue sw1 Because the gray community is only on switch 3 you could not use the Commander IP address for gray community access from the management station Instead you would access switch 3 directly using the switch s own IP address For example snmpget MIB variable 10 31 29 15 gray In the figure in Community Membership you cannot use the public community...

Страница 269: ... such as the device MAC address which gives that client s device access to the network The BYOD solution includes secure user authentication centralized authentication process authorization and accounting unified monitoring and network management services ease of use self registration on boarding process BYOD solution The following figure illustrates a BYOD solution that includes the following Acc...

Страница 270: ... for which free rules are not enabled Most BYOD redirect implementation is platform independent except installing free rules to mitigate risks Communication between clients and the IMC server is tunneled by the edge switch 1 A client request is read by the HTTP task 2 The HTTP task always redirects after embedding client IP addresses a URL trying to access the redirected URL 270 Aruba 2530 Advance...

Страница 271: ...is enabled the switch tunnels packets to the controller Packets are re injected to the switch only if the controller classifies DNS packets as permitted When BYOD redirect is enabled the user should configure an ACL rule to pass through DNS packets to the switch If SDN controller policy classifies a DNS packet originating from a client as drop then BYOD redirect does not work 3 IP sentinel and BYO...

Страница 272: ...2 BYOD redirect supports up to three redirection servers configured on a switch When a redirection server URL is configured the BYOD module maintains separate data structures to store the redirected URL on the VLAN where BYOD redirect is enabled BYOD redirect statistics are maintained for each server Configuring BYOD Creating a BYOD server Configure a portal redirect web server Syntax no portal we...

Страница 273: ...feature free rule Configure a BYOD free rule rule number Free rule number as an INTEGER 1 6 vlan Free rule source VLAN ID VLAN ID VLAN identifier or VLAN name destination Free rule destination ip address IP address mask Mask mask length Mask length tcp TCP protocol udp UDP Protocol des udp port tcp port destination source Free rule source src des tcp udp port TCP or UDP port number as an integer 1...

Страница 274: ...ect function complete the following tasks on the distribution switch 1 Configure DNS and make FQDN solution successful ip dns server address priority 1 DNS server IP NOTE The argument to the URL can be an FQDN or IP address If you use the IP address as an argument this step is not necessary 2 Configure BYOD web server URL portal web server byod url http imc com 8080 byod 3 Enable BYOD redirect on ...

Страница 275: ...ds enable mac authentication on ports 1 2 aaa port access mac based 1 2 configure number of client limits on port 1 and port2 aaa port access mac based 1 addr limit 32 aaa port access mac based 2 addr limit 32 radius server host radius ip dyn authorization radius server host radius ip time window 0 Chapter 11 BYOD redirect 275 ...

Страница 276: ...uration on the edge switch 3 Create the configuration on 5400 switch Wireless Access 1 Make the HPE MSM controller reachable by IMC 2 Ensure that access points HPE 422 are managed by the MSM controller 3 Configure MAC or 802 1X authentication on the MSM controller 4 Create the configuration on the 5400 switch Figure 47 Wired and wireless components configured in a network topology 276 Aruba 2530 A...

Страница 277: ...example 2530 Switch 3810 1 Register the edge switch and distribution switch in IMC 2 Ensure that both the edge and distribution switch can reach the DHCP and DNS server 3 Create the configuration on the edge switch 4 Create the configuration on the distribution switch Figure 48 Wired clients solution Chapter 11 BYOD redirect 277 ...

Страница 278: ...by the DHCP and DNS server 3 Create the configuration on the edge switch 4 Create the configuration on the edge switch Figure 49 Configuration and access for wired clients on an edge switch Show commands Show portal server Display all BYOD servers and their attributes or specify a BYOD web server name to display its details Syntax show portal web server web server name 278 Aruba 2530 Advanced Traf...

Страница 279: ... portal redirect statistics Term Meaning portal Display BYOD server details redirect Display redirect statistics statistics Display the statistics Sample output show portal redirect statistics Status and Counters Portal Redirect Information Total Opens 0 Resets Connections 0 Current Opens 0 Packets Received 14997 Packets Sent 12013 HTTP Packets Sent 3002 Current Connection States SYN_RECVD 0 ESTAB...

Страница 280: ...0 Mask 0 0 0 0 Associating with the BYOD server on a specified VLAN Associate a BYOD server with a specific VLAN to redirect clients to the assigned URL page Syntax no vlan VLAN ID portal web server web server name Term Meaning portal Configure the BYOD redirect feature on the VLAN web server Specify the BYOD web server ASCII STR BYOD web server name vlan Add delete edit VLAN configuration or ente...

Страница 281: ...lave Only the master interface forwards traffic for a group of vlans called a protected vlan group The other interface is in standby mode for this protected group If port A1 goes down port A2 starts forwarding traffic for this protected vlan group If port A1 comes back up it goes to standby mode and does not forward traffic Port A2 continues forwarding traffic This is the case if preemption mode i...

Страница 282: ...is off preemption delay 10 max Set the delay until when standby preempts active Default is 1 second trap enable disable Enable sending trap for this group Disable the trap for this group NOTE The maximum number of Smartlink Groups supported is 24 Configure VLANs Syntax no smart link recv control vlan vid list Configures VLANs to receive flush messages This is interface level command Command must b...

Страница 283: ...on Detailed output is displayed if group is specified otherwise only basic information is displayed for all groups Syntax show smart link group group 1 24 all flush statistics recv control vlans Show smart link group information flush statistics Show information about the received flush messages group Show information for groups recv control vlans Show receive control VLANs information show smart ...

Страница 284: ...ed On 00 11 07 1990 01 01 Device Id Of Last Flush Packet Received c8cbb8 ddc0c0 Control VLAN Of Last Flush Packet Received 1 Show receive control Syntax show smart link recv control vlans Show receive control VLANs configured on per port basis show smart link recv control vlan Switch show smart link recv control vlan Receive Control VLAN Information Port VLANs A1 1 3 B1 4 Show tech smart link Synt...

Страница 285: ...Flush Packet Detail Flush Packets Received 2 Last Flush Packet Received On Interface 23 Last Flush Packet Received On 00 11 07 1990 01 01 Device Id Of Last Flush Packet Received c8cbb8 ddc0c0 Control VLAN Of Last Flush Packet Received 1 Clear command Clear group and flush statistics Syntax clear smart link flush statistics group group id all Event Log Event Message Whenever a standby port transits...

Страница 286: ...ng Hewlett Packard Enterprise My Networking website www hpe com networking support Hewlett Packard Enterprise My Networking Portal www hpe com networking mynetworking Hewlett Packard Enterprise Networking Warranty www hpe com networking warranty General websites Hewlett Packard Enterprise Information Library www hpe com info EIL For additional websites see Support and other resources Chapter 13 We...

Страница 287: ...ware products provide a mechanism for accessing software updates through the product interface Review your product documentation to identify the recommended software update method To download product updates Hewlett Packard Enterprise Support Center www hpe com support hpesc Hewlett Packard Enterprise Support Center Software downloads www hpe com support downloads Software Depot www hpe com suppor...

Страница 288: ...vice level Hewlett Packard Enterprise strongly recommends that you register your device for remote support If your product includes additional remote support details use search to locate that information Remote support and Proactive Care information HPE Get Connected www hpe com services getconnected HPE Proactive Care services www hpe com services proactivecare HPE Datacenter Care services www hp...

Страница 289: ...n be found at www hpe com info reach For Hewlett Packard Enterprise product environmental and safety information and compliance data including RoHS and REACH see www hpe com info ecodata For Hewlett Packard Enterprise environmental information including company programs product recycling and energy efficiency see www hpe com info environment Documentation feedback Hewlett Packard Enterprise is com...

Результаты поиска

Содержание Aruba 2530

Отзывы:

Похожие инструкции для Aruba 2530

Бренды по названию

Популярные бренды

Hewlett Packard Enterprise Aruba 2530, Руководство по продвинутому управлению трафиком

Результаты поиска

Содержание Aruba 2530

Отзывы:

Похожие инструкции для Aruba 2530

Бренды по названию

Популярные бренды