HP ProCurve 6120G/XG Скачать руководство пользователя страница 493 | Manualshive

Страница: 493 / 662

background image

Monitoring and Analyzing Switch Operation

Traffic Mirroring

C o n f i g u r a t i o n
N o t e s

Traffic Mirroring

Mirror Features

Feature

Default

Menu

CLI

Mirror CLI Quick Reference

n/a

n/a

B-34

Configure Mirror Source

disabled

page B-29 page B-35

Configure Mirror Destination at Source

disabled

page B-29 page B-35

Display Mirror Configuration

n/a

page B-29 page B-38

Traffic mirroring (Intelligent Mirroring) allows you to mirror (send a copy of)
network traffic received or transmitted on a switch interface to a local
destination, such as a traffic analyzer or intrusion detection system (IDS).

Traffic mirroring provides the following benefits:

■

Allows you to monitor the traffic flow on specific source interfaces

■

Helps in analyzing and debugging problems in network operation result
ing from a misbehaving network or an individual client. The mirroring of
selected traffic to an external device makes it easier to diagnose a network
problem from a centralized location ina topology spread across a campus.

Mirroring destinations.

Traffic mirroring supports destination devices

that are connected to the local switch:

■

Traffic can be copied to a destination connected to the same switch as the
mirroring source in a

local

mirroring session. Up to four local mirroring

destinations are supported on a switch.

Using the CLI, you can make full use of the switch’s local mirroring capabili
ties. Using the Menu interface, you can configure only local mirroring for a
group of ports and/or static trunks.

Only a single mirror port session is supported.

Mirrored frames exceeding the allowed maximum transmission unit (MTU)
size will be dropped. Also, the switch applies a 54-byte IPv4 header to mirrored
frames. For more information, including the size limitation for jumbo and non-
jumbo frames, see “Maximum Supported Frame Size” on page B-42.

Selecting mirrored traffic.

You can use any of the following options to

select the traffic to be mirrored on a port or trunk interface in a local session:

B-23

«
...
491
492
493
494
495
...
»

Содержание ProCurve 6120G/XG

Страница 1: ...ProCurve Series 6120 Switches Management and Configuration Guide November 2010 Version Z 14 22 ...

Страница 2: ......

Страница 3: ...HP ProCurve 6120G XG Switch 6120XG Switch November 2010 Z 14 22 Management and Configuration Guide ...

Страница 4: ...nd services Nothing herein should be construed as constituting an additional warranty HP shall not be liable for technical or editorial errors or omissions contained herein Hewlett Packard assumes no responsibility for the use or reliability of its software on equipment that is not furnished by Hewlett Packard Warranty See the Customer Support Warranty information at http www hp com Support A copy...

Страница 5: ... 2 Command Syntax Statements 1 2 Command Prompts 1 3 Screen Simulations 1 3 Configuration and Operation Examples 1 3 Keys 1 3 Sources for More Information 1 4 Getting Documentation From the Web 1 6 Online Help 1 6 Menu Interface 1 6 Command Line Interface 1 7 Web Browser Interface 1 7 Need Only a Quick Start 1 8 IP Addressing 1 8 To Set Up and Install the Switch in Your Network 1 9 Physical Instal...

Страница 6: ...ners for the Console and Web Browser Interfaces 2 8 Banner Operation with Telnet Serial or SSHv2 Access 2 9 Banner Operation with Web Browser Access 2 9 Configuring and Displaying a Non Default Banner 2 9 Example of Configuring and Displaying a Banner 2 10 Operating Notes 2 13 Using the Menu Interface Contents 3 1 Overview 3 2 Starting and Ending a Menu Session 3 3 How To Start a Menu Interface Se...

Страница 7: ...nfiguration Modes 4 13 CLI Control and Editing 4 16 Executing a Prior Command Redo 4 16 Repeating Execution of a Command 4 16 Using a Command Alias 4 18 CLI Shortcut Keystrokes 4 20 5 Using the ProCurve Web Browser Interface Contents 5 1 Starting a Web Browser Using ProCurve Manager PCM or Security Creating Usernames and Passwords Overview 5 3 General Features 5 4 Interface Session with the Switch...

Страница 8: ...rt Types and Detailed Views 5 22 The Status Bar 5 23 Setting Fault Detection Policy 5 25 Switch Memory and Configuration Contents 6 1 Overview 6 3 Configuration File Management 6 3 Using the CLI To Implement Configuration Changes 6 6 Using the Menu and Web Browser Interfaces To Implement Configuration Changes 6 10 Menu Implementing Configuration Changes 6 10 Using Save and Cancel in the Menu Inter...

Страница 9: ...nfiguration Enabled 6 29 Displaying the Content of A Specific Startup Config File 6 30 Changing or Overriding the Reboot Configuration Policy 6 30 Managing Startup Config Files in the Switch 6 32 Renaming an Existing Startup Config File 6 33 Creating a New Startup Config File 6 33 Erasing a Startup Config File 6 35 Switch to Its Default Configuration 6 37 Transferring Startup Config Files To or Fr...

Страница 10: ...Parameters 7 20 Configuring IP Addressing Contents 8 1 Overview 8 2 IP Configuration 8 2 Just Want a Quick Start with IP Addressing 8 3 IP Addressing with Multiple VLANs 8 4 Menu Configuring IP Address Gateway and Time To Live TTL 8 5 CLI Configuring IP Address Gateway and Time To Live TTL 8 6 Web Configuring IP Addressing 8 10 How IP Addressing Affects Switch Operation 8 11 DHCP Bootp Operation 8...

Страница 11: ...Authentication Mode and Saving Configuration Files and the Viewing the Current SNTP Configuration 9 9 Configuring Enabling or Disabling the SNTP Mode 9 11 SNTP Client Authentication 9 17 Requirements 9 17 Key Value 9 19 Configuring a Trusted Key 9 19 Associating a Key with an SNTP Server 9 20 Enabling SNTP Client Authentication 9 21 Configuring Unicast and Broadcast Mode 9 21 Displaying SNTP Confi...

Страница 12: ...the Show Interfaces Custom Command 10 13 Viewing Port Utilization Statistics 10 13 Viewing Transceiver Status 10 14 Enabling or Disabling Ports and Configuring Port Mode 10 15 Enabling or Disabling Flow Control 10 17 Configuring a Broadcast Limit on the Switch 10 18 Configuring ProCurve Auto MDIX 10 19 Web Viewing Port Status and Configuring Port Parameters 10 22 Using Friendly Optional Port Names...

Страница 13: ...1 Overview 11 2 Port Trunk Features and Operation 11 4 Trunk Configuration Methods 11 4 Menu Viewing and Configuring a Static Trunk Group 11 9 CLI Viewing and Configuring Port Trunk Groups 11 11 Using the CLI To View Port Trunks 11 11 Using the CLI To Configure a Static or Dynamic Trunk Group 11 14 Web Viewing Existing Port Trunk Groups 11 17 Trunk Group Operation Using LACP 11 18 Default Port Ope...

Страница 14: ...logy 12 10 GMB Operation 12 10 Impacts of QoS Queue Configuration on GMB Operation 12 12 Outbound Traffic 12 13 Configuration 12 17 GMB Operating Notes 12 19 Jumbo Frames 12 20 Terminology 12 20 Operating Rules 12 21 Configuring Jumbo Frame Operation 12 22 Overview 12 22 Viewing the Current Jumbo Configuration 12 23 Enabling or Disabling Jumbo Traffic on a VLAN 12 25 Configuring a Maximum Frame Si...

Страница 15: ...cations 13 19 Supported Notifications 13 19 General Steps for Configuring SNMP Notifications 13 20 SNMPv1 and SNMPv2c Traps 13 21 Configuring an SNMP Trap Receiver 13 21 Enabling SNMPv2c Informs 13 23 Configuring SNMPv3 Notifications 13 25 Managing Network Security Notifications 13 28 Enabling Link Change Traps 13 30 Configuring the Source IP Address for SNMP Notifications 13 31 Displaying SNMP No...

Страница 16: ...ng SNMP Notification Support 13 54 Configuring Per Port Transmit and Receive Modes 13 55 Configuring Basic LLDP Per Port Advertisement Content 13 56 Advertisements 13 58 Port VLAN ID TLV Support on LLDP 13 59 Configuring the VLAN ID TLV 13 59 Displaying the TLVs Advertised 13 60 SNMP Support 13 61 LLDP MED Media Endpoint Discovery 13 62 LLDP MED Topology Change Notification 13 65 LLDP MED Fast Sta...

Страница 17: ...dem to Download Switch Software From a PC or UNIX Workstation A 19 Menu Xmodem Download to Primary Flash A 20 CLI Xmodem Download from a PC or UNIX Workstation to Primary or Secondary Flash A 21 Switch to Switch Download A 22 Menu Switch to Switch Download to Primary Flash A 22 CLI Switch To Switch Downloads A 23 Using PCM to Update Switch Software A 24 Copying Software Images A 25 TFTP Copying a ...

Страница 18: ...view B 3 Status and Counters Data B 4 Menu Access To Status and Counters B 5 General System Information B 6 Menu Access B 6 CLI Access to System Information B 7 Task Monitor Collecting Processor Data B 8 Switch Management Address Information B 8 Menu Access B 8 CLI Access B 9 Port Status B 10 Menu Displaying Port Status B 10 CLI Access B 10 Web Access B 10 Viewing Port and Trunk Group Statistics a...

Страница 19: ... Mirroring Overview B 33 1 Determine the Mirroring Session and Destination B 35 2 Configure a Mirroring Session on the Source Switch B 35 3 Configure the Monitored Traffic in a Mirror Session B 35 Traffic Selection Options B 36 Mirroring Source Restrictions B 36 Selecting All Inbound Outbound Traffic to Mirror B 36 Displaying a Mirroring Configuration B 38 Displaying the Mirroring Configuration Su...

Страница 20: ...lems C 19 TimeP SNTP or Gateway Problems C 21 VLAN Related Problems C 21 Using the Event Log for Troubleshooting Switch Problems C 24 Event Log Entries C 24 Menu Displaying and Navigating in the Event Log C 31 CLI Displaying the Event Log C 32 CLI Clearing Event Log Entries C 32 CLI Turning Event Numbering On C 33 Using Log Throttling to Reduce Duplicate Event Log and SNMP Messages C 33 Log Thrott...

Страница 21: ...ink Tests C 57 CLI Ping Test C 58 Link Tests C 59 Traceroute Command C 60 Viewing Switch Configuration and Operation C 64 CLI Viewing the Startup or Running Configuration File C 64 Web Viewing the Configuration File C 64 CLI Viewing a Summary of Switch Operational Data C 64 Saving show tech Command Output to a Text File C 66 Customizing show tech Command Output C 67 CLI Viewing More Information on...

Страница 22: ...ng MAC Addresses D 3 Menu Viewing the Switch s MAC Addresses D 4 CLI Viewing the Port and VLAN MAC Addresses D 5 Viewing the MAC Addresses of Connected Devices D 7 E Monitoring Resources Contents E 1 Viewing Information on Resource Usage E 2 Policy Enforcement Engine E 2 When Insufficient Resources Are Available E 3 F Daylight Savings Time on ProCurve Switches G Network Out of Band Management OOBM...

Страница 23: ...on G 10 OOBM IPv4 default gateway configuration G 10 OOBM Show Commands G 11 Show OOBM G 11 Show OOBM IP configuration G 12 Show OOBM ARP information G 12 Application Server Commands G 13 Application Client Commands G 15 Example G 16 H Switch Licensing General Procedure H 1 Index xxi ...

Страница 24: ...xxii ...

Страница 25: ...publications listed below is available in PDF format on the ProCurve Web site as described in the Note at the top of this page Installation and Getting Started Guide Describes how to install hard ware and get started using the switch Management and Configuration Guide Describes how to configure manage and monitor basic switch operation Advanced Traffic Management Guide Explainshowtoconfigure traff...

Страница 26: ...oftware Features For the HP 6120XG switch Pre mium License features can be acquired by purchasing the optional Premium License and installing it on the switch Premium License Software Features Manual Management and Configuration Advanced Traffic Management Multicast and Routing Access Security Guide Converged Enhanced Ethernet CEE X Intelligent Edge Software Features Manual Management and Configur...

Страница 27: ... only Config File Console Access Copy Command X X X X CoS Class of Service Debug DHCP Configuration DHCP Option 82 X X X X DHCP Bootp Operation DHCP Snooping Diagnostic Tools Downloading Software X X X X Dynamic ARP protection Dynamic IP Lockdown DIPLD Eavesdrop Prevention Event Log X X X X Factory Default Settings Flow Control 802 3x File Transfers Friendly Port Names X X X X Guaranteed Minimum B...

Страница 28: ... X X LACP LLDP LLDP MED Loop Protection X X X X MAC Address Management MAC Lockdown MAC Lockout MAC based Authentication X X X X Monitoring and Analysis Network Management Applications SNMP Passwords and Password Clear Protection ProCurve Manager PCM X X X X Ping Port Configuration Port Monitoring Port Security X X X X Port Status Port Trunking LACP Port Based Access Control 802 1X Protocol VLANS ...

Страница 29: ...sFlow SFTP X X X X SNMPv3 Software Downloads SCP SFTP TFPT Xmodem Source Port Filters Spanning Tree STP RSTP MSTP X X X X SSHv2 Secure Shell Encryption SSL Secure Socket Layer Syslog System Information X X X X TACACS Authentication Telnet Access TFTP Time Protocols TimeP SNTP X X X X Troubleshooting Uni Directional Link Detection UDLD Uplink Failure Detection VLANs Voice VLAN Web Authentication RA...

Страница 30: ...Intelligent Edge Software Features Manual Management and Configuration Advanced Traffic Management Multicast and Routing Access Security Guide Web UI X xxviii ...

Страница 31: ...nfiguration and Operation Examples 1 3 Keys 1 3 Sources for More Information 1 4 Getting Documentation From the Web 1 6 Online Help 1 6 Menu Interface 1 6 Command Line Interface 1 7 Web Browser Interface 1 7 Need Only a Quick Start 1 8 IP Addressing 1 8 To Set Up and Install the Switch in Your Network 1 8 Physical Installation 1 8 1 1 ...

Страница 32: ...his guide uses the following conventions for commands and screen displays Command Syntax Statements Syntax ip default gateway ip addr routing Syntax show interfaces port list Vertical bars separate alternative mutually exclusive elements Square brackets indicate optional elements Braces enclose required elements Braces within square brackets indicate a required element within an optional choice Bo...

Страница 33: ...en text and command output look like this ProCurve show version Image stamp sw code build vern Jul 27 2010 13 42 40 Z 14 04 0001 1037 Boot Image Primary Build Options QA Watchdog ENABLED Figure 1 1 Example of a Figure Showing a Simulated Screen In some cases brief command output sequences appear without figure iden tification For example ProCurve config clear public key ProCurve config show ip cli...

Страница 34: ...ew features and how to configure and use them software management including downloading software to the switch software fixes addressed in current and previous releases Product Notes and Software Update Information The printed Quick Installation Card shipped with your switch provides basic installation and getting started information Installation and Getting Started Guide Use the Installation and ...

Страница 35: ...uting Guide Use this guide for information on topics such as IGMP IP routing Access Security Guide Use this guide for information on topics such as Local username and password security Web Based and MAC based authentication RADIUS and TACACS authentication Access Control Lists ACLs SSH Secure Shell and SSL Secure Socket Layer operation 802 1X access control Port security operation with MAC based c...

Страница 36: ...lowing web sites www procurve com manuals www hp com go bladesystem documentation h18004 www1 hp com products blades components c class tech installing html Online Help Menu Interface If you need information on specific parameters in the menu interface refer to the online help provided in the interface For example Online Help for Menu Figure 1 2 Online Help for Menu Interface 1 6 ...

Страница 37: ... use the online Help You can access the Help by clicking on the question mark button in the upper right corner of any of the web browser interface screens The Help Button Figure 1 4 Button for Web Browser Interface Online Help Not e To access the online Help for the Web browser interface you need either ProCurve Manager version 1 5 or greater installed on your network or an active connection to th...

Страница 38: ...an communicate on your network or if you are not using VLANs ProCurve recommends that you use the Switch Setup screen to quickly configure IP addressing To do so do one of the following Enter setup at the CLI Manager level prompt Procurve setup In the Main Menu of the Menu interface select 8 Run Setup For more on using the Switch Setup screen see the Installation and Getting Started Guide you rece...

Страница 39: ...ings related to installing and using the switch and its related modules Instructions for physically installing the switch in your network Quickly assigning an IP address and subnet mask set a Manager pass word and optionally configure other basic features Interpreting LED behavior For the latest version of the Installation and Getting Started Guide for your switch refer to Getting Documentation Fr...

Страница 40: ...Getting Started To Set Up and Install the Switch in Your Network 1 10 ...

Страница 41: ...ntages of Using the Menu Interface 2 4 Advantages of Using the CLI 2 5 General Benefits 2 5 Information on Using the CLI 2 5 Advantages of Using the Web Browser Interface 2 6 or ProCurve Manager Plus 2 7 Web Browser Interfaces 2 8 Banner Operation with Telnet Serial or SSHv2 Access 2 9 Banner Operation with Web Browser Access 2 9 Configuring and Displaying a Non Default Banner 2 9 Example of Confi...

Страница 42: ...tated Guide for the switch See the HP BladeSystem Onboard Administrator User Guide for details on OA setup For infor mation on OA command line interface CLI commands see the HP BladeSystem Onboard Administrator Command Line Interface User Guide Both guides are available at www hp com go bladesystem documentation Another way that the OA provides access is through the switch CLI telnet to the OA IP ...

Страница 43: ...er PCM a windows based network management solution included in box with all manageable ProCurve devices Features include automatic device discovery network status summary topology and mapping and device management ProCurve Manager Plus PCM a complete windows based network management solution that provides both the basic features offered with PCM as well as more advanced management features includi...

Страница 44: ... provides access for Setup screen Switch and port statistic and counter displays Event Log display Reboots Switch and port Software downloads status displays Offers out of band access through the RS 232 connection and through the OA network to the switch so network bottlenecks crashes lack of configured or correct IP address and network downtime do not slow or prevent access Enables Telnet in band...

Страница 45: ... through the OA network or Telnet in band access Enables quick detailed system configuration and management access to system operators and administrators experienced in command prompt interfaces Provides help at each level for determining available options and vari ables Information on Using the CLI For information on how to use the CLI refer to Chapter 4 Using the Command Line Interface CLI To pe...

Страница 46: ...r browser interface locations of window objects consistent with commonly used browsers uses mouse clicking for navigation no terminal setup Many features have all their fields in one screen so you can view all values at once More visual cues using colors status bars device icons and other graphical objects instead of relying solely on alphanumeric values Display of acceptable ranges of values avai...

Страница 47: ...rizes them by severity making it easier to track where bottlenecks and issues exist in the network Alerts present detailed information on the problem even down to the spe cific port Automatic Device Discovery This feature is customized for fast discovery of all ProCurve manageable network devices The user can define which IP subnets to discover Topology and Mapping This feature automatically creat...

Страница 48: ...llowing users to download the latest version or choose the desired version Updates can be scheduled easily across large groups of devices all at user specified times Investment Protection The modular software architecture of Pro Curve Manager Plus will allow ProCurve to offer network administra tors add on software solutions that complement their needs Custom Login Banners for the Console and Web ...

Страница 49: ...password information or if no username password is required the switch then displays either the Registra tion page or the switch s home page Note that if the banner feature is disabled or if the switch is using the factory default banner shown in figure 2 5 then the banner page does not appear in the Web browser when an operator initiates a login session with the switch Configuring and Displaying ...

Страница 50: ... described above and then re configuring new banner text The banner text string must terminate with the character defined by banner motd delimiter Note In redundant management the banner is not seen on the standby module only the active module Example of Configuring and Displaying a Banner Suppose a system operator wanted to configure the following banner message on her company s switches This is ...

Страница 51: ...anner motd Output ProCurve config show running Running configuration 498358 B21 Configuration Editor Created on release Z 14 04 hostname ProCurve 6120 Blade Switch vlan 1 name DEFAULT_VLAN Shows the current banner untagged D1 4 S1 S2 X1 X2 C1 configuration ip address dhcp bootp exit banner motd This is a private system maintained by the Allied Widget Corporation Unauthorized use of this system can...

Страница 52: ...nager Plus The next time someone logs onto the switch s management CLI the following appears The login screen displays the configured banner Entering a correct password clears the banner and displays the CLI prompt Figure 2 7 Example of CLI Result of the Login Banner Configuration 2 12 ...

Страница 53: ...itch is reset to its factory default configuration The switch supports one banner at any time Configuring a new banner replaces any former banner configured on the switch If the switch is configured with ssh version 1 or ssh version 1 or 2 configuring the banner sets the SSH configuration to ssh version 2 and displays the following message in the CLI Warning SSH version has been set to v2 If a ban...

Страница 54: ...Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus 2 14 ...

Страница 55: ...Ending a Menu Session 3 3 How To Start a Menu Interface Session 3 4 How To End a Menu Session and Exit from the Console 3 5 Main Menu Features 3 7 Screen Structure and Navigation 3 9 Rebooting the Switch 3 12 Menu Features List 3 14 Where To Go From Here 3 15 3 1 ...

Страница 56: ...rs IP addressing VLANs Virtual LANs and GVRP Time protocol Ports Trunk groups View status counters and Event Log information Update switch software Reboot the switch For a detailed list of menu features see the Menu Features List on page 3 14 Privilege Levels and Password Security ProCurve strongly recom mends that you configure a Manager password to help prevent unauthorized access to your networ...

Страница 57: ...guration change made through any switch interface overwrites earlier changes made through any other interface The Menu Interface and the CLI Command Line Interface both use the switch console To enter the menu from the CLI use the menu command To enter the CLI from the Menu interface select Command Line CLI option Starting and Ending a Menu Session You can access the menu interface using any of th...

Страница 58: ...ulator or a terminal press Enter one or more times until a prompt appears 3 When the switch screen appears do one of the following If a password has been configured the password prompt appears Password _ Type the Manager password and press Enter Entering the Manager password gives you manager level access to the switch Entering the Operator password gives you operator level access to the switch Re...

Страница 59: ...enu For more infor mation see the Installation and Getting Started Guide you received with the switch How To End a Menu Session and Exit from the Console The method for ending a menu session and exiting from the console depends on whether during the session you made any changes to the switch configu ration that require a switch reboot to activate Most changes via the menu interface need only a Sav...

Страница 60: ...inal program turn off the terminal or quit the Telnet session 2 If you have made configuration changes that require a switch reboot thatis if anasterisk appearsnexttoaconfigureditemornexttoSwitch Configuration in the Main Menu a Return to the Main Menu b Press 6 to select Reboot Switch and follow the instructions on the reboot screen Rebooting the switch terminates the menu session and if you are ...

Страница 61: ... front of this manual For a listing of features and parameters configurable through the menu interface see the Menu Fea tures List on page 3 14 For an index of the features covered in the software manuals for your switch refer to the Software Feature Index on page xxiv Console Passwords Provides access to the screen used to set or change Manager level and Operator level passwords and to delete Man...

Страница 62: ...is required to activate a change in the VLAN Support parameter See Rebooting from the Menu Interface on page 6 11 Download OS Enables you to download a new switch software version to the switch See Appendix A File Transfers Run Setup Displays the Switch Setup screen for quickly configuring basic switch parameters such as IP addressing default gateway logon default interface and others Refer to the...

Страница 63: ...tion instructions Figure 3 4 Elements of the Screen Structure Forms Design The configuration screens in particular operate similarly to a number of PC applications that use forms for data entry When you first enter these screens you see the current configuration for the item you have selected To change the configuration the basic operation is to 1 Press E to select the Edit action 2 Navigate throu...

Страница 64: ...other parameter value return to step 3 6 If you are finished editing parameters in the displayed screen press Enter to return to the Actions line and do one of the following Tosaveandactivateconfigurationchanges press S forthe Save action This saves the changes in the startup configuration and also implements the change in the currently running configuration See Chapter 6 Switch Memory and Configu...

Страница 65: ...t of the screen The Help line provides a brief descriptor of the highlighted Action item or parameter Highlightonanyitemin the Actions line indicates that the Actions line is active Figure 3 5 Example Showing How To Display Help To get Help on the actions or data fields in each screen Use the arrow keys or v to select an action or data field The help line under the Actions items describes the curr...

Страница 66: ...require a reboot Resets statistical counters to zero Note that statistical counters can be reset to zero without rebooting the switch To Reboot the switch use the Reboot Switch option in the Main Menu Note that Reboot Switch is not available if you log on in Operator mode that is if you enter an Operator password instead of a manager password at the password prompt Reboot Switch option Figure 3 6 ...

Страница 67: ...alue for the Maximum VLANs to support parameter an asterisk appears next to the VLAN Support entry in the VLAN Menu screen and also next to the Switch Configuration entry in the Main Menu Reminder to reboot the switch to activate configuration changes Asterisk indicates a configuration change that requires a reboot in order to take effect Figure 3 7 Indication of a Configuration Change Requiring a...

Страница 68: ...ormation Port Status Port Counters Address Table Port Address Table Switch Configuration System Information Port Trunk Settings Network Monitoring Port IP Configuration SNMP Community Names IP authorized Managers VLAN Menu Console Passwords Event Log Command Line CLI Reboot Switch Download OS Download Switch Software Run Setup Logout 3 14 ...

Страница 69: ...ers Operation To learn how to configure and use Refer to the Access Security Guide for your passwords and other security features switch To learn how to use the Event Log Using the Event Log for Troubleshooting Switch Problems on page C 24 To learn how the CLI operates Chapter 4 Using the Command Line Interface CLI To download switch software Appendix A File Transfers For a description of how swit...

Страница 70: ...Using the Menu Interface Where To Go From Here 3 16 ...

Страница 71: ...5 How To Move Between Levels 4 7 Listing Commands and Command Options 4 8 Listing Commands Available at Any Privilege Level 4 8 Listing Command Options 4 10 Displaying CLI Help 4 11 Configuration Commands and the Context Configuration Modes 4 13 CLI Control and Editing 4 16 Executing a Prior Command Redo 4 16 Repeating Execution of a Command 4 16 Using a Command Alias 4 18 CLI Shortcut Keystrokes ...

Страница 72: ...tch s factory default state is the default interface when you start a console session You can access the console out of band by directly connect ing a terminal device to the switch or in band by using Telnet either from a terminal device or through the web browser interface Also if you are using the menu interface you can access the CLI by selecting the Command Line CLI option in the Main Menu Usi...

Страница 73: ...guration Privilege Levels at Logon Privilege levels control the type of access to the CLI To implement this control you must set at least a Manager password Without a Manager password configured anyone having serial port Telnet or web browser access to the switch can reach all CLI levels For more on setting passwords refertothechapteronusernames andpasswordsintheAccess Security Guide for your swit...

Страница 74: ...mended that you protect the switch from physical access by unauthorized persons If you are concerned about switch security and operation you should install the switch in a secure location such as a locked wiring closet Privilege Level Operation 2 Manager Level 3 Global Configuration Operator Privileges Manager Privileges 1 Operator Level 4 Context Configuration Level Figure 4 2 Access Sequence for...

Страница 75: ...ges and enables you to make configuration changes to any of the switch s software features The prompt for the Global Configuration level includes the system name and config To select this level enter the config command at the Manager prompt For example ProCurve config Enter config at the Manager prompt ProCurve config _ The Global Config prompt Context Configuration level Provides all Operator and...

Страница 76: ...ion same as logout Manager Privilege ManagerLevel ProCurve Perform system level actions such as system control monitoring and diagnostic commands plusanyoftheOperator levelcommands Foralist of available commands enter at the prompt Global ProCurve config Execute configuration commands plus all Configuration Operator and Manager commands For a list of Level available commands enter at the prompt Co...

Страница 77: ... ProCurve config ProCurve config vlan 10 ProCurve vlan 10 ProCurve vlan 10 interface e 3 ProCurve int 3 The CLI accepts e as the abbreviated form of ethernet ProCurve int 3 exit ProCurve config exit ProCurve exit ProCurve ProCurve int 3 end ProCurve or ProCurve config end ProCurve Moving Between the CLI and the Menu Interface When moving between interfaces the switch retains the current privilege ...

Страница 78: ...s At any privilege level you can List all of the commands available at that level List the options for a specific command Listing Commands Available at Any Privilege Level At a given privilege level you can list and execute the commands that level offers plus all of the commands available at preceding levels For example at the Operator level you can list and execute only the Operator level com man...

Страница 79: ...e Global Configuration level or the Context Configuration level produces similar results Use Tab To Search for or Complete a Command Word You can use Tab to help you find CLI commands or to quickly complete the current word in a command To do so type one or more consecutive characters in a command and then press Tab with no spaces allowed For example at the Global Configuration level if you press ...

Страница 80: ...based priority tcp portSet TCP port based priority device priorityConfigure device based priority dscp mapDefine mapping between a DSCP Differentiated Services Codepoint value and 802 1p priority type of serviceConfigure the Type of Service method the device uses to prioritize IP traffic Listing Command Options You can use the CLI to remind you of the options available for a command by entering co...

Страница 81: ... is at the Operator level executing help displays the Help summaries only for Operator Level commands At the Manager level executing help displays the Help summaries for both the Operator and Manager levels and so on For example to list the Operator Level commands with their purposes Figure 4 6 Example of Context Sensitive Command List Help Displaying Help for an Individual Command Syntax command ...

Страница 82: ...that trying to list the help for an individual command from a privilege level that does not include that command results in an error message For example trying to list the help for the interface command while at the global configuration level produces this result ProCurve speed duplex help Invalid input speed duplex 4 12 ...

Страница 83: ...ommands that apply only to the selected port s or trunk group plus the global config uration Manager and Operator commands The prompt for this mode includes the identity of the selected port s ProCurve config interface c3 c6 ProCurve eth C5 C8 ProCurve config interface trk1 ProCurve eth Trk1 Commands executed at configuration level for entering port and trk1 static trunk group contexts and resulti...

Страница 84: ...context the first block of commands in the listing show the context specific commands that will affect only ports C3 C6 The remaining commands in the listing are Manager Operator and context commands Figure 4 8 Context Specific Commands Affecting Port Context 4 14 ...

Страница 85: ...ig vlan 100 Command executed at configuration level to enter VLAN 100 context ProCurve vlan 100 Resulting prompt showing VLAN 100 context ProCurve vlan 100 Lists commands you can use in the VLAN context plus Manager Operator and context commands you can execute at this level In the VLAN context the first block of commands in the listing show the commandsthat will affect only vlan 100 The remaining...

Страница 86: ...ber is specified the nth command starting from the most recent command in the history is executed command str When command str is specified the most recent command whose name matches the specified string is executed ProCurve config show history 2 show arp 1 show flash Executes the show arp command again ProCurve config redo 2 IP ARP table IP Address MAC Address Type Port 15 255 128 1 00000c 07ac00...

Страница 87: ...mand repeats execution after a delay for the number of seconds specified For example ProCurve config repeat 1 4 7 8 10 count 2 delay 3 ProCurve config show history 3 show ver 2 show ip 1 show arp ProCurve config repeat 1 2 Repeats the show arp and show ip commands IP ARP table IP Address MAC Address Type Port 15 255 128 1 000000 000000 dynamic Internet IP Service IP Routing Disabled Default Gatewa...

Страница 88: ...rity in place for a particular context ProCurve recommends that you configure no more than 128 aliases Syntax no alias name command Creates a shortcut alias name to use in place of a commonly used command The alias command is executed from the current config context name Specifies the new command name to use to simplify keystrokes and aid memory command Specifies an existing command to be aliased ...

Страница 89: ...m Port Status Intrusion Port Name Type VLAN Alert Speed Enabled MDI mode 1 Acco 100 1000T 1 No 1000FDx Yes Auto 2 Huma 100 1000T 1 No 1000FDx Yes Auto 3 Deve 100 1000T 1 No 1000FDx Yes Auto 4 Lab1 100 1000T 1 No 1000FDx Yes Auto Figure 4 12 Example of Using the Alias Command with show int custom Not e Remember to enclose the command being aliased in quotes Command parameters for the aliased comman...

Страница 90: ...he end of the current command line Ctrl F or Moves the cursor forward one character Ctrl K Deletes from the cursor to the end of the command line Ctrl L or Ctrl R Repeats current command line on a new line Ctrl N or v Enters the next command line in the history buffer Ctrl P or Enters the previous command line in the history buffer Ctrl U or Ctrl X Deletes from the cursor to the beginning of the c...

Страница 91: ...e First Time Install Window 5 8 in the Browser Interface 5 9 Entering a User Name and Password 5 11 Using a User Name 5 11 If You Lose the Password 5 11 Online Help for the Web Browser Interface 5 12 Support Mgmt URLs Feature 5 13 Support URL 5 14 Help and the Management Server URL 5 14 Using the PCM Server for Switch Web Help 5 15 Status Reporting Features 5 17 The Overview Window 5 17 The Port U...

Страница 92: ...Using the ProCurve Web Browser Interface Contents Setting Fault Detection Policy 5 25 5 2 ...

Страница 93: ...5 8 Creating usernames and passwords in the web browser interface page 5 9 Selecting the fault detection configuration for the Alert Log operation page 5 25 Getting access to online help for the web browser interface page 5 12 Description of the web browser interface Overview window and tabs page 5 17 Port Utilization and Status displays page 5 18 Alert Log and Alert types page 5 21 Setting the Fa...

Страница 94: ...tch Configuration Device view Port configuration VLAN configuration Fault detection Quality of service QoS Port monitoring mirroring System information IP configuration Support and management server URLs Device features Spanning Tree On Off VLAN selection and IGMP Switch Security User names and passwords Authorized Addresses Intrusion Log SSL RADIUS authentication Refer to the Access Security Guid...

Страница 95: ...m your PC or workstation For more on assigning an IP address refer to IP Configuration on page 8 2 1 Ensure that the JavaTM applets are enabled for your browser For more information on this topic refer to your browser s online Help 2 Use the web browser to access the switch If your network includes a Domain Name Server DNS your switch s IP address may have a name associated with it that you can ty...

Страница 96: ...ation The networked device you want to access has been assigned an IP address and optionally a DNS name and has been discovered by PCM or PCM For more on assigning an IP address refer to IP Configuration on page 8 2 To establish a web browser session with PCM or PCM running do the following on the network management station 1 Make sure the JavaTM applets are enabled for your web browser If they ar...

Страница 97: ...Using the ProCurve Web Browser Interface Starting a Web Browser Interface Session with the Switch First time install alert Figure 5 1 Example of Status Overview Screen 5 7 ...

Страница 98: ...ime Install Window When you access the switch s web browser interface for the first time the Alert log contains a First Time Install alert as shown in figure 5 2 This gives you information about first time installations and provides an immediate opportunity to set passwords for security and to specify a Fault Detection policy which determines the types of messages that will be displayed in the Ale...

Страница 99: ... on page 5 25 You can also access the password screen by clicking on the Configuration tab and then the Fault Detection key Security Creating Usernames and Passwords in the Browser Interface Not e On the switches covered in this guide you can also configure RADIUS authen tication for web browser interface access For more information refer to the chapter titled RADIUS Authentication and Accounting ...

Страница 100: ... Click in the appropriate box in the Device Passwords window and enter user names and passwords You will be required to repeat the password strings in the confirmation boxes Both the user names and passwords can be up to 16 printable ASCII characters 3 Click on Apply Changes to activate the user names and passwords Not e Passwords you assign in the web browser interface will overwrite previous pas...

Страница 101: ...es you full read write troubleshooting capabilities Entering the operator password gives you read and limited trouble shooting capabilities Using a User Name If you also set user names in the web browser interface screen you must supply the correct user name for web browser interface access If a user name has not been set then leave the User Name field in the password window blank Note that the Co...

Страница 102: ...our switch Online Help for the Web Browser Interface Online Help is available for the web browser interface You can use it by clicking on the question mark button in the upper right corner of any of the web browser interface screens The Help Button Figure 5 5 The Help Button Context sensitive help is provided for the screen you are on Not e To access the online Help for the ProCurve web browser in...

Страница 103: ...the support information source you want the switch to access when you click on the web browser interface Support tab The default is the 4 Click on Apply Changes URL for the ProCurve Networking home page TheURLofaPCM ProCurveNetworkManager workstationorotherserver for the online Help files for this web browser interface The default setting accesses the switch s browser based Help on the ProCurve Wo...

Страница 104: ...the option see Using the PCM Server for Switch Web Help on page 5 15 In the default configuration and if PCM is not running on your network this field is set to the URL for accessing online Help from the ProCurve Networking web site www hp com rnd device_help Using this option the Help files are automatically available if your work station can access the World Wide Web In this case if Online Help ...

Страница 105: ...you can use the PCM server to host the switch help files for devices that do not have HTTP access to the ProCurve Support Web site 1 Go to the ProCurve Support web site to get the Device Help files www hp com rnd device_help 2 Copy the Web help files to the PCM server under C program files hewlett packard pnm server webroot rnd sevice_help help hpwnd webhelp 5 15 ...

Страница 106: ...ter the IP address for your PCM server 8040 is the standard port number to use 4 Restart the Discovery process for the change to be applied Not e Changing the Discovery s Global properties file will redirect the Device Help URL for all devices If you just want to change the Device Help URL for a particular device then go to the Configuration tab on the Web UI for that device and select the Support...

Страница 107: ... page 5 21 The Status bar page 5 23 The Overview Window The Overview Window is the home screen for any entry into the web browser interface The following figure identifies the various parts of the screen Alert Log Control Bar Port Utiliza tion Graphs page 5 18 Alert Log page 5 21 Port Status Indicators page 5 20 Button Bar Tab Bar Status Bar page 5 23 Active Tab Active Button Figure 5 8 The Status...

Страница 108: ...a breakdown of the packet types that have been detected unicast packets non unicast packets and error packets The Legend identifies traffic types and their associated colors on the bar graph Unicast Rx All Tx This is all unicast traffic received and all transmitted traffic of any type This indicator a blue color on many systems can signify either transmitted or received traffic Non Unicast Pkts Rx...

Страница 109: ...consistently higher than 40 on any port click on the Port Counters button to get a detailed set of counters for the port To change the amount of bandwidth the Port Utilization bar graph shows Clickonthebandwidthdisplaycontrolbuttonintheupperleftcorner of the graph The button shows the current scale setting such as 40 In the resulting menu select the bandwidth scale you want the graph to show 3 10 ...

Страница 110: ...t is enabled but is not connected to an active network device A cable may not be connected to the port or the device at the other end may be powered off or inoperable or the cable or connected device could be faulty Port Disabled the port has been configured as disabled through the web browser interface the switch console or SNMP network manage ment Port Fault Disabled a fault condition has occurr...

Страница 111: ... Date Time The date and time the event was received by the web browser interface This value is shown in the format DD MM YY HH MM SS AM PM for example 16 Sep 08 7 58 44 AM Description A short narrative statement that describes the event For example Excessive CRC Alignment errors on port 8 Sorting the Alert Log Entries The alerts are sorted by default by the Date Time field with the most recent ale...

Страница 112: ...Not e When troubleshooting the sources of alerts it may be helpful to check the switch s Port Status and Port Counter windows or use the CLI or menu interface to view the switch s Event Log When you double click on an Alert Entry the web browser interface displays a separate window showing information about the event This view includes a description of the problem and a possible solution It also p...

Страница 113: ...ple of Alert Log Detail View The Status Bar The Status Bar appears in the upper left corner of the web browser interface window Figure 5 15 shows an expanded view of the status bar Status Indicator Most Critical Alert Description Product Name Figure 5 15 Example of the Status Bar 5 23 ...

Страница 114: ...e The name you can configure for the switch by using the System Info window under the Configuration tab the hostname ascii string command in the CLI or the System Name field in the System Information screen in the System Info screen of the menu interface Most Critical Alert Description A brief description of the earliest unacknowledged alert with the current highest severity in the Alert Log appea...

Страница 115: ...ure controls the types of alerts reported to the Alert Log based on their level of severity Set this policy in the Fault Detection window figure 5 16 Figure 5 16 The Fault Detection Window The Fault Detection screen contains a list box for setting fault detection and response policy and enables you to set the sensitivity level at which a network problem should generate an alert and send it to the ...

Страница 116: ... severe alerts to the Alert Log This policy is most effective on a network where there are normally a lot of problems and you want to be informed of only the most severe ones Never Disables the Alert Log and transmission of alerts traps to the management server in cases where a network management tool such as ProCurve Manager is in use Use this option when you don t want to use the Alert Log The F...

Страница 117: ...imary and Secondary Flash Image Options 6 14 Displaying the Current Flash Image Data 6 14 Switch Software Downloads 6 16 Local Switch Software Replacement and Removal 6 17 Rebooting the Switch 6 19 Operating Notes about Booting 6 19 Boot and Reload Command Comparison 6 20 Setting the Default Flash 6 21 Booting from the Default Flash Primary or Secondary 6 22 Booting from a Specified Flash 6 22 Usi...

Страница 118: ... a New Startup Config File 6 33 Erasing a Startup Config File 6 35 Switch to Its Default Configuration 6 37 Transferring Startup Config Files To or From a Remote Server 6 37 TFTP Copying a Configuration File to a Remote Host 6 38 TFTP Copying a Configuration File from a Remote Host 6 39 Connected Host 6 40 Connected Host 6 40 Operating Notes for Multiple Configuration Files 6 41 Automatic Configur...

Страница 119: ...ls switch operation When the switch boots the contents of this file are erased and replaced by the contents of the startup config file Startup Config File Preserves the most recently saved configuration through any subsequent reboot Volatile Memory Flash Non Volatile Memory CLI configuration changes are written to this file To use the CLI to save the latest version of this file to the startup conf...

Страница 120: ...the switch subsequently reboots for any reason it will resume operation using the new configuration insteadof theconfigurationpreviously defined in the startup config file There are three ways to save a new configuration In the CLI Use the write memory command This overwrites the current startup config file with the contents of the current running config file In the menu interface Use the Save com...

Страница 121: ... then select the menu interface VLAN 20 is configured in the running config file but not in the startup config file In this case you will see ProCurve config vlan 20 ProCurve config menu Do you want to save current configuration y n If you type Y the switch overwrites the startup config file with the running config file and your configuration change s will be preserved across reboots If you type N...

Страница 122: ...sting of the current running config file show config status Compares the startup config file to the running config file and lists one of the following results If the two configurations are the same you will see Running configuration is the same as the startup configuration If the two configurations are different you will see Running configuration has been changed and needs to be saved Not e Show c...

Страница 123: ...e next reboot or failover is set to boot from a different software image These config changes may be incompatible or not used after a reboot or failover For example the default port mode setting is auto Suppose that your network uses Cat 3 wiring and you want to connect the switch to another autosensing device capable of 100 Mbps operation Because 100 Mbps over Cat 3 wiring can introduce transmiss...

Страница 124: ...nges in the current running config file For example Disablesport1intherunningconfiguration whichcausesport1toblockalltraffic ProCurve config interface e 1 disable ProCurve config boot Device will be rebooted do you want to continue y n y Press Y to continue the rebooting process You will then see this prompt Do you want to save current configuration y n Figure 6 2 Boot Prompt for an Unsaved Config...

Страница 125: ... the current running configvalues Thus whereaparametersettingisaccessiblefromboth the CLI and the menu interface if you change the setting in the CLI the new value will appear in the menu interface display for that parameter However as indicated above unless you also make a configuration change in the menu interface only the write memory command in the CLI will actually save the change to the star...

Страница 126: ...configuration changes without having to reboot the switch That is when you save a configuration change in the menu interface you simultane ously change both the running config file and the startup config file Not e The only exception to this operation are two VLAN related parameter changes that require a reboot described under Rebooting To Activate Configuration Changes on page 6 12 Using Save and...

Страница 127: ...ation changes made while using the CLI To ensure that changes made while using the CLI are saved execute writememory in the CLI before rebooting the switch Rebooting from the Menu Interface Terminates the current session and performs a reset of the operating system Activates any configuration changes that require a reboot Resets statistical counters to zero Note that statistical counters can be re...

Страница 128: ... a change in the Maximum VLANs to support parameter To access these parameters go to the Main menu and select 2 Switch Configuration then 8 VLAN Menu then 1 VLAN Support If configuration changes requiring a reboot have been made the switch displays an asterisk next to the menu item in which the change has been made For example if you change and save parameter values for the Maximum VLANs to suppor...

Страница 129: ...eb browser interface to simultaneously save and implement a subset of switch configuration changes without having to reboot the switch That is when you save a configuration change in most cases by clicking on Apply Changes or Apply Settings you simultaneously change both the running config file and the startup config file Not e If you reconfigure a parameter in the CLI and then go to the browser i...

Страница 130: ... proven image in Primary flash to run your system The switch can use only one image at a time The following tasks involve primary secondary flash options Displaying the current flash image data and determining which switch software versions are available Switch software downloads Replacing and removing erasing a local switch software version System booting Displaying the Current Flash Image Data U...

Страница 131: ...ple in the following case the images are different versions of the switch software and the switch is running on the version stored in the secondary flash image ProCurve config show flash Image Size Bytes Date Version Primary Image 7173079 07 27 09 Z 14 04 Secondary Image 7173079 07 27 09 Z 14 04 Boot Rom Version Z 14 03 Default Boot Primary Will boot from primary flash on the next boot Figure 6 8 ...

Страница 132: ...e will be rebooted do you want to continue y n y ProCurve config show version sw code build vern t4br Jul 27 2009 13 42 40 Z 14 04 1037 Boot Image Secondary Figure 6 9 Determining the Software Version in Primary and Secondary Flash Switch Software Downloads The following table shows the switch s options for downloading a software version to flash and booting the switch from flash Table 6 1 Primary...

Страница 133: ...h the same software version that you are using to operate the switch or with another acceptable software version To copy a software file between the primary and secondary flash locations refer to Copying a Switch Software Image from One Flash Location to Another below The local commands described here are for flash image management within the switch To download a software image file from an extern...

Страница 134: ... flash secondary ProCurve config show flash The unequal code Image Size Bytes Date Version size differingdates and differing Primary Image 7184180 07 26 09 Z 14 03 version numbers Secondary Image 7173079 07 27 09 Z 14 04 indicates two Boot Rom Version Z 14 03 differentversionsof Default Boot Primary the software Caution No Undo Figure 6 10 Example Indicating Two Different Software Versions in Prim...

Страница 135: ...this case primary The prompt shows which flash location will be erased Figure 6 11 Example of Erase Flash Prompt 3 Type y at the prompt to complete the flash erase 4 Use show flash to verify erasure of the selected software flash image The 0 here shows that primary flash has been erased Figure 6 12 Example of Show Flash Listing After Erasing Primary Flash Rebooting the Switch Operating Notes about...

Страница 136: ...t include all of the features found in Y the software simply ignores the parameters for any features that it does not support Scheduled Reload If no parameters are entered after the reload command an immediate reboot is executed The reload at and reload after command information is not saved across reboots If the switch is rebooted before a scheduledreloadcommand isexecuted thecommandiseffectively...

Страница 137: ...fter at parameters seepage6 24fordetails Setting the Default Flash You can specify the default flash to boot from on the next boot by entering the boot set default flash command Syntax boot set default flash primary secondary Upon booting set the default flash for the next boot to primary or secondary ProCurve config boot set default flash secondary ProCurve config show flash Image Size Bytes Date...

Страница 138: ... You are prompted with a message which will indicate the flash being booted from system Boots the switch You can specify the flash image to boot from config You can optionally select a configuration file from which to boot ProCurve config boot Do you want to save current configuration y n n Figure 6 14 Example of Boot Command Default Primary Flash with Redundant Management In the above example typ...

Страница 139: ...either management module Syntax no fastboot Enables the fastboot option The no option disables the feature Syntax show fastboot Shows the status of the fastboot feature either enabled or disabled The fastboot command is shown below ProCurve config fastboot Using Reload The Reload command reboots the switch from the flash image that you are currently booted on primary or secondary or the flash imag...

Страница 140: ...e switch after a given amount of time has passed at Schedules a warm reboot of the switch at a given time The no form of the command removes a pending reboot request For more details and examples see below The scheduled reload feature removes the requirement to physically reboot the switch at inconvenient times for example at 1 00 inthe morning Instead a reload at 1 00 mm dd command can be execute...

Страница 141: ...tions for selecting which startup config file to use for A fixed reboot policy using a specific startup config file for a specific boot path primary or secondary flash Overriding the current reboot policy on a per instance basis Boot Command Secondary Boot Path Primary Boot Path Startup Config Options File 1 File 2 File 3 Running Config Figure 6 17 Optional Reboot Process While you can still use r...

Страница 142: ...ny of the memory slots if the software version supports the configured features Boot Options With multiple startup config files in the switch you can spec ify a policy for the switch to use upon reboot The options include Use the designated startup config file with either or both reboot paths primary or secondary flash Override the current reboot policy for one reboot instance by specifying a boot...

Страница 143: ...e Creating an Alternate Startup Config File There are two methods for creating a new configuration file Copy an existing startup config file to a new filename then reboot the switch make the desired changes to the running config file then execute write memory Refer to figure 6 6 18 above Erase the active startup config file This generates a new default startup config file that always results when ...

Страница 144: ...uent reboots using either primary or second ary flash Figure 6 19 Switch Memory Assignments After the First Reboot from Software Supporting Multiple Configuration In the above state the switch always Uses the workingConfig file to reboot The commands described later in this section enable you to view the current multiple configuration status manage multiple startup config files configure reboot po...

Страница 145: ...config file is currently in use pri An asterisk in this column indicates that the corresponding startup config file is currently assigned to the primary boot path sec An asterisk in this column indicates that the corresponding startup config file is currently assigned to the secondary boot path name Shows the filename for each listed startup config file in the switch Refer to Renaming an Existing ...

Страница 146: ...tem flash primary secondary config filename 6 32 You can boot the switch using any available startup config file Changing the Reboot Configuration Policy For a given reboot the switch automatically reboots from the startup config file assigned to the flash location primary or secondary being used for the current reboot For exam ple when you first download a software version that supports multiple ...

Страница 147: ... single reboot instance use the boot system flash command with the options described under Overriding the Default Reboot Configuration Policy on page 6 32 For example suppose Software release A is stored in primary flash and a later software release is stored in secondary flash The system operator is using memory slot 1 for a reliable minimal configuration named minconfig for the software version ...

Страница 148: ...t instance only This command overrides the current reboot policy Using Reload To Reboot From the Current Flash Image and Startup Config File Syntax reload This command boots the switch from the currently active flash image and startup config file Because reload bypasses some subsystem self tests the switch boots faster than if you use a boot command Note To identify the currently active startup co...

Страница 149: ... or File names are not case sensitive For redundant management systems renaming a config file affects both the active management module and the standby management module unless redundancy is disabled or the standby module failed selftest Creating a New Startup Config File The switch allows up to three startup config files You can create a new startup config file if there is an empty memory slot or...

Страница 150: ...s it is overwritten by the content of the source startup config file If the destination startup config file does not already exist it will be created in the first empty configuration memory slot on the switch If the destination startup config file does not already exist but there are no empty configuration memory slots on the switch then a new startup config file is not created and instead the CLI...

Страница 151: ...s memory slots In some cases erasing a file causes the switch to generate a new default configuration file for the affected memory slot Inaredundantmanagementsystem thiscommanderasestheconfigorstartup config file on both the active and the standby management modules as long as redundancy has not been disabled If the standby management module is not in standby mode or has failed selftest the config...

Страница 152: ...onfig files display for the new file where x corresponds to the memory slot number startup config This option erases the currently active startup config file and reboots the switch from the currently active flash memory location The erased startup config file is replaced with a new startup config file The new file has the same filename as the erased file but contains only the default configuration...

Страница 153: ...nfiguration for the software version in primary flash and renames this file to config1 Erases any other startup config files currently in memory Configures the new file in memory slot 1 as the default for both primary and secondary flash locations regardless of the software version currently in secondary flash Boots the switch from primary flash using the new startup config file ProCurve sho confi...

Страница 154: ...cifies that the copy operation will go out from the out of band management interface If this parameter is not specified the copy operation goes out from the data interface Refer to Appendix G Network Out of Band Management in this guide for more information on out of band management For more on using TFTP to copy a file to a remote server refer to TFTP Copying a Configuration File to a Remote Host...

Страница 155: ...m the data interface Refer to Appendix G Network Out of Band Management in this guide for more information on out of band management Note This command requires an empty memory slot in the switch If there are no empty memory slots the CLI displays the following message Unable to copy configuration to filename For more on using TFTP to copy a file from a remote host refer to TFTP Copying a Configura...

Страница 156: ...ially connected host refer to Xmodem Copying a Configuration File to a USB Serial Console Connected PC or UNIX Worksta tion on page A 28 Xmodem Copying a Configuration from a Serially Connected Host Syntax copy xmodem config dest file pc unix oobm This is an addition to the copyxmodem command options Use this command to download a configuration file from an Xmodem host to the switch The oobm param...

Страница 157: ...sites for this to function correctly are One or more DHCP servers with Option 66 are enabled One or more TFTP servers has the desired configuration file C a u t i o n This feature must use configuration files generated on the switch to function correctly If you use configuration files that were not generated on the switch and then enable this feature the switch may reboot continuously CLI Command ...

Страница 158: ...r the interface belonging to the primary VLAN Multiple Servers serving Multiple VLANs Each DHSP enabled VLAN interface initiates DHCPDISCOVER and receives one or more DHCPOFFER messages Each interface accepts the best offer Option 66 is processed only for the interface belonging to the primary VLAN Multi homed Server serving Multiple VLANs The switch per ceives the multi homed server as multiple s...

Страница 159: ... criteria for selecting the Best Offer are DHCP is preferred over BootP If two BootP offers are received the first one is selected For two DHCP offers The offer from an authoritative server is selected If there is no authoritative server the offer with the longest lease is selected Log Messages The file transfer is implemented by the existing TFTP module The system logs the following message if an...

Страница 160: ...Switch Memory and Configuration Automatic Configuration Update with DHCP Option 66 6 44 ...

Страница 161: ...Access 7 4 CLI Modifying the Interface Access 7 5 Making Window Size Negotiation Available for a Telnet Session 7 7 Denying Interface Access by Terminating Remote Management Sessions 7 12 System Information 7 13 Menu Viewing and Configuring System Information 7 14 CLI Viewing and Configuring System Information 7 15 Web Configuring System Parameters 7 20 7 1 ...

Страница 162: ...ng the Menu Interface Chapter 4 Using the Command Line Interface CLI Chapter 5 Using the ProCurve Web Browser Interface Why Configure Interface Access and System Information The inter face access features in the switch operate properly by default However you can modify or disable access features to suit your particular needs Similarly you can choose to leave the system information parameters at th...

Страница 163: ...led page 7 4 page 7 8 Terminal type VT 100 page 7 8 Event Log event types to list All page 7 8 Displayed Events Baud Rate Speed Sense page 7 8 Flow Control XON XOFF page 7 8 In most cases the default configuration is acceptable for standard operation Not e Basic switch security is through passwords You can gain additional security by using the security features described in the Access Security Gui...

Страница 164: ...enu Select 2 Switch Configuration 1 System Information Interface Access Parameters Figure 7 1 The Default Interface Access Parameters Available in the Menu Interface 2 Press E for Edit The cursor moves to the System Name field 3 Use the arrow keys v to move to the parameters you want to change Refer to the online help provided with this screen for further information on configuration options for t...

Страница 165: ... mand lists the current interface access parameter settings Syntax show console This example shows the switch s default console serial configuration Interface Access Enable Disable Console Control Options Event Log Event Types To List Figure 7 2 Listing of Show Console Command Reconfigure Inbound Telnet Access In the default configuration inbound Telnet access is enabled Syntax no telnet server To...

Страница 166: ... is a commander in a stack and stacking is enabled The oobm parameter specifies that the Telnet traffic will go out from the out of band manage ment interface If this parameter is not specified the Telnet traffic goes out from the data interface Refer to Appendix G Network Out of Band Management in this guide for more information on out of band management For example if the host Labswitch is in th...

Страница 167: ... the window or by executing the terminal length x width y CLI command and then configuring the telnet client with those dimensions The new window dimensions are lost after that telnet session ends When the telnet connection is established with an HP ProCurve switch either the switch or the telnet client needs to initiate the inquiry about the availability of NAWS If NAWS is available you can resiz...

Страница 168: ... Use the no version of the command to disable inbound HTTP access The listen parameter is available only on switches that have a separate out of band management port Values for this parameter are oobm inbound HTTP access is enabled only on the out of band management port data inbound HTTP access is enabled only on the data ports both inbound HTTP access is enabled on both the out of band managemen...

Страница 169: ...Telnet Syntax console terminal vt100 ansi none screen refresh 1 3 5 10 20 30 45 60 baud rate speed sense 1200 2400 4800 9600 19200 38400 57600 1155200 flow control xon xoff none inactivity timer 0 1 5 10 15 20 30 60 120 events none all non info critical debug local terminal vt 100 none ansi 7 9 ...

Страница 170: ...ole parameter changes except events and inactivity timer require that you save the configuration with write memory and then execute boot before the new console configuration will take effect For example to use one command to configure the switch with the following VT100 operation 19 200 baud No flow control 10 minute inactivity time Critical log events you would use the following command sequence ...

Страница 171: ...ink Web and Inbound Telnet You can also execute a series of console commands and then save the configuration and boot the switch For example Configure the individual parameters Save the changes Boot the switch Figure 7 5 Example of Executing a Series of Console Commands 7 11 ...

Страница 172: ...ng remote session Kill does not terminate a Console session on the serial port either through a direct connection or via a modem It does not affect the console on the standby module Syntax kill session number For example if you are using the switch s serial port for a console session and want to terminate a currently active Telnet session you would do the follow ing The kill 2 command terminates s...

Страница 173: ...al but recommended System Name Using a unique name helps you to identify individual devices where you are using an SNMP network management tool such as ProCurve Manager System Contact and Location This information is helpful for identifying the person administratively responsible for the switch and for identifying the locations of individual switches MAC Age Time The number of seconds a MAC addres...

Страница 174: ...or your location The default is None For more on this topic refer to Appendix D Daylight Savings Time on ProCurve Switches Time Used in the CLI to specify the time of day the date and other system parameters Menu Viewing and Configuring System Information To access the system information parameters 1 From the Main Menu Select 2 Switch Configuration 1 System Information System Information Figure 7 ...

Страница 175: ... This Section show system information below show system enclosure below hostname below snmp server below contact location mac age time page 7 18 time timezone page 7 19 daylight time rule page 7 19 date page 7 19 time Listing the Current System Information Thiscommandliststhecurrent system information settings Syntax show system information This example shows the switch s default console configura...

Страница 176: ... ID Default RUID Enclosure Name 2XX81401UP Enclosure Serial Number 2XX81401UP Figure 7 9 Example of CLI System Enclosure Information Listing Configure a System Name Contact and Location for the Switch To help distinguish one switch from another configure a plain language identity for the switch Syntax hostname name string snmp server contact system contact location system location Each field allow...

Страница 177: ...sting After Executing the Preceding Commands The menu interface will only display up to 47 characters although you can specify a name up to 255 characters in length A message beginning with displays if the name exceeds 47 characters You can use the CLI show running show config or show system information commands to see the complete text The menu interface is shown in Figure 7 11 7 17 ...

Страница 178: ...bled Tftp enable Yes Yes Time Zone 0 0 Daylight Time Rule None None Actions Cancel Edit Save Help Cancel changes and return to previous screen Use arrow keys to change action selection and Enter to execute action Figure 7 11 Menu Screen Showing System Information The Web Browser interface also allows you to enter a maximum of 255 characters You can view all the characters by using the cursor to sc...

Страница 179: ...stern europe user defined East of the 0 meridian the sign is West of the 0 meridian the sign is For example the time zone setting for Berlin Germany is 60 zone 1 or 60 minutes and the time zone setting for Vancouver Canada is 480 zone 8 or 480 minutes Toconfigurethetime zone anddaylighttime rule for Vancouver Canada ProCurve config time timezone 480 daylight time rule continental us and canada Con...

Страница 180: ...tact For access to the MAC Age Interval and the Time parameters use the menu interface or the CLI Configure System Parameters in the Web Browser Interface 1 Click on the Configuration tab 2 Click on System Info 3 Enter the data you want in the displayed fields 4 Implement your new data by clicking on Apply Changes To access the web based help provided for the switch click on in the web browser scr...

Страница 181: ...Addressing 8 10 How IP Addressing Affects Switch Operation 8 11 DHCP Bootp Operation 8 12 Network Preparations for Configuring DHCP Bootp 8 14 IP Preserve Retaining VLAN 1 IP Addressing Across Configuration File Downloads 8 16 Operating Rules for IP Preserve 8 16 Enabling IP Preserve 8 17 Configuring a Single Source IP Address 8 20 Overview 8 20 Specifying the Source IP Address 8 20 The Source IP ...

Страница 182: ...depend on IP addressing to operate IP Configuration IP Configuration Features Feature Default Menu CLI Web IP Address and Subnet Mask DHCP Bootp page 8 5 page 8 6 page 8 10 Multiple IP Addresses on a VLAN n a page 8 8 Default Gateway Address none page 8 5 page 8 6 page 8 10 Packet Time To Live TTL 64 seconds page 8 5 page 8 6 Time Server Timep DHCP page 8 5 page 8 6 IP Address and Subnet Mask Conf...

Страница 183: ... default gateway and DHCP Bootp is configured on the primary VLAN then the default gateway value provided by the DHCP or Bootp server will be used If the switch has a manually configured default gateway then the switch uses this gateway even if a different gateway is received via DHCPor Bootp onthe primary VLAN This is also true for manually configured TimeP SNTP and Time To Live TTL In the defaul...

Страница 184: ...arning the default gateway address The switch can also learn other settings from a DHCP or Bootp server such as packet Time To Live TTL and Timep or SNMP settings Other VLANs can also use DHCP or BootP to acquire IP addressing However the switch s gateway TTL and TimeP or SNTP values which are applied globally and not per VLAN will be acquired through the primary VLAN only unless manually set by u...

Страница 185: ...Addressing 1 From the Main Menu Select 2 Switch Configuration 5 IP Configuration Not es If multiple VLANs are configured a screen showing all VLANs appears instead of the following screen The Menu interface displays the IP address for any VLAN If you use the CLI to configure the IP address on a VLAN use the CLI show ip command to list them Refer to Viewing the Current IP Configuration on page 8 6 ...

Страница 186: ...e Tab key to move to the other IP configuration fields 6 Select the IP Address field and enter the IP address for the switch 7 Select the Subnet Mask field and enter the subnet mask for the IP address 8 Press Enter then S for Save CLI Configuring IP Address Gateway and Time To Live TTL IP Commands Used in This Section Page show ip 8 6 ip address mask length 8 7 8 8 ip address mask bits 8 7 8 8 ip ...

Страница 187: ...sing With multiple VLANs and some other features configured show ip provides additional information A Switch with IP Addressing and VLANs Configured Figure 8 3 Example of Show IP Listing with Non Default IP Addressing Configured Configure an IP Address and Subnet Mask The following command includes both the IP address and the subnet mask You must either include the ID of the VLAN for which you are...

Страница 188: ...ddress configured in VLAN 1 ProCurve config no vlan 1 ip address 10 28 227 103 24 Configure Multiple IP Addresses on a VLAN Multinetting The fol lowing is supported Up to 2000 IP addresses for the switch Up to 32 IP addresses for the same VLAN Up to 512 IP VLANs that is VLANs on which you can configure IP addresses Each IP address on a VLAN must be for a separate subnet whether on the same VLAN or...

Страница 189: ...ing a Multinetted VLAN If you then wanted to multinet the default VLAN you would do the following Figure 8 5 Example of Multinetting on the Default VLAN Not e The Internet IP Service screen in the Menu interface figure 8 1 on page 8 5 displays the first IP address for each VLAN You must use the CLI show ip command to display the full IP address listing for multinetted VLANs 8 9 ...

Страница 190: ...P default gateway is not used Thus to avoid loss of Telnet access to off subnet management stations you should use the ip route command to configure a static default route before enabling routing For more information refer to the chapter titled IP Routing Features in the Multicast and Routing Guide for your switch Configure Time To Live TTL The maximum number of routers hops through which a packet...

Страница 191: ... and Subnet Mask Direct connect access to the CLI and the menu interface DHCP or Bootp support for automatic IP address configuration and DHCP support for automatic Timep server IP address configuration Multiple Spanning Tree Protocol Port settings and port trunking Console based status and counters information for monitoring switch operation and diagnosing problems through the CLI or menu interfa...

Страница 192: ...viously configured IP address and subnet mask for the switch The switch also receives an IP Gateway address if the server has been config ured to provide one In the case of Bootp the server must first be configuredwithanentrythathastheswitch sMACaddress Todetermine the switch s MAC address refer to Appendix D MAC Address Manage ment The switch properly handles replies from either type of server If...

Страница 193: ...ocumenta tion provided with the DHCP server Bootp Operation When a Bootp server receives a request it searches its Bootp database for a record entry that matches the MAC address in the Bootp request from the switch If a match is found the configuration data in the associated database record is returned to the switch For many Unix systems the Bootp database is contained in the etc bootptab file In ...

Страница 194: ...al configuration file T144 is the vendor specific tag identifying the configuration file to download vm is a required entry that specifies the Bootp report format Use rfc1048 for the switches covered in this guide The above Bootp table entry is a sample that will work for the switch when the appropriate addresses and file names are used Network Preparations for Configuring DHCP Bootp In its defaul...

Страница 195: ...rk providing DHCP Bootp service the switch does the following Receives an IP address and subnet mask and if configured in the server a gateway IP address and the address of a Timep server If the DHCP Bootp reply provides information for downloading a config urationfile theswitchusesTFTPtodownloadthefilefromthe designated source then reboots itself This assumes that the switch or VLAN has connectiv...

Страница 196: ...P address subnet mask and IP gateway address when the switch downloads the file and reboots The switch adopts all other configuration parameters in the configuration file into the startup config file If the switch s current IP addressing for VLAN 1 is from a DHCP server IP Preserve is suspended In this case whatever IP addressing the config uration file specifies is implemented when the switch dow...

Страница 197: ...nsider Figure 8 7 Switch 4 VLAN 1 DHCP Switch 3 VLAN 1 10 31 22 103 Switch 1 VLAN 1 10 31 22 101 DHCP Server Switch 2 VLAN 1 10 31 22 102 config IP Address Switches 1 through 3 copy and implement the config txt file from the TFTP server figure 8 8 but retain their current IP Switch 4 also copies and implements the config txt file from the TFTP server figure 8 8 but acquires new IP addressing from ...

Страница 198: ... current IP addressing was not acquired through name DEFAULT_VLAN DHCP Bootp untagged A1 A10 A13 A24 B1 B24 Trk1 ip address dhcp bootp Switch 4 ignores IP Preserve and implements the exit DHCP Bootp addressing and IP Gateway specified in this file because its last IP addressing was acquired spanning tree Trk1 priority 4 from a DHCP Bootp server password manager password operator Figure 8 8 Configu...

Страница 199: ...ts most recent IP addressing from a DHCP Bootp server the switch ignores the ip preserve command and implements the IP addressing included in this file Figure 8 9 Configuration File in TFTP Server with Dedicated IP Addressing Instead of DHCP Bootp To summarize the IP Preserve effect on IP addressing If the switch received its most recent VLAN 1 IP addressing from a DHCP Bootp server it ignores the...

Страница 200: ...a fixed IP address for outgoing packets for RADIUS or TACACS so it is necessary to configure in the RADIUS or TACACS database all possible IP addresses that are configured on the switch as valid clients When using system logging it can be difficult to interpret the logging and accounting data on the server site as the same client can be logged with different IP addresses To decrease the amount of ...

Страница 201: ...ore than one IP address is configured then the lowest IP address is used vlan vlan id Specifies that the IP address of the indicated VLAN interface is used as the source IP address of outgoing packets If the specified VLAN interface has no IP address configured or is down then the application reverts to the default behavior If more than one IP address is configured then the lowest IP address is us...

Страница 202: ...y and the actual operational source IP selection policy in effect are displayed The operational source IP selection policy may be different from the assigned source selection policy if the IP interface does not exist or is down In this case the default of Outgoing Interface appears as the operational policy See figure 8 10 ProCurve config show ip source interface detail Source IP Detailed Informat...

Страница 203: ...interface tacacs vlan 22 ProCurve config show ip source interface tacacs Source IP Configuration Information Protocol Admin Selection Policy IP Interface IP Address Tacacs Configured IP Interface vlan 22 10 10 10 4 Figure 8 12 Example of Using a VLAN Interface as the Source IP Address for TACACS Figure 8 13 shows a VLAN interface being specified as the source IP address for logging The administrat...

Страница 204: ...meters are specified policy information for all protocols is displayed ProCurve config show ip source interface status Source IP Status Information Protocol Admin Selection Policy Oper Selection Policy Tacacs Configured IP Interface Configured IP Interface Radius Configured IP Address Configured IP Address Syslog Configured IP Interface Outgoing Interface Telnet Outgoing Interface Outgoing Interfa...

Страница 205: ...nterface Figure 8 15 Example of show ip source interface Command Output The show ip source interface detail command displays detailed information about the configured policies source IP address and interface state for each protocol Syntax show ip source interface detail radius sntp tacacs telnet tftp syslog Displays detailed operational status information for the source IP address selection policy...

Страница 206: ...e IP Interface vlan 10 Source IP Address 10 10 10 10 Source Interface State Up Protocol Telnet Admin Policy Configured IP Interface Oper Policy Configured IP Interface Source IP Interface loopback 1 Source IP Address 10 10 10 11 Source Interface State Up Protocol Tftp Admin Policy Outgoing Interface Oper Policy Outgoing Interface Source IP Interface N A Source IP Address N A Source Interface State...

Страница 207: ... Selection Information ProCurve config show tacacs Status and Counters TACACS Information Timeout 5 Source IP Selection Configured IP Interface Encryption Key Source IP Selection for the specified application protocol is displayed Figure 8 18 Example of show tacacs Command Displaying Source IP Selection Information ProCurve config show debug Debug Logging Source IP Selection Configured IP interfac...

Страница 208: ...ror Messages The following error messages may appear when configuring source IP selec tion if the interface does not exist is not configured for IP or is down Error Message Description Warning Specified IP address is not configured on any inter The IP address specified has not been assigned to any face interface on the switch Warning Specified IP interface is not configured The IP interface has no...

Страница 209: ...Authentication Mode and Saving Configuration Files and the Viewing the Current SNTP Configuration 9 9 Configuring Enabling or Disabling the SNTP Mode 9 11 SNTP Client Authentication 9 17 Requirements 9 17 Key Value 9 19 Configuring a Trusted Key 9 19 Associating a Key with an SNTP Server 9 20 Enabling SNTP Client Authentication 9 21 Configuring Unicast and Broadcast Mode 9 21 Displaying SNTP Confi...

Страница 210: ... SNTP Unicast Time Polling with Multiple SNTP Servers 9 37 Displaying All SNTP Server Addresses Configured on the Switch 9 37 Adding and Deleting SNTP Server Addresses 9 38 Menu Operation with Multiple SNTP Server Addresses Configured 9 38 SNTP Messages in the Event Log 9 38 9 2 ...

Страница 211: ... the TimeP mode itself set to Disabled TimeP Time Synchronization You can either manually assign the switch to use a TimeP server or use DHCP to assign the TimeP server In either case the switch can get its time synchro nization updates from only one designated Timep server This option enhances security by specifying which time server to use SNTP Time Synchronization SNTP provides two operating mo...

Страница 212: ... the default 2 Enable the protocol The choices are SNTP Broadcast or Unicast TimeP DHCP or Manual 3 Configure the remaining parameters for the time protocol you selected The switch retains the parameter settings for both time protocols even if you change from one protocol to the other Thus if you select a time protocol the switch uses the parameters you last configured for the selected protocol No...

Страница 213: ... page 9 6 page 9 9 select SNTP as the time synchronization method timep page 9 7 page 9 11 ff disable time synchronization timep page 9 7 page 9 16 enable the SNTP mode Broadcast Unicast or Disabled disabled broadcast n a page 9 7 page 9 12 unicast n a page 9 7 page 9 12 none disabled n a page 9 7 page 9 16 configure an SNTP server address for Unicast mode only none page 9 7 page 9 12 ff change th...

Страница 214: ... In Unicast Mode Specifies how often the switch polls the designated SNTP server for a time update In Broadcast Mode Specifies how often the switch polls the network broadcast address for a time update Value between 30 720 seconds Server Address Used only when the SNTP Mode is set to Unicast Specifies the IP address of the SNTP server that the switch accesses for time synchronization updates You c...

Страница 215: ...moves to the System Name field 3 Use v to move the cursor to the Time Sync Method field 4 Use the Space bar to select SNTP then press v once to display and move to the SNTP Mode field 5 Do one of the following Use the Space bar to select the Broadcast mode then press v to move the cursor to the Poll Interval field and go to step 6 For Broadcast mode details refer to SNTP Operating Modes on page 9 ...

Страница 216: ... SNTP server from the IP address es in the updated list For more on this topic refer to SNTP Unicast Time Polling with Multiple SNTP Servers on page 9 37 iv Press to move the cursor to the Poll Interval field then go to step 6 Time Sync Method None SNTP SNTP Mode Disabled Unicast Server Address 10 28 227 15 Poll Interval sec 720 720 Server Version 3 3 Tftp enable Yes Yes Time Zone 0 0 Daylight Tim...

Страница 217: ...l 9 15 no sntp 9 16 This section describes how to use the CLI to view enable and configure SNTP parameters Viewing the Current SNTP Configuration Syntax show sntp This command lists both the time synchronization method TimeP SNTP or None and the SNTP configuration even if SNTP is not the selected time protocol For example if you configured the switch with SNTP as the time synchronization method th...

Страница 218: ...urrently in use For example ProCurve config show sntp Even though in this example TimeP is the current time synchronous method the SNTP Configuration switch maintains the SNTP configuration Time Sync Mode Timep SNTP Mode Unicast Poll Interval sec 720 719 Priority SNTP Server Address OOBM Protocol Version 1 2001 db8 215 60ff fe79 8980 No 7 2 10 255 5 24 Yes 3 3 fe80 123 vlan10 Yes 3 Figure 9 5 Exam...

Страница 219: ...SNTP Mode Enabling the SNTP mode means to configure it for either broadcast or unicast mode Remember that to run SNTP as the switch s time synchronization protocol you must also select SNTP as the time synchronization method by using the CLI timesync command or the Menu interface Time Sync Method parameter Syntax timesync sntp Selects SNTP as the time protocol sntp broadcast unicast Enables the SN...

Страница 220: ...View the SNTP configuration again to verify the configuration The commands and output would appear as follows Figure 9 7 Example of Enabling SNTP Operation in Broadcast Mode Enabling SNTP in Unicast Mode Like broadcast mode configuring SNTP for unicast mode enables SNTP However for Unicast operation you must also specify the IP address of at least one SNTP server The switch allows up to three unic...

Страница 221: ...priority 1 3 ip address oobm version Use the no version of the command to disable SNTP priority specifies the order in which the configured SNTP serv ers are polled for the time allowable values are 1 through 3 ip address is an IPv4 or IPv6 address of an SNTP server For switches that have a separate out of band management port oobm specifies that SNTP traffic goes through that port By default SNTP...

Страница 222: ...ote Protocol Version appears only when there is an Poll Interval sec 720 720 IP address configured for an SNTP server Priority SNTP Server Address OOBM Protocol Version 1 2001 db8 215 60ff fe79 8980 No 7 2 10 255 5 24 Yes 3 3 fe80 123 vlan10 Yes 3 Figure 9 8 Example of Configuring SNTP for Unicast Operation If the SNTP server you specify uses SNTP version 4 or later use the sntp server command to ...

Страница 223: ...ation For example to change the poll interval to 300 seconds ProCurve config sntp poll interval 300 Changing the Priority You can choose the order in which configured servers are polled for getting the time by setting the server priority Syntax sntp server priority 1 3 ip address Specifies the order in which the configured servers are polled for getting the time Value is between 1 and 3 Note Both ...

Страница 224: ...tion with this command ProCurve config no timesync If you then viewed the SNTP configuration you would see the following Figure 9 10 Example of SNTP with Time Synchronization Disabled Disabling the SNTP Mode If you want to prevent SNTP from being used even if selected by timesync or the Menu interface s Time Sync Method param eter configure the SNTP mode as disabled Syntax no sntp Disables SNTP by...

Страница 225: ...nd clients HP ProCurve switches can validate the received messages before updating the time This feature provides support for SNTP client authentication on HP ProCurve switches which addresses security considerations when deploying SNTP in a network Requirements The following must be configured to enable SNTP client authentication on the switch SNTP Client Authentication Support Timesync mode must...

Страница 226: ...bove steps are necessary to enable authen tication on the client SNTP Server Authentication Support Note SNTP server is not supported on ProCurve products The following must be performed on the SNTP server The same authentication key identifier trusted key authentication mode and key value that were configured on the SNTP client must also be configured on the SNTP server SNTP server authentication...

Страница 227: ...t key that is used to generate the message digest Up to 32 characters are allowed for key string ProCurve config sntp authentication key id 55 authentication mode md5 key value secretkey1 Figure 9 12 Example of Setting Parameters for SNTP Authentication Configuring a Trusted Key Trusted keys are used in SNTP authentication In unicast mode a trusted key must be associated with a specific NTP SNTP s...

Страница 228: ...tch can be configured with up to eight sets of key id key value pairs One specific set must selected for authentication this is done by configuring the set as trusted The key id itself must already be configured on the switch To enable authentication at least one key id must be configured as trusted The no version of the command indicates the key is unreliable not trusted Default No key is trusted...

Страница 229: ...igure 9 13 Example of Associating a Key Id with a Specific Server Enabling SNTP Client Authentication The sntp authentication command enables SNTP client authentication on the switch If SNTP authentication is not enabled SNTP packets are not authen ticated Syntax no sntp authentication Enables the SNTP client authentication The no version of the command disables authentication Default SNTP client ...

Страница 230: ...e At least one key id must be configured as trusted and it must be associated with one of the SNTP servers To edit or remove the associated key id information or SNTP server information SNTP authentication must be disabled Broadcast Directs the switch to acquire its time synchronization from data broadcast by any SNTP server to the network broadcast address The switch uses the first server detecte...

Страница 231: ...tion To display all the SNTP authentication keys that have been configured on the switch enter the show sntp authentication command ProCurve config show sntp authentication SNTP Authentication Information SNTP Authentication Enabled Key ID Auth Mode Trusted 55 MD5 Yes 10 MD5 No Figure 9 15 Example of show sntp authentication Command Output To display the statistical information for each SNTP serve...

Страница 232: ...ation in the running config file This allows you to upload the file to a TFTP server and then later download the file to the ProCurve switches on which you want to use the same settings For more information about the include credentials command see Configuring Username and Password Security in the Access Security Guide for your switch The authentication key values are shown in the output of the sh...

Страница 233: ...xecuted and is not present in the configuration file The configuration file is subsequently saved to a TFTP server for later use The SNTP authentication information is not saved and is not present in the retrieved configuration file as shown in figure 9 18 ProCurve config copy tftp startup config 10 2 3 44 config1 Switch reboots Startup configuration The sntp authentication line and the key ids ar...

Страница 234: ...igured include credentials All of the SNTP authentication timesync sntp information displays in the sntp broadcast configuration file including the key values sntp 50 sntp authentication sntp authentication key id 55 authentication mode md5 key value secretkey1 trusted sntp authentication key id 2 authentication mode md5 key value secretkey2 sntp server priority 1 10 10 10 2 3 key id 55 sntp serve...

Страница 235: ...zation configuration n a page 9 28 page 9 30 select Timep as the time synchronization method TIMEP page 9 17 pages 9 33 ff disable time synchronization timep page 9 29 page 9 35 enable the Timep mode Disabled DHCP page 9 29 page 9 33 manual page 9 29 page 9 34 none disabled page 9 29 page 9 36 change the SNTP poll interval 720 minutes page 9 29 page 9 35 9 27 ...

Страница 236: ...pdates according to the Timep poll interval If the switch does not receive a Timep server IP address it cannot perform time synchronization updates Manual When Timep is selected as the time synchronization method the switch attempts to poll the specified server for updates according to the Timep poll interval If the switch fails to receive updates from the server time synchronization updates do no...

Страница 237: ...lues Press E for Edit The cursor moves to the System Name field 2 Use v to move the cursor to the Time Sync Method field 3 If TIMEP is not already selected use the Space bar to select TIMEP then press v once to display and move to the TimeP Mode field 4 Do one of the following Use the Space bar to select the DHCP mode then press v to move the cursor to the Poll Interval field and go to step 6 Use ...

Страница 238: ...ctiondescribeshow touse the CLI toview enable and configure TimeP parameters Viewing the Current TimeP Configuration Using different show commands you can display either the full TimeP config uration or a combined listing of all TimeP SNTP and VLAN IP addresses configured on the switch Syntax show timep This command lists both the time synchronization method TimeP SNTP or None and the TimeP config...

Страница 239: ... ProCurve config show timep Timep Configuration Time Sync Mode Sntp TimeP Mode Disabled Manual Even though in this example SNTP is the current time synchronization method the switch maintains the TimeP configuration Server Address 10 10 28 100 Poll Interval min 720 720 OOBM Yes Figure 9 22 Example of TimeP Configuration When TimeP Is Not the Selected Time Synchronization Method Syntax show managem...

Страница 240: ...splay Showing IP Addressing for All Configured Time Servers and VLANs Configuring Enabling or Disabling the TimeP Mode Enabling the TimeP mode means to configure it for either broadcast or unicast mode Remember that to run TimeP as the switch s time synchronization protocol you must also select TimeP as the time synchronization method by using the CLI timesync command or the Menu interface Time Sy...

Страница 241: ...se Time synchronization is configured for SNTP You want to 1 View the current time synchronization 2 Select TimeP as the time synchronization mode 3 Enable TimeP for DHCP mode 4 View the TimeP configuration The commands and output would appear as follows 1 2 3 4 show timep displays the TimeP configuration and also shows that SNTP is the currently active time synchronization mode show timep again d...

Страница 242: ...agement port oobm specifies that TimeP traffic goes through that port By default TimeP traffic goes through the data ports Syntax no ip timep Disables TimeP Not e To change from one TimeP server to another you must 1 use the no ip timep command to disable TimeP mode and then reconfigure TimeP in Manual mode with the new server IP address For example to select TimeP and configure it for manual oper...

Страница 243: ...Curve config ip timep interval 60 Disabling Time Synchronization Without Changing the TimeP Configuration The recommended method for disabling time synchroniza tion is to use the timesync command This halts time synchronization without changing your TimeP configuration Syntax no timesync Disables time synchronization by changing the Time Sync Mode configuration to Disabled For example suppose Time...

Страница 244: ... is the selected Time Sync Method option Syntax no ip timep Disables TimeP by changing the TimeP mode configuration to Disabled Forexample ifthe switchisrunningTimePinDHCP mode noiptimepchanges the TimeP configuration as shown below and disables time synchronization Even though the Time Sync Mode is set to Timep time synchronization is disabled because no ip timep has disabled the TimeP Mode param...

Страница 245: ... Event Log and reschedules to try the address list again after the configured Poll Interval time has expired Displaying All SNTP Server Addresses Configured on the Switch The System Information screen in the menu interface displays only one SNTP server address even if the switch is configured for two or three servers The CLI show management command displays all configured SNTP servers on the switc...

Страница 246: ...with a new one you must delete the unwanted address before you configure the new one Deleting Addresses To delete an address you must use the CLI If there are multiple addresses and you delete one of them the switch re orders the address priority Syntax no sntp server ip addr For example to delete the primary address in the above example and automatically convert the secondary address to primary P...

Страница 247: ...on Statistics 10 13 Viewing Transceiver Status 10 14 Enabling or Disabling Ports and Configuring Port Mode 10 15 Enabling or Disabling Flow Control 10 17 Configuring a Broadcast Limit on the Switch 10 18 Configuring ProCurve Auto MDIX 10 19 Web Viewing Port Status and Configuring Port Parameters 10 22 Using Friendly Optional Port Names 10 23 Configuring and Operating Rules for Friendly Port Names ...

Страница 248: ...e Interval 10 34 Changing the Keepalive Retries 10 34 Configuring UDLD for Tagged Ports 10 34 Viewing UDLD Information 10 35 Configuration Warnings and Event Log Messages 10 37 Uplink Failure Detection 10 38 Terminology 10 38 Guidelines 10 39 Configuring UFD 10 40 Example of UFD Configuration 10 40 10 2 ...

Страница 249: ... viewing transceiver status n a n a page 10 14 page 10 22 configuring ports Refer to Table page 10 7 page 10 15 page 10 22 10 1 on pages 10 4 thru 10 5 configuring ProCurve auto mdix page 9 11 If the switch either fails to show a link between an installed transceiver and another device or demonstrates errors or other unexpected behavior on the link check the port configuration on both devices for ...

Страница 250: ...tion under 1 Status and Counters in the menu interface MDI Sets the port to connect with a PC using a crossover cable Manual mode applies only to copper port switches using twisted pair copper Ethernet cables MDIX Sets the port to connect with a PC using a straight through cable Manual mode applies only to copper port switches using twisted pair copper Ethernet cables Auto 10 Allows the port to ne...

Страница 251: ... port for automatic detection of the cable type straight through or crossover MDI Configures the port to connect to a switch hub or other MDI X device with a straight through cable MDIX Configures the port to connect to a PC or other MDI device with a straight through cable Flow Control Disabled default The port does not generate flow control packets and drops any flow control packets it receives ...

Страница 252: ...the port configuration Using the Menu To View Port Configuration The menu interface dis plays the configuration for ports and if configured any trunk groups From the Main Menu select 1 Status and Counters 4 Port Status In this example ports A7 and A8 have previously been configured as a trunk group Figure 10 1 Example of a Switch Port Status Screen 10 6 ...

Страница 253: ...roup Type A1 1000T Yes Auto 10 100 Disable A2 1000T Yes Auto 10 100 Disable A3 1000T Yes Auto Disable A4 1000T Yes Auto Disable A5 1000T Yes Auto Disable A6 1000T Yes Auto Disable A7 1000T Yes Auto Disable Trk1 Trunk A8 1000T Yes Auto Disable Trk2 Trunk Actions Cancel Edit Save Help Cancel changes and return to previous screen Use arrow keys to change action selection and Enter to execute ac tion ...

Страница 254: ...enable page 10 15 speed duplex page 10 15 flow control page 10 17 broadcast limit page 10 18 auto mdix page 10 19 Viewing Port Status and Configuration Use the following commands to display port status and configuration data Syntax show interfaces brief config port list brief Lists the current operating status for all ports on the switch config Lists a subset of configuration data for all ports on...

Страница 255: ...n below ProCurve config show interfaces config Port Settings Port Type Enabled Mode Flow Ctrl MDI B1 100 1000T Yes Auto 10 100 Disable Auto B2 100 1000T Yes Auto Disable Auto B3 100 1000T Yes Auto Disable Auto B4 100 1000T Yes Auto Disable Auto B5 100 1000T Yes Auto Disable Auto B6 100 1000T Yes Auto Disable Auto Figure 10 4 Example of a Show Interfaces Config Command Listing The display option ca...

Страница 256: ...nd The information is updated every 3 seconds Note Select Back to exit the display For example ProCurve show interfaces display Dynamically updates Figure 10 5 Example of show interfaces display Command with Dynamically Updating Output Customizing the Show Interfaces Command You can create show commands displaying the information that you want to see in any order you want by using the custom optio...

Страница 257: ...Parameter Column Displays Examples port Port identifier A2 type Port type 100 1000T status Port status up or down speed Connection speed and duplex 1000FDX mode Configured mode auto auto 100 100FDX mdi MDI mode auto MDIX flow Flow control on or off name Friendly port name vlanid The vlan id this port belongs to 4 or tagged ifitbelongs tomore tagged than one vlan enabled port is or is not enabled y...

Страница 258: ...nly displays the first four characters of the name All remaining characters are truncated Not e Each field has an fixed minimum width to be displayed If you specify a field width smaller than the minimum width the information is displayed at the minimum width For example if the minimum width for the Name field is 4 characters and you specify Name 2 the Name field displays 4 characters Parameters c...

Страница 259: ...put may be empty It is advisable to try the show int custom command first to ensure there is output and then enter the command again with the pattern matching option Viewing Port Utilization Statistics Use the showinterface port utilization command to view a real time rate display for all ports on the switch The following shows a sample output from this command ProCurve config show interfaces port...

Страница 260: ...s The show tech transceivers command allows you to Remotely identify transceiver type and revision number without having to physically remove an installed transceiver from its slot Display real time status information about all installed transceivers including non operational transceivers Figure 10 8 shows sample output from the show tech transceivers command ProCurve show tech transceivers Transc...

Страница 261: ...al num ber The following error messages may be displayed for a non operational transceiver Unsupported Transceiver SelfTest Err 060 Check www hp com rnd device_help 2_inform for more info This switch only supports revision B and above transceivers Check www hp com rnd device_help 2_inform for more info Self test failure Transceiver type not supported in this port Transceiver type not supported in ...

Страница 262: ... with the above command settings you could either enter the same command with only the one port identified or go to the context level for that port and then enter the command For example to enter the context level for port C6 and then configure that port for 100FDx ProCurve config int e c6 ProCurve eth C6 speed duplex 100 full If port C8 was disabled and you wanted to enable it and configure it fo...

Страница 263: ...isable flow control on some ports while leaving it enabled on other ports just disable it on the individual ports you want to exclude Syntax no interface port list flow control Enables or disables flow control packets on the port The no form of the command disables flow control on the individual ports Default Disabled For example suppose that 1 You want to enable flow control on ports A1 A6 2 Late...

Страница 264: ...s per port flow control on ports A1 through A4 Flow control is now disabled on the switch Ports formerly configured for flow control Figure 10 12 Example Continued from Figure 10 11 Configuring a Broadcast Limit on the Switch Broadcast Limit on switches covered in this guide is configured on a per port basis You must be at the port context level for this command to work for example 10 18 ...

Страница 265: ...onfig Displays the running config file The broadcast limit setting appears here if enabled If the setting is not also saved to the startup config file rebooting the switch returns broadcast limit to the setting currently in the startup config file For example the following command enables broadcast limiting of 1 percent of the traffic rate on the selected port on the switch ProCurve int B1 broadca...

Страница 266: ...o MDI MID X feature are completely compatible Additionally ProCurve Auto MDIX supports opera tion in forced speed and duplex modes If you want more information on this subject please refer to the IEEE 802 3ab Standard Reference For more information on MDI X refer to the appendix titled Switch Ports and Network Cables in the Installation and Getting Started Guide for your switch Manual Override If ...

Страница 267: ...e Syntax show interfaces config Lists the current per port Auto MDI MDI X configuration Syntax show interfaces brief Where a port is linked to another device this command lists the MDI mode the port is currently using In the case of ports configured for Auto auto mdix the MDI mode appears as either MDIor MDIX depending upon which option the port has negotiated with the device on the other end of t...

Страница 268: ... Status and Configuring Port Parameters In the web browser interface 1 Click on the Configuration tab 2 Click on Port Configuration 3 Select the ports you want to modify and click on Modify Selected Ports 4 After you make the desired changes click on Apply Settings Note that the web browser interface displays an existing port trunk group However to configure a port trunk group you must use the CLI...

Страница 269: ...e same name to multiple ports The friendly port names you configure appear in the output of the show name port list showconfig and showinterface port number commands They do not appear in the output of other show commands or in Menu interface screens Refer to Displaying Friendly Port Names with Other Port Data on page 10 25 Friendly port names are not a substitute for port numbers in CLI com mands...

Страница 270: ...nd Configuring Friendly Port Names Syntax interface port list name port name string Assigns a port name to port list Syntax no interface port list name Deletes the port name from port list Configuring a Single Port Name Suppose that you have connected port A3 on the switch to Bill Smith s workstation and want to assign Bill s name and workstation IP address 10 25 101 73 as a port name for port A3 ...

Страница 271: ...g combinations show name Displays a listing of port numbers with their corresponding friendly port names and also quickly shows you which ports do not have friendly name assignments show name data comes from the running config file showinterface port number Displays the friendly port name if any along with the traffic statistics for that port The friendly port name data comes from the running conf...

Страница 272: ...ort names assigned in previous examples Ports Without Friendly Figure 10 17 Example of Friendly Port Name Data for All Ports on the Switch Port Without a Friendly Name Friendly port names assigned in previous examples Figure 10 18 Example of Friendly Port Name Data for Specific Ports on the Switch Including Friendly Port Names in Per Port Statistics Listings A friendly port name configured to a po...

Страница 273: ...iven port if a friendly port name does not exist in the running config file the Name line in the above command output appears as Name not assigned To Search the Configuration for Ports with Friendly Port Names This option tells you which friendly port names have been saved to the startup config file show config does not include ports that have only default settings in the startup config file Synta...

Страница 274: ...not saved becauseitwasexecutedafter write memory In this case show config lists only port A1 Executing write memafterenteringthenamefor port A2 and then executing show config again would result in a listing that includes both ports Listing includes friendly port name for port A1 only 498358 B21 Configuration Editor Created on release Z 14 04 Figure 10 20 Example Listing of the Startup Config File ...

Страница 275: ... you can pre configure the modules with the CLI module command Syntax module module num type module type Allows you to configure the type of the module The same module command used in an uploaded configuration file is used to define a module that is being pre configured The validation performed when issued through the CLI is still performed just as if the command was executed on the switch in othe...

Страница 276: ...roCurve config no module 3 Not e This does not change how hot swap works Operating Notes The following restrictions apply The slot being cleared must be empty There was no module present in the slot since the last boot If there was a module present after the switch was booted the switch will have to be rebooted before any module new or same can be used in the slot This does not clear the configura...

Страница 277: ...ch Trunk Third Party Switch ProCurve Switch Third Party Switch Figure 10 21 UDLD Example In this example each ProCurve switch load balances traffic across two ports in a trunk group Without the UDLD feature a link failure on a link that is not directly attached to one of the ProCurve switches remains undetected As a result each switch continue to send traffic on the ports connected to the failed l...

Страница 278: ...d disabled or fixed The port can also be unblocked by disabling UDLD on the port Configuring UDLD When configuring UDLD keep the following considerations in mind UDLD is configured on a per port basis and must be enabled at both ends of the link See the note below for a list of ProCurve switches that support UDLD To configure UDLD on a trunk group you must configure the feature on each port of the...

Страница 279: ... default settings untagged UDLD packets can still be transmitted and received on tagged only ports however a warning message will be logged The no form of the command disables UDLD on the specified port s Default UDLD packets are untagged tagged only ports will transmit and receive untagged UDLD control packets Enabling UDLD UDLD is enabled on a per port basis For example to enable UDLD on port a1...

Страница 280: ...imum number of keepalive attempts to a value from 3 10 For example to change the maximum number of attempts to 4 enter the following command at the global configuration level ProCurve config link keepalive retries 4 Configuring UDLD for Tagged Ports The default implementation of UDLD sends the UDLD control packets untagged even across tagged ports If an untagged UDLD packet is received by a non Pr...

Страница 281: ...e switch Syntax clear link keepalive statistics Clears UDLD statistics This command clears the packets sent packets received and transitions counters in the show link keepalive statistics display To display summary information on all UDLD enabled ports enter the show link keepalive command For example ProCurve config show link keepalive Total link keepalive enabled ports 4 Keepalive Retries 3 Keep...

Страница 282: ...500 Neighbor Port 6 Udld Packets Received 450 State Transitions 3 no Link vlan 200 Port 3 Current State off line Neighbor MAC Addr n a Udld Packets Sent 0 Neighbor Port n a Udld Packets Received 0 State Transitions 0 Port 4 is shown as blocked Port Blocking no Link vlan 1 due to a link keepalive failure Port 4 Current State failure Neighbor MAC Addr n a Udld Packets Sent 128 Neighbor Port n a Udld...

Страница 283: ...t 7 belongs to VLAN 1 and 22 but the user tries to configure UDLD on port 7 to send tagged packets in VLAN 4 the configuration will be accepted The UDLD control packets will be sent tagged in VLAN 4 which may result in the port being blocked by UDLD if the user does not configure VLAN 4 on this port You have attempted to remove a VLAN on port that is configured for tagged UDLD packets on that VLAN...

Страница 284: ...server availability at all times UFD is configured by pairing a Link to Monitor LtM with a Link to Disable LtD When correctly configured UFD allows loop free active standby redun dancy and prevents the server from transmitting down a failed path Not e For UFD functionality to work as expected the NIC teaming must be in active standby configuration mode Terminology Link to Monitor LtM The Link to M...

Страница 285: ...NIC team member 2 through to DC Switch 2 Figure 10 24 Representation of an UFD Configuration Guidelines The following lists guidelines for UFD These guidelines are applicable to blade switches only when there is a clear difference between downlink and uplink ports A link to monitor LtM can be one or more uplink ports A link to disable LtD can be one or more downlink ports An LtM or LtD can be a tr...

Страница 286: ...ailure detection track 1 64 links to monitor monitor list links to disable disable list Globally enables Uplink Failure Detection on the switch The no form of the command disables Uplink Failure Detection Default Disabled Example of UFD Configuration ProCurve config uplink failure detection Procurve config uplink failure detection track 1 links to monitor Trk5 links to disable 3 12 ProCurve config...

Страница 287: ...w uplink failure detection Uplink Failure Detection Information UFD Enabled Yes TRACK ID Monitored Links Links to Disable LtM State LtD State 1 Trk5 3 12 Up Up 2 23 24 9 Down Auto Disabled 5 17 7 14 Down Auto Disabled Figure 10 26 Example of Output for UFD Configuration 10 41 ...

Страница 288: ...Port Status and Configuration Uplink Failure Detection 10 42 ...

Страница 289: ...ps 11 11 Using the CLI To View Port Trunks 11 11 Using the CLI To Configure a Static or Dynamic Trunk Group 11 14 Web Viewing Existing Port Trunk Groups 11 17 Trunk Group Operation Using LACP 11 18 Default Port Operation 11 21 LACP Notes and Restrictions 11 22 Trunk Group Operation Using the Trunk Option 11 26 How the Switch Lists Trunk Data 11 27 Outbound Traffic Distribution Across Trunked Links...

Страница 290: ...ack bone devices as well as to connections in other network areas where traffic bottlenecks exist A trunk group is a set of up to eight ports configured as members of the same port trunk Note that the ports in a trunk group do not have to be consecutive For example The multiple physical links in a trunk behave as one logical link Switch 2 Switch 1 port 1 port c1 port 2 port c2 Ports a1 a3 a4 Ports...

Страница 291: ...ngdevicesuchasahub orusingmorethanonemedia type in a port trunk group Similarly for proper trunk operation all links in the same trunk group must have the same speed duplex and flow control Port Security Restriction Portsecuritydoesnotoperateonatrunkgroup If you configure port security on one or more ports that are later added to a trunk group the switch resets the port security parameters for tho...

Страница 292: ... and 10FDx 100FDx and 1000FDx settings The 10 gigabit ports available for some switch models allow only the Auto setting Fault Tolerance If a link in a port trunk fails the switch redistributes traffic originally destined for that link to the remaining links in the trunk The trunk remains operable as long as there is at least one link in operation If a link is restored that link is automatically i...

Страница 293: ...er device you would do the following to change them to LACP passive ProCurve config no int c1 c4 lacp Removes the ports from the trunk ProCurve config int c1 c4 lacp passive Configures LACP passive Static Trunk The switch uses the links you configure with the Port Trunk Settings screen in the menu interface or the trunk command inthe CLI to create a static port trunk The switch offers two types of...

Страница 294: ...ree or IGMP parameters on an LACP trunk group You want an LACP trunk group to operate in a VLAN other than the default VLAN and GVRP is disabled Refer to VLANs and Dynamic LACP on page 11 23 You want to use a monitor port on the switch to monitor an LACP trunk For more information refer to Trunk Group Operation Using LACP on page 11 18 Trunk Provides manually configured static only trunking to non...

Страница 295: ...g operate on a per port basis regardless of trunk membership Enable Disable Flow control Flow Ctrl LACP is a full duplex protocol Refer to Trunk Group Operation Using LACP on page 11 18 Trunk Configuration All ports in the same trunk group must be the same trunk type LACP or Trunk All LACP ports in the same trunk group must be either all static LACP or all dynamic LACP A trunk appears as a single ...

Страница 296: ...moveaportfromastatictrunk theportretainsthesameSpanningTreesettingsthatwereconfiguredforthetrunk IP Multicast Protocol IGMP A static trunk of any type appears in the IGMP configuration display and you can configure IGMP for a static trunk in the same way that you would configure IGMP on a non trunked port Note that the switch lists the trunk by name such as Trk1 and does not list the individual po...

Страница 297: ...igure Static Port Trunking This procedure uses the Port Trunk Settings screen to configure a static port trunk group on the switch 1 Follow the procedures in the Important note above 2 From the Main Menu Select 2 Switch Configuration 2 Port Trunk Settings 3 Press E for Edit and then use the arrow keys to access the port trunk parameters These two columns indicate static trunk status For dynamic LA...

Страница 298: ...led Static Virtual LANs VLANs in the Advanced Traffic Management Guide for your switch To return a port to a non trunk status keep pressing the Space bar until a blank appears in the highlighted Group value for that port Figure 11 5 Example of the Configuration for a Two Port Trunk Group 6 Move the cursor to the Type column for the selected port and use the Space bar to select the trunk type LACP ...

Страница 299: ...tion Commands show trunks below show lacp page 11 13 trunk page 11 15 interface port list lacp page 11 15 Using the CLI To View Port Trunks You can list the trunk type and group for all ports on the switch or for selected ports You can also list LACP only status information for LACP configured ports Listing Static Trunk Type and Group for All Ports or for Selected Ports Syntax show trunks port lis...

Страница 300: ...dly Port Names feature Refer to Using Friendly Optional Port Names on page 10 23 Port A6 does not appear in this listing because it is not assigned to a static trunk Figure 11 6 Example Listing Specific Ports Belonging to Static Trunks The show trunks port list command in the above example includes a port list and thus shows trunk group information only for specific ports that have membership in a...

Страница 301: ...age 11 21 Dynamic LACP Standby Links Dynamic LACP trunking enables you to configure standby links for a trunk by including more than eight ports in a dynamic LACP trunk configuration When eight ports trunk links are up the remaining link s will be held in standby status If a trunked link that is Up fails it will be replaced by a standby link which maintains your intended bandwidth for the trunk Re...

Страница 302: ...configuring them for trunking you can temporarily disable the ports until the trunk is configured Refer to Enabling or Disabling Ports and Configuring Port Mode on page 10 15 The table on page 11 5 describes the maximum number of trunk groups you can configure on the switch An individual trunk can have up to eight links with additional standby links if you re using LACP You can configure trunk gro...

Страница 303: ...ee is not in use ProCurve recommends that you first disable the port or disconnect the link on that port Syntax no trunk port list Removes the specified ports from an existing trunk group For example to remove ports C4 and C5 from an existing trunk group ProCurve config no trunk c4 c5 Enabling a Dynamic LACP Trunk Group In the default port configura tion all ports on the switch are set to disabled...

Страница 304: ...d is LACP active Spanning tree is not needed and the clear advantages are increased bandwidth and fault tolerance Syntax interface port list lacp active Configures port list as LACP active If the ports at the other end of the links on port list are configured as LACP passive then this command enables a dynamic LACP trunk group on port list This example uses ports C4 and C5 to enable a dynamic LACP...

Страница 305: ...ive LACP In this example port C6 belongs to an operating dynamic LACP trunk To remove port C6 from the dynamic trunk and return it to passive LACP you would do the following ProCurve config no interface c6 lacp ProCurve config interface c6 lacp passive Note that in the above example if the port on the other end of the link is configured for active LACP or static LACP the trunked link will be re es...

Страница 306: ...gs at Auto the default LACP also operates with Auto 10 Auto 100 andAuto 1000 ifnegotiation selectsFDx and 10FDx 100FDx and 1000FDx settings LACP trunk status commands include Trunk Display Method Static LACP Trunk Dynamic LACP Trunk CLI show lacp command Included in listing Included in listing CLI show trunk command Included in listing Not included Port Trunk Settings screen in menu interface Incl...

Страница 307: ...P port trunk group and assigns a port Group name The ports on both ends of each link have compatible mode settings speed and duplex The port on one end of each link must be configured for LACP Active and the port on the other end of the same link must be configured for either LACP Passive or LACP Active For example Switch 1 Port X LACP Enable Active Port Y LACP Enable Active Switch 2 Port A LACP E...

Страница 308: ...e trunk operates if the trunk group on the opposite device is running one of the following trunking protocols Active LACP Passive LACP Trunk This option uses LACP for the port Type parameter and TrkX for the port Group parameter where X is an automatically assigned value in a range corresponding to the maximum number of trunks the switch allows The table on page 11 5 lists the maximum number of tr...

Страница 309: ... static LACP trunk Trunk Group Same as Port Number The port is configured for LACP but is not a member of a port trunk Port Status Up The port has an active LACP link and is not blocked or in Standby mode Down The port is enabled but an LACP link is not established This can indicate for example a port that is not connected to the network or a speed mismatch between a pair of linked ports Disabled ...

Страница 310: ...ce that LACP is disabled on the port s and enables 802 1X on that port ProCurve config aaa port access authenticator b1 LACP has been disabled on 802 1x port s ProCurve config The switch will not allow you to configure LACP on a port on which port access 802 1X is enabled For example ProCurve config int b1 lacp passive Error configuring port port number LACP and 802 1x cannot be run together ProCu...

Страница 311: ...ks If you want to manually configure a trunk use the trunk command Refer to Using the CLI To Configure a Static or Dynamic Trunk Group on page 11 14 VLANs and Dynamic LACP A dynamic LACP trunk operates only in the default VLAN unless you have enabled GVRP on the switch and use Forbid to prevent the ports from joining the default VLAN If you want to use LACP for a trunk on a non default VLAN and GV...

Страница 312: ... dynamic LACP trunk members Otherwise a traffic loop can unexpectedly occur For example VLAN 1 Default VLAN VLAN 2 VLAN 1 Default VLAN VLAN 2 VLAN 1 Default VLAN VLAN 2 VLAN 1 Default VLAN VLAN 2 If the ports in VLAN 2 are configured to allow a dynamic trunk and GVRP is disabled adding a second link in VLAN 2 automatically forms a dynamic LACP trunk and moves the trunk to VLAN 1 the default VLAN w...

Страница 313: ... gigabit ports operate only at FDx A port configured as LACP passive and not assigned to a port trunk can be configured to half duplex HDx However in any of the following cases a port cannot be reconfigured to an HDx setting If the port is a 10 gigabit port If a port is set to LACP Active you cannot configure it to HDx IfaportisalreadyamemberofastaticordynamicLACPtrunk youcannot configure it to HD...

Страница 314: ...s Similarly the switch handles incoming traffic from the trunked links as if it were from a trunked source When a trunk group is configured with the trunk option the switch automati cally sets the trunk to a priority of 4 for spanning tree operation even if spanning tree is currently disabled This appears in the running config file as spanning tree Trkn priority 4 Executing write memory after conf...

Страница 315: ...inks The two trunk group options LACP and Trunk use source destination address pairs SA DA for distributing outbound traffic over trunked links SA DA source address destination address causes the switch to distribute outbound traffic to the links within the trunk group on the basis of source destination address pairs That is the switch sends traffic from the same sourceaddresstothesamedestinationa...

Страница 316: ...tination address When an IP address is available the calculation includes the last five bits of the IP source address and IP destination address otherwise the MAC addresses are used The result of that process undergoes a mapping that determines which link the traffic goes through If you have only two ports in a trunk it is possible that all the traffic will be sent through one port even if the SA ...

Страница 317: ...B Node X 2 Node C Node Y 3 Node D Node Z 1 Node A Node Y 2 Node B Node W 3 Because the amount of traffic coming from or going to various nodes in a network can vary widely it is possible for one link in a trunk group to be fully utilized while other links in the same trunk have unused bandwidth capacity even if the assignments were evenly distributed across the links in a trunk 11 29 ...

Страница 318: ...Port Trunking Outbound Traffic Distribution Across Trunked Links 11 30 ...

Страница 319: ... Minimum Bandwidth GMB 12 10 Introduction 12 10 Terminology 12 10 GMB Operation 12 10 Impacts of QoS Queue Configuration on GMB Operation 12 12 Outbound Traffic 12 13 Configuration 12 17 GMB Operating Notes 12 19 Jumbo Frames 12 20 Terminology 12 20 Operating Rules 12 21 Configuring Jumbo Frame Operation 12 22 Overview 12 22 Viewing the Current Jumbo Configuration 12 23 Enabling or Disabling Jumbo...

Страница 320: ...Port Traffic Controls Contents Operating Notes for Jumbo Traffic Handling 12 27 Troubleshooting 12 29 Cut Through Switching on the HP 6120XG 12 29 12 2 ...

Страница 321: ... Disabled n a 12 20 n a This chapter includes Rate Limiting Enables a port to limit the amount of bandwidth a user or device may utilize for traffic on the switch Jumbo Frames Enables ports operating at 1 Gbps or 10 Gbps speeds to accept inbound frames of up to 9220 bytes when configured for jumbo traffic 12 3 ...

Страница 322: ...e offered by Internet Service Providers ISPs to provide only the bandwidth for which a customer has paid Not e Rate limiting also can be applied by a RADIUS server during an authentication client session For further details refer to the chapter titled RADIUS Authen tication and Accounting in the Access Security Guide for your switch C a u t i o n Rate limiting is intended for use on edge ports in ...

Страница 323: ...of 200 299 Kbps is implemented as a limit of 200 Kbps and so on Percentage limits are based on link speed For example if a 100 Mbps port negotiates a link at 100 Mbps and the inbound rate limit is configured at 50 then the traffic flow through that port is limited to no more than 50 Mbps Similarly if the same port negotiates a 10 Mbps link then it allows no more than 5 Mbps of inbound traffic Conf...

Страница 324: ...50 No override 4 Disabled Disabled No override 5 Disabled Disabled No override 6 Disabled Disabled No override Figure 12 1 Example of Listing the Rate Limit Configuration Operating Notes for Rate Limiting Rate limiting operates on a per port basis regardless of traffic priority Rate limiting is available on all types of ports other than trunked ports on the switches covered in this guide and at al...

Страница 325: ... In another type of situation an outbound port can become oversubscribed by traffic received from multiple rate limited ports In this case the actual rate for traffic on the rate limited ports may be lower than configured because the total traffic load requested to the outbound port exceedstheport sbandwidth andthussomerequestedtrafficmaybeheld off on inbound Traffic filters on rate limited ports ...

Страница 326: ...headers and data This value is the maximum bytes per second that 100 Mbps can support for minimum sized packets Suppose port X is configured with a rate limit of 50 4 761 904 bytes If a throughput testing application is the only application using the port and transmits 1 Mbyte of data through the port it uses only 10 5 of the port s available bandwidth and the rate limit of 50 has no effect This i...

Страница 327: ...uiring high levels of IPX or RIP broadcast traffic Syntax show config Displays the startup config file The broadcast limit setting appears here if enabled and saved to the startup config file Syntax show running config Displays the running config file The broadcast limit setting appears here if enabled If the setting is not also saved to the startup config file rebooting the switch returns broadca...

Страница 328: ...riority traffic in the network are frequently or continually starved by high volumes of higher priority traffic You can configure GMB per port Terminology Oversubscribed Queue Theconditionwherethereisinsufficientbandwidth allocated to a particular outbound priority queue for a given port If additional unused bandwidth is not available the port delays or drops the excess traffic GMB Operation Thesw...

Страница 329: ...can ensure that there will always be bandwidth reserved for lower priority traffic Since the switch services outbound traffic according to priority highest to lowest the highest priority outbound traffic on a given port automatically receives the first priority in servicing Thus in most applications it is neces sary only to specify the minimum bandwidth you want to allocate to the lower priority q...

Страница 330: ...r priority traffic The sum of the GMB settings for all outbound queues on a given port cannot exceed 100 Impacts of QoS Queue Configuration on GMB Operation The section on Configuring Guaranteed Minimum Bandwidth for Out bound Traffic assumes the ports on the switch offer eight prioritized out bound traffic queues This may not always be the case however since the switch supports a QoS queue config...

Страница 331: ...r switch Configuring Guaranteed Minimum Bandwidth for Outbound Traffic For any port or group of ports you can configure either the default minimum bandwidth settings for each outbound priority queue or a customized band width allocation For most applications ProCurve recommends configuring GMB with the same values on all ports on the switch so that the outbound traffic profile is consistent for al...

Страница 332: ...um priority 10 Queue 7 high priority 15 Queue 8 high priority 20 The no form of the command disables GMB for all ports in port list In this state which is the equivalent of setting all outbound queues on a port to 0 zero a high level of higher priority traffic can starve lower priority queues which can slow or halt lower priority traffic in the network You can configure bandwidth minimums from eit...

Страница 333: ...e becomes oversubscribed In this case the unallocated bandwidth is apportioned to oversubscribed queues in descending order of priority For example if you configure a minimum of 10 for queues 1 7 and 0 for queue 8 then the unallocated bandwidth will be available to all eight queues in the following prioritized order 1 Queue 8 high priority 2 Queue 7 high priority 3 Queue 6 medium priority 4 Queue ...

Страница 334: ...on Outbound Bandwidth Port Queue 8 20 Queue 8 has the first priority use of all outbound bandwidth not specifically allocated to queues 1 7 If for example bandwidth allocatedtoqueue5isnotbeingusedandqueues7and8become oversubscribed queue 8 has first priority use of the unused bandwidth allocated to queue 5 7 15 Queue 7 has a guaranteed minimum bandwidth of15 available for outbound traffic If queue...

Страница 335: ...ndwidth min output 2 3 30 10 10 10 15 20 ProCurve eth A1 A5 bandwidth min output 2 3 30 10 10 10 15 20 Displaying the Current Guaranteed Minimum Bandwidth Configuration This command displays the per port GMB configuration in the running config file Syntax show bandwidth output port list Without port list this command lists the GMB configuration for all ports on the switch With port list this comma...

Страница 336: ...10 15 20 Bandwidth A4 2 3 30 10 10 10 15 20 Settings A5 2 3 30 10 10 10 15 20 Figure 12 2 Example of Listing the Guaranteed Minimum Bandwidth Configuration This is how the preceding listing of the GMB configuration would appear in the startup config file Figure 12 3 Example of GMB Settings Listed in the show config Output The outbound port priority queues 1 8 for ports A1 A5 are configured with th...

Страница 337: ...is executed any previously configured bandwidth min output settings are removed from the startup configuration Refer to Table 12 2 on page 12 12 for the default GMB percentage allocations per number of queues GMB on a Port When the Port is an Active Member of a Trunk When a port joins a trunk it retains its currently configured GMB Configuration of GMB on a port is allowed even when it is an activ...

Страница 338: ... bytes Regardless of the mode configured on a given jumbo enabled port if the port is operating at only 10 Mbps or 100 Mbps only frames that do not exceed 1522 bytes are allowed inbound on that port Terminology Jumbo Frame An IP frame exceeding 1522 bytes in size The maximum Jumbo frame size is 9220 bytes This size includes 4 bytes for the VLAN tag Jumbo VLAN A VLAN configured to allow inbound jum...

Страница 339: ...ed VLAN cannot join a dynamic VLAN Port Adds and Moves If you add a port to a VLAN that is already configured for jumbo traffic the switch enables that port to receive jumbo traffic If you remove a port from a jumbo enabled VLAN the switch disables jumbotrafficcapabilityonthe portonly ifthe portisnotcurrently a member of another jumbo enabled VLAN This same operation applies to port trunks Jumbo T...

Страница 340: ...with GVRP enabled refer to the GVRP topic under Operating Rules above 2 Ensure that the ports through which you want the switch to receive jumbo frames are operating at least at gigabit speed Check the Mode field in the output for the show interfaces brief port list command 3 Use the jumbo command to enable jumbo frames on one or more VLANs statically configured in the switch All ports belonging t...

Страница 341: ...lans ports port list Lists the static VLANs to which the specified port s belong including the Jumbo column to indicate which VLANs are configured to support jumbo traffic Entering only one port in port list results in a list of all VLANs to which that port belongs Entering multiple ports in port list results in a superset list that includes the VLAN memberships of all ports in the list even thoug...

Страница 342: ...sting the VLAN Memberships for a Range of Ports Syntax show vlans vid This command shows port membership and jumbo configuration for the specified vid Lists the ports belonging to VLAN 100 and whether the VLAN is enabled for jumbo frame traffic Figure 12 6 Example of Listing the Port Membership and Jumbo Status for a VLAN 12 24 ...

Страница 343: ... also belong to another VLAN that is enabled for jumbo traffic In a VLAN context the command forms are jumbo and no jumbo Default Jumbos disabled on the specified VLAN Configuring a Maximum Frame Size You can globally set a maximum frame size for Jumbo frames that will support values from 1518 bytes to 9216 bytes for untagged frames Syntax jumbo max frame size size Sets the maximum frame size for ...

Страница 344: ...xFrameSize 9216 Ip MTU 9198 Figure 13 Displaying the Maximum Frame Size and IP MTU Values Operating Notes for Maximum Frame Size When you set a maximum frame size for Jumbo frames it must be on a global level You cannot use the jumbo max frame size command on a per port or per VLAN basis The original way to configure Jumbo frames remains the same which is per VLAN but you cannot set a maximum fram...

Страница 345: ...bytes for the VLAN tag When a port is not a member of any jumbo enabled VLAN it drops all jumbo traffic If the port is receiving excessive inbound jumbo traffic the port generates an Event Log message to notify you of this condition This same condition generates a Fault Finder message in the Alert log of the switch s web browser interface and also increments the switch s Giant Rx counter If you do...

Страница 346: ...some ports that do belong to another jumbo enabled VLAN In this case ports capable of receiving jumbo frames can forward them to the ports in the VLAN that do not have jumbo capability Jumbo Enabled VLAN VLAN 10 Non Jumbo VLAN VLAN 20 Port 3 belongs to both VLAN 10 and VLAN 20 Jumbo frames received inbound on port 3 can be forwarded out the Non Jumbo ports 4 5 and 6 1 5 2 3 4 6 Figure 12 7 Forward...

Страница 347: ... on any port regardless of whether the port belongs to a jumbo VLAN In this case another port in the same VLAN on the switch may be jumbo enabled through membership in a different jumbo enabled VLAN and may be forwarding jumbo frames received on the jumbo VLAN to non jumbo ports Refer to Outbound Jumbo Traffic on page 12 28 Cut Through Switching on the HP 6120XG Switches using store and forward mo...

Страница 348: ...le of Enabling Cut through Mode To display the status of cut through mode enter this command Syntax show cut through Displays the cut through mode status ProCurve config show cut through Cut through configuration Cut through admin status Enabled Cut through oper status Enabled Switch has been rebooted Figure 12 9 Example of the Output for show cut through Command 12 30 ...

Страница 349: ...iguring non SNMP version 3 Communities 13 15 CLI Viewing and Configuring SNMP Community Names 13 17 SNMP Notifications 13 19 Supported Notifications 13 19 General Steps for Configuring SNMP Notifications 13 20 SNMPv1 and SNMPv2c Traps 13 21 Configuring an SNMP Trap Receiver 13 21 Enabling SNMPv2c Informs 13 23 Configuring SNMPv3 Notifications 13 25 Managing Network Security Notifications 13 28 Ena...

Страница 350: ...DP MED Standards Compatibility 13 46 LLDP Operating Rules 13 47 Configuring LLDP Operation 13 48 Viewing the Current Configuration 13 48 Configuring Global LLDP Packet Controls 13 50 Configuring SNMP Notification Support 13 54 Configuring Per Port Transmit and Receive Modes 13 55 Configuring Basic LLDP Per Port Advertisement Content 13 56 Advertisements 13 58 Port VLAN ID TLV Support on LLDP 13 59...

Страница 351: ...Configuring for Network Management Applications Contents LLDP and CDP Data Management 13 83 LLDP and CDP Neighbor Data 13 83 CDP Operation and Commands 13 85 13 3 ...

Страница 352: ...N Support page 13 36 To implement SNMP management the switch must have an IP address configured either manually or dynamically using DHCP or Bootp If multiple VLANs are configured each VLAN interface should have its own IP address For DHCP use with multiple VLANs refer to the section titled The Primary VLAN in the Static Virtual LANs VLANs chapter of the Advanced Traffic Management Guide for your ...

Страница 353: ...agement Applications Using SNMP Tools To Manage the Switch VLAN feature refer to the section titled The Secure Management VLAN in the Static Virtual LANs VLANs chapter of the Advanced Traffic Management Guide for your switch 13 5 ...

Страница 354: ... site at www hp com Support Configuring for SNMP version 1 and 2c Access to the Switch SNMP access requires an IP address and subnet mask configured on the switch Refer to IP Configuration on page 8 2 If you are using DHCP Bootp to configure the switch ensure that the DHCP Bootp process provides the IP address Refer to DHCP Bootp Operation on page 8 12 Once an IP address has been configured the ma...

Страница 355: ...guration on page 8 2 If you are using DHCP Bootp to configure the switch ensure that the DHCP Bootp process provides the IP address See DHCP Bootp Operation on page 8 12 Once an IP address has been configured the main steps for configuring SNMP version 3 access management features are 1 Enable SNMPv3 for operation on the switch Refer to SNMP Version 3 Commands on page 13 8 2 Configure the appropri...

Страница 356: ...mmunitynamed public inaccessible to network management applications such as auto discovery traffic monitoring SNMP trap generation and threshold setting from operating in the switch Syntax no snmpv3 enable Enable and disable the switch for access from SNMPv3 agents This includes the creation of the initial user record no snmpv3 only Enables or disables restrictions to access from only SNMPv3 agent...

Страница 357: ...ftware requires an initial user record to clone The initial user record can be downgraded and provided with fewer features but not upgraded by adding new features For this reason it is recommended that when you enable SNMPv3 you also create a second user with SHA authentication and DES privacy Enable SNMPv3 CreateinitialusermodelsforSNMPv3 Management Applications Set restriction on non SNMPv3 mess...

Страница 358: ... the appropriate security level to an existing security group Adding Users To configure an SNMPv3 user you must first add the user name to the list of known users with the snmpv3 user command ProCurve config snmpv3 user NetworkAdmin ProCurve config snmpv3 user NetworkMgr auth md5 authpass priv privpass Add user Network Admin with no authentication or privacy Add user Network Mgr with authenticatio...

Страница 359: ...assword priv_pass must be 6 32 characters in length and is mandatory when you configure privacy Default DES Note Only AES 128 bit and DES 56 bit encryption are supported as privacy protocols Other non standard encryptionalgorithms suchasAES 172 AES 256 and 3 DES are not supported Listing Users To display the management stations configured to access the switch with SNMPv3 and view the authenticatio...

Страница 360: ... Assigning Users to Groups SNMPv3 Group Commands Syntax no snmpv3 group This command assigns or removes a user to a security group for access rights to the switch To delete an entry all of the following three parameters must be included in the command group group_name This parameter identifies the group that has the privileges that will be assigned to the user For more details refer to Group Acces...

Страница 361: ...w DiscoveryView Each view allows you to view or modify a different set of MIBs Manager Read View access to all managed objects Manager Write View access to all managed objects except the follow ing vacmContextTable vacmAccessTable vacmViewTreeFamilyTable OperatorReadView no access to icfSecurityMIB hpSwitchIpTftp Mode vacmContextTable vacmAccessTable vacmViewTreeFami lyTable usmUserTable snmpCommu...

Страница 362: ...is being mapped to a group access level sec name security_name This is the group level to which the community is being mapped For more information refer to Group Access Levels on page 13 13 tag tag_value This is used to specify which target address may have access by way of this index reference Figure 13 4 shows the assigning of the Operator community on MgrStation1 to the CommunityOperatorReadWri...

Страница 363: ...her an operator level or a manager level view and either restricted or unrestricted write access Using SNMP requires that the switch have an IP address and subnet mask compatible with your network C a u t i o n For ProCurve Manager PCM version 1 5 or earlier or any TopTools version deleting the public community disables some network management functions such as traffic monitoring SNMP trap generat...

Страница 364: ...sting community the values for the currently selected Community appear in the fields Type the value for this field Use the Space bar to select values for other fields Figure 13 6 The SNMP Add or Edit Screen Need Help If you need information on the options in each field press Enter to move the cursor to the Actions line then select the Help option on the Actions line When you are finished with Help...

Страница 365: ... configured SNMP community names along with trap receivers and the setting for authentication traps refer to SNMP Notifications on page 13 19 Syntax show snmp server community string This example lists the data for all communities in a switch that is both the default public community name and another community named blue team Default Community and Settings Non Default Community and Settings Trap R...

Страница 366: ... Optionally assigns an access level At the operator level the community can access all MIB objects except the CONFIG MIB At the manager level the community can access all MIB objects restricted unrestricted Optionally assigns MIB access type Assigning the restricted type allows the community to read MIB variables but not to set them Assigning the unrestricted type allows the community to read and ...

Страница 367: ...ilure Link change traps when the link on a port changes from up to down linkDown or down to up linkUp Port security web MAC or 802 1X authentication failure Invalid password entered in a login attempt through a direct serial Telnet or SSH connection Inability to establish a connection with the RADIUS or TACACS authen tication server In addition you can enable the switch to send the following types...

Страница 368: ...Pv1 and SNMPv2c Traps on page 13 21 Configuring an SNMP Trap Receiver on page 13 21 Enabling SNMPv2c Informs on page 13 23 If you want to use SNMPv3 notifications including traps you must also configure an SNMPv3 management station Follow the required configu ration procedure in the following section Configuring SNMPv3 Notifications on page 13 25 2 To reconfigure any of the SNMP notifications that...

Страница 369: ...you change or delete the default public community name these traps are not sent Thresholds A switch automatically sends all messages created when a system threshold is reached to the network management station that configured the threshold regardless of the trap receiver configuration Configuring an SNMP Trap Receiver Usethe snmp serverhost commandtoconfigureatrapreceiverthatcanreceive SNMPv1 and ...

Страница 370: ...t you specify applies only to event log messages not to threshold traps For each configured event level the switch continues to send threshold traps to all network management stations that have the appropriate threshold level configured If you do not specify an event level the switch uses the default value none and sends no event log messages as traps inform Optional Configures the switch to send ...

Страница 371: ... SNMPv2c Informs On a switch enabled for SNMPv2c you can use the snmp server host inform command to send inform requests when certain events occur When an SNMP Manager receives an inform request it can send an SNMP response back to the sending agent on the switch to let the agent know that the inform request reached its destination If the sending agent on the switch does not receive an SNMP respon...

Страница 372: ...munities Community Name MIB View Write Access public Manager Unrestricted Trap Receivers Link Change Traps Enabled on Ports All All Address Community Events Sent Notify Type Retry Timeout 15 28 333 456 guest All inform 3 15 Excluded MIBs Snmp Response Pdu Source IP Information Selection Policy Default rfc1517 SNMPv2c Inform configuration Trap Pdu Source IP Information Selection Policy Configured I...

Страница 373: ...sers by entering the snmpv3 user command see SNMPv3 Users on page 13 9 Each SNMPv3 user configuration is entered in the User Table 3 Assign SNMPv3 users to security groups according to their level of access privilege by entering the snmpv3 group command see Assigning Users to Groups on page 13 12 4 Define the name of an SNMPv3 notification configuration by entering the snmpv3 notify command Syntax...

Страница 374: ...tified by one or more tag_name values to be sent to the IP address of the SNMPv3 management station You can enter more than one tag_name value Each tag_name value must be already associated with the name of an SNMPv3 notification configuration entered with the snmpv3 notify command in Step 4 Use a blank space to separate tag_name values You can enter up to 103 characters in tag_name entries follow...

Страница 375: ...rams_name value configured with the snmpv3 targetaddress command in Step 5 to a specified SNMPv3 user from the user user_name value configured with the snmpv3 user command in Step 2 If you enter the snmpv3 params user command you must also configure a security model sec model and message processing algorithm msg processing sec model ver1 ver2c ver3 Configures the security model used for SNMPv3 not...

Страница 376: ...e SNMP notifications listed in Supported Notifications on page 13 19 when a network security event for example authentication failure occurs However before security notifications can be sent you must first configure one or more trap receivers or SNMPv3 management stations as described in Configuring an SNMP Trap Receiver on page 13 21 Configuring SNMPv3 Notifications on page 13 25 You can manage t...

Страница 377: ...r password is reset login failure mgr sends a trap for a failed login with a manager password port security sends a trap for a failed authentication attempt through a web MAC or 801 X authentication session auth server fail sends a trap if the connection with a RADIUS or TACACS authentication server fails To determine the specific cause of a security event check the event log in the console interf...

Страница 378: ...Retry Timeout 15 255 5 225 user1 All trap 3 15 Excluded MIBs Figure 13 10 Display of Configured Network Security Notifications Enabling Link Change Traps By default a switch is enabled to send a trap when the link state on a port changes from up to down linkDown or down to up linkUp To reconfigure the switch to send link change traps to configured trap receivers enter the snmp server enable traps ...

Страница 379: ...lies enter the snmp server response source and snmp server trap source commands Syntax no snmp server response source dst ip of request ipv4 addr ipv6 addr Specifies the source IP address of the SNMP response PDU The default SNMP response PDU uses the IP address of the active interface from which the SNMP response was sent as the source IP address The no form of the command resets the switch to th...

Страница 380: ...ver response source and snmp server trap source commands configure the source IP address for IPv4 interfaces only You must manually configure the snmp server response source value if you wish to change the default user defined interface IP address that is used as the source IP address in SNMP traps RFC 1517 The values configured with the snmp server response source and snmp server trap source comm...

Страница 381: ...equest The destinationIPaddressof the interface on which an SNMP request is received i s used as the source IP address in SNMP replies Figure 13 11 Display of Source IP Address Configuration Displaying SNMP Notification Configuration Use the show snmp server command to display the currently configured Management stations trap receivers Settings for network security notifications and link change tr...

Страница 382: ...Restricted blue team Manager Unrestricted red team Manager Unrestricted Link change trap setting Trap Receivers Link Change Traps Enabled on Ports All All Trap Category Current Trap Configuration SNMP Authentication extended Password change enabled Network security Login failures enabled notification Port Security enabled Authorization Server Contact enabled ARP Protection enabled DHCP Snooping en...

Страница 383: ...et with parameters to the snmp server command Syntax snmp server listen oobm data both Enables or disables inbound SNMP access on a switch Use the no version of the command to disable inbound SNMP access The listen parameter is available only on switches that have a separate out of band management port Values for this parameter are oobm inbound SNMP access is enabled only on the out of band manage...

Страница 384: ...rve Manager topic under the Network Manager bar CLI Configured sFlow with Multiple Instances Up to three distinct sFlow instances can be configured via the CLI Once enabled an sFlow receiver destination can be independently configured for full flow sampling and counter polling CLI configured sFlow instances may be saved to the startup configuration to persist across a switch reboot Terminology sFl...

Страница 385: ...er instance polling port list polling interval Once an sFlow receiver destination has been enabled this command enables counter polling for that instance The receiver instance number is 1 2 or 3 and the polling interval may be set to an allowable non zero value to enable polling on the specified port or ports To disable counter polling for the specified port list repeat the above command with a po...

Страница 386: ...ion command includes information about the management station s destination address receiver port and owner ProCurve show sflow 2 destination Destination Instance 2 sflow Enabled Datagrams Sent 221 Destination Address 10 0 10 41 Receiver Port 6343 Owner Administrator CLI owned Instance 2 Timeout seconds 99995530 Max Datagram Size 1400 Datagram Version Support 5 Figure 13 14 Example of Viewing sFlo...

Страница 387: ... Number denotes the sampling polling instance to which the receiver is coupled Port Sampling Dropped Polling Enabled Rate Header Samples Enabled Interval 1 Yes 2 40 128 1234567890 2 0 Yes 1 60 3 No 1 0 100 898703 No 30 4 Yes 3 50 128 0 No 3 0 Figure 13 15 Example of Viewing sFlow Sampling and Polling Information Not e The sampling and polling instances noted in parentheses coupled to a specific re...

Страница 388: ...oldtime multiplier for LLDP Packets 4 seconds page 13 44 holdtime multiplier x refresh interval time to live Change the delay interval between advertisements 2 seconds page 13 52 Changing the reinitialization delay interval 2 seconds page 13 53 Configuring SNMP notification support Disabled page 13 54 Configuring transmit and receive modes tx_rx page 13 55 Configuring basic LLDP per port advertise...

Страница 389: ...d to the switch including device type capability and some configuration information In VoIP deployments using LLDP MED on the switches covered in this guide additional support unique to VoIP applications is also available Refer to LLDP MED Media Endpoint Discovery on page 13 62 Terminology Adjacent Device Refer to Neighbor or Neighbor Device Advertisement See LLDPDU Active Port A port linked to an...

Страница 390: ...System A network based and or premises based telephone system having a common interface with the public switched telephone system and having multiple telephone lines common control units multiple telephone sets and control hardware and software NANP North American Numbering Plan A ten digit telephone number format where the first three digits are an area code and the last seven digits are a local ...

Страница 391: ...d LLDP enabled LLDP is a one way protocol and does not include any acknowledgement mechanism An LLDP enabled port receiving LLDP packets inbound from neighbor devices stores the packet data in a Neighbor database MIB LLDP MED This capability is an extension to LLDP and is available on the switches covered in this guide Refer to LLDP MED Media Endpoint Discovery on page 13 62 Packet Boundaries in a...

Страница 392: ... an LLDP advertisement packet out each active port enabled for outbound LLDP transmissions and receives LLDP advertisements on each active port enabled to receive LLDP traffic page 13 55 Per Port configuration options include four modes Transmit and Receive tx_rx This is the default setting on all ports It enables a given port to both transmit and receive LLDP packets and to store the data from re...

Страница 393: ... Uses base MAC address of the switch Port Type3 6 N A Always Enabled Uses Local meaning assigned locally by LLDP Port Id6 N A Always Enabled Uses port number of the physical port In the switches covered in this guide this is an internal number reflecting the reserved slot port position in the chassis For more information on this numbering scheme refer to figures D 2 andD 3inAppendixD MACAddressMan...

Страница 394: ...n enable LLDP debug logging to a configured debug destination Syslog server and or a terminal device by executing the debug lldp command For more on Debug and Syslog refer to the Troubleshooting appendix in this guide Note that the switch s Event Log does not record usual LLDP update messages Options for Reading LLDP Information Collected by the Switch You can extract LLDP information from the swi...

Страница 395: ...rt is a member of the default VLAN VID 1 and there is an IP address configured for the defaultVLAN thentheport advertisesthisIPaddress Inthe defaultoperation the IP address that LLDP uses can be an address acquired by DHCP or Bootp You can override the default operation by configuring the port to advertise any IP address that is manually configured on the switch even if the port does not belong to...

Страница 396: ...and LLDP MED operation for information on operation and configuration unique to LLDP MED refer to LLDP MED Media Endpoint Discovery on page 13 62 Command Page show lldp config 13 50 no lldp run 13 50 lldp refresh interval 13 51 lldp holdtime multiplier 13 52 lldpTxDelay 13 52 lldpReinitDelay 13 53 lldp enable notification 13 54 lldpnotificationinterval 13 55 lldp admin status txonly rxonly tx_rx d...

Страница 397: ...tatus refer to Configuring Per Port Transmit and Receive Modes on page 13 55 For example show lldp config produces the following display when the switch is in the default LLDP configuration Med Topology Trap Enabled False True False False True False False Note This value corresponds to the lldp refresh interval command page 13 51 Figure 13 16 Example of Viewing the General LLDP Configuration 13 49...

Страница 398: ...Transmit and Receive Modes on page 13 55 The blank IpAddress field indicates that the default IP address will be advertised from this port Refer to page 13 56 Configuring a Remote Management Address for Outbound LLDP Advertisements This fieldappearswhendot3tlvenableisenabled on the switch which is the default setting These fields appear when medtlvenable is enabled on the switch which is the defau...

Страница 399: ...database remains until it times out Default Enabled For example to disable LLDP on the switch ProCurve config no lldp run Changing the Packet Transmission Interval This interval controls how often active ports retransmit advertisements to their neighbors Syntax lldp refresh interval 5 32768 Changes the interval between consecutive transmissions of LLDP advertisements on any given port Default 30 s...

Страница 400: ...es the advertised data is deleted from the neighbor switch s MIB Default 4 Range 2 10 For example if the refresh interval on the switch is 15 seconds and the holdtime multiplier is at the default the Time to Live for advertisements transmitted from the switch is 60 seconds 4 x 15 To reduce the Time to Live you could lower the holdtime interval to 2 which would result in a Time to Live of 30 second...

Страница 401: ...u must first set the refresh interval to a minimum of 32 seconds 32 4 x 8 Attempt to change the transmit delay interval shows that the refresh interval is less than 4 x delay interval Changes the refresh interval to 32 that is 32 4 x desired transmit delay interval Successfully changes the transmit delay interval to 8 Figure 13 18 Example of Changing the Transmit Delay Interval Changing the Reinit...

Страница 402: ...erval to five seconds ProCurve config setmib lldpreinitdelay 0 i 5 Configuring SNMP Notification Support You can enable SNMP trap notification of LLDP data changes detected on advertisements received from neighbor devices and control the interval between successive notifications of data changes on the same neighbor Enabling LLDP Data Change Notification for SNMP Trap Receivers Syntax no lldp enabl...

Страница 403: ...5 seconds For example the following command limits change notification traps from a particular switch to one per minute ProCurve config setmib lldpnotificationinterval 0 i 60 lldpNotificationInterval 0 60 Configuring Per Port Transmit and Receive Modes These commands control advertisement traffic inbound and outbound on active ports Syntax lldp admin status port list txonly rxonly tx_rx disable Wi...

Страница 404: ...lude a specific IP address in the outbound LLDP advertisements for specific ports Syntax no lldp config port list ipAddrEnable ip address Replaces the default IP address for the port with an IP address you specify This can be any IP address configured in a static VLAN on the switch even if the port does not belong to the VLAN configured with the selected IP address The no form of the command delet...

Страница 405: ... use LLDP commands to configure their actual content port description TLV system name TLV system description TLV system capabilities TLV system capabilities Supported TLV subelement system capabilities Enabled TLV subelement port speed and duplex TLV subelement Syntax no lldp config port list basicTlvEnable TLV Type port_descr For outbound LLDP advertisements this TLV includes an alphanumeric stri...

Страница 406: ...roCurve config lldp config 1 5 basicTlvEnable system_name Configuring Support for Port Speed and Duplex Advertisements This feature is optional for LLDP operation but is required for LLDP MED operation Port speed and duplex advertisements are supported on the switches covered in this guide to inform an LLDP endpoint and the switch port of each other s port speed and duplex configuration and capabi...

Страница 407: ...he switch and advertised by the LLDP endpoint You can also use the CLI to display this information For more on using the CLI to display port speed and duplex information refer to Displaying the Current Port Speed and Duplex Configuration on a Switch Port on page 13 76 Port VLAN ID TLV Support on LLDP The port vlan id option enables advertisement of the port VLAN ID TLV as part of the regularly adv...

Страница 408: ...d for each port ProCurve config show lldp config a1 LLDP Port Configuration Detail Port a1 AdminStatus Tx_Rx Tx_Rx NotificationEnabled False False Med Topology Trap Enabled False False TLVS Advertised port_descr system_name system_descr system_cap capabilities network_policy location_id poe macphy_config port_vlan_id The VLAN ID TLV is being advertised IpAddress Advertised Figure 13 20 Displaying ...

Страница 409: ...al Port A1 ChassisType mac address ChassisId 00 16 35 22 ca 40 PortType local PortId 1 SysName esp dback System Descr ProCurve Switch revision Z 14 01 ROM PortDescr A1 System Capabilities Supported bridge router System Capabilities Enabled bridge router Port VLAN ID 200 Remote Management Address Type ipv4 Address 192 168 1 1 Figure 13 22 Example of Remote Device LLDP Information SNMP Support The L...

Страница 410: ...roduces new commands unique to LLDP MED operation The show commands described elsewhere in this section are applicable to both LLDP and LLDP MED operation LLDP MED benefits include plug and play provisioning for MED capable VoIP endpoint devices simplified vendor independent management enabling different IP telephony systems to interoperate on one network automatic deployment of convergence networ...

Страница 411: ...As VoIP Telephones Figure 13 23 Example of LLDP MED Network Elements LLDP MED Endpoint Support LLDP MED on the switches coveredinthis guide interoperates with directly connected IP telephony endpoint clients having these features and services able to autonegotiate speed and duplex configuration with the switch able to use the following network policy elements configured on the client port voice V ...

Страница 412: ...ority and Layer 3 DSCP priority and PoE manage ment This class includes such devices as IP call controllers and communication related servers Class 2 Media Endpoint Devices These devices offer all Class 1 features plus media streaming capability and include such devices as voice media gateways conference bridges and media servers Class 3 Communication Devices These devices are typically IP phones ...

Страница 413: ... MED class of the device detected on the port LLDP MED Endpoint Device Classes on page 13 64 The show running command shows whether the topology change notification feature is enabled or disabled For example if ports A1 A10 have topology change notification enabled the following entry appears in the show running output lldp top change notify A1 A10 Default Disabled Note To send traps this feature ...

Страница 414: ...ration of the fast start count interval In most cases the default setting should provide an adequate fast start count interval Range 1 10 seconds Default 5 seconds Note This global command applies only to ports on which a new LLDP MED device is detected It does not override the refresh interval setting on ports where non MED devices are detected Advertising Device Capability Network Policy PoE Sta...

Страница 415: ...LAN port membership configured on the switch can be tagged or untagged However if the LLDP MED endpoint expects a tagged mem bership when the switch port is configured for untagged or the reverse then a configuration mismatch results Typically the endpoint expects the switch port to have a tagged voice VLAN membership If a given port does not belong to a voice VLAN then the switch does not adverti...

Страница 416: ...ig port list medTlvEnable medTlv Enables or disables advertisement of the following TLVs on the specified ports device capability TLV configured network policy TLV configured location data TLV Refer to Configuring Location Data for LLDP MED Devices on page 13 69 current PoE status TLV Default All of the above TLVs are enabled Helps to locate configuration mismatches by allowing use of an SNMP appl...

Страница 417: ... Advertisements on page 13 67 location_id This TLV enables the switch port to advertise its configured location data if any For more on configuring location data refer to Configuring Location Data for LLDP MED Devices Default Enabled Note When disabled this TLV cannot be enabled unless the capability TLV is already enabled Configuring Location Data for LLDP MED Devices You can configure a switch p...

Страница 418: ... port civic addr COUNTRY STR WHAT CA TYPE CA VALUE CA TYPE CA VALUE CA TYPE CA VALUE This command enables configuration of a physical address on a switch port and allows up to 75 characters of address information COUNTRY STR A two character country code as defined by ISO 3166 Some examples include FR France DE Germany and IN India This field is required in a civic addr command For a complete list ...

Страница 419: ...ers are used by the PSAP to identify and organize the location data components in an understandable format for response personnel to interpret A civic addr command requires a minimum of one type value pair but typically includes multiple type value pairs as needed to configure a complete set of data describing a given location CA TYPE This is the first entry in a type value pair and is a number de...

Страница 420: ...ure An ELIN Emergency Location Identification Number is a valid North American Numbering Plan NANP format telephone number assigned to MLTS operators in North America by the appropriate authority The ELIN is used to route emergency E911 calls to a Public Safety Answering Point PSAP Range 1 15 numeric characters Configuring Coordinate Based Locations Latitude longitude and altitude data can be conf...

Страница 421: ...HCPv6 Option for Civic Addresses Configuration Information draft ietf geopriv dhcp civil 06 dated May 30 2005 For the actual codes to use contact the PSAP or other authority responsible for specifying the civic addressing data standard for your network Example of a Location Configuration Suppose a system operator wanted to configure the following information as the civic address for a telephone co...

Страница 422: ...ap Enabled False False Country Name US What 2 Ca Type 1 Ca Length 2 Ca Value CA TLVS Advertised port_descr system_name system_descr system_cap capabilities network_policy location_id poe macphy_config IpAddress Advertised Figure 13 24 Example of a Civic Address Configuration Displaying Advertisement Data Command Page show lldp info local device below walkmib lldpXdot3LocPortOperMauType show lldp i...

Страница 423: ...h the port list option this command displays only the followingport specificinformationthatiscurrentlyavailablefor outbound LLDP advertisements on the specified ports PortType PortId PortDesc Note This command displays the information available on the switch Use the lldp config port list command to change the selection of information that is included in actual outbound advertisements In the defaul...

Страница 424: ...ess field is empty because there are no LLDP D1 local 1 D1 configurable IP addresses available For more D2 local 2 D2 D3 local 3 D3 on this topic refer to Remote Management D4 local 4 D4 Address on page 13 46 D5 local 5 D5 D6 local 6 D6 Figure 13 25 Example of Displaying the Global and Per Port Information Available for Outbound Advertisements Figure 13 26 Example of the Default Per Port Informati...

Страница 425: ...ich they were discovered Multiple devices listed for a single port indicates that such devices are connected to the switch through a hub Discovering the same device on multiple ports indicates that the remote device may be connected to the switch in one of the following ways Through different VLANS using separate links This applies to switches that use the same MAC address for all configured VLANs...

Страница 426: ... Fas 1 FOX110613GF casl ssw31 mgmt0 1 HP ProCurve Switch 530 A13 1 HP ProCurve Switch 265 49 1 HP ProCurve Switch 252 1 1 HP ProCurve Switch 252 1 1 JAB115102B8 ccswitch2 mgmt0 Figure 13 27 Example of a Global Listing of Discovered Devices Indicates the policy configured on the telephone A configuration mismatch occurs if the supporting port is configured differently Figure 13 28 Example of an LLL...

Страница 427: ...ntries Count Shows the total of new LLDP neighbors detected since the last switch reboot Disconnecting then reconnecting a neighbor increments this counter Neighbor Entries Deleted Count Shows the number of neighbor deletions from the MIB for AgeOut Count and forced drops for all ports For example if the admin status for port on a neighbor device changes from tx_rx or txonly to disabled or rxonly ...

Страница 428: ... the maximum number of neighbors Refer to Neighbor Maximum on page 13 81 This can also be an indication of advertisement formatting problems in the neighbor device Frames Invalid Shows the total number of invalid LLDP advertisements received on the port An invalid advertisement can be caused by header formatting problems in the neighbor device TLVs Unrecognized Shows the total number of LLDP TLVs ...

Страница 429: ...P Operating Notes Neighbor Maximum The neighbors table in the switch supports as many neighbors as there are ports on the switch The switch can support multiple neighbors connected through a hub on a given port but if the switch neighbor maximum is reached advertisements from additional neighbors on the same or other ports will not be stored in the neighbors table unless some existing neighbors ti...

Страница 430: ... Disconnected After disconnecting a neighbor LLDP device from the switch the neighbor can continue to appear in the switch s neighbor database for an extended period if the neighbor s holdtime multiplier is high especially if the refresh interval is large Refer to Changing the Time to Live for Transmitted Advertisements on page 13 52 Mandatory TLVs All mandatory TLVs required for LLDP operation ar...

Страница 431: ...nd CDP advertisements and stores the data from both types of advertisements in its neighbor database The switch only stores CDP data that has a corresponding field in the LLDP neighbor database The neighbor database itself can be read by either LLDP or CDP methods or by using the show lldp commands Take note of the following rules and conditions If the switch receives both LLDP and CDP advertiseme...

Страница 432: ...a collected by any neighbor devices running CDP A switch with CDP disabled forwards the CDP packets it receives from other devices but does not store the CDP information from these packets in its own MIB LLDP data transmission collection and CDP data collection are both enabled in the switch s default configuration In this state an SNMP network management application designed to discover devices r...

Страница 433: ... is the same the LLDP information overwrites the CDP data for the same neighbor device on the same port CDP Operation and Commands By default the switches covered in this guide have CDP enabled on each port This is a read only capability meaning that the switch can receive and store information about adjacent CDP devices but does not generate CDP packets When a CDP enabled switch receives a CDP pa...

Страница 434: ...Management Information Base refer to the documentation provided with the particular SNMP utility Viewing the Switch s Current CDP Configuration CDP is shown as enabled disabled both globally on the switch and on a per port basis Syntax show cdp Lists the switch s global and per port CDP configuration The following example shows the default CDP configuration ProCurve show cdp Global CDP information...

Страница 435: ...rt Figure 13 33 lists CDP devices that the switch has detected by receiving their CDP packets ProCurve show cdp neighbors CDP neighbors information Port Device ID Platform Capability 1 HP ProCurve Switch 2824 00 Revision I 08 58 sw code S 1 HP ProCurve Switch 2524 00 Revision F 05 17 sw code S 1 HP ProCurve Switch 2824 00 Revision I 08 58 sw code S Figure 13 33 Example of CDP Neighbors Table Listi...

Страница 436: ...le show cdp displays Global CDP information Enable CDP Yes No Enabling or Disabling CDP Operation on Individual Ports In the factory default configuration the switch has all ports enabled to receive CDP packets Disabling CDP on a port causes it to drop inbound CDP packets without recording their data in the CDP Neighbors table Syntax no cdp enable e port list For example to disable CDP on port A1 ...

Страница 437: ...ntication A 16 SCP SFTP Operating Notes A 16 Troubleshooting SSH SFTP and SCP Operations A 18 Using Xmodem to Download Switch Software From a PC or UNIX Workstation A 19 Menu Xmodem Download to Primary Flash A 20 CLI Xmodem Download from a PC or UNIX Workstation to Primary or Secondary Flash A 21 Switch to Switch Download A 22 Menu Switch to Switch Download to Primary Flash A 22 CLI Switch To Swit...

Страница 438: ...a Remote Host A 27 TFTP Copying a Customized Command File to a Switch A 27 Console Connected PC or UNIX Workstation A 28 Connected PC or UNIX Workstation A 29 Copying Diagnostic Data to a Remote Host USB Device PC or UNIX Workstation A 30 Copying Command Output to a Destination Device A 31 Copying Event Log Output to a Destination Device A 31 Copying Crash Data Content to a Destination Device A 32...

Страница 439: ...through the Pro Curve Networking web site For more information refer to the support and warranty booklet or visit www hp com Support After you acquire a new software version you can use one of the following methods for downloading software to the switch Software Download Feature Default Menu CLI Web Not e This manual uses the terms switch software and software image to refer to the downloadable so...

Страница 440: ...oot ROM mode In this case use the boot ROM console to download a new image to primary flash Refer to Restoring a Flash Image on page C 76 Using TFTP To Download Software from a Server This procedure assumes that A software version for the switch has been stored on a TFTP server accessible to the switch The software file is typically available at www hp com Support The switch is properly connected ...

Страница 441: ...oices and Enter to go to Actions Figure A 1 Example of a Download OS Software Screen Default Values 2 Press E for Edit 3 Ensure that the Method field is set to TFTP the default 4 In the TFTP Server field type in the IP address of the TFTP server in which the software file has been stored 5 In the Remote File Name field type the name of the software file If you are using a UNIX system remember that...

Страница 442: ... flash Also using the Reboot Switch command in the Main Menu always reboots the switch from primary flash Rebooting the switch from the CLI gives you more options Refer to Rebooting the Switch on page 6 19 8 After you reboot the switch confirm that the software downloaded cor rectly a FromtheMainMenu select 1 StatusandCounters andfromtheStatus and Counters menu select 1 General System Information ...

Страница 443: ...le cannot be found on the TFTP server This can also occur if the TFTP server is a UNIX machine and the case upper or lower for the filename on the server does not match the case for the filename entered for the RemoteFileName parameter inthe DownloadOS Operating System or software screen One or more of the switch s IP configuration parameters are incorrect For a UNIX TFTP server the file permissio...

Страница 444: ...ountercontinuallydisplaysthe This message means that the image you number of bytes transferred want to upload will replace the image currently in primary flash Figure A 4 Example of the Command to Download an OS Switch Software 2 When the switch finishes downloading the software file from the server it displays this progress message Validating and Writing System Software to FLASH 3 When the downlo...

Страница 445: ...ctionality so that the switch can Use TFTP client functionality to access TFTP servers in the network to receive downloaded files Use TFTP server functionality to upload files to other devices on the network For switches that have a separate out of band management port the listen parameter in a server configuration allows you to specify whether transfers take place through the out of band manageme...

Страница 446: ... auto TFTP command configured on the switch use the no auto tftp command described on page A 11 to remove the command entry from the switch s configuration For information on how to configure TFTP file transfers on an IPv6 network refer to the IPv6 Management Features chapter in the IPv6 Configuration Guide for your switch A 10 ...

Страница 447: ...oad the specified software file from the TFTP server at the specified IP address The file is downloaded into primary flash memory at switch startup The switch then automatically reboots from primary flash Notes To enable auto TFTP to copy a software image to primary flash memory the version number of the down loaded software file for example K_14_01 swi must be different from the version number cu...

Страница 448: ...ation to update software images This is a plain text mechanism and it connects to a standalone TFTP server or another ProCurve switch acting as a TFTP server to obtain the software image file s Using SCP and SFTP allows you to maintain your switches with greater security You can also roll out new software images with automated scripts that make it easier to upgrade multiple switches simultaneously...

Страница 449: ...if you haven t already done so This step assumes that you have already set up SSH on the switch 2 Execute ip ssh filetransfer to enable secure file transfer 3 Use a third party client application for SCP and SFTP commands The SCP SFTP Process To use SCP and SFTP 1 Open an SSH session as you normally would to establish a secure encrypted tunnel between your computer and the switch For more detailed...

Страница 450: ...4 hostname ProCurve module 1 type J8702A module 2 type J702A vlan 1 name DEFAULT_VLAN untagged A1 A24 B1 B24 ip address 10 28 234 176 255 255 240 0 exit ip ssh filetransfer ViewingtheconfigurationshowsthatSFTPis no tftp enable enabled and TFTP is disabled password manager password operator Figure A 5 Example of Switch Configuration with SFTP Enabled If you enable SFTP then later disable it TFTP an...

Страница 451: ...sabled before enabling tftp SFTP must be disabled before enabling auto tftp Similarly while SFTP is enabled TFTP cannot be enabled using an SNMP management application Attempting to do so generates an inconsistent value message An SNMP management application cannot be used to enable or disable auto TFTP To enable SFTP by using an SNMP management application you must first disable TFTP and if confi...

Страница 452: ...s you use for your third party client SCP SFTP software can differ from the keys you use for the SSH session even though both SCP and SFTP use a secure SSH tunnel Not e SSH authentication is mutually exclusive with RADIUS servers Some clients such as PSCP PuTTY SCP automatically compare switch host keys for you Other clients require you to manually copy and paste keys to the HOME ssh known_hosts f...

Страница 453: ... supports one SFTP session or one SCP session at a time All files have read write permission Several SFTP commands such as create or remove are not allowed and return an error message The switch displays the following files cfg running config startup config log crash data crash data a crash data b crash data c crash data d crash data e crash data f crash data g crash data h crash data I crash data...

Страница 454: ...erations by checking the switch s event log or by viewing the error messages sent by the switch that most SCP and SFTP clients will print out on their console Not e Messagesthatare sentby theswitchtothe clientdependonthe clientsoftware in use to display them on the user console Broken SSH Connection If an ssh connection is broken at the wrong moment for instance the link goes away or spanning tree...

Страница 455: ...arted from a client before the previous client session has been closed theswitchrequiresapproximatelytensecondstotimeouttheprevious session Received disconnect from 10 0 12 31 2 Wait for previous session to complete lost connection Attempt to Start a Second Session The switch supports only one SFTP session or one SCP session at a time If a second session is initiated for example an SFTP session is...

Страница 456: ...ansfer then Send File b Type the file path and name in the Filename field c In the Protocol field select Xmodem d Click on the Send button The download will then commence It can take several minutes depend ing on the baud rate set in the switch and in your terminal emulator 6 After the primary flash memory has been updated with the new software youmustreboottheswitchtoimplementthenewlydownloadedso...

Страница 457: ...al to primary flash 1 Execute the following command in the CLI 2 Execute the terminal emulator commands to begin the Xmodem transfer For example using HyperTerminal a Click on Transfer then Send File b Type the file path and name in the Filename field c In the Protocol field select Xmodem d Click on the Send button The download can take several minutes depending on the baud rate used in the transf...

Страница 458: ...ile from either the primary or secondary flash of one switch to the primary flash of another switch of the same series 1 From the switch console Main Menu in the switch to receive the down load select 7 Download OS screen 2 Ensure that the Method parameter is set to TFTP the default 3 In the TFTP Server field enter the IP address of the remote switch contain ing the software file you want to downl...

Страница 459: ...d from the destination switch The options for this CLI feature include Copy from primary flash in the source to either primary or secondary in the destination Copy from either primary or secondary flash in the source to either primary or secondary flash in the destination Downloading from Primary Only Syntax copy tftp flash ip addr flash primary secondary This command executed in the destination s...

Страница 460: ...condary flash location for the destination the download automatically goes to primary flash For example to download a software file from secondary flash in a switch with an IP address of 10 28 227 103 to the secondary flash in a destination switch you would execute the following command in the destination switch s CLI Figure A 8 Switch to Switch from Either Flash in Source to Either Flash in Desti...

Страница 461: ...ess of 10 28 227 105 ProCurve copy flash tftp 10 28 227 105 z0800 swi where z0800 swi is the filename given to the flash image being copied Xmodem Copying a Software Image from the Switch to a USB Serial Console Connected PC or UNIX Workstation To use this method the switch must be connected via the USB console to a PC or UNIX workstation Syntax copy flash xmodem pc unix Uses Xmodem to copy a desi...

Страница 462: ... For more information see the section on Saving Security Credentials in a Config File in the Access Security Guide for your switch TFTP Copying a Configuration File to a Remote Host Syntax copy startup config running config tftp ip addr remote file pc unix oobm copy config filename tftp ip addr remote file pc unix oobm This command can copy a designated config file in the switch to a TFTP server F...

Страница 463: ...ddress of 10 28 227 105 ProCurve copy tftp startup config 10 28 227 105 d configs sw8200 TFTP Copying a Customized Command File to a Switch Using the copy tftp command with the show tech option provides the ability to copy a customized command file to the switch When the show tech custom command is executed the commands in the custom file are executed instead of the hard coded list of commands If ...

Страница 464: ...10 Example of the show tech custom Command Xmodem Copying a Configuration File to a USB Serial Console Connected PC or UNIX Workstation To use this method the switch must be connected via the USB serial console to a PC or UNIX workstation You will need to Determine a filename to use Know the directory path you will use to store the configuration file Syntax copy startup config running config xmode...

Страница 465: ...the drive and directory location of the file Syntax copy xmodem startup config pc unix copy xmodem config filename pc unix Copies a configuration file from a serially connected PC or UNIX workstation to a designated configuration file on the switch For more on multiple configuration files refer to Multiple Configuration Files on page 6 25 For example to copy a configuration file from a PC serially...

Страница 466: ...o a Remote Host USB Device PC or UNIX Workstation You can use the CLI to copy the following types of switch data to a text file in a destination device Command Output Sends the output of a switch CLI command as a file on the destination device Event Log Copies the switch s Event Log into a file on the destination device Crash Data software specific data useful for determining the reason for a syst...

Страница 467: ...output of show config to a serially connected PC At this point press Enter and start the Xmodem command sequence in your terminal emulator Indicates the operation is finished Figure A 11 Example of Sending Command Output to a File on an Attached PC Not e The command you specify must be enclosed in double quote marks Copying Event Log Output to a Destination Device Syntax copy event log tftp ip add...

Страница 468: ... function s data Syntax copy crash data master tftp ip address filename copy crash data mm usb filename copy crash data mm xmodem where mm Retrieves crash log or crash data from the switch s chassis processor When mm is specified crash files from both management modules are copied These commands copy the crash data content to a remote host attached USB device or to a serially connected PC or UNIX ...

Страница 469: ...tion If you do not specify either the command defaults to the mm data For example to copy the Crash Log for slot C to a file in a PC connected to the switch At this point press Enter and start the Xmodem command sequence in your terminal emulator Figure A 14 Example of sending a Crash Log for Slot C to a File on an Attached PC Copying Crash Logs with Redundant Management When you are using redunda...

Страница 470: ...File Transfers Copying Diagnostic Data to a Remote Host USB Device PC or UNIX Workstation A 34 ...

Страница 471: ...ccess B 10 Web Access B 10 Viewing Port and Trunk Group Statistics and Flow Control Status B 11 Menu Access to Port and Trunk Statistics B 12 CLI Access To Port and Trunk Group Statistics B 13 Viewing the Switch s MAC Address Tables B 13 Menu Access to the MAC Address Views and Searches B 13 CLI Access for MAC Address Views and Searches B 16 Spanning Tree Protocol MSTP Information B 18 CLI Access ...

Страница 472: ...and Destination B 35 2 Configure a Mirroring Session on the Source Switch B 35 3 Configure the Monitored Traffic in a Mirror Session B 35 Traffic Selection Options B 36 Mirroring Source Restrictions B 36 Selecting All Inbound Outbound Traffic to Mirror B 36 Displaying a Mirroring Configuration B 38 Displaying the Mirroring Configuration Summary B 38 Viewing Mirroring in the Current Configuration F...

Страница 473: ... 11 Event Log Lists switch operating events Using the Event Log for Troubleshooting Switch Problems on page C 24 Alert Log Lists network occurrences detected by the switch in the Status Overview screen of the web browser interface page 5 21 Configurable trap receivers Uses SNMP to enable management sta tions on your network to receive SNMP traps from the switch Refer to SNMPv1 and SNMPv2c Traps on...

Страница 474: ...o VLANs are configured for the switch Port Status Menu CLI Displays the operational status of each port B 10 Web Port and Trunk Statistics Menu CLI Summarizes port activity and lists per port flow control status B 11 and Flow Control Status Web VLAN Address Table Menu CLI Lists the MAC addresses ofnodes the switch has detected on B 13 specific VLANs with the corresponding switch port Port Address ...

Страница 475: ... at the Main Menu display the Status and Counters menu by select ing 1 Status and Counters Figure B 1 The Status and Counters Menu Each of the above menu items accesses the read only screens described on the following pages Refer to the online help for a description of the entries displayed in these screens B 5 ...

Страница 476: ...m Information Menu Access From the console Main Menu select 1 Status and Counters 1 General System Information Figure B 2 Example of General Switch Information This screen dynamically indicates how individual switch resources are being used Refer to the online Help for details B 6 ...

Страница 477: ...e switch enclosure Shows rack and enclosure information ProCurve 6120 Blade Switch show system Status and Counters General System Information System Name ProCurve 6120 Blade Switch System Contact System Location MAC Age Time sec 300 Time Zone 0 Daylight Time Rule None Software revision Z 14 04 Base MAC Addr 002481 b00921 ROM Version Z 14 03 Serial Number TW28080080 Up Time 92 mins Memory Total 33 ...

Страница 478: ...ol and system functions Syntax no task monitor cpu Allows the collection of processor utilization data Only manager logins can execute this command The settings are not persistent that is there are no changes to the configura tion Default Disabled ProCurve config task monitor cpu ProCurve config show cpu 2 percent busy from 2865 sec ago 1 sec ave 9 percent busy 5 sec ave 9 percent busy 1 min ave 1...

Страница 479: ...se the same MAC address This includes both the statically configured VLANs and any dynamic VLANs existing on the switch as a result of GVRP operation Also the switches covered in this guide use a multiple forwarding database When using multiple VLANs and connecting a switch to a device that uses a single forwarding database such as a Switch 4000M there are cabling and tagged port VLAN requirements...

Страница 480: ...and the console interface show the same port status data Menu Displaying Port Status From the Main Menu select 1 Status and Counters 4 Port Status Figure B 6 Example of Port Status on the Menu Interface CLI Access Syntax show interfaces brief Web Access 1 Click on the Status tab 2 Click on Port Status B 10 ...

Страница 481: ...ecific port The menu interface and the web browser interface provide a dynamic display of counters summarizing the traffic on each port The CLI lets you see a static snapshot of port or trunk group statistics at a particular moment As mentioned above rebooting or resetting the switch resets the counters to zero You can also reset the counters to zero for the current session This is useful for trou...

Страница 482: ...Port Counters on the Menu Interface To view details about the traffic on a particular port use the v key to highlight that port number then select Show Details For example selecting port A2 displays a screen similar to figure B 8 below Figure B 8 Example of the Display for Show details on a Selected Port This screen also includes the Reset action for the current session Refer to the Note on Reset ...

Страница 483: ...es The 6120XG supports a maximum of 32 000 MAC address entries Feature Default Menu CLI Web viewing MAC addresses on all ports on a specific VLAN n a page B 13 page B 16 viewing MAC addresses on a specific port n a page B 15 page B 16 searching for a MAC address n a page B 15 page B 16 These features help you to view The MAC addresses that the switch has learned from network devices attached to th...

Страница 484: ...ou to select a VLAN 3 Use the Space bar to select the VLAN you want then press Enter The switch then displays the MAC address table for that VLAN Figure B 9 Example of the Address Table To page through the listing use Next page and Prev page Finding the Port Connection for a Specific Device on a VLAN This feature uses a device s MAC address that you enter to identify the port used by that device 1...

Страница 485: ...ess P for Prev page to return to the full address table listing Port Level MAC Address Viewing and Searching This feature displays and searches for MAC addresses on the specified port instead of for all ports on the switch 1 From the Main Menu select 1 Status and Counters 7 Port Address Table Prompt for Selecting the Port To Search Figure B 11 Listing MAC Addresses for a Specific Port 2 Use the Sp...

Страница 486: ...n the Switch with The Port Number on Which Each MAC Address Was Learned ProCurve show mac address To List All Learned MAC Addresses on one or more ports with Their Corresponding Port Numbers For example to list the learned MAC address on ports A1 through A4 and port A6 ProCurve show mac address a1 a4 a6 To List All Learned MAC Addresses on a VLAN with Their Port Numbers This command lists the MAC ...

Страница 487: ...Monitoring and Analyzing Switch Operation Status and Counters Data B 17 ...

Страница 488: ...cost priority state and designated bridge Syntax show spanning tree This command displays the switch s global and regional spanning tree status plus the per port spanning tree operation at the regional level Note that values for the following parameters appear only for ports connected to active devices Designated Bridge Hello Time PtP and Edge Figure B 12 Output from show spanning tree Command B 1...

Страница 489: ... addresses per VLAN Number of report and query packets per group Querier access port per VLAN show ip igmp vlan id Per VLAN command listing above IGMP status for specified VLAN VID show ip igmp group ip addr Lists the ports currently participating in the specified group with port type Access type Age Timer data and Leave Timer data For example suppose that show ip igmp listed an IGMP group address...

Страница 490: ...ort Existing VLANs Status static or dynamic Primary VLAN show vlan vlan id For the specified VLAN lists Name VID and status static dynamic Per Port mode tagged untagged forbid no auto Unknown VLAN setting Learn Block Disable Port status up down For example suppose that your switch has the following VLANs PortsVLANVID A1 A12DEFAULT_VLAN 1 A1 A2VLAN 33 33 A3 A4VLAN 44 44 The next three figures show ...

Страница 491: ...r the Entire Switch Listing the VLAN ID VID and Status for Specific Ports Because ports A1 and A2 are not members of VLAN 44 itdoesnotappear in this listing Figure B 15 Example of VLAN Listing for Specific Ports Listing Individual VLAN Status Figure B 16 Example of Port Listing for an Individual VLAN B 21 ...

Страница 492: ...s an overview of the status of the switch including summary graphs indicating the network utili zation on each of the switch ports symbolic port status indicators and the Alert Log which informs you of any problems that may have occurred on the switch For more information on this screen refer to the chapter titled Using the ProCurve Web Browser Interface Figure B 17 Example of a Web Browser Interf...

Страница 493: ...ernaldevicemakesiteasiertodiagnoseanetwork problemfromacentralizedlocationinatopologyspreadacrossacampus Mirroring destinations Traffic mirroring supports destination devices that are connected to the local switch Traffic can be copied to a destination connected to the same switch as the mirroring source in a local mirroring session Up to four local mirroring destinations are supported on a switch...

Страница 494: ...e monitored interface C2 and exit port A15 are on the same switch Local mirroring session Source Switch Switch A Monitored interface Port C2 Exit port A15 Destination Host Traffic analyzer 1 Network Switch A A15 Traffic Analyzer 1 C1 C2 VLAN 20 Figure B 18 Local Session Showing Mirroring Terms Exit Port The port to which a traffic analyzer or IDS is connected to receive mirrored traffic For local ...

Страница 495: ... traffic analyzer or intrusion detection system IDS IDS Intrusion Detection System Local Mirroring The monitored source interface and exit port in a mirror ing session are on the same switch Monitored Interface The interface port or trunk on the source switch on which the inbound and or outbound traffic to be mirrored originates configured with one of the interfacemonitor or vlanmonitor commands s...

Страница 496: ...ection of traffic movement entering or leaving the switch or both Source and or destination MAC addresses in packet headers Mirroring Sessions Amirroringsessionconsistsofamirroringsourceanddestination Amirroring source can be a port or static trunk list For any session the destination must be a single exit port Multiple mirroring sessions can be mapped to the same exit port which provides flexibil...

Страница 497: ...Traffic Direction CLI Config Menu and Web I F Config1 SNMP Config Port s Trunk s All traffic Inbound only Outbound only Both directions All traffic inbound and outbound combined Inbound only Outbound only Both directions Classifier based policy IPv4orIPv6 traffic Inbound only Not available Not available Switch global MAC source destination address Inbound only Outbound only Both directions Not ava...

Страница 498: ... in any combination and override a Menu or Web interface based configuration of session 1 You can also use SNMP to configure sessions 1 to 4 for local mirroring in any combination and override a Menu or Web interface based configuration of session 1 except that SNMP cannot be used to configure a classifier based mirroring policy Endpoint Switches and Intermediate Devices The following restrictions...

Страница 499: ...its Configure and display session 1 as a local mirroring session for traffic in both directions on the specified interface Selecting inbound only or outbound only is not an option If session 1 has been configured in the CLI for local mirroring for inbound only or outbound only traffic on one or more interfaces then using the Menu or Web interface to change the session 1 configuration automati call...

Страница 500: ...ncel Edit Save Help Select whether to enable traffic monitoring Use arrow keys to change field selection Space to toggle field choices and Enter to go to Actions Enable mirroring by setting this parameter to Yes Figure B 19 The Default Network Mirroring Configuration Screen 2 In the Actions menu press E for Edit 3 If mirroring is currently disabled for session 1 the default then enable it by press...

Страница 501: ...Monitoring Port Use arrow keys to change field selection Space to toggle field choices and Enter to go to Actions Figure B 20 How To Select a Local Exit Port 5 Use the Space bar to select the port to use for sending mirrored traffic to a locally connected traffic analyzer or IDS The selected interface must be a single port It cannot be a trunk In this example port D5 is selected as the local exit ...

Страница 502: ... 2 3 4 S1 1000T 1000T 1000T Actions Cancel Edit Save Help Select whether to monitor the selected port and Enter to go to Actions Use arrow keys to change field selection Space to toggle field choices 8 Press the Space bar to select Monitor for the port s and or trunk s that you want mirrored Use the down arrow key to move from one interface to the next in the Action column If any trunks are config...

Страница 503: ...cedures for configuring a local mirroring session refer to the following section Local Mirroring Overview on page B 33 For a detailed description of each step in a mirroring configuration refer to 1 Determine the Mirroring Session and Destination on page B 35 2 Configure a Mirroring Session on the Source Switch on page B 35 3 Configure the Monitored Traffic in a Mirror Session on page B 35 Selecti...

Страница 504: ...ections provide a quick reference to the configuration commands for a local mirroring session Quick Reference to Local Mirroring Set Up The following commands configure mirroring for a local session in which the mirroring source and destination are on the same switch For command syntax details refer to the pages listed with each heading The mirror command identifies the destination in a mirroring ...

Страница 505: ...ion gathered in 1 Determine the Mirroring Session and Destination on page B 35 Syntax mirror eth port This command assigns the exit port to use for the specified mirroring session and must be executed from the global configuration level The no form of the command removes the mirroring session and any mirroring source previously assigned to that session To preserve the session while deleting a mirr...

Страница 506: ...r an example of a mirroring configuration that selects all inbound or outbound traffic on a monitored interface see Local Mirroring Using Traffic Direction Criteria on page B 41 Not e If you have already configured session 1 with a local destination as described in 2 Configure a Mirroring Session on the Source Switch on page B 35 you can enter the vlan vid monitor or interface port monitor command...

Страница 507: ...g an unwanted mirroring source and adding another in its place interface eth port list Identifies the port s or static trunk s on which to mirror traffic Use a hyphen for a range of consecutive ports d5 d8 Use a comma to separate non contiguous interfaces d5 d8 monitor all in out both For the interface specified by port list selects traffic to mirror based on whether the traffic is entering or lea...

Страница 508: ...ned 3 not defined 4 not defined Figure B 21 Example of a Currently Configured Mirroring Summary on a Source Switch Syntax show monitor If a remote mirroring source is configured on the switch then the following fields appear Otherwise the output displays this message Mirroring is currently disabled Sessions Lists the four configurable sessions on the switch Status Displays the current status of ea...

Страница 509: ...ng and Analyzing Switch Operation Traffic Mirroring Syntax show monitor Policy Indicates whether the source is using a classifier based mirroring policy to select inbound IPv4 or IPv6 traffic for mirroring B 39 ...

Страница 510: ...xit mirror 1 port B3 interface B3 monitor ip access group 100 In mirror 1 monitor all Both mirror 2 exit Selection criteria used to monitor traffic on port B3 Figure B 22 Example of Using the Configuration File to View Mirroring Configurations Destination mirroring session entries begin with mirror endpoint In the follow ing example two sessions are using the same exit port ProCurve config show ru...

Страница 511: ...can be configured In this case the command sequence is 1 Configure the local mirroring session 2 Assign a mirroring source to the session Switch Traffic Analyzer X Y A5 B17 C24 Figure B 24 Example of a Local Mirroring Topology Configures port C24 as the mirroring destination exit port for session 1 ProCurve config mirror eth port Caution Please configure destination switch first Do you want to con...

Страница 512: ...me exceeds the MTU Maximum Transmis sion Unit allowed in the network the frame is dropped Not e Mirroring does not truncate frames and oversized mirroring frames will be dropped Ifjumboframesareenabledonthemirroringsourceswitch thenthemirroring destination switch and all downstream devices connecting the source switch to the mirroring destination must be configured to support jumbo frames B 42 ...

Страница 513: ... to Configuring Jumbo Frame Operation on page 12 22 Table B 2 Maximum Frame Sizes for Mirroring Frame Type Configuration Maximum Frame Size VLAN Tag FrameMirrored to Local Port Data Untagged Non Jumbo default config Jumbo1 on All VLANs Jumbo1 On All But Source VLAN 1518 9216 1518 0 0 0 1518 9216 n a2 Tagged Non Jumbo Jumbo1 on All VLANs Jumbo1 On All But Source VLAN 1522 9220 1522 4 4 4 1522 9218 ...

Страница 514: ...ged mirrored frames leaving the source switch cannot exceed 1518 bytes If the MTU on the path to the destination is 9220 bytes then untagged mirrored frames leaving the source switch cannot exceed 9216 bytes Switch Mirror Source Router in the Mirror Path Switch Remote Mirror Destination Traffic Analyzer Untagged1Gbps VLAN Links Switch Mirror Source Switch Aggregator Due to VLAN tagging on the 10 G...

Страница 515: ...ng when IGMP is enabled on any VLAN two copies of mirrored IGMP frames may appear at the mirroring destination Mirrored Traffic Not Encrypted Mirrored traffic undergoes IPv4 encapsulation but mirrored encapsulated traffic is not encrypted IPv4 Header Added The IPv4 encapsulation of mirrored traffic adds a 54 byte header to each mirrored frame If a resulting frame exceeds the maximum MTU allowed in...

Страница 516: ...tch config ured as remote destination switch can also be configured to mirror traffic to one of its own ports local mirroring Monitor Command Note If session 1 is already configured with a destination you can execute no vlan vid monitor or no interface port monitor without mirroring criteria and a mirror session number In this case the switch automatically configures or removes mirroring for inbou...

Страница 517: ...irrored traffic is on a different VLAN than the source routing must be correctly configured along the path from the source to the destination On the destination switch for a given mirroring session both the port on which the mirrored traffic enters the switch and the exit port must be members of the same VLAN All links on the path from the source switch to the destination switch must be active C a...

Страница 518: ...Monitoring and Analyzing Switch Operation Traffic Mirroring B 48 ...

Страница 519: ...otocol MSTP and Fast Uplink Problems C 16 SSH Related Problems C 17 TACACS Related Problems C 19 TimeP SNTP or Gateway Problems C 21 VLAN Related Problems C 21 Using the Event Log for Troubleshooting Switch Problems C 24 Event Log Entries C 24 Menu Displaying and Navigating in the Event Log C 31 CLI Displaying the Event Log C 32 CLI Clearing Event Log Entries C 32 CLI Turning Event Numbering On C ...

Страница 520: ...og Server C 52 Messages Sent to a Syslog Server C 53 Operating Notes for Debug and Syslog C 53 Diagnostic Tools C 55 Port Auto Negotiation C 56 Ping and Link Tests C 56 Web Executing Ping or Link Tests C 57 CLI Ping Test C 58 Link Tests C 59 Traceroute Command C 60 Viewing Switch Configuration and Operation C 64 CLI Viewing the Startup or Running Configuration File C 64 Web Viewing the Configurati...

Страница 521: ...on C 75 Restoring a Flash Image C 76 DNS Resolver C 78 Terminology C 78 Basic Operation C 79 Configuring and Using DNS Resolution with DNS Compatible Commands C 80 Configuring a DNS Entry C 81 Example Using DNS Names with Ping and Traceroute C 82 Viewing the Current DNS Configuration C 84 Operating Notes C 85 Event Log Messages C 86 C 3 ...

Страница 522: ... behavior cabling requirements and other potential hardware related problems refer to the Installation and Getting Started Guide you received with the switch Not e ProCurve periodically places switch software updates on the ProCurve Networking web site ProCurve recommends that you check this web site for software updates that may have fixed a problem you are experiencing For information on support...

Страница 523: ...u should also use a cable tester to check your cables for compliance to the relevant IEEE 802 3 specification Refer to the Installation and Getting Started Guide for correct cable types and connector pin outs Use the Port Utilization Graph and Alert Log in the web browser interface included in the switch to help isolate problems Refer to Chapter 5 Using the ProCurve Web Browser Interface for opera...

Страница 524: ... can be done from the OA Web interface These ports are controlled from both the OA and the switch configuration A port state is a combination of OA Enable Disable state and the switch Enable Disable state The port is not Enabled until both the OA and the switch agree that it is Enabled C 6 ...

Страница 525: ...agement Address Information also check the DHCP Bootp server configuration to verify correct IP addressing If you are using DHCP to acquire the IP address for the switch the IP address lease time may have expired so that the IP address has changed For more information on how to reserve an IP address refer to the documentation for the DHCP application that you are using If one or more IP Authorized...

Страница 526: ...ing 2 Switch Configuration 5 IP Configuration Note If DHCP Bootp is used to configure the switch refer to the Note above If you are using DHCP to acquire the IP address for the switch the IP address lease time may have expired so that the IP address has changed For more information on how to reserve an IP address refer to the documentation for the DHCP application that you are using If one or more...

Страница 527: ...adcast storms may be occurring in the network These may be due to redundant links between nodes If you are configuring a port trunk finish configuring the ports in the trunk before connecting the related cables Otherwise you may inad vertently create a number of redundant links i e topology loops that will cause broadcast storms Turn on Spanning Tree Protocol to block redundant links i e topology ...

Страница 528: ...ith this configuration it immediatelybeginssendingrequestpacketsonthenetwork Iftheswitchdoes not receive a reply to its DHCP Bootp requests it continues to periodically sendrequestpackets butwith decreasing frequency Thus ifa DHCP or Bootp server is not available or accessible to the switch when DHCP Bootp is first configured the switch may not immediately receive the desired configuration After v...

Страница 529: ...Address Information LACP Related Problems Unable to enable LACP on a port with the interface port number lacp command In this case the switch displays the following message Operation is not allowed for a trunked port You cannot enable LACP on a port while it is configured as static Trunk port To enable LACP on static trunked port first use the no trunk port number command to disable the static tru...

Страница 530: ...ure that the VLAN exists as a static VLAN on the switch Refer to How 802 1X Authentication Affects VLAN Operation in the Access Security Guide for your switch During RADIUS authenticated client sessions access to a VLAN on the port used for the client sessions is lost If the affected VLAN is config uredasuntaggedontheport itmay be temporarilyblockedonthatportduring an802 1Xsession Thisisbecausethe...

Страница 531: ...ticator active all ports configured with control unauthorized should be listed as Closed PortA9showsan Open statuseven though Access Control is set to Unauthorized Force Auth This is because the port access authenticator has not yet been activated Figure C 1 Authenticator Ports Remain Open Until Activated RADIUS server fails to respond to a request for service even though the server s IP address i...

Страница 532: ...t list initialize If the port is force authorizedwithaaaport accessauthenticator port list controlauthorized command and port security is enabled on the port then executing initialize causes the port to clear the learned address and learn a new address from the first packet it receives after you execute initialize A trunked port configured for 802 1X is blocked If you are using RADIUS authenticati...

Страница 533: ...sure that the radius server timeout period is long enough for network conditions Verify that the switch is using the same UDP port number as the server RADIUS server fails to respond to a request for service even though the server s IP address is correctly configured in the switch Use show radius to verify that the encryption key the switch is using is correct for the server being contacted If the...

Страница 534: ...agged link between the devices Also if ports are available you can improve the bandwidth in this situation by using a port trunk Refer to Spanning Tree Operation with VLANs in the chapter titled Static Virtual LANs VLANs in the Advanced Traffic Management Guide for your switch Fast Uplink Troubleshooting Some of the problems that can result from incorrect usage of Fast Uplink MSTP include temporar...

Страница 535: ...witch SSHv1 does not interpret Check the SSH client application for a utility that can convert the PEM formatted key into an ASCII formatted key Executing IP SSH does not enable SSH on the switch The switch does not have a host key Verify by executing show ip host public key If you see the message ssh cannot be enabled until a host key is configured use crypto command then you need to generate an ...

Страница 536: ...witch lists one of the following messages Download failed overlength key in key file Download failed too many keys in key file Download failed one or more keys is not a valid RSA public key The public key file you are trying to download has one of the following problems A key in the file is too long The maximum key length is 1024 characters including spaces This could also mean that two or more ke...

Страница 537: ...e memory to save the authentication configuration to flash then pressing the Reset button or cycling the power reboots the switch with the boot up configuration Disconnect the switch from network access to any TACACS servers and then log in to the switch using either Telnet or direct console port access Because the switch cannot access a TACACS server it will default to local authentication You ca...

Страница 538: ...h a port that is not allowed for the account The time quota for the account has been exhausted The time credit for the account has expired The access attempt is outside of the time frame allowed for the account The allowed number of concurrent logins for the account has been exceeded For more help refer to the documentation provided with your TACACS server application Unknown Users Allowed to Logi...

Страница 539: ...runtaggedVLANoperationonthe same VLAN as the traffic from the monitored ports the traffic output from the monitor port is untagged If the monitor port is not a member of the same VLAN as the traffic from the monitored ports traffic from the monitored ports does not go out the monitor port None of the devices assigned to one or more VLANs on an 802 1Q compliant switch are being recognized If multip...

Страница 540: ...ring on different VLANs can appear where a device having one MAC address is a member of more than one 802 1Q VLAN and the switch porttowhichthedeviceislinkedisusingVLANs insteadofMSTPortrunking to establish redundant links to another switch If the other device sends traffic over multiple VLANs its MAC address will consistently appear in multiple VLANs on the switch port to which it is linked Note ...

Страница 541: ...l Switch Multiple Forwarding Database Switch with Single Forwarding Database MAC Address A VLAN 1 MAC Address A VLAN 2 Problem Thisswitchdetects continual moves of MAC address A between ports VLAN 1 VLAN 2 Figure C 5 Example of Duplicate MAC Address C 23 ...

Страница 542: ...o the switch is interrupted or if you enter the boot system command The contents of the Event Log are not erased if you Reboot the switch by choosing the Reboot Switch option from the menu interface Enter the reload command from the CLI Event Log Entries As shown in Figure C 1 each Event Log entry is composed of five or six fields depending on whether numbering is turned on or not Severity Date Ti...

Страница 543: ... port with valid user credentials Port levelsecuritythatallowsLANaccessonlyonportson which a single 802 1X capable client supplicant has entered valid RADIUS user credentials Address Table Manager Manages MAC addresses that the switch has learned and are stored in the switch s address table Authorization A connected client must receive authorization through web AMC RADIUS based TACACS based or 802...

Страница 544: ... policy and the sensitivity level at which a network problem should generate an alert Find Fix and Inform Event or alert log messages indicating a possible topology loop that cause excessive network activity andresultsinthenetworkrunningslow FFImessagesinclude events on transceiver connections with other network devices Generic Attribute Registration Protocol GARP defined in the IEEE 802 1D 1998 s...

Страница 545: ...aintain a loop free environment Load balancing messages also include switch meshing events TheSwitchMeshingfeatureprovidesredundantlinks improved bandwidth use and support for different port types and speeds Link Layer Discovery Protocol Supports transmitting LLDP packets to neighbor devices and reading LLDP packets received from neighbor devices enabling a switch to advertise itself to adjacent d...

Страница 546: ...r connection requests on the switch and collect accounting information to track network resource usage SimpleNetworkManagementProtocol Allowsyoutomanage the switch from a network management station including support for security features event reporting flow sampling and standard MIBs Simple Network Time Protocol Synchronizes and ensures a uniform time among interoperating devices Secure Shell ver...

Страница 547: ...nsole port local access or Telnet remote access Transmission Control Protocol A transport protocol that runs on IP and is used to set up connections Session established on the switch from a remote device through the Telnet virtual terminal protocol Trivial FileTransfer Protocol Supports thedownload of files to the switch from a TFTP network server Time Protocol Synchronizes and ensures a uniform t...

Страница 548: ... bridge IPv4 traffic among themselves A protocol based VLAN creates a layer 3 broadcast domain for traffic of a particular routing protocol and is comprised of member ports that bridge traffic of the specified protocol type among themselves VLAN messages include events from Management interfaces menu CLI web browser ProCurve Manager used to reconfigure the switch and monitor switch status and perf...

Страница 549: ...2 51 00433 ssh Ssh server enabled I 10 25 07 17 42 52 00400 stack Stack Protocol disabled I 10 25 07 17 42 52 00128 tftp Enable succeeded I 10 25 07 17 42 52 00417 cdp CDP enabled Log events stored in memory 1 751 Log events on screen 690 704 Actions Back Next page Prev page End Help Return to previous screen Use up down arrow to scroll one line left right arrow keys to change action selection and...

Страница 550: ...t r displays all recorded log messages with the most recent entries listed first search text displays all Event Log entries that contain the specified text Use a search text value with a or r to further filter show logging command output Examples To display all Event Log messages that have system in the message text or module name enter the following command ProCurve show logging a system To displ...

Страница 551: ...es it detects duplicates of a particular event since the last system reboot When the first instance of a particular event or condition generates a message the switch initiates a log throttle period that applies to all recurrences of that event If the logged event recurs during the log throttle period the switch increments the counter initiated by the first instance of the event but does not genera...

Страница 552: ...xample of Log Throttling For example suppose that you configure VLAN 100 on the switch to support PIM operation but do not configure an IP address If PIM attempted to use VLAN 100 the switch would generate the first instance of the following Event Log message and counter W 10 01 06 09 00 33 PIM No IP address configured on VID 100 1 Thecounterindicatesthatthisisthefirstinstance of this event since ...

Страница 553: ...indicates that a new log throttle period has begun for this event Original Counter from First Log Throttle Period The counter now indicates that this is the eighth instance of this event since the switch last rebooted Figure C 2 Example of Duplicate Messages Over Multiple Log Throttling Periods Note that if the same type of event occurs under different circumstances the switch handles these as unr...

Страница 554: ...ould appear three times in the Event Log once for each log throttle period for the event being described and the Duplicate Message Counter would increment as shown in table C 4 The same operation would apply for messages sent to any configured SNMP trap receivers Table C 4 How the Duplicate Message Counter Increments Instances Instances Instances Duplicate During 1st Log During 2nd Log During 3rd ...

Страница 555: ...to an external device As shown in Figure C 8 you can perform the following operations Use the debug command to configure messaging reports for the following event types Dynamic ARP protection events DHCP snooping events Events recorded in the switch s Event Log IPv4 routing events LLDP events SSH events Wireless Services events Use the logging command to select a subset of Event Log messages to se...

Страница 556: ...d system module to configured debug destinations Theseverityfilterisalsoappliedtothesystem modulemessagesyouselect The default setting is to send Event Log messages from all system modules To restore the default setting enter the no logging system module system module or logging system module all pass commands debug Command all Sends debug logging to configured debug destinations for all Event Log...

Страница 557: ...erial connect CLI Telnet CLI or SSH DisableallSyslog debugloggingwhile retainingthe Syslogaddressesfrom the switch configuration This allows you to configure Syslog messaging and then disable and re enable it as needed Display the current debug configuration If Syslog logging is currently active the list f configured Syslog servers is displayed Display the current Syslog server list when Syslog lo...

Страница 558: ... enable a subset of Event Log messages to be sent to config ured Syslog servers by specifying a severity level and or system module using the following commands ProCurve config logging severity debug major error warning info ProCurve config logging system module system module To display a list of valid values for each command enter logging severity or logging system module followed by or pressing ...

Страница 559: ...ly configured settings for Debug message types and Event Log message filters severity level and system module sent to debug destinations Debug destinations Syslog servers or CLI session and Syslog server facility to be used Syntax show debug Displays the currently configured debug logging destinations and message types selected for debugging purposes If no Syslog server address is configured with ...

Страница 560: ...ages of all severity levels from all system modules You can enter the logging severity and logging system module commands to specify a subset of Event Log messages to send to the Syslog server Figure C 2 Syslog Configuration to Receive Event Log Messages From Specified System Module and Severity Levels As shown at the top of Figure C 2 if you enter the show debug command when no Syslog server IP a...

Страница 561: ...urve config show debug Debug Logging Destination Logging 10 38 64 164 Facility user Severity debug System module all pass Session Enabled debug types ip ospf packet ConfigureaSyslogserverIPaddress No other Syslog servers are configuredontheswitch Theserver address serves as an active debug destination for any configured debug types Displaythenewdebugconfiguration Default debug settings facility se...

Страница 562: ...yntax no debug debug type all Configures the switch to send all debug message types to configured debug destination s Default Disabled No debug messages are sent event Configures the switch to send Event Log messages to config ured debug destinations Note This value does not affect the reception of event notification messages in the Event Log on the switch Syntax no debug debug type Continued even...

Страница 563: ...essages nd Displays debug messages for IPv6 neighbor discovery packet Displays IPv6 packet messages lldp Enables all LLDP message types for the configured destina tions Debug Destinations Use the debug destination command to enable and disable Syslog messaging on a Syslog server or to a CLI session for specified types of debug and Event Log messages Syntax no debug destination logging session buff...

Страница 564: ...n be on any one terminal emulation device with serial Telnet or SSH access to the CLI at the Manager level prompt ProCurve _ If more than one terminal device has a console session with the CLI you can redirect the desti nation from the current device to another device Do so by executing debug destination session in the CLI on the terminal device on which you now want to display event messages Even...

Страница 565: ...y entering the write memory command these debug and logging settings are automatically re activated after a switch reboot or power recycle The debug settings and destinations configured in your previous troubleshooting session will then be applied to the current session which may not be desirable After a reboot messages remain in the Event Log and are not deleted However after a power recycle all ...

Страница 566: ...erver Event Log messages are automatically enabled to be sent to the server To reconfigure this setting use the following commands Use debug command to specify additional debug message types see Debug Messages on page C 44 Use the logging command to configure the system module or severity level used to filter the Event Log messages sent to configured Syslog servers see Configuring the Severity Lev...

Страница 567: ...tly configured Syslog logging destinations from the running configuration nologging syslog ip address removes only the specified Syslog logging destination from the running configuration If you use the no form of the command to delete the only remaining Syslog server address debug destination logging is disabled on the switch but the default Event debug type is not changed Also removing all config...

Страница 568: ...your application specifically requires another subsystem Options include user default Random user level messages kern Kernel messages mail Mail system daemon System daemons auth Security Authorization messages syslog Messages generated internally by Syslog lpr Line Printer subsystem news Netnews subsystem uucp uucp subsystem cron cron at subsystem sys9 cron at subsystem sys10 sys14 Reserved for sy...

Страница 569: ...syslog_one Figure C 9 Example of the Logging Command with a Control Description C a u t i o n Entering the no logging command removes ALL the syslog server addresses without a verification prompt Adding a Priority Description You can add a user friendly description for the set of syslog filter parameters using the priority descr option The description can be added with the CLI or SNMP The CLI comm...

Страница 570: ...iagnostic information Using the logging severity command you can select a set of Event Log messages according to their severity level and send them to a Syslog server Messages of the selected and higher severity willbe sent To configure a Syslog server see Configuring a Syslog Server on page C 48 Syntax no logging severity major error l warning info debug Configures the switch to send all Event Lo...

Страница 571: ...odule system module Configures the switch to send all Event Log messages being logged from the specified system module to configured Syslog servers Refer to Table C 1 on page C 27 for the correct value to enter for each system module Default all pass Reports all Event Log messages Use the no form of the command to remove the configured system module value and reconfigure the default value which se...

Страница 572: ...rs accept Debug messages All Syslog messages resulting from a debug operation have a debug severity level If you configure the switch to send debug messages to a Syslog server ensure that the server s Syslog application is configured to accept the debug severity level The default configuration for some Syslog applications ignores the debug severity level Duplicate IP addresses are not stored in th...

Страница 573: ...iles n a page C 64 page C 64 View switch show tech n a page C 64 operation View crash information and n a page C 70 command history View system information and n a page C 70 software version Useful commands in a n a page C 74 troubleshooting session Resetting factory default page C 75 page C 75 configuration Buttons Restoring a flash image n a page C 76 Port Status n a pages page pages page pages ...

Страница 574: ... between your switch and another IEEE 802 3 compliant device on your network These tests can tell you whether the switch is communicating properly with another device Not e To respond to a Ping test or a Link test the device you are trying to reach must be IEEE 802 3 compliant Ping Test This is a test of the path between the switch and another device on the same or another IP network that can resp...

Страница 575: ...n the Web Browser Interface Successes indicates the number of Ping or Link packets that successfully completed the most recent test Failures indicates the number of Ping or Link packets that were unsuccessful in the last test Failures indicate connectivity or network performance prob lems such as overloaded links or devices DestinationIP MACAddress is the network address of the target or destinati...

Страница 576: ...ified destination The Ping command has several extended commands that allow advanced checking of destination availability Syntax ping ip address hostname switch num repetitions 1 10000 timeout 1 60 source ip address vlan id oobm data size 0 65471 data fill 0 1024 ping6 ip address hostname switch num repetitions 1 10000 timeout 1 60 source ip address vlan id oobm data size 0 65471 data fill 0 1024 ...

Страница 577: ...1 Size of packet sent Default 0 zero data fill 0 1024 The data pattern in the packet Default Zero length string Ping with Repetitions and Timeout Basic Ping Operation Ping Failure Ping with Repetitions Figure C 12 Examples of Ping Tests To halt a ping test before it concludes press Ctrl C Not e To use the ping or traceroute command with host names or fully qualified domain names refer to DNS Resol...

Страница 578: ... Figure C 13 Example of Link Tests Traceroute Command The traceroute command enables you to trace the route from the switch to a host address This command outputs information for each router hop between the switch and the destination address Note that every time you execute traceroute it uses the same default settings unless you specify otherwise for that instance of the command Syntax traceroute ...

Страница 579: ...all hops are listed For any instance of traceroute if you want a minttl value other than the default you must specify that value Default 1 maxttl 1 255 For the current instance of traceroute changes the maximum number of hops allowed for each probe packet sent along the route If the destination address is further from the switch than maxttl allows then traceroute lists the IP addresses for all hop...

Страница 580: ...fault values for a destination IP address that is four hops away produces a result similar to this Intermediate router hops with the time taken for the switch to receive acknowledgement of eachprobereachingeach router Destination IP Address Figure C 14 Example of a Completed Traceroute Enquiry Continuing from the previous example Figure C 14 above executing traceroute with an insufficient maxttl f...

Страница 581: ...te becomes blocked or otherwise fails results in an output marked by timeouts for all probes beyond the last detected hop For example with a maximum hop count of 7 maxttl 7 where the route becomes blocked or otherwise fails the output appears similar to this At hop 3 the first and third probes timed out but the second probe reached the router All further probes within the maxttl timed out without ...

Страница 582: ...tion and examples of how to use these commands refer to Chapter 6 Switch Memory and Configuration Syntax write terminal Displays the running configuration show config Displays the startup configuration show running config Displays the running config file Web Viewing the Configuration File To display the running configuration through the web browser interface 1 Click on the Diagnostics tab 2 Click ...

Страница 583: ...s General System Information System Name ProCurve 6120 Blade Switch System Contact System Location MAC Age Time sec 300 Time Zone 0 Daylight Time Rule None Software revision Z 14 04 Base MAC Addr 002481 b00921 ROM Version Z 14 03 Serial Number TW28080080 Up Time 2 hours Memory Total 33 554 432 CPU Util 23 Free 21 562 672 IP Mgmt Pkts Rx 3980 Packet Total 3022 Pkts Tx 62 Buffers Free 2899 Lowest 27...

Страница 584: ... or Notepad to display the data In this case Microsoft Word provides the data in an easier to read format The following example uses the Microsoft Windows terminal emulator If you areusinga differentterminal emulatorapplication refertothedocumentation provided with the application To save show tech command output from your terminal emulator to a text file follow these steps 1 In Hyperterminal clic...

Страница 585: ...information displayed with the show tech command to suit your troubleshooting needs To customize the information displayed with the show tech command 1 Determine the information that you want to gather to troubleshoot a problem in switch operation 2 Enter the copy show tech command to specify the data files that contain the information you want to view Syntax copy source show tech Specifies the op...

Страница 586: ...ech command output tftpconfig startup config running config ip addr remote file pc unix Downloads the contents of a configuration file from a remote host to show tech command output where ip addr Specifies the IP address of the remote host device remote file Specifies the pathname on the remote host for the configuration file whose contents you want to include in the command output pc unix Specifi...

Страница 587: ...how tech command output where startup config Specifies the name of the startup configuration file on the connected device config filename Specifies the pathname of a configuration file on the connected device pc unix Specifies whether the connected device is a DOS based PC or UNIX workstation For more information on using copy xmodem commands refer to the File Transfers appendix C 69 ...

Страница 588: ...ow system information Displays globally configured parameters and information on switch operation see CLI Viewing and Configuring System Information in the Interface Access and System Information chapter show version Displays the software version currently running on the switch and the flash image from which the switch booted primary or secondary For more information see Displaying Management Info...

Страница 589: ...gular expressions are permitted symbols such as the asterisk cannot be substituted to perform more general matching include Only the lines that contain the matching pattern are displayed in the output exclude Only the lines that contain the matching pattern are not displayed in the output begin The display of the output begins with the line that contains the matching pattern Not e Pattern matching...

Страница 590: ... module 2 type J8705A snmp server community notpublic Unrestricted vlan 1 name DEFAULT_VLAN untagged A1 A24 B1 B20 Displays all lines that don t contain ipv6 ip address dhcp bootp no untagged B21 B24 exit vlan 20 name VLAN20 untagged B21 B24 no ip address exit sequence 10 deny tcp 2001 db8 255 48 2001 db8 125 48 exit no autorun password manager ProCurve config Figure C 21 Example of Pattern Matchi...

Страница 591: ...nfig Figure C 22 Example of Pattern Matching with Begin Option Figure C 23 is an example of the show arp command output and then the output displayed when the include option has the IP address of 15 255 128 1 as the regular expression ProCurve config show arp IP ARP table IP Address MAC Address Type Port 15 255 128 1 00000c 07ac00 dynamic B1 15 255 131 19 00a0c9 b1503d dynamic 15 255 133 150 000bc...

Страница 592: ...s a currently running remote troubleshooting session Use the show ip ssh command to list the current management sessions For more information see Denying Interface Access by Terminating Remote Management Sessions in the Interface Access and System Information chapter no page Toggles the paging mode for show commands between continuous listing and per page listing repeat Repeatedly executes one or ...

Страница 593: ... recommends that you save your configuration to a TFTP server before resetting the switch to its factory default configuration You can also save your configuration via Xmodem to a directly connected PC CLI Resetting to the Factory Default Configuration This command operates at any level except the Operator level Syntax erase startup configuration Deletes the startup config file in flash so that th...

Страница 594: ...kstation or laptop computer that has the following A terminal emulator program with Xmodem capability such as the Hyper Terminal program included in Windows PC software A copy of a good OS image file for the switch Not e The following procedure requires the use of Xmodem and copies an OS image into primary flash only This procedure assumes you are using HyperTerminal as your terminal emulator If y...

Страница 595: ...rTerminal c Enter the appropriate filename and path for the OS image d Select the Xmodem protocol and not the 1k Xmodem protocol e Click on Send If you are using HyperTerminal you will see a screen similar to the following to indicate that the download is in progress Figure C 24 Example of Xmodem Download in Progress 7 When the download completes the switch reboots from primary flash using the OS ...

Страница 596: ...in name identifying a specific host host name and the domain in which it exists For example if a device with an IP address of 10 10 10 101 has a host name of device53 and resides in the evergreen trees org domain then the device s fully qualified domain name is device53 evergreen trees org and the DNS resolution of this name is 10 10 10 101 Host Name The unique leftmost label in a domain name assi...

Страница 597: ... configured DNS server Example Suppose the switch is configured with the domain suffix mygroup procurve net and the IP address for an accessible DNS server If an operator wants to use the switch to ping a target host in this domain by using the DNS name leader assigned by a DNS server to an IP address used in that domain then the operator can use either of the following commands ProCurve ping lead...

Страница 598: ...s second domain is accessible to the DNS server already configured on the switch a traceroute command using the target s fully qualified DNS name should succeed ProCurve traceroute remote 01 common group net traceroute to 10 22 240 73 1 hop min 30 hops max 5 sec timeout 3 probes 1 10 28 229 3 0 ms 0 ms 0 ms 2 10 71 217 1 0 ms 0 ms 0 ms 3 10 0 198 2 1 ms 0 ms 0 ms 4 10 22 240 73 0 ms 0 ms 0 ms Full...

Страница 599: ...le to the switch These settings specify the relative priority of the DNS server when multiple servers are configured the IP address of the DNS server optionally for switches that have a separate out of band management OOBM port that DNS access goes through that out of band management port These settings must be configured before a DNS compatible command can be executed with host name criteria The ...

Страница 600: ... The domain suffix configured on the switch is not the domain in which the target host exists The switch supports one domain suffix entry and three DNS server IP address entries Refer to the preceding command description The no form of the command replaces the configured domain suffix with the null setting Default null Example Using DNS Names with Ping and Traceroute In the network illustrated in ...

Страница 601: ...29 219 Switch IP Address 10 28 192 1 Document Server IP Address 10 28 229 219 With the above already configured the following commands enable a DNS compatible command with the host name docserver to reach the document server at 10 28 229 219 ProCurve config ip dns server address 10 28 229 10 ProCurve config ip dns domain name pubs outdoors com Figure C 28 Configuring Switch A in FigureC 27 To Supp...

Страница 602: ...e Figure C 30 Example of Ping and Traceroute Execution When Only the DNS Server IP Address Is Configured Viewing the Current DNS Configuration The show ip command displays the current domain suffix and the IP address of the highest priority DNS server configured on the switch along with other IP configuration information If the switch configuration currently includes a non default non null DNS ent...

Страница 603: ...ready used in the configuration for another address you must first use the no form of the command to remove the current address from the target priority The DNS server s and domain configured on the switch must be accessible to the switch but it is not necessary for any intermediate devices between the switch and the DNS server to be configured to support DNS operation When multiple DNS servers ar...

Страница 604: ... incorrect server IP address can produce this result Unknown host host name The host name did not resolve to an IP address Some reasons for this occurring include The host name was not found The named domain was not found The domain suffix was expected but has not been configured If the server s IP address has been configured in the switch but the domain name has not been configured then the host ...

Страница 605: ...ss Management Contents Overview D 2 Determining MAC Addresses D 3 Menu Viewing the Switch s MAC Addresses D 4 CLI Viewing the Port and VLAN MAC Addresses D 5 Viewing the MAC Addresses of Connected Devices D 7 D 1 ...

Страница 606: ...overed in this guide use the same MAC address For internal switch operations One MAC address per port Refer to CLI Viewing the Port and VLAN MAC Addresses on page D 5 MAC addresses are assigned at the factory The switch automatically implements these addresses for VLANs and ports as they are added to the switch Not e The switch s base MAC address is also printed on a label affixed to the switch D ...

Страница 607: ... interface to view the switch s base MAC address and the MAC address assigned to any VLAN you have configured on the switch The same MAC address is assigned to VLAN1 and all other VLANs configured on the switch Not e The switch s base MAC address is used for the default VLAN VID 1 that is always available on the switch This is true for dynamic VLANs as well the base MAC address is the same across ...

Страница 608: ...s been changed by using the VLAN Names screen On the switches covered in this guide the VID VLAN identification number for the default VLAN is always 1 and cannot be changed To View the MAC Address and IP Address assignments for VLANs Configured on the Switch 1 From the Main Menu Select 1 Status and Counters 2 Switch Management Address Information If the switch has only the default VLAN the follow...

Страница 609: ...he same MAC address To display the switch s MAC addresses use the walkmib command at the command prompt Not e This procedure displays the MAC addresses for all ports and existing VLANs in the switch regardless of which VLAN you select 1 If the switch is at the CLI Operator level use the enable command to enter the Manager level of the CLI 2 Type the following command to display the MAC address for...

Страница 610: ... 88 b1 bf ifPhysAddress 66 00 12 79 88 b1 be ifPhysAddress 67 00 12 79 88 b1 bd ifPhysAddress 68 00 12 79 88 b1 bc ifPhysAddress 69 00 12 79 88 b1 bb ifPhysAddress 70 00 12 79 88 b1 ba ifPhysAddress 71 00 12 79 88 b1 b9 ifPhysAddress 72 00 12 79 88 b1 b8 ifPhysAddress 362 00 12 79 88 a1 00 ifPhysAddress 461 00 12 79 88 a1 00 ifPhysAddress 488 00 12 79 88 a1 00 ifPhysAddress 4456 ifPhysAddress 461 ...

Страница 611: ...evices the switch has detected on the specified port s mac addr Lists the port on which the switch detects the specified MAC address Returns the following message if the specified MAC address is not detected on any port in the switch MAC address mac addr not found vlan vid Lists the MAC addresses of the devices the switch has detected on ports belonging to the specified VLAN along with the number ...

Страница 612: ...MAC Address Management Viewing the MAC Addresses of Connected Devices D 8 ...

Страница 613: ...E Monitoring Resources Contents Viewing Information on Resource Usage E 2 Policy Enforcement Engine E 2 When Insufficient Resources Are Available E 3 E 1 ...

Страница 614: ...ures are configured on the switch Resource usage by virus throttling is determined as follows A virus throttling configuration connection rate filtering on the switch does not affect switch resources unless traffic behavior has triggered either a throttling or blocking action on the traffic from one or more clients When the throttling action ceases or a blocked client is unblocked the resources us...

Страница 615: ...urces must be released before any of the following actions are supported Configuration of new entries for QoS IDM virus throttling and other features Management VLAN DHCP snooping dynamic ARP protection Acceptance of new RADIUS based client authentication requests displayed as a new resource entry for IDM Not e Failure to authenticate a client that presents valid credentials may indi cate that ins...

Страница 616: ...Monitoring Resources When Insufficient Resources Are Available E 4 ...

Страница 617: ...n addition to the value none no time changes there are five pre defined settings named Alaska Canada and Continental US Middle Europe and Portugal Southern Hemisphere Western Europe The pre defined settings follow these rules Alaska Begin DST at 2am on the second Sunday in March End DST at 2am on the first Sunday in November Canada and Continental US Begin DST at 2am on the second Sunday in March ...

Страница 618: ...ce screen looks like this all month date entries are at their default values TELNET MANAGER MODE Switch Configuration System Information System Name ProCurve 6120 Blade Switch System Contact System Location Inactivity Timeout min 0 0 MAC Age Time sec 300 300 Inbound Telnet Enabled Yes Yes Web Agent Enabled Yes Yes Time Sync Method None TIMEP TimeP Mode Disabled Disabled Tftp enable Yes Yes Jumbo M...

Страница 619: ...he configured day is a Sunday the time changes at 2am on that day If the configured day is not a Sunday the time changes at 2am on the first Sunday after the configured day This is true for both the Beginning day and the Ending day With that algorithm one should use the value 1 to represent first Sunday of the month and a value equal to number of days in the month minus 6 to represent last Sunday ...

Страница 620: ...Daylight Savings Time on ProCurve Switches F 4 ...

Страница 621: ...7 OOBM context G 7 OOBM enable disable G 8 OOBM port enable disable G 9 OOBM IPv4 address configuration G 10 OOBM IPv4 default gateway configuration G 10 OOBM Show Commands G 11 Show OOBM G 11 Show OOBM IP configuration G 12 Show OOBM ARP information G 12 Application Server Commands G 13 Application Client Commands G 15 Example G 16 G 1 ...

Страница 622: ...yle connectors The HP ProCurve 6120G XG and 6120XG switches have a networked out of band management port available to them through the dedicated networked management port in the C class enclosure Onboard Administrator OA module The illustrations below shows management connections for the two switches and the OA Not e For instructions on how to use the OOBM serial interface see the Installation and...

Страница 623: ... malicious attempts to gain access via the data ports Network OOBM typically occurs on a management network that connects multiple switches Ithasthe added advantage that itcanbe donefrom acentral location and does not require an individual physical cable from the manage ment station to each switch s console port The table below summarizes the switch management ports Table A 1 Switch Management Por...

Страница 624: ...ents on data network shows boot sequence not affected by events on data network allows centralized management allows improved security Disadvantages can be affected by events on data network does not show boot sequence requires PC to directly connect to USB connector networked terminal server needs to be attached to OA serial port does not show boot sequence G 4 ...

Страница 625: ...ata network is disrupted In the illustration below the switches face the hot aisle of the data center allowing easy connection to the network ports on the backs of the servers Figure D 2 Network out of band management in a data center For even more control the serial console ports of the switches could be connected to the management network through a serial console server essen tially a networked ...

Страница 626: ... a yes TACACS n a yes n a yes DNS n a yes n a yes Syslog n a yes n a yes Ping yes yes yes yes Traceroute yes yes yes yes n a not applicable SNMP client refers to SNMP traps as they originate from the switch DNS has a limit of two servers primary and secondary Either can be configured to use the OOBM interface Ping and Traceroute do not have explicit servers Ping and Traceroute responses are sent b...

Страница 627: ... from the global configuration context config or from a specific OOBM configuration context oobm To enter the OOBM configuration context from the general configuration con text use the oobm command Syntax oobm Enters the OOBM context from the general configuration context For example ProCurve config oobm ProCurve oobm G 7 ...

Страница 628: ...the switch OOBM is not compatible with either a management VLAN or stacking If you attempt to enable OOBM when a management VLAN is enabled or when stacking is enabled the command will be rejected and you will receive an error message If an OOBM IP address exists and you disable OOBM the OOBM IP address configuration is maintained If you enable OOBM and there is a pre existing OOBM IP address it w...

Страница 629: ...BM interface the OOBM port as opposed to the OOBM function Syntax From the OOBM context interface enable disable From the general configuration context oobm interface enable disable Enables or disables the networked OOBM interface port For example ProCurve oobm interface enable ProCurve config oobm interface disable G 9 ...

Страница 630: ...M interface You can configure an IPv4 address even when global OOBM is disabled that address will become effective when OOBM is enabled For example ProCurve oobm ip address 10 1 1 17 24 OOBM IPv4 default gateway configuration ConfiguringanIPv4defaultgatewayfortheOOBMinterfaceissimilartoVLAN default gateway configuration but it is accomplished within the OOBM con text Syntax From the OOBM context n...

Страница 631: ...to see the IP configuration of the OOBM interface you need to use show oobm ip Show OOBM This command shows the global OOBM and OOBM port configurations Syntax show oobm Summarizes OOBM configuration information This com mand displays the global OOBM configuration enabled or disabled the OOBM interface status up or down and the port status enabled disabled duplex and speed You can issue this comma...

Страница 632: ...the status of IPv4 enabled disabled the IPv4 default gateway and the IPv4 address configured for the interface You can issue this command from any context For example ProCurve show oobm ip Show OOBM ARP information Use show oobm arp to see the ARP table entries for the OOBM interface Syntax show oobm arp Summarizes the ARP table entries for the OOBM interface You can issue this command from any co...

Страница 633: ...7 6 SSH ip ssh listen oobm data both Access Security Guide page 5 14 SNMP snmp server listen oobm data both Management and Configuration Guide page 13 35 TFTP tftp server listen oobm data both Management and Configuration Guide page A 9 HTTP web management listen oobm data both Management and Configuration Guide page 7 8 In all cases show running config will display the server configurations Use t...

Страница 634: ...f Band Management OOBM Tasks The show servers command shows the listen mode of the servers ProCurve show servers Server listen mode Server Listen mode Telnet both Ssh both Tftp both Web management both Snmp both G 14 ...

Страница 635: ...rver priority priority ip address oobm version Management and Configuration Guide page 9 12 TIMEP no ip timep dhcp manual ip address oobm Management and Configuration Guide page 9 34 RADIUS no radius server host ip address oobm Access Security Guide page 3 17 page 5 14 TACACS no tacacs server host ip address oobm Access Security Guide page 4 13 DNS no ip dns server address priority priority ip add...

Страница 636: ...the left hand rack to commu nicate on both the data and management networks You might do the follow ing Configure an IP address on the data network Verify that out of band management is enabled It is enabled by default Configure an IP address on the management network Verify that the switch can communicate on both networks The CLI commands that follow would accomplish those tasks The first time th...

Страница 637: ...te OOBM Port Speed Auto Switch 41 config Switch 41 config oobm Go to OOBM context and Switch 41 oobm ip default gateway 10 255 255 1 default gateway Switch 41 oobm end Exit back to manager context Switch 41 ping 10 1 131 43 Ping server in this rack on data network 10 1 131 44 is alive time 19 ms Switch 41 ping 10 1 131 51 Ping server in adjacent rack 10 1 131 51 is alive time 15 ms Switch 41 ping ...

Страница 638: ...Network Out of Band Management OOBM Tasks G 18 ...

Страница 639: ...es several different numbers registration ID This number comes with the license you purchase and represents your right to install the particular type oflicense onaparticular type of switch hardware ID This number is provided by the switch that you are licensing and includes the switch s serial number and an identifier for the feature that you are licensing license key This number is generated by t...

Страница 640: ... or write it down Copying the number is easier and more accurate You will enter the number on the My ProCurve portal in the next step 3 Get the license key Point your Web browser at the My ProCurve portal http my procurve com and sign in Click the My Licenses tab enter the registration ID and then enter the hardware ID At the end of the proce durealicensekey isdisplayed Itisalsoe mailedtoyou Copy ...

Страница 641: ... 62 authentication notification messages 13 19 13 28 SNTP 9 21 SNTP client 9 17 authentication trap See also SNMP authorized IP managers SNMP blocking 13 4 auto MDI MDI X configuration display 10 21 operation 10 19 10 21 port mode display 10 21 Auto 10 11 4 11 7 11 18 autonegotiate 13 63 auto TFTP A 11 disable A 11 A 14 disabled A 11 download to a redundant management system A 9 downloading softwa...

Страница 642: ...er 6 41 configuration Bootp 8 13 clearing module 10 29 comparing startup to running 6 6 console 7 3 copying A 26 DHCP Option 66 6 41 DHCP Best Offer 6 43 factory default 6 9 8 2 file update with Option 66 6 41 file updating with Option 66 6 42 impacts of software download on A 4 IP 8 2 Option 67 6 42 permanent 6 7 permanent change defined 6 4 port 10 1 port trunk group 11 1 port duplex 10 15 port ...

Страница 643: ... starting a session 3 4 statistics clear counters 3 12 status and counters access 3 7 status and counters menu B 5 troubleshooting access problems C 7 context level global config 4 5 8 10 manager level 4 5 moving between contexts 4 7 port or trunk group 4 13 VLAN specific 4 15 copy command output A 31 crash data A 32 crash log A 33 event log output A 31 multiple config file tftp 6 38 software imag...

Страница 644: ...ion 13 26 SNTP 9 5 sntp poll interval 720 seconds 9 11 sntp server version 3 9 13 Support Mgmnt URL window 5 13 system information features 7 13 system name switch product name 7 13 task monitor cpu disabled B 8 Telnet access enabled 7 3 terminal type VT 100 7 3 TFTP enabled A 9 time sync method none 7 13 time synchronization protocol TimeP 9 4 time zone 0 7 14 Time to Live TTL 64 8 3 traceroute C...

Страница 645: ...ent log clearing entries C 32 compared to debug Syslog operation C 37 console menu 3 7 debugging by severity level C 38 C 47 debugging by system module C 38 C 47 format date C 25 generated by system module C 25 how to read entries C 24 listing entries C 32 losing messages C 24 navigation C 31 not affected by debug configuration C 54 security levels 13 22 sending event log messages as traps 13 22 s...

Страница 646: ... 7 4 inactivity timer 7 10 Inbound Telnet Enabled parameter C 8 include credentials SNTP 9 24 informs sending to trap receiver 13 22 SNMP 13 23 intelligent mirroring See mirroring IP 8 7 CLI access 8 6 configuration 8 2 DHCP Bootp 8 2 duplicate address C 9 duplicate address DHCP network C 9 effect when address not used 8 11 features available with and without 8 11 gateway 8 3 gateway IP address 8 ...

Страница 647: ... 21 described 11 6 11 18 Dyn1 11 7 dynamic 11 19 enabling dynamic trunk 11 15 full duplex required 11 4 11 18 IGMP 11 23 mirroring static trunk B 28 no half duplex 11 25 operation not allowed C 11 overview of port mode settings 11 4 passive 11 15 removing port from active trunk 11 16 restrictions 11 22 standby link 11 19 status terms 11 21 STP 11 23 trunk limit 11 19 VLANs 11 23 with 802 1X 11 22 ...

Страница 648: ...ound packet options 13 45 packet boundaries 13 43 packet dropped 13 43 packet time to live 13 46 packet forwarding 13 43 13 81 packets not forwarded 13 42 per port counters 13 80 port description 13 57 port ID 13 56 port speed 13 58 port trunks 13 47 port type 13 56 refresh interval 13 51 reinitialization delay 13 53 remote management address 13 46 remote manager address 13 56 reset counters 13 79...

Страница 649: ...hentication 13 11 MDI MDI X configuration display 10 21 operation 10 19 port mode display 10 21 media type port trunk 11 3 memory flash 3 10 6 3 startup configuration 3 10 menu interface configuration changes saving 3 10 moving to or from the CLI 4 7 See also console mesh mirroring B 23 MIB HP proprietary 13 6 listing 13 6 standard 13 6 mini USB 2 2 mirroring 802 1Q tag B 45 caution configure dest...

Страница 650: ...stination B 26 SNMP B 28 B 29 source switch B 25 source configure B 35 static trunk B 26 terminology B 24 traffic overload B 28 traffic injected into mirrored stream B 45 traffic intercepted B 45 troubleshooting B 47 trunk source B 27 B 31 using MAC addresses B 26 VLAN B 31 VLAN rule exit port B 47 VLAN tag frame size B 43 VLAN tagging B 45 Web interface B 28 Web limits B 29 MLTS 13 42 module clea...

Страница 651: ... C 56 PoE benefit of LLDP MED 13 62 status 13 66 policy enforcement engine described E 2 displaying resource usage E 2 poll interval See TimeP port address table B 13 blocked by UDLD 10 32 broadcast limit 10 18 12 8 CLI access 10 8 configuration 10 1 configuring UDLD 10 32 context level 10 16 counters B 11 counters reset B 11 duplex view 10 8 enabling UDLD 10 33 fiber optic 10 5 MAC address D 4 D ...

Страница 652: ...ys 10 13 power supply show settings B 7 Power Sourcing Equipment 13 42 Premium License installing H 1 premium license installing H 1 privilege levels 4 3 ProCurve Auto MDIX feature 10 19 switch documentation xxiii ProCurve Manager security concerns when deleting public community 13 7 starting web browser 5 5 updating switch software A 24 using Java enabled browser 5 6 ProCurve HP URL 13 6 prompt C...

Страница 653: ...messages C 45 traceroute C 60 RS 232 2 4 running config viewing 6 6 See also configuration S scheduled reboot 6 24 SCP SFTP enabling A 13 session limit A 17 A 19 transfer of config files 6 41 troubleshooting A 18 secure copy See SCP SFTP secure FTP See SCP SFTP secure management VLAN See VLAN secure management VLAN DNS C 85 security Clear button 5 12 enabling network security notifications 13 28 p...

Страница 654: ... 13 6 13 19 walkmib D 5 D 6 well known traps 13 21 SNMP trap LLDP 13 54 SNMPv3 public community access caution 13 8 access 13 7 assigning users to groups 13 9 authentication configuring 13 11 communities 13 13 enable command 13 9 enabling 13 8 encryption configuring 13 11 group access levels 13 13 groups 13 12 network management problems with snmpv3 only 13 8 restricted access option 13 8 set up 1...

Страница 655: ... installing a license H 1 software image A 3 version A 6 A 20 switching cut through 12 29 Syslog debug severity level as default C 52 C 54 adding priority description C 51 compared to event log C 37 config friendly descriptions C 50 configuring for debugging C 39 configuring server address C 38 configuring server IP address C 44 configuring Syslog servers and debug destinations C 38 control desc C...

Страница 656: ... 19 time configure 7 19 TimeP 8 3 8 5 assignment methods 9 3 disabling 9 35 enabling and disabling 9 32 manual config priority 8 12 poll interval 9 35 selecting 9 4 server address listing 9 10 9 31 show management 9 31 viewing and configuring menu 9 28 viewing CLI 9 30 timesync disabling 9 35 Time To Live 8 3 8 5 8 6 8 10 See also TTL time to live LLDP 13 44 Time To Live on primary VLAN 8 4 TLV 13...

Страница 657: ... 34 enabling on a port 10 33 event log messages 10 37 operation 10 32 overview 10 31 supported switches 10 32 viewing configuration 10 35 viewing statistics 10 36 warning messages 10 37 unauthorized access 13 29 undersize frames 12 29 unicast mode SNTP 9 21 Uni directional Link Detection See UDLD Universal Resource Locator See URL Unix Bootp 8 13 unrestricted write access 13 15 unusual network act...

Страница 658: ...parameters 5 9 access security 7 3 alert log 5 21 alert log details 5 22 bandwidth adjustment 5 19 bar graph adjustment 5 19 disable access 5 3 enabling 5 5 error packets 5 18 fault detection policy 5 9 5 25 fault detection window 5 25 features 2 6 first time install 5 8 first time tasks 5 8 Java applets enabling 5 5 main screen 5 17 online help 5 14 online help location specifying 5 14 online hel...

Страница 659: ...download to primary or secondary flash A 21 using to download switch software A 19 Index 19 ...

Страница 660: ...20 Index ...

Страница 661: ......

Страница 662: ...ation contained herein is subject to change without notice The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services Nothing herein should be construed as constituting an additional warranty HP will not be liable for technical or editorial errors or omissions contained herein November 2010 Manual Part Number 5992 5523 ...

Отзывы:

Нет отзывов

Похожие инструкции для ProCurve 6120G/XG

Modbus Server-FC330A

Бренд: IntesisBox Страницы: 5

DTS 4132.timeserver

Бренд: Mobatime Страницы: 108

Бренд: TYANO Страницы: 102

Бренд: MISUMI Страницы: 18

Бренд: MRV Communications Страницы: 65

xSeries 440 8687

Бренд: IBM Страницы: 80

xSeries 230 6RY

Бренд: IBM Страницы: 194

ApplianceStor 75

Бренд: Rasilient Страницы: 24

Бренд: myTEM Страницы: 2

Бренд: Vxl Страницы: 2

Бренд: Alcatel Страницы: 2

Бренд: Cooper Bussmann Страницы: 82

Бренд: ACTi Страницы: 20

Бренд: Intel Страницы: 80

Бренд: Intel Страницы: 97

Бренд: Intel Страницы: 108

SE7320SP2 - 800MHZ Ecc Ddr Xeon

Бренд: Intel Страницы: 184

Бренд: Lantronix Страницы: 74

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды