HP ProCurve Secure 7102dl Скачать руководство пользователя страница 401 | Manualshive

Страница: 401 / 1455

background image

SROS Command Line Interface Reference Guide

Global Configuration Mode Command Set

5991-2114

© Copyright 2007 Hewlett-Packard Development Company, L.P.

399

ip firewall alg [ftp | h323 | h323 timeout | pptp | sip]

Use the

ip firewall alg

command to enable the application level gateway (ALG) for a particular

application. Use the

no

form of this command to disable ALG for the application.

Syntax Description

ftp

Enables the FTP ALG.

h323

Enables the H323 ALG. H.323 is a generic recommendation from the ITU that sets
standards for multimedia communications over networks without guaranteed
Quality of Service (QoS)

h323 timeout

<value>

Optional. Allows the configuration of the timeout for the policy-session that
controls the H.323 call and specifies the length of time before the H.323 call is
terminated after a timeout.

pptp

Enables the PPTP ALG.

sip

Enables the SIP ALG.

Default Values

By default, the ALG for FTP, H323, PPTP, and SIP are enabled.

Functional Notes

Enabling the Application Layer Gateway (ALG) for a specific protocol gives the firewall additional
information about that complex protocol and causes the firewall to perform additional processing for
packets of that protocol. When the ALG is disabled, the firewall treats the complex protocol as any other
simple protocol. The firewall needs no special knowledge to work well with simple protocols.

Session Initiation Protocol (SIP) ALG Information

By default, the SROS SIP ALG is enabled. This ALG allows the firewall to examine the ALL SIP packets it
identifies and maintain knowledge of SIP transmissions on the network based on the SIP header. The SIP
ALG requires the use of the SIP stack and the SIP proxy server in order to properly route SIP calls and
maintain the SIP information. When the SIP ALG is enabled, the SIP stack and SIP proxy server are
automatically enabled. For proper SIP operation, the firewall must also be configured to allow for dynamic
holes for the RTP/RTCP traffic associated with SIP calls between User Agents (UAs). This functionality
must be manually enabled using the

ip rtp firewall-traversal

command.

To completely disable SIP operation in the SROS, the following commands should be entered:

no ip

firewall alg sip

,

no ip sip

,

no ip sip proxy

, and

no ip rtp firewall-traversal

. The

no ip firewall alg sip

command disables the SIP ALG. The

no ip sip

command disables the SIP stack and frees all memory

allocated to the stack. The

no ip sip proxy

command disables the SIP proxy server. This command is not

necessary to disable SIP functionality (because the

no ip sip

command effectively shuts the proxy server

down by disabling the stack), but should be entered for a cleaner configuration.

Warning

Disabling the IP firewall ALG may cause the firewall to block some of the traffic for
the specified protocol.

«
...
399
400
401
402
403
...
»

Содержание ProCurve Secure 7102dl

Страница 1: ...SROS Command Line Interface Reference Guide ProCurve Secure Router 7102dl ProCurve Secure Router 7203dl ...

Страница 2: ......

Страница 3: ...SROS Command Line Interface Reference Guide Software Version J 08 03 September 2007 61195880L1 35H ...

Страница 4: ...EGARD TO THIS MATERIAL INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE Hewlett Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing performance or use of this material The only warranties for HP products and services are set forth in the express warranty state...

Страница 5: ... Configuration Command Set 699 ATM Interface Config Command Set 714 ATM Sub Interface Config Command Set 717 BVI Interface Config Command Set 786 Demand Interface Configuration Command Set 817 Frame Relay Interface Config Command Set 877 Frame Relay Sub Interface Config Command Set 898 HDLC Command Set 969 Loopback Interface Configuration Command Set 1031 PPP Interface Configuration Command Set 10...

Страница 6: ...nfiguration Command Set 1347 Router OSPF Configuration Command Set 1360 Router PIM Sparse Configuration Command Set 1375 Router RIP Configuration Command Set 1379 Quality of Service QoS Map Commands 1391 DHCP Pool Command Set 1406 Radius Group Command Set 1425 TACACS Group Configuration Command Set 1427 Common Commands 1429 Index 1443 ...

Страница 7: ...cts using the SROS are initially accessed by connecting a VT100 terminal or terminal emulator to the CONSOLE port located on the front of the unit using a standard DB 9 male to DB 9 female serial cable Configure the VT100 terminal or terminal emulation software to the following settings 9600 baud 8 data bits No parity 1 stop bit No flow control Understanding Command Security Levels The SROS has tw...

Страница 8: ...modes Note To prevent unauthorized users from accessing the configuration functions of your product immediately install an Enable level password Refer to the Quick Configuration Guides and Quick Start Guides located on the Secure Router OS Documentation CD provided with your unit for more information on configuring a password Mode Access by Sample Prompt With this mode you can Global entering conf...

Страница 9: ...row key To re display a previously entered command use the up arrow key Continuing to press the up arrow key cycles through all commands entered starting with the most recent command Tab key Pressing the Tab key after entering a partial but unique command will complete the command display it on the command prompt line and wait for further input The CLI contains help to guide you through the config...

Страница 10: ...inish You need only enter enough letters to identify a command as unique For example entering int t1 1 1 at the Global configuration prompt provides you access to the configuration parameters for the specified T1 interface Entering interface t1 1 1 would work as well but is not necessary Command Description do The do command provides a way to execute commands in other command sets without taking t...

Страница 11: ...es can halt other processes It is best to only use the debug command during times when the network resources are in low demand non peak hours weekends etc Message Helpful Hints Ambiguous command Unrecognized Command The command may not be valid in the current command mode or you may not have entered enough correct characters for the command to be recognized Try using the command to determine your ...

Страница 12: ...e 591 E1 Interface Configuration Command Set on page 601 Ethernet Interface Configuration Command Set on page 616 G 703 Interface Configuration Command set on page 678 Serial Interface Configuration Command Set on page 685 Modem Interface Configuration Command Set on page 694 T1 Interface Configuration Command Set on page 699 ATM Interface Config Command Set on page 714 ATM Sub Interface Config Co...

Страница 13: ...e 1327 Router RIP Configuration Command Set on page 1379 Router OSPF Configuration Command Set on page 1360 Router PIM Sparse Configuration Command Set on page 1375 Quality of Service QoS Map Commands on page 1391 DHCP Pool Command Set on page 1406 Radius Group Command Set on page 1425 TACACS Group Configuration Command Set on page 1427 Common Commands on page 1429 ...

Страница 14: ...ession the following prompt displays ProCurve The following command is common to multiple command sets and is covered in a centralized section of this guide For more information refer to the section listed below exit on page 1437 ping address on page 1438 All other commands for this command set are described in this section in alphabetical order enable on page 13 logout on page 14 show clock on pa...

Страница 15: ...meters and should be password protected to prevent unauthorized use Use the enable password command found in the Global Configuration mode to specify an Enable Command mode password If the password is set access to the Enable Commands and all other privileged commands is only granted when the correct password is entered Refer to crypto ca authenticate name on page 337 for more information Usage Ex...

Страница 16: ...out Use the logout command to terminate the current session and return to the login screen Syntax Description No subcommands Default Values No defaults necessary for this command Usage Examples The following example shows the logout command being executed in the Basic mode ProCurve logout Session now available Press RETURN to get started ...

Страница 17: ...to display the system time and date entered using the clock set command Refer to clock set time day month year on page 63 for more information Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following example displays the current time and data from the system clock ProCurve show clock 23 35 07 Tue Aug 20 2002 ...

Страница 18: ...Description No subcommands Default Values No default value necessary for this command Usage Examples The following is an example output using the show snmp command for a system with SNMP disabled and the default chassis and contact parameters ProCurve show snmp Chassis Chassis ID Contact Name Contact Phone Contact Email Contact Pager Management URL Management URL Label 0 Rx SNMP packets 0 Bad comm...

Страница 19: ...r 7203dl SROS Version J03 01 Checksum 4F8DCF96 built on Tue Dec 21 08 32 18 2004 Boot ROM version J03 01 Checksum B133 built on Tue Dec 21 08 32 25 2004 Copyright c 2004 2005 Hewlett Packard Co Platform ProCurve Secure Router 7203dl Serial number US449TS058 Flash 33554432 bytes DRAM 268435455 bytes System uptime is 0 days 0 hours 22 minutes 42 seconds Current system image file CFLASH SROS BIZ Curr...

Страница 20: ...t command to open a Telnet session through the SROS to another system on the network Syntax Description address Specifies the IP address of the remote system Default Values No default value necessary for this command Usage Examples The following example opens a Telnet session with a remote system 10 200 4 15 ProCurve telnet 10 200 4 15 User Access Login Password ...

Страница 21: ...cified destination Syntax Description address Specifies the IP address of the remote system to trace the routes to Default Values No default value necessary for this command Usage Examples The following example performs a traceroute on the IP address 192 168 0 1 ProCurve traceroute 192 168 0 1 Type CTRL C to abort Tracing route to 192 168 0 1 over a maximum of 30 hops 1 22ms 20ms 20ms 192 168 0 65...

Страница 22: ... page 1438 show running config on page 1440 All other commands for this command set are described in this section in alphabetical order autosynch on page 22 clear commands begin on page 24 clock auto correct dst no auto correct dst on page 62 clock set time day month year on page 63 clock timezone text on page 64 configure on page 66 copy commands begin on page 67 debug commands begin on page 80 d...

Страница 23: ...Guide Enable Mode Command Set 5991 2114 Copyright 2007 Hewlett Packard Development Company L P 21 traceroute address source address on page 295 undebug all on page 296 wall message on page 297 write erase memory network terminal on page 298 ...

Страница 24: ...ck is performed on the system any time there is a change in startup config or SROS BIZ on the compact flash card The AutoSynchTM feature allows for quick installation and updates of routers by inserting a compact flash card containing the desired software must be renamed from the desired operating system software such as J03 01 biz to SROS BIZ and startup configuration file must be named startup c...

Страница 25: ... the SROS BIZ and startup config files if AutoSynchTM is enabled ProCurve enable ProCurve show autosynch status AutoSynch Mode Enabled AutoSynch SROS BIZ synched AutoSynch startup config synched Usage Examples The following example forces a synchronization of startup config and SROS BIZ located in system flash and compact flash memory ProCurve enable ProCurve autosynch AutoSynch SROS BIZ synched A...

Страница 26: ...ss list command to clear all counters associated with all access lists or a specified access list Syntax Description listname Optional Specifies the name label of an access list Default Values No default value necessary for this command Usage Examples The following example clears all counters for the access list labeled MatchAll ProCurve enable ProCurve clear access list MatchAll ...

Страница 27: ... arp cache Use the clear arp cache command to remove all dynamic entries from the Address Resolution Protocol ARP cache table Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following example removes all dynamic entries from the ARP cache ProCurve enable ProCurve clear arp cache ...

Страница 28: ...lear arp entry command to remove a single entry from the Address Resolution Protocol ARP cache Syntax Description address Specifies the IP address of the entry to remove Default Values No default value necessary for this command Usage Examples The following example removes the entry for 10 200 4 56 from the ARP cache ProCurve enable ProCurve clear arp entry 10 200 4 56 ...

Страница 29: ...Use the clear bridge command to clear all counters associated with bridging or for a specified bridge group Syntax Description group Optional Specifies a single bridge group 1 255 Default Values No default value necessary for this command Usage Examples The following example clears all counters for bridge group 17 ProCurve enable ProCurve clear bridge 17 ...

Страница 30: ...x used Use the clear buffers max used command to clear the maximum used statistics for buffers displayed in the show memory heap command Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following example clears the maximum used buffer statics ProCurve enable ProCurve clear buffers max used ...

Страница 31: ...fied interface Syntax Description interface Optional Specifies a single interface Enter clear counters or show interface for a complete list of interfaces interface id Optional Specifies the ID of the specific interface to clear e g 1 for port channel 1 Default Values No default values necessary for this command Usage Examples The following example clears all counters associated with the Ethernet ...

Страница 32: ...iations of this command include clear counters probe clear counters probe name Syntax Description name Specifies a probe object to reset counter Default Values No default value necessary for this command Usage Examples The following example resets the counters for all configured probes ProCurve enable ProCurve clear counters probe The following example resets the counters only for the probe named ...

Страница 33: ...ically named track clear counters track clear counters track name Syntax Description name Specifies a track object to reset counter Default Values No default value necessary for this command Usage Examples The following example resets the counters for all configured tracks ProCurve enable ProCurve clear counters track The following example resets the counters only for the track named track_1 ProCu...

Страница 34: ...the specified IKE remote ID A delete payload is sent to the peers prior to deletion of the SA This command is preferred to the clear crypto ike sa policy policy priority remote id remote id command when multiple unique SAs have been created on the same IKE policy but the user wants to delete only the SA to a unique peer Default Values No default value necessary for this command Usage Examples The ...

Страница 35: ... protocol and a security parameter index SPI You can determine the correct SPI value using the show crypto ipsec command esp SPI Clears only a portion of the SAs by specifying the ESP encapsulating security payload protocol and a security parameter index SPI You can determine the correct SPI value using the show crypto ipsec command map map name Clears only the SAs associated with the crypto map n...

Страница 36: ... clears diagnostic information appended to the output of the show version command This information results from an unexpected unit reboot Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following example clears the entire database of IKE SAs including the active associations ProCurve enable ProCurve clear dump core ...

Страница 37: ...nd to clear all messages logged to the local event history Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following example clears all local event history messages ProCurve enable ProCurve clear event history Warning Messages cleared from the local event history using the clear event history command are no longer accessible ...

Страница 38: ...r host command to clear a hostname and associated address from the DNS host to address table Syntax Description Clears all hosts from the host table hostname Clears a specific host entry from the host to address table Default Values No default value necessary for this command Usage Examples The following example clears all hostnames ProCurve enable ProCurve clear host ...

Страница 39: ...ding changes to prefix list filters do not take effect until the clear command is issued A hard reset clears the TCP connection with the specified peers which results in clearing the table This method of clearing is disruptive and causes peer routers to record a route flap for each route The out version of this command provides a soft reset out to occur by causing all routes to be re sent to the s...

Страница 40: ...evelopment Company L P 38 clear ip cache Use the clear ip cache command to delete cache table entries Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following example removes all entries from the cache table ProCurve enable ProCurve clear ip cache ...

Страница 41: ...ress Clears a specific binding entry Enter the source IP address format is A B C D Default Values No default value necessary for this command Functional Notes A DHCP server binding represents an association between a MAC address and an IP address that was offered by the unit to a DHCP client i e most often a PC Clearing a binding allows the unit to offer that IP address again should a request be m...

Страница 42: ... example shows output for the show igmp groups command before and after a clear ip igmp group command is issued This example clears the IGMP entry that was registered dynamically by a host Interfaces that are statically joined are not cleared ProCurve enable ProCurve show ip igmp groups ProCurve clear ip igmp group ProCurve show ip igmp groups This version of the command clears all dynamic groups ...

Страница 43: ...ribution Use the clear ip ospf command to reset open shortest path first OSPF information Syntax Description process Restarts the OSPF process redistribution Refreshes routes redistributed over OSPF Default Values No default value necessary for this command Usage Examples The following example resets the OSPF process ProCurve enable ProCurve clear ip ospf process ...

Страница 44: ...yload protocol ESP gre Specifies general routing encapsulation protocol GRE icmp Specifies Internet control message protocol ICMP protocol tcp Specifies transmission control protocol TCP udp Specifies universal datagram protocol UDP protocol Specifies protocol valid range 0 to 255 source ip Specifies the source IP address format is A B C D source port Specifies the source port in hex format AHP ES...

Страница 45: ...t Packard Development Company L P 43 Usage Examples The following example clears the Telnet association TCP port 23 for policy class pclass1 with source IP address 172 22 71 50 and destination 172 22 71 130 ProCurve enable ProCurve clear ip policy sessions pclass1 tcp 172 22 71 50 23 172 22 71 130 23 ...

Страница 46: ...he policy class to clear If no policy class is specified statistics are cleared for all policies entry policy class Optional Use this keyword to clear statistics of a specific policy class entry Default Values No default value necessary for this command Usage Examples The following example clears statistical counters for all policy classes ProCurve enable ProCurve clear ip policy stats The followi...

Страница 47: ...fix list hit count shown in the show ip prefix list detail command output See show ip prefix list detail summary listname on page 235 Syntax Description listname Specifies hit count statistics of the IP prefix list to clear Default Values No default value necessary for this command Usage Examples The following example clears the hit count statistics for prefix list test ProCurve enable ProCurve cl...

Страница 48: ...table Static and connected routes are not cleared by this command Syntax Description Deletes all destination routes ip address Specifies the IP address of the destination routes to be deleted subnet mask Specifies the subnet mask of the destination routes to be deleted Default Values No default value necessary for this command Usage Examples The following example removes all learned routes from th...

Страница 49: ...istics Use the clear ip urlfilter statistics command to clear all statistics counters for URL filter requests and responses Syntax Description No subcommands Default Values No default necessary for this command Usage Examples The following example clears all counters for URL filter requests and responses ProCurve enable ProCurve clear ip urlfilter statistics ...

Страница 50: ...any L P 48 clear lldp counters Use the clear lldp counters command to reset all LLDP packet counters to 0 on all interfaces Syntax Description No subcommands Default Values There are no default settings for this command Usage Examples The following example resets all LLDP counters ProCurve enable ProCurve clear lldp counters ...

Страница 51: ...o reset all LLDP packet counters to 0 for a specified interface Syntax Description interface Clears the information for the specified interface Type clear lldp counters interface for a complete list of applicable interfaces Default Values No default values are necessary for this command Usage Examples The following example resets the counters on a PPP interface ProCurve enable ProCurve clear lldp ...

Страница 52: ...n information about neighbors included in those frames Syntax Description No subcommands Default Values There are no default settings for this command Functional Notes This command generates output indicating the names of any neighbors deleted from the database and the name of the interface on which the neighbor was learned Usage Examples The following example clears LLDP neighbor Switch_1 from th...

Страница 53: ...e the clear pppoe command to terminate the current PPPoE client session and cause the SROS to attempt to re establish the session Syntax Description ppp interface PPP interface number Default Values No default value necessary for this command Usage Examples The following example ends the current PPPoE client session for ppp 1 ProCurve enable ProCurve clear pppoe 1 ...

Страница 54: ...max Use the clear process cpu max command to clear the maximum CPU usage statistic which is displayed in the show process cpu command output Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following example resets the CPU maximum usage statistics ProCurve enable ProCurve clear process cpu max ...

Страница 55: ...lear processes queue Use the clear processes queue command to clear the contents of the system processing queues Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following example clears the contents of the system processing queues ProCurve enable ProCurve clear process queue ...

Страница 56: ... interface Specifies an interface for which to clear QoS map statistics for just that interface Type clear cos map for a complete list of applicable interfaces Default Values No default value necessary for this command Usage Examples The following example clears statistics for all defined QoS maps ProCurve clear qos map The following example clears statistics for all entries in the priority QoS ma...

Страница 57: ...ar route map counters map Use the clear route map counters command to reset route map hit counters Syntax Description map Specifies specific route map to be cleared Default Values No default value necessary for this command Usage Examples The following example clears all route map counters ProCurve enable ProCurve clear route map counters ...

Страница 58: ...clear sip location command to clear session initiation protocol SIP location database statistics Syntax Description Clears all dynamic location entries username Specifies specific username to clear Default Values No default value necessary for this command Usage Examples The following example deletes all dynamic location entries ProCurve enable ProCurve clear sip location ...

Страница 59: ...ration Use the clear sip user registration command to clear local session initiation protocol SIP server registration information Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following example clears all SIP server registration information ProCurve enable ProCurve clear sip user registration ...

Страница 60: ...nts BPDU transmit BPDU receive and number of transitions to forwarding state Syntax Description interface interface id Optional Specifies a single interface Enter clear spanning tree counters for a complete list of applicable interfaces Default Values No default value necessary for this command Usage Examples The following example clears the spanning tree counters for Ethernet 0 1 ProCurve enable ...

Страница 61: ... has the ability to operate using the rapid spanning tree protocol or the legacy 802 1D version of spanning tree When a BPDU bridge protocol data unit of the legacy version is detected on an interface the ProCurve Secure Router automatically regresses to using the 802 1D spanning tree protocol for that interface Issue the clear spanning tree detected protocols command to return to rapid spanning t...

Страница 62: ...tistics Use the clear tacacs statistics command to delete all terminal access controller access control system TACACS protocol statistics Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following example clears all TACACS protocol statistics ProCurve enable ProCurve clear tacacs statistics ...

Страница 63: ...a user from a given line Syntax Description console user number Detaches a specific console user Valid range is 0 to 1 ssh user number Detaches a specific secure shell SSH user Valid range is 0 to 4 telnet user number Detaches a specific Telnet user Valid range is 0 to 5 Default Values No default value necessary for this command Usage Examples The following example detaches the console 1 user ProC...

Страница 64: ...the unit to automatically correct for DST no auto correct DST Disables DST correction Default Values By default DST correction takes place automatically Functional Notes Depending on the clock timezone chosen see clock timezone text on page 64 for more information one hour DST correction may be enabled automatically You may override this default using this command Usage Examples The following exam...

Страница 65: ...s the time in 24 hr format of the system software clock in the format HH MM SS hours minutes seconds day Sets the current day of the month Range 1 to 31 month Sets the current month Range January to December You need only enter enough characters to make the entry unique This entry is not case sensitive year Sets the current year Range 2000 to 2100 Default Values No default value necessary for this...

Страница 66: ...osen one hour Daylight Savings Time DST correction may be enabled automatically See clock auto correct dst no auto correct dst on page 62 for more information clock timezone 1 Amsterdam clock timezone 1 Belgrade clock timezone 1 Brussels clock timezone 1 Sarajevo clock timezone 1 West Africa clock timezone 10 Brisbane clock timezone 10 Canberra clock timezone 10 Guam clock timezone 10 Hobart clock...

Страница 67: ... Ekaterinburg clock timezone 5 Islamabad clock timezone 3 Greenland clock timezone 3 30 clock timezone 4 Atlantic Time clock timezone 4 Caracus clock timezone 4 Santiago clock timezone 5 clock timezone 5 Bogota clock timezone 5 Eastern Time clock timezone 6 Central America clock timezone 6 Central Time clock timezone 6 Mexico City clock timezone 6 Saskatchewan clock timezone 5 30 clock timezone 5 ...

Страница 68: ...Syntax Description terminal Enters the Global Configuration mode memory Configures the active system with the commands located in the default configuration file stored in flash memory network Configures the system from a TFTP network host overwrite network Overwrites flash memory from a TFTP network host Default Values No default value necessary for this command Usage Examples The following exampl...

Страница 69: ...s The following example copies the file J03_01 boot biz located on the compact flash card to the Boot ROM ProCurve enable ProCurve copy cflash J03_01 boot biz boot Upgrading boot code is a critical process that cannot be interrupted If something were to happen and the process was not able to be completed it would render your unit inoperable It is for this reason that during a bootcode upgrade all ...

Страница 70: ...ination is startup config cflash filename Specifies the destination memory location for the file copy as compact flash memory and specifies the filename flash filename Specifies the destination memory location for the file copy as flash memory and specifies the filename startup config Replaces the primary startup configuration file with a copy of the specified file tftp Specifies sending the file ...

Страница 71: ...ve enable ProCurve copy cflash tftp Address of remote host 10 200 2 4 Source filename myfile biz Destination filename myfile biz Initiating TFTP transfer Received 45647 bytes Transfer Complete The following example copies the file myfile biz located on the compact flash card to the connected terminal using XMODEM protocol ProCurve enable ProCurve copy cflash xmodem Source filename myfile biz Begin...

Страница 72: ... for this command Functional Notes The copy console command works much like a line editor Prior to pressing Enter changes can be made to the text on the line Changes can be made using Delete and Backspace keys The text can be traversed using the arrow keys Ctrl A to go to the beginning of a line and Ctrl E to go to the end of a line To end copying to the text file type Ctrl D The file will be save...

Страница 73: ...ilename Specifies the destination memory location for the file copy as compact flash memory and the filename flash filename Specifies the destination memory location for the file copy as flash memory and the filename interface type slot port Specifies copying a software file to a specified interface This command is only valid for modules that contain module specific software that is independent of...

Страница 74: ...Curve enable ProCurve copy flash myfile biz flash newfile biz The following example copies the file new_startup_config located in flash memory to the primary startup configuration ProCurve enable ProCurve copy flash new_startup_config startup config The following example copies the software file J03_01 biz located in flash memory to a TFTP server ProCurve enable ProCurve copy flash tftp Address of...

Страница 75: ...sh xmodem Source filename J03_01 biz Begin the Xmodem transfer now Press CTRL X twice to cancel CCCCCC The SROS is now ready to transmit the file on the CONSOLE port using the XMODEM protocol The next step in the process may differ depending on the type of terminal emulation software you are using For HyperTerminal you will now select Transfer Receive File and select the destination Once the trans...

Страница 76: ... IP address of the TFTP server Destination filename Specifies the filename to use when storing the copied file on the TFTP server The file will be placed in the default directory established by the TFTP server xmodem Sends the current running configuration file using the XMODEM protocol to the terminal connected to the Console port cflash filename Specifies the destination memory location for the ...

Страница 77: ...ote host 10 200 2 4 Destination filename config_01 txt Initiating TFTP transfer Sent 3099 bytes Transfer Complete The following example copies the current running configuration to the connected terminal using XMODEM protocol ProCurve enable ProCurve copy running config xmodem Begin the Xmodem transfer now Press CTRL X twice to cancel CCCCCC The SROS is now ready to transmit the file on the CONSOLE...

Страница 78: ...le on the TFTP server The file will be placed in the default directory established by the TFTP server xmodem Sends the current startup configuration file using the XMODEM protocol to the terminal connected to the Console port cflash filename Specifies the destination memory location for the copied file as compact flash and specifies the filename for the copied file flash filename Specifies the des...

Страница 79: ...ss of remote host 10 200 2 4 Destination filename startup_01 txt Initiating TFTP transfer Sent 3099 bytes Transfer Complete The following example copies the current startup configuration to the connected terminal using XMODEM protocol ProCurve enable ProCurve copy startup config xmodem Begin the Xmodem transfer now Press CTRL X twice to cancel CCCCCC The SROS is now ready to transmit the file on t...

Страница 80: ...ver Source filename Specifies the Name of the file to copy from the TFTP server Destination filename Specifies the filename to use when storing the copied file to flash memory Valid only for the copy tftp cflash and copy tftp flash commands Default Values No default value necessary for this command Usage Examples The following example replaces the current running configuration file with new_config...

Страница 81: ...r the following information Destination filename Specifies the filename to use when storing the copied file to flash memory Valid only for the copy cflash and copy flash commands Default Values No default value necessary for this command Usage Examples The following example copies a software file J03_01 biz to flash memory and labels it SROS BIZ ProCurve copy xmodem flash Destination filename SROS...

Страница 82: ...lt Values By default all debug messages in the SROS are disabled Functional Notes The debug aaa events include connection notices login attempts and session tracking Usage Examples The following is sample output for this command ProCurve enable ProCurve debug aaa AAA New Session on portal TELNET 0 172 22 12 60 4867 AAA No list mapped to TELNET 0 Using default AAA Attempting authentication username...

Страница 83: ... the no form of this command to disable the debug messages Syntax Description listname Specifies a configured access list Default Values By default all debug messages in the SROS are disabled Functional Notes The debug access list command provides debug messages to aid in troubleshooting access list issues Usage Examples The following example activates debug messages for the access list labeled Ma...

Страница 84: ...bug messages are displayed real time on the terminal or Telnet screen Use the no form of this command to disable the debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates debug messages associated with ARP transactions ProCurve enable ProCurve debug arp Note Turning on a large amount of ...

Страница 85: ...s Debug messages are displayed real time to the terminal or Telnet screen Use the no form of this command to disable debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates ATM event messages ProCurve enable ProCurve debug atm events Note Turning on a large amount of debug information can ...

Страница 86: ...e following debug atm oam vcd debug atm oam vcd loopback end to end segment debug atm oam vcd loopback end to end segment LLID Syntax Description vcd Shows OAM packets for a specific VCD loopback Configures an OAM loopback end to end Configures an end to end OAM loopback segment Configures a segment loopback LLID Specifies 16 byte OAM loopback location ID LLID Default Values By default all debug m...

Страница 87: ...g atm packet interface atm port id vcd vcd number debug atm packet vc VPI VCI Syntax Description interface atm port id Shows packets on a specific ATM port and on all virtual circuits vc VPI VCI Shows packets on a specific virtual circuit identified by the virtual path identifier and virtual channel identifier VPI VCI vcd vcd number Shows packets on specific virtual circuit descriptors VCD Default...

Страница 88: ...reen Use the no form of this command to disable the debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Functional Notes The debug backup command activates debug messages to aid in the troubleshooting of backup links Usage Examples The following example activates debug messages for backup operation ProCurve enable ProCurve debug ba...

Страница 89: ...s Debug messages are displayed real time to the terminal or Telnet screen Use the no form of this command to disable debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates bridge debug messages ProCurve debug bridge Note Turning on a large amount of debug information can adversely affect ...

Страница 90: ...ayed real time on the terminal or Telnet screen Use the no form of this command to disable the debug messages Syntax Description chat interface Specifies the chat interface to debug in slot port format Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates debug messages for the chat interface 0 1 ProCurve enable ProCurve debug chat int...

Страница 91: ...negotiation Displays only IKE key management debug messages e g handshaking ike client authentication Displays IKE client authentication messages as they occur ike client configuration Displays mode config exchanges as they take place over the IKE SA It is enabled independently from the ike negotiation debug described previously ipsec Displays all IPSec debug messages pki Displays all PKI public k...

Страница 92: ...are displayed real time on the terminal or Telnet screen Use the no form of this command to disable the debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates debug messages associated with data call errors and events ProCurve enable ProCurve debug data call Note Turning on a large amount...

Страница 93: ...s Debug messages are displayed real time to the terminal or Telnet screen Use the no form of this command to disable debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates demand routing error and event messages ProCurve enable ProCurve debug demand routing Note Turning on a large amount ...

Страница 94: ...ault Values By default all debug messages in the SROS are disabled Functional Notes When enabled these messages provide status information on incoming calls dialing and answering progress etc These messages also give information on why certain calls are dropped or rejected It is beneficial to use this command when troubleshooting backup in addition to the debug backup command Usage Examples The fo...

Страница 95: ...re displayed real time to the terminal or Telnet screen Use the no form of this command to disable the debug messages Syntax Description verbose Turns on verbose messaging Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates dynamic DNS debug messages ProCurve enable ProCurve debug dynamic dns verbose Note Turning on a large amount of...

Страница 96: ...s command to disable the debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Functional Notes The debug firewall command activates debug messages to provide real time information about the SROS stateful inspection firewall operation Usage Examples The following example activates the debug messages for the SROS stateful inspection f...

Страница 97: ...messages are displayed real time on the terminal or Telnet screen Use the no form of this command to disable the debug messages Syntax Description verbose Enables detailed debug messages Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates debug messages associated with SIP information with SROS firewall operation ProCurve enable ProC...

Страница 98: ...ay interface state llc2 Activates debug messages for the logical link control layer lmi Activates debug messages for the local management interface such as DLCI status signaling state etc Default Values By default all debug messages in the SROS are disabled Functional Notes The debug frame relay command activates debug messages to aid in the troubleshooting of Frame Relay links Usage Examples The ...

Страница 99: ...no form of this command to disable the debug messages Syntax Description interface Optional Activates debug messages for the specified interface Type debug frame relay multilink for a complete list of applicable interfaces Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates debug messages associated with multilink operation for all F...

Страница 100: ...ntax Description interface Activates debug messages for the specified interface Type debug interface for a complete list of applicable interfaces Default Values By default all debug messages in the SROS are disabled Functional Notes The debug interface command activates debug messages to aid in the troubleshooting of physical interfaces Usage Examples The following example activates all possible d...

Страница 101: ...ug messages are displayed real time to the terminal or Telnet screen Use the no form of this command to disable the debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates debug messages for ADSL events ProCurve enable ProCurve debug interface adsl events Note Turning on a large amount of ...

Страница 102: ...plays BGP keepalive packets updates Displays BGP updates for all neighbors updates quiet Displays summary information about BGP neighbor updates Note updates quiet displays a one line summary of what update displays in 104 lines Default Values By default all debug messages in the SROS are disabled Functional Notes If no arguments are given the debug ip bgp command displays general BGP events such ...

Страница 103: ...ages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Functional Notes The debug ip dhcp client command activates debug messages to provide information on DHCP client activity in the SROS The SROS DHCP client capability allows interfaces to dynamically obtain an IP address from a network DHCP server Usage Examples The following example activat...

Страница 104: ...isable the debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Functional Notes The debug ip dhcp server command activates debug messages to provide information on DHCP server activity in the SROS The SROS DHCP server capability allows the SROS to dynamically assign IP addresses to hosts on the network Usage Examples The following ...

Страница 105: ...mand to disable the debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Functional Notes The debug ip dns client command activates debug messages to provide information on DNS client activity in the SROS The IP DNS capability allows for DNS based host translation name to address Usage Examples The following example activates debug ...

Страница 106: ...mand to disable the debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Functional Notes The debug ip dns proxy command activates debug messages to provide information on DNS proxy activity in the SROS The IP DNS capability allows for DNS based host translation name to address Usage Examples The following example activates debug me...

Страница 107: ...ommand to disable the debug messages Syntax Description No subcommands Default Values By default all debug messages in SROS are disabled Functional Notes The debug ip dns table command activates debug messages to provide information on DNS table activity in SROS The IP DNS capability allows for DNS based host translation name to address Usage Examples The following example activates debug messages...

Страница 108: ...isable the debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Functional Notes The debug ip ftp server command activates debug messages to provide information on FTP server activity in the SROS The FTP server capability allows for fast file management and transport for local or remote devices Usage Examples The following example a...

Страница 109: ...net screen Use the no form of this command to disable the debug messages Variations of this command include debug ip http server debug ip http server verbose Syntax Description verbose Optional Activates detailed debug messages for HTTP operation Default Values By default all debug messages in SROS are disabled Usage Examples The following example activates debug messages associated with HTTP serv...

Страница 110: ... are displayed real time to the terminal or Telnet screen Use the no form of this command to disable the debug messages Syntax Description verbose Activates detailed debug messages for HTTP operation Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates debug messages associated with HTTP activity ProCurve enable ProCurve debug ip http...

Страница 111: ...g messages in the SROS are disabled Usage Examples The following example activates the debug ip icmp send and receive messages for the SROS ProCurve enable ProCurve debug ip icmp ICMP SEND From 0 0 0 0 to 172 22 14 229 Type 8 Code 0 Length 72 Details echo request ICMP RECV From 172 22 14 229 to 10 100 23 19 Type 0 Code 0 Length 72 Details echo reply ICMP SEND From 0 0 0 0 to 172 22 14 229 Type 8 C...

Страница 112: ...layed real time on the terminal or Telnet screen Use the no form of this command to disable the debug messages Syntax Description group address Optional IP address of a multicast group Default Values No default value necessary for this command Usage Examples The following example enables IGMP debug messages for the specified multicast group ProCurve enable ProCurve debug ip igmp 10 1 1 1 Note Turn...

Страница 113: ...ents Debug messages are displayed real time to the terminal or Telnet screen Use the no form of this command to disable the debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Usage Examples The following sample activates ip mrouting debug messages ProCurve enable ProCurve debug ip mrouting Note Turning on a large amount of debug i...

Страница 114: ...ions tree Displays OSPF database tree Default Values By default all debug messages in the SROS are disabled Usage Examples The following is an example of debug ip ospf command results ProCurve enable ProCurve debug ip ospf flood OSPF Update LSA id c0a8020d rtid 192 168 2 13 area 11 0 0 0 type 1 OSPF Update LSA id 0b003202 rtid 11 0 50 2 area 11 0 0 0 type 1 OSPF Queue delayed ACK lasid 0b003202 ls...

Страница 115: ...cket detailed information on the console or Telnet terminal session Note The console stream can be captured to a log file and used as an input file for display with ETHEREAL by using text2pcap exe which is a part of the ETHEREAL distribution Execute as follows text2pcap l 101 input_file output_file Next open the output file with ETHEREAL for display and decode The typical lower layer information i...

Страница 116: ...ard IP s 192 168 7 2 eth 0 2 d 192 168 8 101 eth 0 1 g 192 168 8 101 forward IP s 192 168 8 101 eth 0 1 d 192 168 7 2 eth 0 2 g 192 168 7 2 forward IP s 192 168 7 2 eth 0 2 d 192 168 8 101 eth 0 1 g 192 168 8 101 forward Where s 192 168 8 101 eth 0 1 indicates source address and interface of received packet d 192 168 7 2 eth 0 2 indicates destination address and interface from which the packet is ...

Страница 117: ...ation Debug messages are displayed real time to the terminal or Telnet screen Use the no form of this command to disable debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates all PIM sparse mode messages ProCurve enable ProCurve debug ip pim sparse Note Turning on a large amount of debug...

Страница 118: ...real time to the terminal or Telnet screen Use the no form of this command to disable debug messages Syntax Description event Displays PIM sparse assert events state Displays PIM sparse assert state changes address Specifies group address to filter Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates all PIM sparse assert event messag...

Страница 119: ...nsactions Debug messages are displayed real time to the terminal or Telnet screen Use the no form of this command to disable debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates PIM sparse mode hello messages ProCurve enable ProCurve debug ip pim sparse hello Note Turning on a large amo...

Страница 120: ...lnet screen Use the no form of this command to disable debug messages Syntax Description event Displays PIM sparse join and prune events state Displays PIM sparse join and prune state changes address Specifies group address to filter Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates PIM sparse mode messages for all join and prune e...

Страница 121: ...debug messages Syntax Description in Displays messages for inbound PIM sparse packets out Displays messages for outbound PIM sparse packets interface Specifies specific interface Type debug ip pim sparse packets in out interface for a list of valid interfaces interface id Specifies a valid interface ID Default Values By default all debug messages in the SROS are disabled Usage Examples The followi...

Страница 122: ...e terminal or Telnet screen Use the no form of this command to disable debug messages Syntax Description event Displays PIM sparse register events state Displays PIM sparse register state changes address Specifies group address to filter Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates all PIM sparse registration state changes Pro...

Страница 123: ...e displayed real time to the terminal or Telnet screen Use the no form of this command to disable debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates policy based routing event messages ProCurve enable ProCurve debug ip policy Note Turning on a large amount of debug information can adv...

Страница 124: ...bug messages Syntax Description events Optional Use this optional keyword to display only RIP protocol events Default Values By default all debug messages in the SROS are disabled Functional Notes The debug ip rip command activates debug messages to provide information on RIP activity in the SROS RIP allows hosts and routers on a network to exchange information about routes Usage Examples The foll...

Страница 125: ...Debug messages are displayed real time to the terminal or Telnet screen Use the no form of this command to disable the debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Usage Examples The following sample activates ip routing debug messages ProCurve enable ProCurve debug ip routing Note Turning on a large amount of debug informat...

Страница 126: ...pear next to TCB e g TCB5 in the following example represent the TCP session number This allows you to differentiate debug messages for multiple TCP sessions Usage Examples The following is sample output for this command ProCurve enable ProCurve debug ip tcp events 2003 02 17 07 40 56 IP TCP EVENTS TCP Allocating block 5 2003 02 17 07 40 56 IP TCP EVENTS TCB5 state change FREE SYNRCVD 2003 02 17 0...

Страница 127: ...s are displayed real time to the terminal or Telnet screen Use the no form of this command to disable debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Functional Notes Debug messages will only be generated for TCP ports that have MD5 authentication enabled Usage Examples The following example activates the display of these debug...

Страница 128: ...s UDP port i e the data is discarded Usage Examples The following is sample output for this command ProCurve enable ProCurve debug ip udp 2003 02 17 07 38 48 IP UDP RX src 10 200 3 236 138 dst 10 200 255 255 138 229 bytes no listener 2003 02 17 07 38 48 IP UDP RX src 10 200 2 7 138 dst 10 200 255 255 138 227 bytes no listener 2003 02 17 07 38 48 IP UDP RX src 10 200 201 240 138 dst 10 200 255 255 ...

Страница 129: ... no form of this command to disable debug messages Variations of this command include debug ip urlfilter debug ip urlfilter verbose Syntax Description verbose Optional Enables detailed debug messages Default Values By default all debug messages are disabled Usage Examples The following example shows the debug summary for all URL filters being used ProCurve enable ProCurve debug ip urlfilter 2005 1...

Страница 130: ...nd to disable the debug messages Syntax Description cc ie Displays call control information elements cc messages Displays call control messages endpoint Displays endpoint events interface Displays ISDN interface events l2 formatted Displays layer 2 formatted messages l2 messages Displays layer 2 messages interface id Specifies the ISDN interface Range is 1 to 255 Default Values By default all debu...

Страница 131: ...ug messages are displayed real time to the terminal or Telnet screen Use the no form of this command to disable the debug messages Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following example activates debug messages associated with ISDN activity ProCurve enable ProCurve debug isdn events Note Turning on a large amount of debug i...

Страница 132: ...s Debug messages are displayed real time to the terminal or Telnet screen Use the no form of this command to disable the debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates debug messages associated with the ISDN resource manager ProCurve enable ProCurve debug isdn resource manager Not...

Страница 133: ... the SROS Debug messages are displayed real time to the terminal or Telnet screen Use the no form of this command to disable the debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates all debug messages associated with ISDN activity ProCurve enable ProCurve debug isdn verbose Note Turning...

Страница 134: ...f the command to disable debug messages Syntax Description rx Shows information about received packets tx Shows information about transmitted packets verbose Shows detailed debugging information Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates all possible debug messages associated with LLDP operation ProCurve debug lldp rx ProCur...

Страница 135: ...ays AuthPAE state machine information bkend sm Optional Displays backend state machine information general Optional Displays configuration changes to the port authentication system packet both Optional Displays packet exchange information in both receive and transmit directions packet rx Optional Displays packet exchange information in the receive only direction packet tx Optional Displays packet ...

Страница 136: ... PPP authentication CHAP PAP EAP etc errors Activates debug messages that indicate a PPP error was detected mismatch in negotiation authentication etc negotiation Activates debug messages associated with PPP negotiation verbose Activates detailed debug messages for PPP operation Default Values By default all debug messages in the SROS are disabled Functional Notes The debug ppp command activates d...

Страница 137: ... in the SROS Debug messages are displayed real time to the terminal or Telnet screen Use the no form of this command to disable the debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates debug messages associated with PPPoE activity ProCurve enable ProCurve debug pppoe client Note Turning...

Страница 138: ...t screen Use the no form of this command to disable the debug messages Variations of this command include debug probe debug probe name Syntax Description name Optional Specifies the probe object Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates debug messages associated with all probe objects ProCurve enable ProCurve debug probe Th...

Страница 139: ...ug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Functional Notes The debug radius messages show the communication process with the remote RADIUS servers Usage Examples The following is an example output for the debug radius command ProCurve enable ProCurve debug radius RADIUS AUTHENTICATION Sending packet to 172 22 48 1 1645 RADIU...

Страница 140: ... Activates SIP location database event debug messages manager Activates SIP stack manager event debug messages name service Activates SIP name service event debug messages proxy subsource Activates SIP proxy event debug messages Input for specifying a subsource is optional trunk registration Txx identity Activates SIP trunk registration event debug messages Specifying a particular trunk is optiona...

Страница 141: ...ack messages summary debug sip stack verbose debug sip stack warnings Syntax Description debug Activates SIP stack debug event debug messages errors Activates SIP stack error event debug messages exceptions Activates SIP stack exception event debug messages info Activates SIP stack info event debug messages messages Activates all SIP debug messages verbose Activates all SIP stack event debug messa...

Страница 142: ...formation server Optional Displays SNTP server information Default Values By default all debug messages in the SROS are disabled Functional Notes The debug sntp command activates debug messages to aid in troubleshooting SNTP protocol issues Usage Examples The following is an example output for the debug sntp command ProCurve enable ProCurve debug sntp ProCurve config term ProCurve config sntp serv...

Страница 143: ...he display of spanning tree debug messages when configuration changes occur events Enables the display of debug messages when spanning tree protocol events occur general Enables the display of general spanning tree debug messages topology Enables the display of debug messages when spanning tree protocol topology events occur Default Values By default all debug messages in the SROS are disabled Usa...

Страница 144: ...e the no form of this command to disable the debug messages Syntax Description receive Displays debug messages for BPDU packets received by the unit transmit Displays debug messages for BPDU packets transmitted by the unit all Displays debug messages for BPDU packets that are transmitted and received by the unit Default Values By default all debug messages in the SROS are disabled Usage Examples T...

Страница 145: ...ssages are displayed real time to the terminal or Telnet screen Use the no form of this command to disable the debug messages Syntax Description No subcommands Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates debug messages associated with system information ProCurve enable ProCurve debug system Note Turning on a large amount of d...

Страница 146: ... real time to the terminal or Telnet screen Use the no form of this command to disable the debug messages Syntax Description events Activates TACACS event debug messages packets Activates TACACS packet debug messages Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates debug messages associated with the TACACS protocol ProCurve enable...

Страница 147: ... screen Use the no form of this command to disable the debug messages Syntax Description client packets Activates TFTP client packet debug messages server events Activates TFTP server event debug messages server packets Activates TFTP server packet debug messages Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates debug messages asso...

Страница 148: ...Telnet screen Use the no form of this command to disable the debug messages Variations of this command include debug track debug track name Syntax Description name Specifies the track object Default Values By default all debug messages in the SROS are disabled Usage Examples The following example activates debug messages associated with all track objects ProCurve enable ProCurve debug track The fo...

Страница 149: ...tax Description Optional When a wildcard is specified only files located in flash memory matching the listed pattern are displayed When no wildcard is specified the entire contents of flash memory is displayed Default Values No default value necessary for this command Usage Examples The following is sample output from the dir command specifying a list of all biz files ProCurve enable ProCurve dir ...

Страница 150: ...a wildcard is specified only files located in the specified location matching the listed pattern are displayed When no wildcard is specified the entire contents of flash memory is displayed Default Values No default value necessary for this command Usage Examples The following is sample output from the dir command specifying a list of all biz files found on the installed compact flash card ProCurv...

Страница 151: ...ny L P 149 disable Use the disable command to exit the Enable Command mode and enter the Basic Command mode Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following example exits the Enable Command mode and enters the Basic Command mode ProCurve disable ProCurve ...

Страница 152: ...ating and configuration parameters and should be password protected to prevent unauthorized use Use the enable password command found in the Global Configuration mode to specify an Enable Command mode password If the password is set access to the Enable Commands and all other privileged commands is only granted when the correct password is entered Refer to enable password md5 password on page 355 ...

Страница 153: ...mmand the startup config file is removed from both flash and compact flash cflash Specifies the location of the file to erase as the installed compact flash card flash Specifies the location of the file to erase as the system flash memory filename Specifies the name of the file to erase The asterisk can be used as a wildcard to specify a pattern for erasing multiple files When a wildcard is specif...

Страница 154: ...cflash command to erase all files on the installed compact flash card Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following example erases all files located on the installed compact flash card ProCurve enable ProCurve erase file system cflash Note Erasing the file system is equivalent to formatting the compact flash card ...

Страница 155: ...s Use the events command to enable event reporting to the current CLI session Use the no form of this command to disable all event reporting to the current CLI session Syntax Description No subcommands Default Values By default this command is enabled Usage Examples The following example enables event reporting ProCurve enable ProCurve events ...

Страница 156: ...erates an exception report ProCurve enable ProCurve exception report generate Exception report generated ProCurve show file flash exception report 20050726071500 Using 47428 bytes VERSION ProCurve Secure Router 7102dl SROS Version J03 01 00 Checksum 5D5AE64E built on Mon Jun 20 13 31 52 2005 Boot ROM version J03 01 00 Checksum B1BC built on Mon Jul 18 13 11 02 2005 Copyright c 2005 2005 Hewlett Pa...

Страница 157: ...OL startup config CORE DUMP BUFFER USERS Number of users 9 Rank User Count 1 fixedsize 128 2 0x00873a50 128 3 0x00162530 84 4 0x00863e5c 64 5 0x0051c1e8 43 6 0x0086cfa8 16 7 0x00226cf0 14 8 0x00144990 1 9 0x0051f408 1 10 0x00000000 0 11 0x00000000 0 12 0x00000000 0 13 0x00000000 0 14 0x00000000 0 15 0x00000000 0 EVENT HISTORY CurrentTime ActiveQueue Event 68169518 FrontPanel 0x002294b4 68169510 Pa...

Страница 158: ...se the logout command to terminate the current session and return to the login screen Syntax Description No subcommands Default Values No defaults necessary for this command Usage Examples The following example shows the logout command being executed in Enable mode ProCurve enable ProCurve logout Session now available Press RETURN to get started ...

Страница 159: ... a delay period the SROS will wait before reloading delay Specifies the delay period in minutes mmm or hours and minutes hh mm Default Values No default value necessary for this command Usage Examples The following example reloads the SROS software in 3 hours and 27 minutes ProCurve enable ProCurve reload in 03 27 The following example reloads the SROS software in 15 minutes ProCurve enable ProCur...

Страница 160: ... this command Functional Notes The show access lists command displays all configured access lists in the system All entries in the access list are displayed and a counter indicating the number of packets matching the entry is listed Usage Examples The following is a sample output from the show access lists command ProCurve enable ProCurve show access lists Standard access list MatchAll permit host...

Страница 161: ...isplay full screen output in real time Information is continuously updated on the console until you either freeze the data by pressing the F key or exit reatime mode by pressing Ctrl C If there is not enough room on the screen for all available data the information will truncate at the bottom of the screen In order to maximize the amount of data displayed increase the terminal length using the ter...

Страница 162: ...ws ATM PVC information traffic Shows ATM traffic information sub interface number For ATM PVC information enter the sub interface x x number atm port interface For ATM port traffic information enter the port ATM number 1 1023 atm vcl interface For ATM VCL traffic information enter the ATM VCL number 1 1023 1 65536 Default Values No default is necessary for this command Usage Examples The following...

Страница 163: ... No subcommands Default Value No default is necessary for this command Usage Examples The following is a sample output from the show autosynch status command with AutoSynchTM disabled ProCurve enable ProCurve show autosynch status AutoSynch Mode Disabled AutoSynch SROS BIZ not synched AutoSynch startup config not synched The following is a sample output from the show autosynch status command with ...

Страница 164: ...nters the Enable command mode and uses the show command to display backup interface information ProCurve enable ProCurve show backup interfaces Backup interfaces fr 1 16 backup interface Backup state idle Backup protocol PPP Call mode originate Auto backup enabled Auto restore enabled Priority 50 Backup delay 10 seconds Restore delay 10 seconds Connect timeout 60 seconds Redial retries unlimited R...

Страница 165: ...th the specific interface Type the show bridge command to display a list of applicable interfaces bridgegroup Optional Displays information for a specific bridge group Default Values No default value necessary for this command Usage Examples The following is a sample output from the show bridge command ProCurve enable ProCurve show bridge Total of 300 station blocks 295 free Address Action Interfa...

Страница 166: ...reen output in real time Information is continuously updated on the console until you either freeze the data by pressing the F key or exit reatime mode by pressing Ctrl C If there is not enough room on the screen for all available data the information will truncate at the bottom of the screen In order to maximize the amount of data displayed increase the terminal length using the terminal length c...

Страница 167: ...in real time Information is continuously updated on the console until you either freeze the data by pressing the F key or exit reatime mode by pressing Ctrl C If there is not enough room on the screen for all available data the information will truncate at the bottom of the screen In order to maximize the amount of data displayed increase the terminal length using the terminal length command Usage...

Страница 168: ...Syntax Description filename Optional Displays details for the specified file located in compact flash memory Enter a wildcard such as biz to display the details for all files matching the entered pattern Default Values No default value necessary for this command Usage Examples The following is a sample show cflash output ProCurve enable ProCurve show cflash 4043024 J03_01 BIZ 285188 J03_01 boot bi...

Страница 169: ...ed using the clock set command See clock set time day month year on page 63 for more information Syntax Description detail Optional Use this optional keyword to display more detailed clock information including the time source Default Values No default value necessary for this command Usage Examples The following example displays the current time and data from the system clock ProCurve show clock ...

Страница 170: ...ue necessary for this command Usage Examples The following is a sample output of the show configuration command ProCurve enable ProCurve show configuration no enable password ip subnet zero ip classless ip routing event history on no logging forwarding logging forwarding priority level info no logging email ip policy timeout tcp all ports 600 ip policy timeout udp all ports 60 ip policy timeout ic...

Страница 171: ...ht 2007 Hewlett Packard Development Company L P 169 ip access list extended UnTrusted deny icmp 10 5 60 0 0 0 0 255 any source quench deny tcp any any no ip snmp agent line con 0 no login line telnet 0 login line telnet 1 login line telnet 2 login line telnet 3 login line telnet 4 login ...

Страница 172: ...nts for all active connections Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following is sample output from the show connections command ProCurve enable ProCurve show connections Displaying all connections Conn ID From To 1 atm 1 adsl 1 1 2 ppp 1 t1 2 1 tdm group 1 3 ppp 1 t1 2 2 tdm group 1 4 ppp 3 e1 3 1 tdm group 1 5 ppp 3 e1 3 ...

Страница 173: ...figured CA profiles Default Values No default value necessary for this command Usage Examples The following is a sample from the show crypto ca certificates command ProCurve enable ProCurve show crypto ca certificates CA Certificate Status Available Certificate Serial Number 012d Subject Name C FI O SSH Communications Security OU Web test CN Test CA 1 Issuer C FI O SSH Communications Security OU W...

Страница 174: ...ation pools poolname Displays detailed information regarding the specified IKE client configuration pool policy Displays information on all IKE policies Indicates if client configuration is enabled for the IKE policies and displays the pool names policy priority Displays detailed information on the specified IKE policy This number is assigned using the crypto ike policy command Refer to crypto ike...

Страница 175: ...ress Peers 63 105 15 129 initiate main respond anymode Attributes 10 Encryption 3DES Hash SHA Authentication Pre share Group 1 Lifetime 900 seconds The following is a sample from the show crypto ike sa brief command ProCurve enable ProCurve show crypto ike sa brief Using 3 SAs out of 2000 IKE Security Associations NOTE The Remote ID may be truncated Peer IP Address Lifetime Status IKE Policy Remot...

Страница 176: ...iated with the designated peer IP address sa brief Displays a brief listing of IPSec security associations sa map mapname Displays all IPSec security associations associated with the designated crypto map name transform set Displays all defined transform sets transform set name Displays information for a specific transform set Default Values No default value necessary for this command Usage Exampl...

Страница 177: ... Proto ALL IP Dst 10 0 0 0 255 0 0 0 Port ANY Proto ALL IP Hard Lifetime 26640 Soft Lifetime 26580 Crypto Map VPN 10 The following is a sample from the show crypto ipsec sa brief command ProCurve enable ProCurve show crypto ipsec sa brief Using 4 SAs out 4000 IPSec Security Associations NOTE Crypto Map and Remote ID may be truncated Peer IP Address Bytes Crypto Map Remote ID 10 22 19 34 RX 384 VPN...

Страница 178: ...ays the crypto map settings for the specified interface Type show interfaces for a complete list of valid interfaces map name Specifies a specific crypto map name map number Specifies a specific crypto map number Default Values No default value necessary for this command Usage Examples The following is a sample from the show crypto map command ProCurve enable ProCurve show crypto map testMap Crypt...

Страница 179: ...play a list of all activated debug message categories Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following is a sample output from the show debugging command ProCurve enable ProCurve show debugging debug access list MatchAll debug firewall debug ip rip debug frame relay events debug frame relay llc2 debug frame relay lmi ...

Страница 180: ...interface Valid range 1 to 1024 Type show demand interface for a list of valid interfaces resource pool Displays all resource pool information resource pool resource pool name Displays resource pool information for a specific resource pool name sessions Displays active demand sessions Default Values No default value necessary for this command Usage Examples The following is example output from the...

Страница 181: ...last called num 5552222 The following is example output from the show demand interface demand command ProCurve enable ProCurve show demand interface demand 1 demand 1 Idle timer 120 secs Fast idle timer 20 secs Dialer state is data link layer up Dial reason answered Interface bound to resource bri 1 3 Time until disconnect 105 secs Current call connected 00 00 27 Connected to 2565552222 Number of ...

Страница 182: ...lowing is example output from the show demand sessions command ProCurve enable ProCurve show demand sessions Session 1 Interface demand 1 Local IP address 10 100 0 2 Remote IP address 10 100 0 1 Remote Username Dial reason ip s d Link 1 Dialed number 5552222 Resource interface bri 1 3 Multilink not negotiated Connect time 0 0 13 Idle Timer 119 ...

Страница 183: ...nformation regarding remote console dialin Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following is sample output from the show dialin interfaces command ProCurve enable ProCurve show dialin interfaces Dialin interfaces modem 1 3 dialin interface Connection Status Connected Caller id info name John Smith number 5551212 time 14 23 ...

Страница 184: ...ynamic dns command to show information related to the dynamic DNS configuration Syntax Description No subcommands Default Values No default is necessary for this command Usage Examples The following is sample output from this command ProCurve show dynamic dns eth 0 1 Hostname host Is Updated no Last Registered IP 10 15 221 33 Last Update Time 00 00 00 Thu Jan 01 1970 ...

Страница 185: ...of the system and individual port states Use the event history as a troubleshooting tool when identifying system issues The following is a sample event history log ProCurve enable ProCurve show event history Using 526 bytes 2002 07 12 15 34 01 T1 t1 1 1 Yellow 2002 07 12 15 34 01 INTERFACE_STATUS t1 1 1 changed state to down 2002 07 12 15 34 02 T1 t1 1 1 No Alarms 2002 07 12 15 34 02 INTERFACE_STA...

Страница 186: ...h Specifies a file located in flash memory filename Specify the filename of the file located in the specified memory location Wildcard entries such as biz are not valid for the show file command checksum Optional Displays the Message Digest 5 MD5 checksum of the specified file Default Values No default value necessary for this command Usage Examples The following is a sample show file cflash outpu...

Страница 187: ...lename Optional Displays details for a specified file located in flash memory Enter a wildcard such as biz to display the details for all files matching the entered pattern Default Values No default value necessary for this command Usage Examples The following is a sample show flash output ProCurve enable ProCurve show flash Files 245669 030100boot biz 1141553 new biz 821 startup config 1638 start...

Страница 188: ...faces or a specified interface interface Displays configuration and statistics for a specified Frame Relay interface frame relay Optional Displays Frame Relay PVC statistics for a specific Frame Relay interface interface Specifies the virtual Frame Relay interface for example fr 1 realtime Displays full screen output in realtime See the Functional Notes section below for more information Default V...

Страница 189: ...lay pvc Frame Relay Virtual Circuit Statistics for interface FR 1 Active Inactive Deleted Static local 2 0 0 2 DLCI 16 DLCI USAGE LOCAL PVC STATUS ACTIVE INTERFACE FR 1 16 MTU 1500 input pkts 355 output pkts 529 in bytes 23013 out bytes 115399 dropped pkts 13 in FECN pkts 0 in BECN pkts 0 in DE pkts 0 out DE pkts 0 pvc create time 00 00 00 12 last time pvc status changed 00 00 13 18 DLCI 20 DLCI U...

Страница 190: ...essary for this command Usage Examples The following are sample outputs from various show frame relay fragment commands ProCurve enable ProCurve show frame relay fragment interface dlci frag_size rx_frag tx_frag dropped_frag fr 1 1 17 100 46 48 0 fr 1 2 18 200 42 21 0 ProCurve enable ProCurve show frame relay fragment frame relay 1 1 DLCI 17 FRAGMENT SIZE 100 rx frag pkts 46 tx frag pkts 48 rx fra...

Страница 191: ...escription interface Optional Specifies the display of information for a specific interface Enter the show frame relay multilink command for a complete list of interfaces detailed Optional Use this optional keyword to display more detailed information Default Values No default value necessary for this command Usage Examples The following is a sample output from this command ProCurve enable ProCurv...

Страница 192: ... value necessary for this command Functional Notes The list below describes the fields contained in the host table Flags Indicate whether the entry is permanent P or temporary T and if the entry is OK or expired EXP Age Indicates the age of the entry Type Shows the protocol type Address Displays the IP address for the entry Usage Examples The following example is sample output from the show hosts ...

Страница 193: ...ervals performance statistics x y Shows the current 15 minute interval the current 24 hour totals and all intervals from x through y This command is basically the same thing as the performance statistics command with the added function of allowing you to specify a particular interval or range of intervals to display rather than displaying all 96 performance statistics total 24 hour Optional Displa...

Страница 194: ...er to maximize the amount of data displayed increase the terminal length using the terminal length command refer to terminal length lines on page 294 Usage Examples The following are samples from various show interfaces commands ProCurve enable ProCurve show interfaces t1 1 1 t1 1 1 is UP T1 coding is B8ZS framing is ESF Clock source is line FDL type is ANSI Line build out is 0dB No remote loopbac...

Страница 195: ...0 0 MTU is 1500 Fastcaching is Enabled RIP Authentication is Disabled RIP Tx uses global version value RIP Rx uses global version value ProCurve show interfaces fr 1 TDM group 10 line protocol is UP Encapsulation FRAME RELAY fr 1 463 packets input 25488 bytes 0 no buffer 0 runts 0 giants 0 throttles 0 input errors 0 CRC 0 frame 0 abort 0 ignored 0 overruns 864 packets output 239993 bytes 0 underru...

Страница 196: ...erface dlci is 100 MTU is 1500 bytes BW is 96000 Kbit limited Average utilization is 53 Note If the user has configured a Bc and Be value on the virtual circuit the bandwidth BW displayed is the sum of those values Bc Be If not the value for BW is the speed of the interface The Average utilization displayed is the average utilization of the displayed bandwidth If the bandwidth number is the Bc Be ...

Страница 197: ...mation information bit allocation Optional Shows ADSL DMT bit allocation table performance statistics Optional Displays the current 15 minute interval the current 24 hour totals and all 96 stored intervals performance statistics x y Optional Shows the current 15 minute interval the current 24 hour totals and all intervals from x through y This command is basically the same thing as the performance...

Страница 198: ...xample shows sample output for this command ProCurve show interfaces adsl 1 1 information adsl 1 1 line information adsl 1 1 Local Line Information Vendor Id Serial Number Firmware Version ADSL Capabilities G DMT G LITE ADSL2 ADSL2 adsl 1 1 Remote Line Information Vendor Id 00000000 Serial Number 00000000 Firmware Version 0 ADSL Capabilities G DMT G LITE ADSL2 ADSL2 ...

Страница 199: ...nctional Notes The show ip access lists command displays all configured IP access lists in the system All entries in the access list are displayed and a counter indicating the number of packets matching the entry is listed Usage Examples The following is a sample output from the show ip access lists command ProCurve enable ProCurve show ip access lists Standard IP access list MatchAll permit host ...

Страница 200: ...ull screen output in real time Information is continuously updated on the console until you either freeze the data by pressing the F key or exit reatime mode by pressing Ctrl C If there is not enough room on the screen for all available data the information will truncate at the bottom of the screen In order to maximize the amount of data displayed increase the terminal length using the terminal le...

Страница 201: ...t matching the specified AS path listname If not specified all AS path lists are displayed Default Values By default this command displays all AS path lists Usage Examples In the following example all AS path lists defined in the router are displayed ProCurve enable ProCurve show ip as path list ip as path list AsPathList1 permit 100 permit 200 permit 300 deny 6500 ip as path list AsPathList2 perm...

Страница 202: ...hat contain this value in their community attribute This represents the well known reserved community number for the INTERNET community local as Optional Displays routes that contain this value in their community attribute This represents the well known reserved community number for NO_EXPORT_SUBCONFED Routes containing this attribute should not be advertised to external BGP peers no export Option...

Страница 203: ...6 i 14 0 0 0 30 10 22 131 10 304 302 300 1 3 4 6 i 20 0 0 0 30 10 22 131 10 304 302 300 1 3 4 5 i 21 0 0 0 30 10 22 131 10 304 302 300 1 3 4 5 i Total RIB entries 10 Information displayed includes the ID of this router and its Autonomous System AS number the destination Network address of the route learned the Next Hop address to that network the Metric the Local Preference value set using the set...

Страница 204: ...k address of the route learned the Next Hop address to that network the Metric the Local Preference LocPrf value set using the set local preference command and the AS Path to the destination network Usage Examples In the following example all BGP routes are displayed whose community numbers match those defined in the community list named CList1 ProCurve enable ProCurve show ip bgp community list C...

Страница 205: ...isplays all routes being advertised to the specified neighbor Command output is the same as for show ip bgp except filtered to only the BGP routes being advertised to the specified neighbor received routes Displays all routes accepted and rejected advertised by the specified neighbor Routes may be rejected by inbound filters such as prefix list filters routes Displays all accepted received routes ...

Страница 206: ...reset Interface went down Connection ID 15 BGP version 4 remote router ID 8 1 1 1 BGP state is Established for 01 55 05 Negotiated hold time is 180 keepalive interval is 60 seconds Message statistics InQ depth is 0 OutQ depth is 0 Local host 10 15 43 18 Local port 179 Foreign host 10 15 43 17 foreign port 1048 Flags passive open ProCurve show ip bgp neighbors 10 15 43 34 advertised routes BGP loca...

Страница 207: ...local AS is 101 Status codes valid best i internal Origin codes i IGP e EGP incomplete Network NextHop Metric Path 1 0 0 0 8 10 15 43 17 1 100 i 2 0 0 0 9 10 15 43 17 1 100 i ProCurve show ip bgp neighbors 10 15 43 17 routes BGP local router ID is 10 0 0 1 local AS is 101 Status codes valid best i internal Origin codes i IGP e EGP incomplete Network NextHop Metric Path 1 0 0 0 8 10 15 43 17 1 100 ...

Страница 208: ...wing sample output of the show ip bgp regexp _303_ command shows all of the entries in the BGP database that contain 303 in the AS path ProCurve show ip bgp regexp _303_ BGP local router ID is 192 168 3 1 local AS is 304 Status codes valid best i internal o local Origin codes i IGP e EGP incomplete Network NextHop Metric LocPrf Path 10 22 130 8 29 10 22 132 9 303 304 302 i i10 22 130 240 28 0 22 1...

Страница 209: ... 10 22 132 9 303 304 i 10 22 134 8 29 10 22 132 9 303 304 i 10 22 134 16 29 10 22 132 9 303 304 i 10 22 134 24 29 10 22 132 9 303 304 i 10 22 134 32 29 10 22 132 9 303 304 i 10 22 134 40 29 10 22 132 9 303 304 i 10 22 134 48 29 10 22 132 9 303 304 i 10 22 134 56 29 10 22 132 9 303 304 i 10 22 134 64 29 10 22 132 9 303 304 i 10 22 134 80 29 10 22 132 9 303 304 i 10 22 135 0 29 10 22 132 9 303 304 3...

Страница 210: ... path to advertised route are marked with a caret Usage Examples The following sample output of the show ip bgp summary command shows a summarized list of the configured BGP neighbors as well as their status and statistics ProCurve show ip bgp summary BGP router identifier 192 168 3 1 local AS number 304 8 network entries 5 paths and 23 BGP path attribute entries Neighbor V AS MsgRcvd MsgSent InQ ...

Страница 211: ...ache table Syntax Description No subcommands Default Values No default necessary for this command Usage Examples The following example shows sample output from the show ip cache command ProCurve enable ProCurve show ip cache DESTINATION INTERFACE NEXT HOP USE COUNT MAC ADDRESS 10 17 6 52 Loopback 172 20 0 1 231 172 22 77 80 eth 0 1 10 17 254 254 0 00 12 79 11 BA 32 10 17 255 255 Loopback 172 20 0 ...

Страница 212: ...y list you wish to display If this parameter is omitted all defined community lists will be displayed Default Values No default value necessary for this command Usage Examples The following example shows two community lists one of which permits all routes containing community number 10 67 and another which permits routes containing community number 10 68 and the internet community number but denie...

Страница 213: ...ax Description interface Optional Displays the information for the specified interface Type show ip dhcp client lease for a complete list of applicable interfaces Default Values No default value necessary for this command Usage Examples The following is a sample output from the show dhcp client lease command ProCurve enable ProCurve show dhcp client lease Interface ethernet 0 1 Temp IP address 10 ...

Страница 214: ...rotocol DHCP server client table with associated information Syntax Description client ip address Optional Specifies a particular client IP address Default Values No default value necessary for this command Usage Examples The following is a sample output from the show ip dhcp server binding command ProCurve enable ProCurve show ip dhcp server binding IP Address Client Id Lease Expiration Client Na...

Страница 215: ...ecified all groups are shown with this command Syntax Description group address Optional Displays IP address of a multicast group Default Values No default value necessary for this command Usage Examples The following is sample output from this command ProCurve enable ProCurve show ip igmp groups IGMP Connected Group Membership Group Address Interface Uptime Expires Last Reporter 172 0 1 50 Loopba...

Страница 216: ... slot port Enter the show ip igmp interface command for a complete list of interfaces Default Values No default value necessary for this command Usage Examples The following is sample output from this command ProCurve enable ProCurve show ip igmp interface eth 0 1 is UP Ip Address is 10 22 120 47 netmask is 255 255 255 0 IGMP is enabled on interface Current IGMP version is 2 IGMP query interval is...

Страница 217: ...d Type show ip interfaces for a complete list of applicable interfaces brief Use this optional keyword to display an abbreviated version of interface statistics for all IP interfaces Default Values No default value necessary for this command Usage Examples The following is a sample output of the show ip interfaces command ProCurve enable ProCurve show ip interfaces eth 0 1 is UP line protocol is U...

Страница 218: ...lt Values No default value necessary for this command Usage Examples The following is sample output from this command ProCurve enable ProCurve show ip local policy Local policy routing is enabled using route map equal route map equal permit sequence 10 Match clauses length 150 200 Set clauses ip next hop 10 10 11 254 Policy routing matches 0 packets 0 bytes route map equal permit sequence 20 Match...

Страница 219: ...le all Optional Displays all multicast routes including those not used to forward multicast traffic Default Values No default value necessary for this command Usage Examples The following is sample output from this command ProCurve enable ProCurve show ip mroute IP Multicast Routing Table Timers Uptime Expires 10 2 170 3 01 03 19 00 00 00 Incoming interface Null RPF nbr 0 0 0 0 Outgoing interface ...

Страница 220: ...w ip mroute all command ProCurve enable ProCurve show ip mroute all IP Multicast Routing Table Flags S Sparse C Connected P Pruned J Join SPT T SPT bit Set F Register R RP bit Set Timers Uptime Expires 10 1 0 1 01 17 34 00 03 25 RP 192 168 0 254 Flags SC Forwarding Entry Yes Incoming interface tunnel 2 RPF nbr 172 16 2 10 Outgoing interface list eth 0 1 Forward 01 17 34 00 03 25 ...

Страница 221: ...No subcommands Default Values No default value necessary for this command Usage Examples The following is a sample output from the show ip ospf command ProCurve enable ProCurve show ip ospf Summary of OSPF Process with ID 192 168 72 101 Supports only single Type Of Service routes TOS 0 SPF delay timer 5 seconds Hold time between SPFs 10 seconds LSA interval 240 seconds Number of external LSAs 0 Ch...

Страница 222: ...tabase network link state id show ip ospf area id database network link state id adv router ip address show ip ospf area id database router link state id show ip ospf area id database router link state id adv router ip address show ip ospf area id database summary link state id show ip ospf area id database summary link state id adv router ip address Syntax Description area id Optional Displays ar...

Страница 223: ... network s IP address This is true for type 3 summary link advertisements and in autonomous system external link advertisements An address obtained from the link state ID If the network link advertisement s link state ID is masked with the network s subnet mask this will yield the network s IP address If describing a router this ID is always the router s OSPF router ID Usage Examples The following...

Страница 224: ...rface type slot port slot port sub interface id interface id interface id sub interface id ap ap radio ap radio vap For example for a T1 interface use t1 0 1 for an Ethernet sub interface use eth 0 1 1 for a PPP interface use ppp 1 and for an ATM sub interface use atm 1 1 Type show ip ospf interface for a complete list of applicable interfaces Default Values No default value necessary for this com...

Страница 225: ...play OSPF neighbor information for a specific interface Syntax Description interface type Optional Specifies the interface type i e eth ppp etc interface number Optional Specifies the interface number neighbor id Optional Specifies a specific neighbor s router ID detail Optional Enter this keyword to display details on all neighbors Default Values No default value necessary for this command Usage ...

Страница 226: ...y L P 224 show ip ospf summary address Use the show ip ospf summary address command to display a list of all summary address redistribution information for the system Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples ProCurve enable ProCurve show ip ospf summary address ...

Страница 227: ...lays PIM SM configuration and status information for a specific interface Type show ip pim sparse interface to display a list of applicable interfaces neighbor Displays neighbor adjacency information rp map Displays active group to RP mappings rp set Displays list of statically configured RP candidates The group address is 224 0 0 0 4 when no access group was applied to the rp address command refe...

Страница 228: ...500 Override interval ms 2500 tunnel 1 is UP PIM Sparse DR 172 16 1 10 Local Address 172 16 1 9 Hello interval sec 30 Neighbor timeout sec 105 Propagation delay ms 500 Override interval ms 2500 tunnel 2 is UP PIM Sparse DR 172 16 2 10 Local Address 172 16 2 9 Hello interval sec 30 Neighbor timeout sec 105 Propagation delay ms 500 Override interval ms 2500 The following example shows sample output ...

Страница 229: ...ap set Group address Static RP address 224 0 0 0 4 192 168 0 254 MCAST_ACL_1 192 168 1 254 MCAST_ACL_2 192 168 2 254 MCAST_ACL_3 192 168 3 254 The following example shows sample output from the show ip pim sparse state command ProCurve enable ProCurve show ip pim sparse state PIM SM State Table Flags S Sparse C Connected P Pruned J Join SPT T SPT bit Set F Register R RP bit Set Timers Uptime Expir...

Страница 230: ...Membership Yes Forwarding State Forwarding Inherited output list eth 0 1 The following example shows sample output from the show ip pim sparse traffic command ProCurve enable ProCurve show ip pim sparse traffic Rx Tx Rx Tx Port eth 0 1 Hello 7 8334 J P 0 0 Register 0 0 RegStop 0 0 Assert 0 0 Port tunnel 1 Hello 8327 8333 J P 0 57 Register 0 0 RegStop 0 0 Assert 0 0 Port tunnel 2 Hello 8323 8334 J ...

Страница 231: ...command to display which route map is associated with which interface for policy based routing Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following is sample output from this command ProCurve enable ProCurve show ip policy Interface Route map eth 0 2 equal eth 0 3 AAA 02 06 04 14 01 26 619 1 AppSpec Dynamic ...

Страница 232: ... ip policy class host sessions show ip policy class policyname host sessions Syntax Description host sessions Optional Displays specific host IP addresses of all current sessions policyname Optional Displays policy class information for a specific policy class Default Values No default value necessary for this command Usage Examples The following is a sample output from the show ip policy class co...

Страница 233: ...per source address Src IP Address Sessions 192 168 1 100 1 192 168 1 101 35 192 168 1 121 100 maximum allowed Policy class Public No limit for policy sessions allowed per host The following is a sample output from the show ip policy class policyname host sessions command for the policy class named Private ProCurve enable ProCurve show ip policy class Private host sessions Policy class Private 100 ...

Страница 234: ...iations flagged for deletion will usually be freed within a few seconds of timeout or deletion depending on packet congestion servicing of packets is given priority New traffic matching an association will create a new active association provided the traffic still matches a policy class allow or NAT entry Default Values No default value necessary for this command Usage Examples The following is sa...

Страница 235: ...licy sessions all Protocol TTL in crypto map out crypto map Destination policy class Src IP Address Src Port Dest IP Address Dst Port NAT IP Address NAT Port Policy class Public tcp 0 inactive 192 168 1 142 1025 192 168 19 2 3135 10 10 10 1 3605 tcp 0 inactive 192 168 1 142 1028 192 168 19 2 3138 10 10 10 1 3606 tcp 0 inactive 192 168 1 142 1029 192 168 19 2 3139 10 10 10 1 3607 tcp 0 inactive 192...

Страница 236: ...urrent policy class statistics See ip policy class policyname on page 426 for information on configuring access policies Syntax Description policyname Optional Enter a specific policy class name to display information for a single policy Default Values No default value necessary for this command Usage Examples The following example displays a list of current policy class statistics ProCurve enable...

Страница 237: ...ire prefix list listname Specifies to display information for a particular prefix list Default Values No default values are necessary for this command Functional Notes If the show ip prefix list command is issued with no arguments a listing of the prefix list rules but no hit count statistics is displayed Usage Examples The following example displays information about the prefix list test ProCurve...

Страница 238: ...rently running system tasks This command should be used when troubleshooting with ProCurve support Syntax Description No subcommands Default Values No default values are necessary for this command Usage Examples The following is a sample output from the show ip processes stack ProCurve show ip processes stack Id Task Usage 0 Idle 0 8192 1 PC Config 2723 6000 2 Timer 00 117 2048 3 Nm01 79 2048 4 Cl...

Страница 239: ...No subcommands Default Values No default value necessary for this command Usage Examples The following is a sample output from the show ip protocols command ProCurve enable ProCurve show ip protocols Sending updates every 30 seconds next due in 8 seconds Invalid after 180 seconds hold down time is 120 seconds Redistributing rip Default version control send version 2 receive version 2 Interface Sen...

Страница 240: ...ays only the IP routes associated with BGP summary Optional Displays a summary of all IP route information summary realtime Optional Displays full screen output in realtime See the Functional Notes below for more information ip address subnet Displays only the IP routes to destinations within the given address and subnet Default Values No default value necessary for this command Functional Notes U...

Страница 241: ...5 227 41 ppp 3 R 10 15 226 48 28 120 1 via 10 15 227 29 ppp 1 R 10 15 226 96 28 120 1 via 10 15 227 29 ppp 1 The following example shows how to display IP routes learned via BGP The values in brackets after a BGP route entry represent the entry s administrative distance and metric ProCurve enable ProCurve show ip route bgp Codes C connected S static R RIP O OSPF B BGP IA OSPF inter area N1 OSPF NS...

Страница 242: ... continuously updated on the console until you either freeze the data by pressing the F key or exit reatime mode by pressing Ctrl C If there is not enough room on the screen for all available data the information will truncate at the bottom of the screen In order to maximize the amount of data displayed increase the terminal length using the terminal length command refer to terminal length lines o...

Страница 243: ...lish resets 1 establish current 3795 segments received 4459 segments sent 26 segments retransmitted The following is a sample output from the show ip traffic netstat command ProCurve show ip traffic netstat Proto Recv Q Send Q Local Address Foreign Address State tcp 0 0 0 0 0 0 80 0 0 0 0 0 LISTEN tcp 0 0 0 0 0 0 443 0 0 0 0 0 LISTEN tcp 0 0 0 0 0 0 21 0 0 0 0 0 LISTEN tcp 0 0 0 0 0 0 23 0 0 0 0 0...

Страница 244: ...efault necessary for this command Usage Examples The following example shows sample output from the show ip urlfilter command ProCurve enable ProCurve show ip urlfilter Configured for Websense URL filtering Filters Name filter1 Ports HTTP 80 Interfaces that filter is applied to eth 0 2 inbound Servers IP address 10 100 23 116 Port 15868 Timeout 5 Excluded domains Permit www procurve com Other Sett...

Страница 245: ...e domain to display all configured domains excluded either always allowed or always blocked from URL filtering Syntax Description No subcommands Default Values No default necessary for this command Usage Examples The following example shows sample output from the show ip urlfilter exclusive domain command ProCurve enable ProCurve show ip urlfilter exclusive domain Excluded domains Permit www procu...

Страница 246: ... default necessary for this command Usage Examples The following example shows sample output from the show ip urlfilter statistics command ProCurve enable ProCurve show ip urlfilter statistics Current outstanding requests to filter server 0 Current response packets buffered from web server 2 Max outstanding requests to filter server 3 Max response packets buffered from web server 5 Total requests ...

Страница 247: ...he show isdn group command to display integrated services digital network ISDN group information Syntax Description group id Displays information for a specific ISDN group Valid range 1 to 255 Default Values No default value necessary for this command Usage Examples The following example displays information for ISDN group 5 ProCurve enable ProCurve show isdn group 5 ...

Страница 248: ...e show lldp command to display LLDP timer configuration Syntax Description No subcommands Default Values No default values are necessary for this command Usage Examples The following example shows a sample LLDP timer configuration ProCurve enable ProCurve show lldp Global LLDP information Sending LLDP packets every 30 seconds Sending TTL of 120 seconds ...

Страница 249: ... If there is more than one neighbor with the same system name all neighbors with that system name will be displayed Usage Examples The following example shows specific information about a neighbor for the system name Router ProCurve show lldp device Router Chassis ID 00 12 79 02 DD 2A MAC Address System Name Router Device Port eth 0 1 Locally Assigned Holdtime 30 Platform 3305 Software Version 08 ...

Страница 250: ...tion interface Displays the information for the specified interface Type show lldp interface for a complete list of applicable interfaces Default Values No default values are necessary for this command Usage Examples The following example shows LLDP configuration and statistics for the Ethernet 0 1 interface ProCurve show lldp interface ethernet 0 1 eth 0 1 TX RX 0 packets input 0 input errors 0 T...

Страница 251: ...ault values necessary for this command Functional Notes Use the realtime argument for this command to display full screen output in real time Information is continuously updated on the console until you either freeze the data by pressing the F key or exit reatime mode by pressing Ctrl C If there is not enough room on the screen for all available data the information will truncate at the bottom of ...

Страница 252: ...were inserted into or deleted from the table System Last Change Time Shows the time at which the most recent change occurred in the neighbor table Inserts Shows the number of times neighbors have been added to the table Deletes Shows how many times neighbors have been deleted from the table because an interface was shut down Drops Shows how many times the insertion of a new neighbor into the table...

Страница 253: ...argument for this command to display full screen output in real time Information is continuously updated on the console until you either freeze the data by pressing the F key or exit reatime mode by pressing Ctrl C If there is not enough room on the screen for all available data the information will truncate at the bottom of the screen In order to maximize the amount of data displayed increase the...

Страница 254: ... a list of the modules currently installed in the system Syntax Description No subcommands Default Value No default value necessary for this command Usage Examples The following is a sample output from the show modules command ProCurve enable ProCurve show modules Slot Port Type Part Number Software Version 1 1 2 E1 E1 WAN J8456A 1 2 1 2 E1 E1 WAN J8456A 1 3 1 8 Octal E1 J8463A 1 4 Empty ...

Страница 255: ...configuration editing tool Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following is a sample output from the show output startup command ProCurve enable ProCurve show output startup ProCurve ProCurve hostname UNIT_2 UNIT_2 no enable password UNIT_2 UNIT_2 ip subnet zero UNIT_2 ip classless UNIT_2 ip routing UNIT_2 UNIT_2 event his...

Страница 256: ...ntax Description interface ethernet slot port Optional Shows port authorization supplicant information related to a specific Ethernet interface summary Optional Shows only basic information about each applicable interface Default Values No default value necessary for this command Usage Examples The following example displays supplicant information for Ethernet interface 0 2 ProCurve enable ProCurv...

Страница 257: ... to display pppoe information ProCurve enable ProCurve show pppoe ppp 1 Outgoing Interface eth 0 1 Outgoing Interface MAC Address 00 12 79 00 85 20 Access Concentrator Name Requested FIRST VALID Access Concentrator Name Received 13021109813703 LRVLGSROS20W_IFITL Access Concentrator MAC Address 00 10 67 00 1D B8 Session Id 64508 Service Name Requested ANY Service Name Available PPPoE Client State B...

Страница 258: ...nd at the probe configuration prompt will disable a probe causing it to cease traffic generation While a probe is shutdown it will not fail Use the realtime argument for this command to display full screen output in real time Information is continuously updated on the console until you either freeze the data by pressing the F key or exit realtime mode by pressing Ctrl C If there is not enough room...

Страница 259: ...d to display full screen output in real time Information is continuously updated on the console until you either freeze the data by pressing the F key or exit reatime mode by pressing Ctrl C If there is not enough room on the screen for all available data the information will truncate at the bottom of the screen In order to maximize the amount of data displayed increase the terminal length using t...

Страница 260: ...ce numbers interface interface ID Displays QoS map information for a specific interface e g Frame Relay PPP or ATM Enter the show qos map interface command for a complete list of interfaces Default Values No defaults necessary for this command Usage Example ProCurve show qos map qos map priority map entry 10 match IP packets with a precedence value of 6 priority bandwidth 400 kilobits sec burst de...

Страница 261: ...hed by map 0 The following example shows the priority qos map and all entries in that map ProCurve show qos map priority qos map priority map entry 10 match IP packets with a precedence value of 6 priority bandwidth 400 kilobits sec burst default packets matched by map 125520 map entry 20 match ACL icmp packets matched by map 99 map entry 30 match RTP packets on even destination ports between 1600...

Страница 262: ...ted with the map defined for an interface ProCurve show qos map interface frame relay 1 fr 1 qos policy out priority map entry 10 match IP packets with a precedence value of 6 budget 145 10000 bytes current max priority bandwidth 400 kilobits sec packets matched on interface 27289 packets dropped 98231 map entry 20 not configured for rate limiting map entry 30 not configured for rate limiting map ...

Страница 263: ... default value necessary for this command Usage Examples The following is a sample output from the show queue command ProCurve enable ProCurve show queue fr 1 Queueing method weighted fair Output queue 18 25 200 64 1027 size highest max total threshold drops Conversations 2 4 256 active max active max total depth weight highest discards 12 256 33 0 Conversation 10 linktype ip length 67 source 10 1...

Страница 264: ...ted with configured queuing methods Syntax Description fair Optional keyword used to display only information on the weighted fair queuing configuration Default Values No default value necessary for this command Usage Examples The following is a sample output from the show queuing command ProCurve enable ProCurve show queuing Interface Discard threshold Conversation subqueues fr 1 64 256 fr 2 64 2...

Страница 265: ...lid responses number of timeouts average packet delay and maximum packet delay Statistics are shown for both authentication and accounting packets Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following is an example output using the show radius statistics command ProCurve enable ProCurve show radius statistics Auth Acct Number of p...

Страница 266: ...displays all defined route maps Usage Examples In the example below all route maps in the router are displayed ProCurve enable ProCurve show route map route map RouteMap1 permit sequence 10 Match clauses community community list filter CommList1 Set clauses local preference 250 BGP Filtering matches 75 routes route map RouteMap1 permit sequence 20 Match clauses community community list filter Comm...

Страница 267: ...nly the route map with the name RouteMap2 is displayed ProCurve enable ProCurve show route map RouteMap2 route map RouteMap2 permit sequence 10 Match clauses ip address access lists 192 168 1 1 Set clauses metric 100 BGP Filtering matches 10 routes route map RouteMap2 permit sequence 20 Match clauses ip address access lists 192 168 2 1 Set clauses metric 200 BGP Filtering matches 12 routes ...

Страница 268: ... ip crypto verbose show running config ip rtp show running config ip rtp verbose show running config ip sdp show running config ip sdp verbose show running config ip sip show running config ip sip verbose show running config policy class show running config policy class verbose show running config probe show running config probe verbose show running config qos map show running config qos map verbo...

Страница 269: ...sdp Displays the current running configuration for all Session Description Protocol SDP parameters policy class Displays the current running configuration for all configured policy classes probe Displays the current configuration for all running probes qos map Displays the current running configuration for all configured QoS maps router bgp Optional Displays the current bgp configuration router os...

Страница 270: ...de Command Set 5991 2114 Copyright 2007 Hewlett Packard Development Company L P 268 logging forwarding priority level info no logging email ip policy timeout tcp all ports 600 ip policy timeout udp all ports 60 ip policy timeout icmp 60 interface eth 0 1 ...

Страница 271: ...om the show schedule command ProCurve enable ProCurve show schedule Schedule entry DELAY AFTER BOOT active Schedule entry DELAY inactive Technology Review The scheduler provides a method for configuring a feature to operate during a specific time schedule and to receive feedback when the feature should disable or enable The goal of the scheduler is to eliminate redundant code while providing an un...

Страница 272: ...statistics Displays SIP server statistic information user registration Displays local SIP server registration information Default Values No default necessary for this command Usage Examples The following example shows sample output from the show sip statistics command ProCurve enable ProCurve show sip statistics Invites transmitted 36 Invites received 26 Invite Retransmits transmitted 11 Invite Re...

Страница 273: ...eric 10 17 20 24 5060 2593 Total phones registered 5 Technology Review SIP name service maintains a list of service names relevant to SIP transactions while also facilitating access between SIP related queries to the external Domain Name Service DNS and the internal DNS client Service names are automatically entered and deleted from the internal service name table when configured or not configured...

Страница 274: ... SIP statistical and registration information Syntax Description dynamic Displays SIP location database dynamic entries static Displays SIP location database static entries Default Values No default necessary for this command Usage Examples The following example shows sample output from the show sip location static command ProCurve enable ProCurve show sip location static User IP Address Port Expi...

Страница 275: ... the hex string that defines the current local engine ID settings group Displays the list of all groups entered user Displays the list of all users entered Default Values No default value necessary for this command Usage Examples The following is an example output using the show snmp command for a system with SNMP disabled and the default Chassis and Contact parameters ProCurve show snmp Chassis C...

Страница 276: ...is sample output of the show snmp group command for a situation in which a group called securityV3auth was defined via the snmp server group command using version 3 and authentication and no access control list ProCurve enable ProCurve show snmp group Group securityV3auth Security Model v3 Read View default Write View not specified Notify View default ...

Страница 277: ... show sntp Use the show sntp command to display the system Simple Network Time Protocol SNTP parameters and current status of SNTP communications Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following example displays SNTP parameters and current status ProCurve show sntp ...

Страница 278: ... exit reatime mode by pressing Ctrl C If there is not enough room on the screen for all available data the information will truncate at the bottom of the screen In order to maximize the amount of data displayed increase the terminal length using the terminal length command Usage Examples The following is an example output using the show spanning tree command ProCurve enable ProCurve show spanning ...

Страница 279: ...efault Values No default value necessary for this command Usage Examples The following is a sample output of the show startup config command ProCurve enable ProCurve show startup config no enable password ip subnet zero ip classless ip routing event history on no logging forwarding logging forwarding priority level info no logging email ip policy timeout tcp all ports 600 ip policy timeout udp all...

Страница 280: ... 5991 2114 Copyright 2007 Hewlett Packard Development Company L P 278 ip access list standard MatchAll permit host 10 3 50 6 permit 10 200 5 0 0 0 0 255 ip access list extended UnTrusted deny icmp 10 5 60 0 0 0 0 255 any source quench deny tcp any any no ip snmp agent ...

Страница 281: ...ands Default Values No default value necessary for this command Functional Notes This command is used in conjunction with the show running config checksum command to determine whether the configuration has changed since the last time it was saved Usage Examples The following example displays the MD5 checksum of the unit s startup configuration ProCurve show startup config checksum 10404D5DAB3FE35E...

Страница 282: ...any L P 280 show system The show system command shows the system version timing source power source and alarm relay status Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following is sample output for the show system command ProCurve enable ProCurve show system ...

Страница 283: ...ubcommands Default Values No default value necessary for this command Usage Examples The following is sample output for the show tacacs statistics command ProCurve enable ProCurve show tacacs statistics Authentication Authorization Accounting Packets sent 0 0 0 Invalid responses 0 0 0 Timeouts 0 0 0 Average delay 0ms 0ms 0ms Maximum delay 0ms 0ms 0ms Socket Opens 0 Socket Closes 0 Socket Aborts 0 ...

Страница 284: ...es No default value necessary for this command Functional Notes Use the realtime argument for this command to display full screen output in real time Information is continuously updated on the console until you either freeze the data by pressing the F key or exit reatime mode by pressing Ctrl C If there is not enough room on the screen for all available data the information will truncate at the bo...

Страница 285: ...screen real time Default Value No default value necessary for this command Functional Notes The show tech command runs a system file that creates a showtech txt file in flash memory that contains terminal displays from the following show commands show version show modules show flash show cflash show running config verbose show interfaces show atm pvc show dial backup interfaces show frame relay lm...

Страница 286: ...oCurve ProCurve show version ProCurve Secure Router 7102dl SROS Version J03 01 01 Checksum 5C8D29BE built on Mon Jul 25 16 14 46 2005 Boot ROM version J03 01 01 Checksum 49C7 built on Mon Jul 25 16 15 52 2005 Copyright c 2005 2005 Hewlett Packard Co Platform ProCurve Secure Router 7102dl Serial number US449TR019 Flash 33554432 bytes DRAM 134217727 bytes System uptime is 0 days 0 hours 14 minutes 4...

Страница 287: ...lett Packard Development Company L P 285 ProCurve show modules Slot Port Type Part Number Software Version 1 1 2 E1 E1 WAN J8456A 1 2 1 2 E1 E1 WAN J8456A 1 3 1 8 Octal E1 J8463A 1 4 Empty ProCurve ProCurve ProCurve show flash 287413 J01_02B boot biz 3775 startup config 5166 startup config bak etc ...

Страница 288: ...currently crossed for all DS1 interfaces Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following is sample output of the show thresholds command ProCurve enable ProCurve show thresholds t1 1 1 SEFS 15 min threshold exceeded UAS 15 min threshold exceeded SEFS 24 hr threshold exceeded UAS 24 hr threshold exceeded t1 1 2 No thresholds ...

Страница 289: ...lues No default value necessary for this command Functional Notes Use the realtime argument for this command to display full screen output in real time Information is continuously updated on the console until you either freeze the data by pressing the F key or exit realtime mode by pressing Ctrl C If there is not enough room on the screen for all available data the information will truncate at the...

Страница 290: ... to display full screen output in real time Information is continuously updated on the console until you either freeze the data by pressing the F key or exit reatime mode by pressing Ctrl C If there is not enough room on the screen for all available data the information will truncate at the bottom of the screen In order to maximize the amount of data displayed increase the terminal length using th...

Страница 291: ...lt Values No default value necessary for this command Functional Notes Use the realtime argument for this command to display full screen output in real time Information is continuously updated on the console until you either freeze the data by pressing the F key or exit reatime mode by pressing Ctrl C If there is not enough room on the screen for all available data the information will truncate at...

Страница 292: ...ure Router 7203dl SROS Version J04 01 Checksum 74305239 built on Fri Dec 09 10 00 32 2005 Boot ROM version J04 01 Checksum 4353 built on Fri Dec 09 10 00 35 2005 Copyright c 2005 2005 Hewlett Packard Co Platform ProCurve Secure Router 7203dl Serial number US449TS040 Flash 33554432 bytes DRAM 268435455 bytes System uptime is 0 days 6 hours 55 minutes 24 seconds Current system image file CFLASH SROS...

Страница 293: ...ered the system opens the biz file specified and returns the current SROS version information Syntax Description cflash Specifies a biz file located in the compact flash memory flash Specifies a biz file located in flash memory filename Specifies the exact filename of the biz file for the system to determine the version information Default Values No default value necessary for this command Usage E...

Страница 294: ...nc sip check sync firmware upgrade Syntax Description firmware upgrade Optional Specifies that the check sync notification will prompt the phones to update their firmware Check sync notifications containing a phone firmware upgrade are more time consuming than a generic check sync and require a coordination effort when updating all phones on the network This command staggers phone notifications on...

Страница 295: ...and to open a Telnet session through the SROS to another system on the network Syntax Description address Specifies the IP address of the remote system Default Values No default value necessary for this command Usage Examples The following example opens a Telnet session to a remote system 10 200 4 15 ProCurve enable ProCurve telnet 10 200 4 15 User Access Login Password ...

Страница 296: ...urrent terminal session and returns to the default value 24 rows when the session closes Use the no form of this command to return to the default terminal length Syntax Description lines Number of rows lines for the terminal session Range 0 to 480 Default Values The default setting for this command is 24 rows Usage Examples The following example sets the number of rows to 30 ProCurve enable ProCur...

Страница 297: ...ddress Optional Specifies the IP address of the remote system to trace the routes to source address Optional Specifies the IP address of the interface to use as the source of the trace Default Values No default value necessary for this command Usage Examples The following is a sample traceroute output ProCurve enable ProCurve traceroute 192 168 0 1 Type CTRL C to abort Tracing route to 192 168 0 1...

Страница 298: ...evelopment Company L P 296 undebug all Use the undebug all command to disable all activated debug messages Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following example disabled all activated debug messages ProCurve enable ProCurve undebug all ...

Страница 299: ...mand to send messages to all users currently logged in to the SROS unit Syntax Description No subcommands Default Values No defaults necessary for this command Usage Examples The following example sends the message Reboot in 5 minutes if no objections to the CLI screen of everyone currently connected ProCurve enable ProCurve wall Reboot in 5 minutes if no objections ...

Страница 300: ...ry Once the save is complete the changes are retained even if the unit is shut down or suffers a power outage Syntax Description erase Optional Erase the configuration files saved to the unit s flash memory memory Optional Save the current configuration to flash memory See copy running config on page 74 for more information network Optional Save the current configuration to the network TFTP server...

Страница 301: ...ands begin on page 302 aaa authentication commands begin on page 310 aaa authorization commands begin on page 316 aaa group server on page 320 aaa on on page 321 aaa processes threads on page 323 arp ip address mac address arpa on page 324 autosynch mode on page 325 banner exec login motd character message character on page 327 boot config cflash flash filename cflash flash backup filename on page...

Страница 302: ...r destination per packet on page 421 ip local policy route map map name on page 422 ip mcast stub helper address ip address on page 423 ip multicast routing on page 424 ip name server server address1 6 on page 425 ip policy class policyname on page 426 ip policy class policyname max sessions number max host sessions number on page 431 ip policy class policyname rpf check on page 432 ip policy time...

Страница 303: ...mac address bridge bridge id interface interface on page 481 modem countrycode countrycode on page 482 probe on page 485 qos map mapname sequence number on page 486 radius server on page 487 radius server host on page 489 route map map name permit deny sequence number on page 490 router bgp AS number on page 491 router ospf on page 492 router pim sparse on page 493 router rip on page 494 safe mode...

Страница 304: ...evel listname none group tacacs aaa accounting commands level listname none group groupname aaa accounting commands level listname stop only group tacacs aaa accounting commands level listname stop only group groupname Syntax Description level Specifies the commands enable level Only level 1 unprivileged and level 15 privileged commands are supported listname Specifies the name of the list default...

Страница 305: ...age Examples The following example creates a list called myList and sets accounting for Level 1 commands at stop only activities ProCurve config aaa accounting commands 1 myList stop only group tacacs Note To complete this command Telnet must be applied to the lines See Line Telnet Interface Config Command Set on page 550 for more detailed instructions ...

Страница 306: ...lt none group groupname tacacs aaa accounting connection default start stop group groupname aaa accounting connection default start stop group tacacs aaa accounting connection default stop only group groupname aaa accounting connection default stop only group tacacs Syntax Description default Uses the default accounting list group groupname Specifies to use the named group remote server for accoun...

Страница 307: ...nection terminates ProCurve config aaa accounting connection myList stop only group tacacs The following example creates a list called myList and sends the Telnet connection information to the TACACS server when the connection is made and when the connection terminates ProCurve config aaa accounting connection myList start stop group tacacs Note To complete this command Telnet must be applied to t...

Страница 308: ...aa accounting exec default start stop group groupname aaa accounting exec default start stop group tacacs aaa accounting exec default stop only group groupname aaa accounting exec default stop only group tacacs Syntax Description default Uses the default accounting list group groupname Specifies to use the named group remote server for accounting Multiple groups can be specified If the unit fails ...

Страница 309: ...he following example creates a list called myList and sends the connection login records to the TACACS server when the connection login is terminated ProCurve config aaa accounting exec myList stop only group tacacs Note To complete this command Telnet must be applied to the lines See Line Telnet Interface Config Command Set on page 550 for more detailed instructions ...

Страница 310: ...ords for usernames set to null For more detailed information on AAA functionality refer to the Technology Review section of the command aaa on on page 321 Syntax Description No subcommands Default Values By default this command is disabled and the accounting records for null usernames are sent to the server Usage Examples The following command tells the unit not to send accounting records for user...

Страница 311: ...gy Review section of the command aaa on on page 321 Variations of this command include aaa accounting update newinfo aaa accounting update periodic value Syntax Description newinfo Sends all new accounting records immediately periodic value Specifies the time interval in minutes between accounting updates sent to the server Select from 1 to 2 147 483 647 Default Values By default accounting record...

Страница 312: ... recording the typed text message used for the banner The message must end with the same delimiter to indicate that the message is complete The text delimiters are not displayed to the screen during operation fail message string Sets the message shown if user authentication fails The message can be multiple lines Enter a delimiter such as to begin recording the typed text message displayed after a...

Страница 313: ...e ProCurve Secure Router The following example defines an authentication failed message of Authentication Failed Contact IT for further assistance ProCurve config aaa authentication fail message Enter TEXT message End with the character Authentication Failed Contact IT for further assistance The following example defines a password prompt of PW ProCurve config aaa authentication password prompt PW...

Страница 314: ...default none enable Syntax Description none Access automatically granted line Uses the line password for authentication enable Uses the enable password for authentication group groupname Uses the specified group of remote servers for authentication group radius Uses all defined RADIUS servers for authentication group tacacs Uses all defined TACACS servers for authentication Default Values If there...

Страница 315: ...idual servers to the named group Refer to Radius Group Command Set on page 1425 or TACACS Group Configuration Command Set on page 1427 for more information The default group cannot be changed and includes all RADIUS servers in the order they were specified by the radius server commands The same is true of TACACS servers specified by the tacacs server commands Usage Examples The following example s...

Страница 316: ...a authentication login default group radius enable aaa authentication login default group tacacs aaa authentication login default group tacacs enable aaa authentication login default group groupname aaa authentication login default group groupname enable aaa authentication login default line aaa authentication login default line enable aaa authentication login default local aaa authentication logi...

Страница 317: ...s when no other list is assigned Functional Notes A user is authenticated by trying the list of methods from first to last until a method succeeds or fails If a method is unable to complete the next method is tried The local user database falls through to the next method if the username does not appear in the database The group falls through if the servers in the remote group could not be found Se...

Страница 318: ... default setting Variations of this command include aaa authorization config command aaa authorization console Syntax Description config command Enables authorization for configuration mode commands Only level 1 unprivileged and level 15 privileged commands are supported console Allows authorization to be applied to the console Default Values By default authorization for console is disabled Howeve...

Страница 319: ...ticated aaa authorization commands level listname none Syntax Description level Specifies the command s enable level Only level 1 unprivileged and level 15 privileged commands are supported listname Specifies the name of the authorization list default Specifies the default authorization list and applies it implicitly across all lines none Grants access automatically if authenticated Succeeds if us...

Страница 320: ...n exec listname if authenticated group tacacs aaa authorization exec default none aaa authorization exec default group groupname aaa authorization exec default group tacacs aaa authorization exec default if authenticated aaa authorization exec default if authenticated group groupname aaa authorization exec default if authenticated group tacacs Syntax Description default Specifies the default autho...

Страница 321: ...e following command creates a list called myList to authorize exec shell which succeeds only if the user has been authenticated successfully ProCurve config aaa authorization exec myList if authenticated The following command specifies to use the default list to authorize an exec shell with the TACACS server ProCurve config aaa authorization exec default group tacacs ...

Страница 322: ...necessary for this command Functional Notes Use the radius server command to specify RADIUS servers before adding them to a group Likewise use the tacacs server command to specify TACACS servers before adding them to a group These commands enter a mode for adding individual servers to the named group Refer to Radius Group Command Set on page 1425 or TACACS Group Configuration Command Set on page 1...

Страница 323: ... PASSWORD Use the line password telnet 0 4 or console 0 1 ENABLE PASSWORD Use the enable password LOCAL USERS Use the local user database GROUP groupname Use a group of remote RADIUS or TACACS servers The AAA system allows the user to create a named list of these methods to try in order in case one fails it falls to the next one This named list is then attached to a portal telnet 0 4 or console 0 ...

Страница 324: ...th the order LINE ENABLE LOCAL and GROUP mygroup the following statements are true If there is no LINE password the list falls through to the ENABLE password If there is no ENABLE password the AAA system prompts the user for a username and password for the local user database If the given user is not in the local list the username and password are handed to the remote servers defined in mygroup A ...

Страница 325: ...g For more detailed information on AAA functionality refer to the Technology Review section of the command aaa on on page 321 Syntax Description threads Specifies the number of threads available to the AAA subsystem Range 1 to 64 Default Values By default this is set to 1 process Functional Notes Increasing this number may speed up simultaneous authentication at the cost of system resources e g me...

Страница 326: ...ress resolution protocol ARP table Syntax Description arpa Sets the standard address resolution protocol for this interface ip address Specifies the IP address mac address Specifies the MAC address Default Values The default for this command is arpa Usage Examples The following example enables standard ARP for the VLAN interface ProCurve config interface vlan 1 ProCurve config interface vlan 1 arp...

Страница 327: ...files is more current This allows the customer to maintain the version of the operating system and the configuration for that operating system at the desired level To accomplish this a synchronization check is performed on the system any time there is a change in startup config or SROS BIZ on the compact flash card The autosynch feature allows for quick installation and updates of routers by inser...

Страница 328: ...opens the specified biz file and returns the current SROS version information ProCurve enable show version flash SROS BIZ Version J03 01 00 The show autosynch status command displays the current AutoSynchTM configuration and the statistics for the SROS BIZ and startup config files if AutoSynchTM is enabled ProCurve enable show autosynch status AutoSynch Mode Enabled AutoSynch SROS BIZ synched Auto...

Страница 329: ...ername and password login prompts motd Creates a message of the day MOTD banner character Banner text delimiter character Press Enter after the delimiter to begin input of banner text message Specifies the text message you wish to display End with the character that you chose as your delimiter Default Values By default no banners are configured Functional Notes Banners appear in the following orde...

Страница 330: ...ies primary backup configuration file located in compact flash memory flash Specifies primary backup configuration file located in flash memory filename Specifies the filename of the configuration file filenames are case sensitive backup filename Specifies a name for the backup configuration file Default Values No default is necessary for this command Usage Examples The following example specifies...

Страница 331: ...name Specifies the filename of the software filenames are case sensitive software files should have a biz or BIZ extension no backup Specifies that no backup software is to be saved to the system backup filename Specifies a name for the backup software verify Specifies a verification of the software checksum Default Values No default is necessary for this command Functional Notes Detailed instruct...

Страница 332: ... Protocol Use the no form of this command with the appropriate arguments to delete this setting Syntax Description group Specifies bridge group number 1 to 255 using the bridge command ieee IEEE 802 1 Ethernet spanning tree protocol Default Values By default all configured bridge interfaces implement ieee spanning tree protocol Usage Examples The following example deletes the bridge protocol setti...

Страница 333: ...g and Bridging CRB is that in IRB it is possible to route IP between routed interfaces and BVIs but with CRB the routed interfaces cannot communicate with bridged interfaces IRB s primary goal is to bridge all protocols and route any IP traffic destined for the MAC address of the BVI The IRB handles IP packets in the following manner When an IP packet comes into the router and it is not destined f...

Страница 334: ... Line Interface Reference Guide Global Configuration Mode Command Set 5991 2114 Copyright 2007 Hewlett Packard Development Company L P 332 Usage Examples The following example enables IRB ProCurve config bridge irb ...

Страница 335: ... DST Configures the unit to automatically correct for DST no auto correct DST Disables DST correction Default Values By default DST correction takes place automatically Functional Notes Depending on the clock timezone chosen see clock timezone text on page 335 for more information one hour DST correction may be enabled automatically You may override this default using this command Usage Examples T...

Страница 336: ... Sets the time in 24 hour format of the system software clock in the format HH MM SS hours minutes seconds day Sets the current day of the month valid range 1 to 31 month Sets the current month valid range January to December You need only enter enough characters to make the entry unique This entry is not case sensitive year Sets the current year valid range 2000 to 2100 Default Values No default ...

Страница 337: ...zone chosen one hour Daylight Savings Time DST correction may be enabled automatically See clock auto correct dst no auto correct dst on page 333 for more information clock timezone 1 Amsterdam clock timezone 1 Belgrade clock timezone 1 Brussels clock timezone 1 Sarajevo clock timezone 1 West Africa clock timezone 10 Brisbane clock timezone 10 Canberra clock timezone 10 Guam clock timezone 10 Hoba...

Страница 338: ...mezone 5 Ekaterinburg clock timezone 5 Islamabad clock timezone 3 Greenland clock timezone 3 30 clock timezone 4 Atlantic Time clock timezone 4 Caracus clock timezone 4 Santiago clock timezone 5 clock timezone 5 Bogota clock timezone 5 Eastern Time clock timezone 6 Central America clock timezone 6 Central Time clock timezone 6 Mexico City clock timezone 6 Saskatchewan clock timezone 5 30 clock tim...

Страница 339: ...cutive carriage returns or the word quit on a line by itself BEGIN X509 CERTIFICATE MIIDEDCCAs6gAwIBAgICAXIwCwYHKoZIzjgEAwUAMFoxCzAJBgNVBAYTAkZJMSQw IgYDVQQKExtTU0ggQ29tbXVuaWNhdGlvbnMgU2VjdXJpdHkxETAPBgNVBAsTCFdl YiB0ZXN0MRIwEAYDVQQDEwlUZXN0IENBIDQwHhcNMDMwMTA5MTYyNTE1WhcNMDMx MjMxMjM1OTU5WjBaMQswCQYDVQQGEwJGSTEkMCIGA1UEChMbU1NIIENvbW11bmlj YXRpb25zIFNlY3VyaXR5MREwDwYDVQQLEwhXZWIgdGVzdDESMBAGA1UE...

Страница 340: ...mpany L P 338 END X509 CERTIFICATE quit Hash 4e904504dc4e5b95e08129430e2a0b97ceef0ad1394f905b42df2dfb8f751be0244a711bb0 6eddaa2f07dd640c187f14c16fa0bed28e038b28b6741a880539d6ed06a68b7e324bfdde6f3d0b17 83d94e58fd4943f5988a7a0f27f6b6b932dc0410378247160752853858dbe7a1951245cfb14b109e ffc430e177623720de56f4 Do you accept this certificate y y ...

Страница 341: ...ificate Configuration Command Set on page 1223 for more information Syntax Description name Specifies CA profile by alphanumeric string of up to 32 characters Default Values No defaults necessary for this command Functional Notes Typically used only in the running config and startup config to restore certificates Usage Examples The following example enters the Certificate Configuration for the CA ...

Страница 342: ...ined using the dialog this command assembles them into an enrollment request to be sent to a certificate authority including the generation of public and private keys See crypto ca profile for more information If enrollment is set to terminal you may view the request on the terminal screen If enrollment is set to url the request is sent automatically to the certificate authority using the URL spec...

Страница 343: ... BEGIN CERTIFICATE MIIDWTCCAwOgAwIBAgIKFLCsOgAAAAAAtjANBgkqhkiG9w0BAQUFADBjMQswCQYD VQQGEwJVUzEQMA4GA1UECBMHQUxBQkFNQTETMBEGA1UEBxMKSHVudHN2aWxsZTEa MBgGA1UEChMRQWR0cmFuVGVjaFN1cHBvcnQxETAPBgNVBAMTCHRzcm91dGVyMB4X DTAzMDYyNTE0MTM1NVoXDTAzMTIwNjE0NDkxM1owJDEPMA0GA1UEChMGYWR0cmFu MREwDwYDVQQDEwhNeVJvdXRlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQClUKqs fbTalej5m9gk2DMsbC9df3TilBz 7nRx3ZzGw75AQsqEMYeBY5aWi62W...

Страница 344: ...ile by alphanumeric string of up to 32 characters Default Values No defaults necessary for this command Functional Notes Puts CLI in a mode where the CRL can be entered manually Enter quit and a carriage return or simply enter two consecutive carriage returns to exit this mode This command only applies if the enrollment command is set to terminal See enrollment terminal on page 1216 Usage Examples...

Страница 345: ...Specifies CA profile by alphanumeric string of up to 32 characters Default Values No defaults necessary for this command Functional Notes Use this to specify the type of enrollment as well as enrollment request parameters See the Functional Notes of the command crypto ca enroll name on page 340 for more information Usage Examples The following example creates the CA profile called MyProfile and en...

Страница 346: ...paddress or name on page 1267 for more information policy policy priority Creates an IKE policy with the policy priority of your choice and enters the IKE Policy See IKE Policy Command Set on page 1260 for more information Default Values There are no default settings for this command Usage Examples The following example creates an IKE policy with a policy priority setting of 1 and enters the IKE P...

Страница 347: ...mber in the system That priority number defines the position of that IKE policy within the system list When IKE negotiation is needed the system searches through the list starting with the policy with priority of 1 looking for a match to the peer IP address An individual IKE policy can override the system local id setting by having the local id command specified in the IKE policy definition This c...

Страница 348: ...created This transform set defines ESP with Authentication implemented using 3DES encryption and SHA1 authentication ProCurve config crypto ipsec transform set highly_secure esp 3des esp sha hmac ProCurve cfg crypto trans mode tunnel Step 7 Define an ip access list An Extended Access Control List is used to specify which traffic needs to be sent securely over the VPN tunnel The entries in the list...

Страница 349: ...ace This process includes configuring the IP address for the interface and applying the appropriate crypto map to the interface Crypto maps are applied to the interface on which encrypted traffic will be transmitted ProCurve config interface ppp 1 ProCurve config ppp 1 ip address 172 16 45 57 255 255 255 248 ProCurve config ppp 1 crypto map corporate_vpn ProCurve config ppp 1 no shutdown Step 10 C...

Страница 350: ...e ID preshared key keyname Associates a pre shared key with this remote ID no mode config Optional keyword used to specify that the peer matching this remote ID should not use mode config no xauth Optional keyword used to specify that the peer matching this remote ID should not use xauth nat t v1 l v2 allow l force I disable Optional keyword that denotes whether peers matching this remote ID shoul...

Страница 351: ...ote id asn1 dn CN MyRouter C US S CA L Roseville O HP OU TechSupport matches only remote ID strings with all fields exactly the same Example for typical asn1 dn format with wildcards used to match a string within a field crypto ike remote id asn1 dn CN C S L O OU matches any asn1 dn remote ID string from a peer Example for typical asn1 dn format with wildcards used to match a portion of the remote...

Страница 352: ...p null esp md5 hmac esp sha hmac Default Values There are no default settings for this command Functional Notes Crypto map entries do not directly contain the transform configuration for securing data Instead the crypto map is associated with transform sets which contain specific security algorithms If no transform set is configured for a crypto map the entry is incomplete and will have no effect ...

Страница 353: ...this command Functional Notes Crypto map entries do not directly contain the transform configuration for securing data Instead the crypto map is associated with transform sets which contain specific security algorithms see crypto ipsec transform set setname parameters on page 350 Crypto map entries do not directly contain the selectors used to determine which data to secure Instead the crypto map ...

Страница 354: ...sociated with that interface is processed in order If a crypto map entry matches the non secured traffic the traffic is discarded When a packet is to be transmitted on an interface the crypto map set associated with that interface is processed in order The first crypto map entry that matches the packet will be used to secure the packet If a suitable SA security association exists that is used for ...

Страница 355: ...otocol sent for inbound calls chap Configures CHAP authentication pap Configures PAP authentication Default Values By default there is no configuration for authentication Functional Notes There are certain PPP parameters that must be known before PPP can negotiate an inbound call when using demand routing To ensure PPP convergence it is recommended in most cases that demand routing interfaces use ...

Страница 356: ...Default Values By default the MTU size is 1500 and multilink is disabled Functional Notes There are certain PPP parameters that must be known before PPP can negotiate an inbound call when using demand routing To ensure PPP convergence it is recommended in most cases that demand routing interfaces use the same settings as those specified in the data call commands The data call mtu number command se...

Страница 357: ...e password during show commands password String up to 30 characters in length to use as the Enable Security mode password Default Values By default there is no configured enable password Usage Examples To provide extra security the SROS can encrypt the enable password when displaying the current configuration For example the following is a show configuration printout password portion with an unenc...

Страница 358: ... Functional Notes The event history provides useful information regarding the status of the system and individual port states Use the event history as a troubleshooting tool when identifying system issues The following is a sample event history log ProCurve show event history Using 526 bytes 2002 07 12 15 34 01 T1 t1 1 1 Yellow 2002 07 12 15 34 01 INTERFACE_STATUS t1 1 1 changed state to down 2002...

Страница 359: ...ts with a fatal priority are logged Info When selected all events are logged Notice When selected events with notice warning error and fatal priorities are logged Warning When selected events with warning error and fatal priorities are logged Default Values By default no event messages are logged to the event history Functional Notes The event history provides useful information regarding the stat...

Страница 360: ...figuration Mode Command Set 5991 2114 Copyright 2007 Hewlett Packard Development Company L P 358 Usage Examples The following example logs all events to the event history ProCurve enable ProCurve config terminal ProCurve config event history priority info ...

Страница 361: ... an exception report Use the no form of this command to disable rebooting when the minimum memory limitation is violated Syntax Description memory Specifies the minimum amount of memory in bytes that must be free before a reboot occurs Default Values By default exception memory minimum is disabled Usage Examples The following example sets the exception memory minimum to 3 Mb ProCurve config except...

Страница 362: ...eption report yyyyMMddHHmmss The yyyMMddHHmmss is automatically populated with the actual year month day hour minutes and seconds when the report was generated Specifying a new filename results in the following format filename yyyyMMddHHmmss Usage Example The following example specifies the output filename for an exception report ProCurve config exception report file name thereport ProCurve config...

Страница 363: ... aaa on command Syntax Description listname Specifies the named list created with the aaa authentication login command Enter default to use the AAA default login list Default Values There is no default configuration for the list If AAA is turned on but no ftp authentication list has been assigned FTP denies all login attempts Usage Examples The following example attaches the authentication list My...

Страница 364: ...it This string will be displayed in all prompts Syntax Description name Identifies the unit by alphanumeric string of up to 32 characters Default Values By default the hostname is ProCurveSRXXXXdl where XXXX is the model number of the router For example the default for the ProCurve Secure Router 7203dl is ProCurveSR7203dl Usage Examples The following example creates a hostname for the SROS device ...

Страница 365: ... location slot and port For example if you have a T1 DSX 1 installed in Slot 1 of an SROS product The WAN T1 port would be specified in the CLI as t1 1 1 The DSX 1 port would be specified as t1 1 2 If for example a backup module is also installed then the backup port would be specified as bri 1 3 If you are specifying a port that is built into the base unit e g the Ethernet port the slot number is...

Страница 366: ...int to point Default Values By default there are no configured virtual ATM interfaces or sublinks Functional Notes Creating an endpoint that uses a layer 2 protocol such as ATM contains the following steps Step 1 Create the ATM virtual endpoint using the interface atm command and set the protocol specific configuration parameters and or activate the interface The following example creates a virtua...

Страница 367: ...and the physical interface using the bind command For example the following creates a bind labeled 5 to make an association between the ATM virtual interface atm 7 and the adsl 1 1 interface ProCurve config bind 5 adsl 1 1 atm 7 Usage Examples The following example creates an ATM virtual interface labeled 1 and enters the ATM Interface Configuration mode ProCurve config interface atm 1 ProCurve co...

Страница 368: ... configured virtual Frame Relay interfaces or sublinks Functional Notes Creating an endpoint that uses a layer 2 protocol such as Frame Relay is generally a four step process Step 1 Create the Frame Relay virtual endpoint using the interface frame relay command and set the signaling method using the frame relay lmi type command Also included in the Frame Relay virtual endpoint are all the applicab...

Страница 369: ...ng rate on the interface For example the following creates a tdm group labeled 9 containing 20 DS0s each DS0 having a data rate of 56 kbps ProCurve config interface t1 1 1 ProCurve config t1 1 1 tdm group 9 timeslots 1 20 speed 56 ProCurve config t1 1 1 exit Step 4 Make the association between the layer 2 endpoint and the physical interface using the bind command For example the following creates ...

Страница 370: ...configuration commands ProCurve config interface hdlc 7 ProCurve config hdlc 7 Step 2 Configure the interface parameters to apply access policies to the interface create bridging interfaces configure backup and assign an IP address You must activate the interface using the no shutdown command before the interface is able to pass any data For example the following assigns an IP address of 10 44 69 ...

Страница 371: ...erface using the bind command For example the following creates a bind labeled 5 to make an association between the HDLC virtual interface hdlc 7 and the tdm group configured on interface t1 1 1 tdm group 9 ProCurve config bind 5 t1 1 1 9 hdlc 7 Usage Examples The following example creates a HDLC virtual interface labeled 1 and enters the HDLC Interface Configuration mode ProCurve config interface...

Страница 372: ...s always up unless the router is shut down Use the no form of this command to delete a configured loopback interface Syntax Description label Specifies the numerical virtual loopback interface identifying label valid range 1 to 1024 Default Values By default there are no configured loopback interfaces Usage Examples The following example creates a loopback virtual interface labeled 1 and enters th...

Страница 373: ...PP command set ProCurve config interface ppp 7 ProCurve config ppp 7 Step 2 Configure the interface parameters to apply access policies to the interface create bridging interfaces configure backup and assign an IP address You must activate the interface using the no shutdown command before the interface can pass data For example the following assigns an IP address of 172 24 69 1 30 to the interfac...

Страница 374: ...interface using the bind command For example the following creates a bind labeled 5 to make an association between the PPP virtual interface ppp 7 and the tdm group configured on interface t1 1 1 tdm group 9 ProCurve config bind 5 t1 1 1 9 ppp 7 Usage Examples The following example creates a PPP virtual interface labeled 1 and enters the PPP Interface Configuration mode ProCurve config interface p...

Страница 375: ...nterfaces to be configured followed by a hyphen or a comma slot port Specifies the slot port number of the last interface in the desired range of interfaces to be configured Default Values No default value is necessary for this command Functional Notes All configuration changes made in this mode will apply to all interfaces in the range specified Usage Examples The following example selects seven ...

Страница 376: ...ional 5 The tunnel can not be in a recursive routing loop 6 If keepalives are enabled keepalive processing must be successful See keepalive period retries on page 1192 for details Technology Review A tunnel interface enables standard point to point encapsulation between two links Each endpoint must have a unique tunnel configured Tunneling allows an arbitrary payload protocol to be encapsulated wi...

Страница 377: ...ist blocks all outbound Web traffic protocol Specifies the data protocol ip icmp tcp udp ahp esp gre or a specific protocol 0 to 255 source Specifies the source used for packet matching Sources can be expressed in one of four ways 1 Using the keyword any to match any IP address 2 Using host A B C D to specify a single host address 3 Using the A B C D wildcard format to match all IP addresses in a ...

Страница 378: ... 67 rip Port 520 discard Port 9 snmp Port 161 dnsix Port 195 snmptrap Port 162 domain Port 53 sunrpc Port 111 echo Port 7 syslog Port 514 isakmp Port 500 tacacs Port 49 mobile ip Port 434 talk Port 517 nameserver Port 42 tftp Port 69 netbios dgm Port 138 time Port 37 netbios ns Port 137 who Port 513 netbios ss Port 139 xdmcp Port 177 The following TCP port numbers can be specified using the associ...

Страница 379: ... defined and numbered messages carried in IP datagrams used to send error and control information Valid range is 0 to 255 icmp code Optional Filters ICMP packets that are filtered using the ICMP message type using the icmp type keyword can also be filtered using the ICMP message code valid range 0 to 255 An icmp type must be specified when entering an icmp code icmp message Optional Filters packet...

Страница 380: ...tion for the list such as This list blocks all outbound web traffic log Using the log keyword logs a message if debug access list is enabled for this access list when the access list finds a packet match Usage Examples The following example creates an access list AllowIKE to allow all IKE UDP Port 500 packets from the 192 168 22 55 0 24 network ProCurve config ip access list extended AllowIKE ProC...

Страница 381: ...s can be expressed in one of four ways 1 Using the keyword any to match any IP address 2 Using host A B C D to specify a single host address 3 Using the A B C D wildcard format to match all IP addresses in a range Wildcard masks work in reverse logic from subnet masks Specifying 255 in any octet of the wildcard mask equates to a don t care 4 Using the keyword hostname to match based on a DNS name ...

Страница 382: ...tion for the list such as This list blocks all outbound web traffic log use the log keyword to log a message if debug access list is enabled for this access list when the access list finds a packet match Usage Examples The following example creates an access list UnTrusted to deny all packets from the 192 168 22 248 30 network ProCurve config ip access list standard UnTrusted ProCurve config std n...

Страница 383: ...ee AS Path List Command Set on page 1271 for more information on the available options Default Values By default no as path lists are defined Functional Notes AS path lists are a type of route filter that permits or denies BGP routes based on the AS_PATH attribute AS path lists define a list of AS specifications to permit or deny traffic which can then be referenced in a route map See the Usage Ex...

Страница 384: ...best supernet route available A classless packet is a packet addressed for delivery to a subnet of a network with no default network route Syntax Description No subcommands Default Values By default this command is enabled Functional Notes SROS products only function in classless mode You cannot disable this feature Usage Examples The following example enables the system to forward classless packe...

Страница 385: ...the no form of this command to delete a community list Syntax Description listname Specifies the name of the community list to use in the community list attribute for BGP routes See Community List Command Set on page 1327 for more information on the available options Default Values By default this command is disabled Usage Examples The following example creates the community list and enters the co...

Страница 386: ...nality using the ip crypto command The SROS allows you to perform all VPN related configuration prior to enabling ip crypto with the exception of assigning a crypto map to an interface The no ip crypto command removes all crypto maps from the interfaces Enabling ip crypto enables the IKE server on UDP port 500 The no form of this command disables the IKE server on UDP port 500 Usage Examples The f...

Страница 387: ...ask interface or ip address null 0 administrative distance on page 438 for more information Syntax Description ip address Specifies the default gateway IP address in the form of dotted decimal notation example 192 22 71 50 Default Values By default there is no configured default gateway Functional Notes Only use the ip default gateway when IP routing is disabled on the router For all other cases u...

Страница 388: ...base local Use the ip dhcp server database local command to configure a DHCP database agent with local bindings Use the no form of this command to disable this option Syntax Description No subcommands Default Values No default values Usage Examples The following example configures the DHCP database agent with local bindings ProCurve config ip dhcp server database local ...

Страница 389: ...notation in the range This field is not required when specifying a single IP address Default Values By default there are no excluded IP addresses Functional Notes The SROS DHCP server by default allows all IP addresses for the DHCP pool to be assigned to requesting clients This command is used to ensure that the specified address is never assigned by the DHCP server When static addressed hosts are...

Страница 390: ...ping packets sent on the network before assigning the IP address to a requesting DHCP client Default Values By default the number of DHCP server ping packets is set to 2 packets Functional Notes Before assigning an IP address to a requesting client the SROS DHCP server transmits a ping packet on the network to verify there are no other network hosts already configured with the specified address If...

Страница 391: ... default timeout interval Syntax Description milliseconds Specifies the number of milliseconds valid range 1 to 1 000 the DHCP server will wait for a response to a transmitted DHCP ping packet Default Values milliseconds 500 milliseconds Functional Notes Before assigning an IP address to a requesting client the SROS DHCP server transmits a ping packet on the network to verify there are no other ne...

Страница 392: ...escription name Identifies the configured DHCP server address pool by alphanumeric string up to 32 characters in length example SALES Default Values By default there are no configured DHCP address pools Functional Notes Use the ip dhcp server pool to create multiple DHCP server address pools for various segments of the network Multiple address pools can be created to service different segments of ...

Страница 393: ...ed host translation name to address Use the no form of this command to disable DNS Syntax Description No subcommands Default Values By default this command is enabled Functional Notes Use the ip domain lookup command to enable the DNS client in the router This will allow the user to input web addresses instead of IP addresses for applications such as ping Telnet and traceroute Usage Examples The f...

Страница 394: ... names Do not include the initial period that separates the unresolved name from the default domain name Default Values By default this command is disabled Functional Notes Use the ip domain name command to set a default name which will be used to complete any IP host name that is invalid i e any name that is not recognized by the name server When this command is enabled any IP host name that is n...

Страница 395: ...roxy for other units on the network Syntax Description No subcommands Default Values By default this command is disabled Functional Notes When this command is enabled incoming DNS requests will be handled by the router It will first search its host table for the query and if it is not found there the request will be forwarded to the servers configured with the ip name server command Usage Examples...

Страница 396: ...ng to the translation rules defined in NAT access policies Finally if sessions are inactive for a user specified amount of time the session will be closed by the firewall Application Specific Processing Certain applications need special handling to work correctly in the presence of a firewall SROS uses ALGs application level gateways for these applications The SROS includes several security featur...

Страница 397: ...provides two types of ACLs standard and extended Standard ACLs allow source IP address packet patterns only Extended ACLs may specify patterns using most fields in the IP header and the TCP or UDP header Usage Examples The following example enables the SROS security features ProCurve config ip firewall Technology Review Concepts Access control using the SROS firewall has two fundamental parts Acce...

Страница 398: ...cy class This traffic is routed normally The ip firewall command has no effect on this traffic Attack Protection When the ip firewall command is enabled firewall attack protection is enabled The SROS blocks traffic matching patterns of known networking exploits from traveling through the device For some of these attacks the user may manually disable checking blocking while other attack checks are ...

Страница 399: ... be in response to a valid session All others are discarded Twinge Attacks that send TCP URG packets Yes Any TCP packets that have the URG flag set are discarded by the firewall Winnuke TCP XMAS Scan Falsified IP Header Attacks No The firewall verifies that the packet s actual length matches the length indicated in the IP header If it does not the packet is dropped Jolt Jolt2 Echo No All UDP echo ...

Страница 400: ...rate concurrently with NAT firewall functionality The SROS firewall includes ALGs for handling these applications and protocols AOL Instant Messenger AIM VPN ALGS ESP and IKE FTP H 323 H 245 Q 931 ASN1 PER decoding and Encoding ICQ IRC Microsoft Games Net2Phone PPTP Quake Real Time Streaming Protocol SMTP HTTP CUseeme SIP L2TP PcAnywhere SQL Microsoft Gaming Zone To determine if a specific applica...

Страница 401: ...no special knowledge to work well with simple protocols Session Initiation Protocol SIP ALG Information By default the SROS SIP ALG is enabled This ALG allows the firewall to examine the ALL SIP packets it identifies and maintain knowledge of SIP transmissions on the network based on the SIP header The SIP ALG requires the use of the SIP stack and the SIP proxy server in order to properly route SI...

Страница 402: ...arry IP addresses and ports embedded in the packet and standard NAT implementations only modify the IP and TCP UDP headers A true SIP ALG is required to both modify the packets as needed for NAT but also open holes in the firewall as needed for traffic flow based on the information carried in the SIP header Enabling the SROS SIP ALG using the ip firewall alg sip command configures the firewall to ...

Страница 403: ...more details on SIP functionality in the SROS refer to the Functional Notes and Technology Review sections of the command ip firewall alg ftp h323 h323 timeout pptp sip on page 399 Use the no form of this command to return to the default settings Syntax Description udp port Sets the UDP port Valid range 1 to 65 535 Multiple UDP ports can be entered Default Values By default the ALG for SIP is enab...

Страница 404: ... command to return to the default threshold Syntax Description value Specifies the number of attack mounting attempts the SROS will identify before generating a log message valid range 0 to 4 294 967 295 Default Values By default the ip firewall attack log threshold is set to 100 Usage Examples The following example specifies a threshold of 25 attacks before generating a log message ProCurve confi...

Страница 405: ...until the ip firewall command is issued at the Global Configuration prompt In addition the reflexive traffic check is disabled until the ip firewall check reflexive traffic command is issued Functional Notes This command allows the firewall to process traffic from a primary subnet to a secondary subnet on the same interface through the firewall If enabled this traffic will be processed through the...

Страница 406: ...scription No subcommands Default Values All SROS security features are disabled by default until the ip firewall command is issued at the Global Configuration prompt In addition TCP reset sequence number checking is disabled until the ip firewall check rst seq command is issued Usage Examples The following example enables TCP reset sequence number checking ProCurve config ip firewall check rst seq...

Страница 407: ...ued Functional Notes SYN Flooding is a well known denial of service attack on TCP based services TCP requires a three way handshake before actual communications begin between two hosts A server must allocate resources to process new connection requests that are received A potential intruder is capable of transmitting large amounts of service requests in a very short period of time causing servers ...

Страница 408: ... command enables the WinNuke check Functional Notes WinNuke attack is a well known denial of service attack on hosts running Microsoft Windows operating systems An intruder sends Out of Band OOB data over an established connection to a Windows user Windows cannot properly handle the OOB data and the host reacts unpredictably Normal shut down of the hosts will generally return all functionality Usi...

Страница 409: ...tion No subcommands Default Values All SROS security features are disabled by default until the ip firewall command is issued at the Global Configuration prompt In addition the fast NAT fallover is disabled until the ip firewall fast nat fallover command is issued Usage Examples The following example enables fast nat fallover ProCurve config ip firewall fast nat fallover Note The SROS security fea...

Страница 410: ...FIN Use the no form of this command to return to the default setting Syntax Description seconds Specifies the time period allowed for TCP FIN Range is 0 to 4 294 967 295 Default Value By default ip firewall fin timeout is set to 4 seconds Usage Examples The following example sets the TCP FIN time period to 120 seconds ProCurve config ip firewall fin timeout 120 Note The SROS security features must...

Страница 411: ...and to return to the default threshold Syntax DescriptionSyntax Description value Specifies the number of access policy connections the SROS will identify before generating a log message valid range 0 to 4 294 967 295 Default Values By default the ip firewall policy log threshold is sest to 100 Usage Examples The following example specifies a threshold of 15 connections before generating a log mes...

Страница 412: ...t Use the no form of this command to return to the default setting Syntax Description seconds Specifies the time period allowed for TCP reset Range is 0 to 4 294 967 295 Default Value By default ip firewall rst timeout is set to 20 settings Usage Examples The following example sets the TCP reset time period to 120 seconds ProCurve config ip firewall rst timeout 120 Note The SROS security features ...

Страница 413: ...e hop to associated devices Syntax Description No subcommands Default Values All SROS security features are disabled by default until the ip firewall command is issued at the Global Configuration prompt In addition the stealth option is disabled until the ip firewall stealth command is issued Usage Examples The following example enables the stealth option ProCurve config ip firewall stealth Note T...

Страница 414: ...he SROS to forward UDP broadcast packets Syntax Description port number Specifies the UDP traffic type using source port The following is the list of UDP port numbers that may be identified using the text name biff Port 512 pim auto rp 496 bootps Port 67 rip Port 520 discard Port 9 snmp Port 161 dnsix Port 195 snmptrap Port 162 domain Port 53 sunrpc Port 111 echo Port 7 syslog Port 514 isakmp Port...

Страница 415: ...ewlett Packard Development Company L P 413 Usage Examples The following example forwards all Domain Name Server broadcast traffic to the DNS server with IP address 192 33 5 99 ProCurve config ip forward protocol udp domain ProCurve config interface eth 0 1 ProCurve config eth 0 1 ip helper address 192 33 5 99 ...

Страница 416: ...ass in command to assign an access policy to all self bound File Transfer Protocol FTP sessions Syntax Description policyname Specifies the configured access policy ACP to apply to inbound FTP traffic Default Values By default all ftp access is allowed Usage Examples The following example applies the configured ACP labeled Inbound_FTP to inbound FTP traffic ProCurve config ip ftp access class Inbo...

Страница 417: ...Hewlett Packard Development Company L P 415 ip ftp agent Use the ip ftp agent command to enable the file transfer protocol FTP agent Syntax Description No subcommands Default Values By default the FTP agent is enabled Usage Examples The following example enables the IP FTP agent ProCurve config ip ftp agent ...

Страница 418: ... FTP server Variations of this command include ip ftp server ip ftp server default filesystem cflash ip ftp server default filesystem flash Syntax Description default filesystem cflash Optional Specifies that the FTP server use the compact flash as the default file system default filesystem flash Optional Specifies that the FTP server use the flash as the default file system Default Values By defa...

Страница 419: ...source interface for a complete list of valid interfaces Default Values No default value is necessary for this command Functional Notes This command allows you to override the sender field in the IP packet If you have multiple interfaces in your unit changing the sender tells the receiver where to send replies This functionality can also be used to allow packets to get through firewalls that would...

Страница 420: ...ost cache Use the no form of this command to remove defined maps Syntax Description name Name of the host address IP address associated with this IP host Default Values By default the host table is empty Functional Notes The name may be any combination of numbers and letters as long as it is not a valid IP address or does not exceed 256 characters Usage Examples The following example defines two s...

Страница 421: ...me Restricts access to the HTTP server using the specified access control list in Applies to all incoming connections authentication name Assigns the specified AAA list to HTTP authentication secure access class name Restricts access to the HTTPS server using the specified secure access control list secure server name Enables the specified SSL server server name Enables the specified HTTP server c...

Страница 422: ...alues No defaults necessary for this command Functional Notes This command aids in debugging allowing the router s IP stack to connect to and respond on a multicast group The local stack operates as an IGMP host on the attached segment In multicast stub applications the global helper address takes care of forwarding IGMP joins responses on the upstream interface The router may respond to ICMP echo...

Страница 423: ...t routes and alternate between them Syntax Description per destination Specifies that the route used for forwarding a packet be based on a hash of the source and destination IP address in the packet per packet Specifies that each forwarding route lookup rotates through all the parallel best routes Parallel routes are defined as routes to the same subnet with the same metrics that only differ by th...

Страница 424: ...ce Use the no form of this command to return to the default route map Syntax Description map name Specify the name of the route map Default Values By default this command is disabled Functional Notes Before a route map can be specified it must first be defined using the route map command See route map map name permit deny sequence number on page 490 for more information Usage Examples The followin...

Страница 425: ...m interfaces The address specified may be the next upstream hop or any upstream address on the distribution tree for the multicast source up to and including the multicast source The router selects from the list of multicast stub upstream interfaces the interface on the shortest path to the specified address The router then proxies on the se lected upstream interface using an IGMP host function an...

Страница 426: ...ast router process The command does not affect other multicast related configuration Use the no form of this command to disable Disabling this command prevents multicast forwarding but does not remove other multicast commands and processes Syntax Description No subcommands Default Values By default this command is disabled Usage Examples The following example enables multicast functionality ProCur...

Страница 427: ... no form of this command to remove any addresses previously specified Syntax Description server address1 6 Specifies up to six name server addresses Default Values By default no name servers are specified Usage Examples The following example specifies host 172 21 111 as the primary name server and host 172 21 1 2 as the secondary server ProCurve config ip name server 172 21 1 111 172 21 1 2 This c...

Страница 428: ...erformed by the access policy are as follows allow list access control list name allow list access control list name stateless allow list access control list name policy access policy name allow list access control list name policy access policy name stateless allow list access control list name self allow list access control list name self stateless policy access policy name When the policy acces...

Страница 429: ...ned to All packets denied by the ACL will be processed by the next policy class entry or implicitly discarded if no further policy class entries exist Possible discard list actions performed by the access policy are as follows discard list access control list name discard list access control list name policy access policy name discard list access control list name self policy access policy name Wh...

Страница 430: ... table or policy based routing configuration If there is a match the firewall will process the packet If there is no match the firewall will process the packet based on the next policy class entry or implicitly discard it if no further policy class entries exist overload The overload command is not optional and must be used when using the nat source list command nat destination list All packets pe...

Страница 431: ...ass allow list self self ProCurve config policy class nat destination list MATCHALL interface ppp 1 overload The following is a sample output of the configuration after issuing these commands ip access list standard wizard ics remark Internet Connection Sharing permit any ip access list extended self remark Traffic to Router permit ip any any log ip policy class Private allow list self self nat so...

Страница 432: ...ied to determine whether the data will be processed or discarded Possible actions performed by the access policy are as follows allow list access control list name allow list access control list name stateless allow list access control list name policy access policy name allow list access control list name policy access policy name stateless allow list access control list name self allow list acce...

Страница 433: ...limit for the total number of allowed sessions for all policies on the device This number must be within the appropriate range limits The limits are 1 to 30 000 Setting this value to zero turns the feature off max host sessions number Specifies the maximum number of allowed policy sessions which can be created from each unique source address This command is used in conjunction with a named policy ...

Страница 434: ...cription policyname Identifies the configured access policy using an alphanumeric descriptor maximum of 255 characters All access policy descriptors are case sensitive rpf check Enables RPF check spoofing Default Values This command is enabled by default Functional Notes The rpf check feature should be disabled if your application allows incoming traffic on policy classes that do not match the rou...

Страница 435: ... not allowed for ICMP The following is the list of UDP port numbers that may be identified using the text name in bold all ports ntp Port 123 biff Port 512 pim auto rp 496 bootpc Port 68 rip Port 520 bootps Port 67 snmp Port 161 discard Port 9 snmptrap Port 162 dnsix Port 195 sunrpc Port 111 domain Port 53 syslog Port 514 echo Port 7 tacacs Port 49 isakmp Port 500 talk Port 517 mobile ip Port 434 ...

Страница 436: ...icy timeout tcp www 86400 ProCurve config ip policy timeout tcp telnet 1200 ProCurve config ip policy timeout tcp ftp 300 ProCurve config ip policy timeout tcp all_ports 480 The following example creates customized policy timeouts for UDP netbios ports 137 139 of 200 seconds and UDP ports 6000 7000 of 300 seconds ProCurve config ip policy timeout udp range netbios ns netbios ss 200 ProCurve config...

Страница 437: ...escription text Assigns text set apart by quotation marks used as a description for the prefix list Maximum length is 80 characters Default Values No default values are necessary for this command Functional Notes This command adds a string of up to 80 characters as a description for a prefix list It also creates the prefix list if a prefix list of that name does not already exist Usage Examples Th...

Страница 438: ...ecified an exact match is assumed If only ge is specified the range is assumed to be from ge value to 32 If only le is specified the range is assumed to be from len to le value Functional Notes This command specifies a prefix to be matched Optionally it may specify a range of mask lengths The following rule must be followed len ge value le value A prefix list with no entries allows all routes A ro...

Страница 439: ...nterface Specifies the source interface in the format type slot port Type ip radius source interface for a complete list of interfaces Default Values By default no source interface is defined Functional Notes If this value is not defined the address of the source network interface is used Usage Examples The following example configures the Ethernet 0 1 port to be the source interface ProCurve conf...

Страница 440: ...ber Syntax Description ip address Specifies the network address to add to the route table IP addresses should be expressed in dotted decimal notation for example 10 10 10 1 subnet mask Specifies the subnet mask that corresponds to a range of IP addresses network or a specific host Subnet masks can be expressed in dotted decimal notation for example 255 255 255 0 or as a prefix length for example 2...

Страница 441: ...ly redistributing routes into a routing protocol such as RIP OSPF BGP Range is 1 to 65 535 Default Values By default there are no configured routes in route table and the tag of 0 is applied to the route Usage Examples The following example adds a static route to the 10 220 0 0 16 network through the next hop router 192 168 45 254 and a default route to 172 16 2 10 ProCurve config ip route 10 220 ...

Страница 442: ...ompany L P 440 ip routing Use the ip routing command to enable the SROS IP routing functionality Use the no form of this command to disable IP routing Syntax Description No subcommands Default Values By default IP routing is enabled Usage Examples The following example enables the SROS IP routing functionality ProCurve config ip routing ...

Страница 443: ...otocol RTP Real time Transport Control Protocol RTCP connection between two or more User Agents UAs The ports used for this will always be selected in a pair with the even port used for RTP and the odd port for RTCP The SIP ALG enabled using the ip firewall alg sip configures the firewall to examine the ALL SIP packets it identifies and maintain knowledge of SIP transmissions on the network Since ...

Страница 444: ...the transfer of files using a secure connection A secure connection helps provide protection against outside forces gaining access to configuration files An external secure copy server such as PuTTY is required to facilitate the transfers from the terminal Syntax Description No subcommands Default Value By default the secure copy server function is disabled Usage Examples The following example ena...

Страница 445: ...nd the SIP proxy server in order to properly route SIP calls and maintain the SIP information When the SIP ALG is enabled the SIP stack and SIP proxy server are automatically enabled For proper SIP operation the firewall must also be configured to allow for dynamic holes for the RTP RTCP traffic associated with SIP calls between User Agents UAs This functionality must be manually enabled using the...

Страница 446: ...abase using memory on the local router This database is maintained across a power loss location Adds a SIP UA to the location database Manually adding a UA to the database is generally not required unless your SIP network is running in non registering mode username Specifies the username for the UA being added to the location database ip address Specifies the IP address for the UA being added to t...

Страница 447: ...ault the SROS SIP ALG is enabled This ALG allows the firewall to examine the ALL SIP packets it identifies and maintain knowledge of SIP transmissions on the network based on the SIP header The SIP ALG requires the use of the SIP stack and the SIP proxy server in order to properly route SIP calls and maintain the SIP information When the SIP ALG is enabled the SIP stack and SIP proxy server are au...

Страница 448: ...period max expires Specifies the maximum expiration period for the UA listing in the location database All UAs registering with the SIP proxy server request an expiration period for the listing in the database UAs requesting an expiration period between the max expires and min expires values are honored Enter a time in seconds from 0 to 2 592 000 min expires Specifies the minimum expiration period...

Страница 449: ...d to enable the Simple Network Management Protocol SNMP agent Syntax Description No subcommands Default Values By default the SNMP agent is disabled Functional Notes Allows a MIB browser to access standard MIBs within the product This also allows the product to send traps to a trap management station Usage Examples The following example enables the IP SNMP agent ProCurve config ip snmp agent ...

Страница 450: ...r Use the ip sntp server command to enable the simple network time protocol SNTP server This allows the unit to accept SNTP requests Use the no form of this command to disable the server Syntax Description No subcommands Default Values By default the SNTP server is disabled Usage Examples The following example enables the SNTP server ProCurve config ip sntp server ...

Страница 451: ...terface to be used as the source IP address for SNTP traffic Type ip sntp source interface for a complete list of valid interfaces Default Values No default value is necessary for this command Functional Notes This command allows you to override the sender field in the IP packet If you have multiple interfaces in your unit changing the sender tells the receiver where to send replies This functiona...

Страница 452: ... listen on an alternate TCP port Default Values By default the SSH server listens on TCP port 22 and Telnet listens on TCP port 23 Functional Notes SSH is a newer version of Telnet which allows you to run command line and graphical applications as well as transfer files over an encrypted connection Usage Examples The following example configures the Telnet server to listen on TCP port 2323 instead...

Страница 453: ...P 451 ip subnet zero The ip subnet zero command is the default operation and cannot be disabled This command signifies the router s ability to route to subnet zero subnets Syntax Description No subcommands Default Values By default this command is enabled Usage Examples The following example subnet zero is enabled ProCurve config ip subnet zero ...

Страница 454: ...ddress for TACACS traffic Type ip tacacs source interface for a complete list of valid interfaces Default Values No default value is necessary for this command Functional Notes This command allows you to override the sender field in the IP packet If you have multiple interfaces in your unit changing the sender tells the receiver where to send replies This functionality can also be used to allow pa...

Страница 455: ... class name in ip tftp server overwrite Syntax Description access class name in Controls access to the internal TFTP server using the specified access control list overwrite Enables the TFTP server to overwrite existing files Default Values By default this command is disabled Usage Examples The following example enables the TFTP server ProCurve config ip tftp server The following example enables t...

Страница 456: ...scription interface Specifies the interface to be used as the source IP address for TFTP traffic Default Values No default value is necessary for this command Functional Notes This command allows you to override the sender field in the IP packet If you have multiple interfaces in your unit changing the sender tells the receiver where to send replies This functionality can also be used to allow pac...

Страница 457: ...are configured Functional Notes The firewall must be enabled using the ip firewall command in order to use URL filters The URL filter must be applied to the appropriate interface by using the ip urlfilter filtername in out command Refer to this command in the appropriate interface for more information Usage Examples The following example creates the HTTP URL filter called MyFilter that can be appl...

Страница 458: ...ll URL requests in cases when all URL filter servers are down Use the no form of this command to block all URL requests when all URL filter servers are down Syntax Description No subcommands Default Values By default all URL requests will be blocked when all URL filter servers are down Usage Example The following example permits all URL requests even when URL filter servers are down ProCurve confi...

Страница 459: ...es By default no exclusive domains are configured Functional Notes Domain matching is based on an exact match between the HTTP header and entries in the ip urlfilter exclusive domain command In order to exactly match requests destined for a domain entries should list all possible variations of the domain that would appear in the Host field of an HTTP header Refer to the Usage Examples section of t...

Страница 460: ...value back to its default Syntax Description value The maximum number of outstanding URL lookup requests Valid range is 1 to 500 requests Default Values By default the number of outstanding requests is 500 Functional Notes After the maximum number of URL lookup requests is reached the no ip urlfilter allowmode setting will be used to allow or block all following requests until enough URL lookup re...

Страница 461: ...d responses is 100 Functional Notes When a URL request comes through the unit and URL filtering is enabled a lookup request is sent to the URL filter server and the HTTP request is forwarded to the HTTP server at the same time If the HTTP server responds before the URL filter server the response must be buffered until the URL filter server responds with allow or block Once the maximum number of bu...

Страница 462: ...pressed in dotted decimal notation for example 10 10 10 1 port number Specifies the server TCP port number which will receive requests timeout value Specifies the number of seconds to wait for a response from the URL filtering server before determining that it is out of service Range is 1 to 300 seconds Default Values By default there are no URL filtering servers configured When configuring a URL ...

Страница 463: ... subcommands Default Values No default values necessary for this command Functional Notes An ISDN group allows the user to specify the maximum and minimum number of B channels that can be used for a specific type of call It is a logical group of B channels from one or more ISDN interfaces An ISDN interface can be a member of multiple ISDN groups which makes it possible to share its B channels betw...

Страница 464: ... area International calls have the international direct dialing prefix removed For example consider an international call of 011 N where the international direct dialing prefix is 011 and the N represents the digits necessary for routing the call at the destination When the Called Party IE is created for this call the prefix is stripped and the N digits are placed in the Number Digits field nation...

Страница 465: ...attern Specifies a pattern for this template Valid Characters 0 9 Match exact digit only X Match any single digit 0 9 N Match any single digit 2 9 M Match any single digit 1 8 Match any digit in the list For example 1 4 6 matches 1 4 and 6 only 1 3 5 matches 1 2 3 and 5 Default Values The following default number template entry exists for domestic emergency calls 911 isdn number template 0 prefix ...

Страница 466: ...nd Set on page 550 for information on the subcommands found in this ssh Enters the configuration mode for SSH Refer to the section Line SSH Interface Config Command Set on page 561 for information on the subcommands found in that command set line number Specifies the starting session to configure for remote access valid range for console 0 valid range for Telnet and SSH 0 to 4 If configuring a sin...

Страница 467: ...wlett Packard Development Company L P 465 The following example begins the configuration for all available Telnet sessions ProCurve config line telnet 0 4 ProCurve config telnet0 4 The following example begins the configuration for all available SSH sessions ProCurve config line ssh 0 4 ProCurve config ssh0 4 ...

Страница 468: ...default minimum transmit interval 2 seconds valid range 1 through 8192 reinitialization delay 2 seconds valid range 1 through 10 transmit interval 30 seconds valid range 5 through 32 768 and ttl multiplier 4 valid range 2 through 10 Functional Notes Once a device receives data from a neighboring device in an LLDP frame it will retain that data for a limited amount of time This amount of time is ca...

Страница 469: ...ging console Use the logging console command to enable the SROS to log events to all consoles Use the no form of this command to disable console logging Syntax Description No subcommands Default Values By default logging console is disabled Usage Examples The following example enables the SROS to log events to all consoles ProCurve config logging console ...

Страница 470: ...ail priority level error fatal info notice warning on page 471 for more information Use the no form of this command to remove a listed address Syntax Description email address Specifies the complete email address to use when sending logged messages This field allows up to 256 characters Enter as many email addresses as desired placing a semi colon between addresses Default Values By default there ...

Страница 471: ...tion it will generate a file with detailed information that Technical Support can use to diagnose the problem This command allows the unit to email the exception report to a list of addresses upon rebooting after the exception This command should be used in conjunction with the other logging email commands Refer to logging email address list email address email address on page 468 logging email on...

Страница 472: ...logged by the SROS See logging email priority level error fatal info notice warning on page 471 and logging email priority level error fatal info notice warning on page 471 for more information Use the no form of this command to disable the email notification feature Syntax Description No subcommands Default Values By default email event notification is disabled Functional Notes The domain name is...

Страница 473: ... this command to return to the default priority Syntax Description Sets the minimum priority threshold for sending messages to email addresses specified using the logging email address list command The following priorities are available ranking from lowest to highest Error When selected events with error and fatal priorities are logged Fatal When selected only events with a fatal priority are logg...

Страница 474: ... notice warning on page 471 for related information Use the no form of this command to remove a configured address Syntax Description ip address Specifies the IP address in dotted decimal notation of the mail server to use when sending logged messages auth username username Specifies the user name to use if your email server requires authentication auth password password Specifies the password to ...

Страница 475: ...ommand to specify the sender in an outgoing email message This name will appear in the From field of the receiver s inbox Use the no form of this command to disable this feature Syntax Description No subcommands Default Values No default value is necessary for this command Usage Examples The following example sets a sender for outgoing messages ProCurve config logging email sender myUnit myNetwork...

Страница 476: ...interface to be used as the source IP address for email messages Type logging email source interface for a list of valid interface types Default Values No default value is necessary for this command Functional Notes This command allows you to override the sender field in the IP packet If you have multiple interfaces in your unit changing the sender tells the receiver where to send replies This fun...

Страница 477: ...ctional Notes below Use the no form of this command to return it to its default setting Syntax Description facility type Specifies the syslog facility type see Functional Notes below Default Values The default value is local7 Functional Notes The following is a list of all the valid facility types auth Authorization system cron Cron facility daemon System daemon kern Kernel local0 local7 Reserved ...

Страница 478: ...ify the event matching the criteria used by the SROS to determine whether a message should be forwarded to the syslog server See logging forwarding priority level error fatal info notice warning on page 477 for related information Use the no form of this command to disable the syslog event feature Syntax Description No subcommands Default Values By default syslog event notification is disabled Usa...

Страница 479: ...Description Sets the minimum priority threshold for sending messages to the syslog server specified using the logging forwarding receiver ip command The following priorities are available ranking from lowest to highest Error When selected events with error and fatal priorities are logged Fatal When selected only events with a fatal priority are logged Info When selected all events are logged Notic...

Страница 480: ... forwarding receiver ip commands to develop a list of syslog servers to use See logging forwarding priority level error fatal info notice warning on page 477 for related information Use the no form of this command to remove a configured address Syntax Description ip address Specifies the IP address in dotted decimal notation of the syslog server to use when logging messages Default Values By defau...

Страница 481: ...fies the interface to be used as the source IP address for event log traffic Type logging forwarding source interface for a list of valid interface types Default Values No default value is necessary for this command Functional Notes This command allows you to override the sender field in the IP packet If you have multiple interfaces in your unit changing the sender tells the receiver where to send...

Страница 482: ... length of time dynamic MAC addresses remain in the switch or bridge forwarding table Use the no form of this command to reset this length to its default Syntax Description aging time Specifies an aging time in seconds from 10 to 1 000 000 Set to 0 to disable the timeout Default Values By default the aging time is 300 seconds Usage Examples The following example sets the aging time to 10 minutes P...

Страница 483: ...nd to remove an entry from the table Syntax Description mac address Specifies a valid 48 bit MAC address bridge bridge id Specifies a valid bridge interface ID interface interface Specifies a valid slot port interface ID Type mac address table static bridge interface for a complete list of valid interfaces Default Values By default there are no static entries configured Usage Examples The followin...

Страница 484: ...Modem configuration Belgium Belgium Modem configuration Bolivia Bolivia Modem configuration Brazil Brazil Modem configuration Chile Chile Modem configuration China China Modem configuration Colombia Colombia Modem configuration Costa_Rica Costa_Rica Modem configuration Cyprus Cyprus Modem configuration Czechoslovakia Czechoslovakia Modem configuration Denmark Denmark Modem configuration Ecuador Ec...

Страница 485: ... Modem configuration Portugal Portugal Modem configuration Puerto_Rico Puerto_Rico Modem configuration Qatar Qatar Modem configuration Russia Russia Modem configuration Saudi_Arabia Saudi_Arabia Modem configuration Singapore Singapore Modem configuration Slovakia Slovakia Modem configuration Slovenia Slovenia Modem configuration South_Africa South_Africa Modem configuration Spain Spain Modem confi...

Страница 486: ...de Global Configuration Mode Command Set 5991 2114 Copyright 2007 Hewlett Packard Development Company L P 484 Usage Example The following example specifies to use the USA Canada modem configuration ProCurve config modem countrycode USA Canada ...

Страница 487: ...cp connect Specifies the probe type being created as a TCP connect Default Values By default there are no probes configured Usage Examples The following example creates an ICMP echo probe called probe1 ProCurve enable ProCurve configure terminal ProCurve config interface probe probe1 icmp echo ProCurve config probe probe1 Technology Review Probes are stand alone objects which help determine the st...

Страница 488: ...equenced entries An entry contains a single match reference and one or more actions priority set or both Multiple map entries for the same QoS map are differentiated by a sequence number The sequence number is used to assign match order Once created a QoS map must be applied to an interface using the qos policy out map name command in order to actively process traffic Any traffic for the interface...

Страница 489: ... user challenge entry When echo is turned on users see the text of the challenge as they type responses Enabling this option hides the text as it is being entered deadtime minutes Specifies how long a RADIUS server is considered dead once a timeout occurs The server will not be tried again until after the deadtime expires enable username name Specifies a username to be used for enable authenticati...

Страница 490: ...ation and accounting respectively If a server is added to a named group but is not defined by a radius server command the server is simply ignored when accessed Empty server lists are not allowed When the last server is removed from a list the list is automatically deleted Usage Examples The following example shows a typical configuration of these parameters ProCurve config radius server challenge...

Страница 491: ...er timeout this number of times uses RADIUS global setting if not given timeout seconds Waits for a response this number of seconds uses RADIUS global setting if not given key key Defines the shared key with the RADIUS server uses RADIUS global setting if not given Note that the key must appear last on the input line since it reads the rest of the line beyond the key keyword key encrypted key Defi...

Страница 492: ...ttributes deny Specifies not to redistribute routes matching the route map attributes sequence number Specifies a sequence number of this route entry Range is 1 to 4 294 967 295 Default Values By default no route maps are defined Functional Notes Route maps can be assigned to a neighbor using the route map command in the BGP Neighbor command set See route map map name in out on page 1323 for more ...

Страница 493: ...Review The following SROS BGP related guidelines may help guide decisions made during basic BGP implementation Ignore route if next hop is unreachable Prefer route with largest weight only used in the local router set by applying route maps to set this value on desired inbound updates Prefer route with largest local preference Prefer route injected by this router via network command Prefer route w...

Страница 494: ...firewall command To do this configure the OSPF networks as usual specifying which networks the system will listen for and broadcast OSPF packets to See ip firewall on page 394 for more information To apply stateful inspection to packets coming into the system create a policy class that describes the type of action desired and then associate that policy class to the particular interface see ip poli...

Страница 495: ... Command Set on page 1375 for more information on the subcommands for PIM Sparse Configuration mode Syntax Description No subcommands Default Values No default values necessary for this command Functional Notes Additional commands for PIM are found in the related interface configuration modes See the ip pim sparse commands in the various interface configuration sections for more information Usage ...

Страница 496: ...058 Version 1 and updated in RFCs 1721 1722 and 1723 for Version 2 Version 2 includes components that ease compatibility in networks operating with RIP V1 All advertisements occur on regular intervals every 30 seconds Normally a route that is not updated for 180 seconds is considered dead If no other update occurs in the next 60 seconds for a new and better route the route is flushed after 240 sec...

Страница 497: ... as failed metric 16 or up normal metric followed by the normal scheduled update The assumption here is that if a gateway missed the triggered update it will eventually learn from another gateway in the standard convergence process This conserves bandwidth RIP Related Definitions Route A description of the path and its cost to a network Gateway A device that implements all or part of RIP a router ...

Страница 498: ...tion where the configuration change they perform interrupts network connectivity For example if the user is connected to the router via a Telnet session and configures an access list ACL that blocks all Telnet access and applies it to an interface the user loses connectivity In this example the only way to recover connectivity is to directly connect to the Console port and remove the ACL Once enab...

Страница 499: ...sons cannot view them in configuration files since the encrypted form of the password is displayed in the running config While this provides some level of security the encryption method used with password encryption is not a strong form of encryption so you should take additional network security measures Usage Examples The following example enables password encryption for all passwords on the uni...

Страница 500: ...expressed in the format time day month year for example 08 15 2 February 2007 time Time is expressed in the 24 hour format hours minutes hh mm for example 08 15 day The day of the month is expressed with a number Range is 1 to 31 month The name of the month can be spelled out or abbreviated year The year is expressed in the format yyyy for example 2007 periodic Specifies the weekly behavior of the...

Страница 501: ...Configuration mode ProCurve config schedule Closed ProCurve config schedule Closed The following example sets the start time in the schedule named Closed to 8 15 a m on February 2 2007 and sets the end time to 10 15 a m on April 2 2007 ProCurve config schedule Closed absolute start 08 15 2 february 2007 end 10 15 2 april 2007 The following example sets the recurring start and end day and time in t...

Страница 502: ...id command to specify an identifier for the Simple Network Management Protocol SNMP server Use the no form of this command to return to the default value Syntax Description id string Identifies the product by alphanumeric string up to 32 characters in length Default Values id string Chassis ID Usage Examples The following example configures a chassis ID of A432692 ProCurve config snmp server chass...

Страница 503: ...mmunity view viewname rw snmp server community community view viewname rw listname Syntax Description community Specifies the community string a password to grant SNMP access view viewname Optional Specifies a previously defined view Views define objects available to the community For information on creating a new view see snmp server view name value on page 516 ro Optional Keyword to grant read o...

Страница 504: ...rver contact email address snmp server contact pager number snmp server contact phone number snmp server contact string Syntax Description email Specifies email address for the SNMP server contact pager Specifies pager number for the SNMP server contact phone Specifies phone number for the SNMP server contact number Identifies the contact up to 32 characters in length Default Values No default val...

Страница 505: ...P traps Variations of this command include snmp server enable traps snmp server enable traps snmp Syntax Description trap type Optional Specifies the type of notification trap to enable Leaving this option blank enables ALL system traps snmp Optional Enables a subset of traps specified in RFC 1157 The following traps are supported coldStart warmStart linkUp linkDown authenticationFailure Default V...

Страница 506: ...er engineID local 8000000b00000000000001 Technology Review The SNMP v3 engine ID is a unique identifier for a system on a management domain The default engine ID contains 11 octets in hexadecimal notation that represents certain information about the system The default engine ID format is as follows The first 4 octets of the default engine ID for ProCurve Secure Routers is 8000000b Octets 1 throug...

Страница 507: ... the default engine ID and replaces it with the first 22 characters of the user entered string Because the string is in hexadecimal notation only numbers 0 through 9 and characters a through f are valid If less than 22 characters are entered in the string SROS pads the end of the entered string with zeros least significant bits until the 22 character string is complete For example a user input of ...

Страница 508: ...ify name access listname Syntax Description access listname Specifies an access control list entry groupname Specifies the name of the SNMP group 32 characters maximum notify name Specifies a notify view entry 32 characters maximum read name Specifies a read view entry 32 characters maximum write name Specifies a write view entry 32 characters maximum v1 Uses SNMP version 1 security model v2c Uses...

Страница 509: ... community snmp snmp server host ip address traps community snmp server host ip address traps version 1 community snmp server host ip address traps version 1 community snmp snmp server host ip address traps version 2c community snmp server host ip address traps version 2c community snmp snmp server host ip address traps version 3 auth community snmp server host ip address traps version 3 auth comm...

Страница 510: ...s SNMP version 2c security model version 3 Uses SNMP version 3 user based security model USM snmp Optional Enables a subset of traps specified in RFC1157 Default Values By default there are no hosts or traps enabled Usage Examples The following example sends all SNMP traps to the host at address 190 3 44 69 and community string My Community ProCurve config snmp server host 190 3 44 69 traps My Com...

Страница 511: ...this command to return to the default setting Variations of this command include the following snmp server inform retries number snmp server inform timeout value Syntax Description retries number Specifies number of retries for a response The range is from 1 to 100 timeout value Specifies time in seconds to wait for a response The range is from 1 to 1000 seconds Default Values By default the retry...

Страница 512: ...Network Management Protocol SNMP system location string Use the no form of this command to return to the default value Syntax Description string Alphanumeric string encased in quotation marks up to 32 characters in length used to populate the system location string Default Values string ProCurve Usage Examples The following example specifies a location of 5th Floor Network Room ProCurve config snm...

Страница 513: ...mand to specify the URL for the device s management software Use the no form of this command to remove the management URL Syntax Description URL Specifies the URL for the management software Default Values No default is necessary for this command Usage Examples The following example specifies the URL http www mywatch com as the device s management software ProCurve config snmp server management ur...

Страница 514: ...and to specify a label for the URL of the device s management software Use the no form of this command to remove the label Syntax Description label Specifies a label for the URL of the management software maximum length 255 characters Default Values No default is necessary for this command Usage Examples The following example specifies the label watch for the management software ProCurve config sn...

Страница 515: ...g traps and get set requests will use the designated interface s IP address Use the no form of this command to remove specified interfaces Syntax Description interface Specifies the physical interface that should originate SNMP traps Enter snmp server source interface for a complete list of valid interfaces Default Values By default there are no trap source interfaces defined Usage Examples The fo...

Страница 516: ...v des password access listname snmp server user username groupname v3 auth sha password snmp server user username groupname v3 auth sha password access listname snmp server user username groupname v3 auth sha password priv des password snmp server user username groupname v3 auth sha password priv des password access listname Syntax Description access listname Specifies an access control list entry...

Страница 517: ...agent password Indicates a password entry Default Values No default is necessary with this command Usage Examples The following example enters a new user named BobbyW and assigns the user to a group called securityV3auth using version 3 security model with authentication method md5 with a password of passWORD6243 and no access control list to verify ProCurve config snmp server user BobbyW security...

Страница 518: ...ies the object identifier oid to include or exclude from the view To identify the subtree specify a string using numbers such as 1 4 2 6 8 Replace a single subidentifier with the asterisk to specify a subtree family excluded Specifies an excluded view included Specifies an included view Default Values No default value necessary for this command Usage Examples The snmp server view command can inclu...

Страница 519: ...imeout command to set the amount of time to wait for a response before allowing a new request Syntax Description time Specifies time in seconds to wait for a response before retrying The range is from 3 to 4 294 967 294 Default Values By default the retry timeout is set to 5 seconds Usage Examples The following example sets the SNTP retry timeout to 10 seconds ProCurve config sntp retry time 10 ...

Страница 520: ...ork Use the no form of this command to return to the default setting Variations of this command include sntp server version hostname sntp server version ip address sntp server version number Syntax Description address or hostname Specifies the IP address or hostname of the SNTP server version 1 3 Specifies which NTP version is used 1 3 Default Values By default version is set to 1 Usage Examples T...

Страница 521: ...e Use the sntp wait time command to set the time between updates from the time server Syntax Description time Specifies time in seconds between updates The range is from 10 to 4 294 967 294 Default Values By default the wait time is set to 86400 seconds 1 day Usage Examples The following example sets the SNTP wait time to two days ProCurve config sntp wait time 172800 ...

Страница 522: ...subcommands Default Values Disabled by default Functional Notes The BPDU filter blocks any BPDUs from being transmitted and received on an interface This can be overridden on an individual port Usage Examples The following example enables the bpdufilter on all ports by default ProCurve config spanning tree edgeport bpdufilter default To disable the BPDU filter on a specific interface issue the app...

Страница 523: ...scription No subcommands Default Values Disabled by default Functional Notes The bpduguard blocks any BPDUs from being received on an interface This can be overridden on an individual port Usage Examples The following example enables the BPDU guard on all ports by default ProCurve config spanning tree bpduguard default To disable the BPDU guard on a specific interface issue the appropriate command...

Страница 524: ...by default Use the no form of this command to disable the setting Syntax Description No subcommands Default Values Disabled by default Usage Examples The following example configures all interfaces running spanning tree to be edgeports by default ProCurve config spanning tree edgeport default An individual interface can be configured to not be considered an edgeport For example ProCurve config int...

Страница 525: ...g tree forward time command to specify the delay interval in seconds when forwarding spanning tree packets Use the no form of this command to return to the default interval Syntax Description seconds Forward delay interval in seconds Range 4 to 30 Default Values seconds 15 seconds Usage Examples The following example sets the forwarding time to 15 seconds ProCurve config spanning tree forward time...

Страница 526: ...o specify the delay interval in seconds between hello bridge protocol data units BPDUs To return to the default interval use the no form of this command Syntax Description seconds Delay interval in seconds between hello BPDUs Range 0 to 1 000 000 Default Values seconds 2 seconds Usage Examples The following example configures a spanning tree hello time interval of 10000 seconds ProCurve config spa...

Страница 527: ... to receive Bridge Protocol Data Units BPDUs from the root bridge before assuming the network has changed thus re evaluating the spanning tree topology Use the no form of this command to return to the default interval Syntax Description seconds Wait interval in seconds between received BPDUs from the root bridge Range 6 to 40 Default Values seconds 20 seconds Usage Examples The following example c...

Страница 528: ...de rstp stp Use the spanning tree mode command to choose a spanning tree mode of operation Syntax Description rstp Enables rapid spanning tree protocol stp Enables spanning tree protocol Default Values By default this is set to rstp Usage Examples The following example sets the spanning tree mode to rapid spanning tree protocol ProCurve config spanning tree mode rstp ...

Страница 529: ...panning tree pathcost command to select a short or long pathcost method used by the spanning tree protocol Syntax Description short Selects a short pathcost method long Selects a long pathcost method Default Values By default this is set to short Usage Examples The following example designates the spanning tree protocol to use a long pathcost method ProCurve config spanning tree pathcost method lo...

Страница 530: ...configured spanning tree interface will be the root for the bridge group To return to the default bridge priority value use the no version of this command Syntax Description value Priority value for the bridge interface Configuring this value to a low number increases the interface s chance of being the root Therefore the maximum priority level would be 0 Range 0 to 65 535 Default Values value 327...

Страница 531: ...decrypting the traffic between the Network Access Server NAS and the TACACS daemon Setting a key for a particular server using the tacacs server host name IP key key command supersedes keys set globally using the tacacs server key key command port tcp port Specifies the TCP port number to be used when connecting to the TACACS daemon timeout seconds Specifies a timeout limit in seconds that the uni...

Страница 532: ...ly errored seconds threshold UAS Specifies the unavailable seconds threshold 15Min Specifies that the threshold you are setting is for the counter s 15 minute statistics 24Hr Specifies that the threshold you are setting is for the counter s 24 hour statistics threshold Specifies the maximum occurrences allowed for this error type Once a threshold is exceeded an event is sent to the console specify...

Страница 533: ... 531 thresholds SES 24Hr 100 thresholds SEFS 15Min 2 thresholds SEFS 24Hr 17 thresholds UAS 15Min 10 thresholds UAS 24Hr 10 Usage Examples The following example sets the threshold for the 15 minute and 24 hour bursty errored seconds counter to 25 and 200 respectively ProCurve config thresholds BES 15Min 25 ProCurve config thresholds BES 24Hr 200 ...

Страница 534: ...t to any track registered with the probe In response the track performs the action indicated Associating track objects with probes can be defined through using logical AND OR statements Refer to test if on page 1351 for more information Usage Examples The following example creates an track called track_a ProCurve enable ProCurve configure terminal config tProCurverack track_a ProCurve config track...

Страница 535: ...st and HTTP access Syntax Description username Alphanumerical string up to 30 characters in length the username is case sensitive password Alphanumerical string up to 30 characters in length the username is case sensitive Default Values By default there is no established username and password Functional Notes All users defined using the username password command are valid for access to the unit us...

Страница 536: ...s and are covered in a centralized section of this guide For more information refer to the sections listed below do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 All other commands for this command set are described in this section in alphabetical order accounting commands level l name l default on page 535 authorization commands on page 538 databits 7 8 on page 540 flo...

Страница 537: ... this command to disable this feature Variations of this command include accounting commands level name accounting commands level default Syntax Description level Specifies a command level 1 or 15 name Applies a named accounting method to this line default Applies the default accounting method to a line Default Values The default for this command is off Usage Examples The following example applies...

Страница 538: ...aaa on on page 321 Use the no form of this command to disable this feature Variations of this command include the following accounting connection name accounting connection default Syntax Description name Applies a named accounting method to this line default Applies the default accounting method to a line Default Values By default there is no accounting method applied to a line Usage Examples The...

Страница 539: ...mmand aaa on on page 321 Use the no form of this command to disable this feature Variations of this command include the following accounting exec name accounting exec default Syntax Description name Applies a named accounting method to this line default Applies the default accounting method to a line Default Values By default there is no accounting method applied to a line Usage Examples The follo...

Страница 540: ... disable this feature Variations of this command include authorization commands level name authorization commands level default Syntax Description level Specifies a command level 1 or 15 name Applies a named authorization method to this line default Applies the default authorization method to a line Default Values By default this command is disabled Usage Examples The following example applies the...

Страница 541: ...nd aaa on on page 321 Use the no form of this command to disable this feature Variations of this command include the following authorization exec name authorization exec default Syntax Description name Applies a named authorization method to this line default Applies the default authorization method to a line Default Values By default there is no authorization method applied to a line Usage Exampl...

Страница 542: ...ion of your VT100 terminal or terminal emulator software The default is 8 databits per character Use the no form of this command to return to the default value Syntax Description 7 Specifies 7 data bits per character 8 Specifies 8 data bits per character Default Values By default console terminal sessions use 8 data bits Usage Examples The following example configures 7 databits per character for ...

Страница 543: ...trol for the line console Use the no form of this command to return to the default setting Syntax Description none Specifies no flow control software in Configures the SROS to derive flow control from the attached device Default Values By default flow control is set to none Usage Examples The following example configures no flow control for the line console ProCurve config line console 0 ProCurve ...

Страница 544: ...rminates the session Use the no form of this command to return to the default value Syntax Description minutes Specifies the number of minutes a line session may remain inactive before the SROS terminates the session Entering a line timeout value of 0 disables the feature Default Values By default the line timeout is set to 15 minutes Console and Telnet Usage Examples The following example specifi...

Страница 545: ... configured using the password command Use the no form of this command to disable the login feature Syntax Description No subcommands Default Values By default there is no login password set for access to the unit Usage Examples The following example enables the security login feature and specifies a password on the available console session ProCurve config line console 0 ProCurve config console 0...

Страница 546: ...n aaa login list Specifies the AAA login list to use for authentication Default Values The default value is the default AAA list Functional Notes If the AAA subsystem is activated but no login authentication list is given the default list is used If the default list is used but the default list is not configured the behavior for consoles is to be granted access This prevents a lockout configuratio...

Страница 547: ...userlist feature Syntax Description No subcommands Default Values By default there is no login password set for access to the unit Usage Examples The following example displays creating a local userlist and enabling the security login feature on the CONSOLE port ProCurve config username my_user password my_password ProCurve config line console 0 ProCurve config con 0 login local userlist When conn...

Страница 548: ...n the data sequence is odd or set to 1 if the number of 1 bits is even mark Always set the parity bit to 1 none No parity bit used odd Set the parity bit to 1 if the number of 1 bits in the data sequence is even or set to 1 if the number is odd space Always set the parity bit to 0 Default Values option none Functional Notes Parity is the process used to detect whether characters have been altered ...

Страница 549: ...ands password Alphanumeric character string up to 16 characters used to specify the password for the line session Default Values By default there is no login password set for access to the unit Usage Examples The following example enables the security login feature and specifies a password on the CONSOLE port ProCurve config line console 0 ProCurve config con 0 login ProCurve config con 0 password...

Страница 550: ...g must match your VT100 terminal emulator or emulator software Use the no form of this command to restore the default value Syntax Description rate Specifies rate of data transfer on the interface 2400 4800 9600 19 200 38 400 57 600 or 115 200 bps Default Values By default the speed is set to 9600 bps Usage Examples The following example configures the Console port for 19200 bps ProCurve config li...

Страница 551: ... the configuration of your VT100 terminal or terminal emulator software The default is 1 stopbit per character Use the no form of this command to return to the default value Syntax Description 1 Specifies 1 stopbit per character 2 Specifies 2 stopbits per character Default Values By default stopbits is set to 1 Usage Examples The following example configures 2 stopbits per character for the consol...

Страница 552: ...e ProCurve configure terminal ProCurve config line telnet 2 ProCurve config telnet2 The following commands are common to multiple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below bind from interface slot port tdm group to interface slot port on page 1431 do on page 1435 end on page 1436 exit on page 1437 ping address on pag...

Страница 553: ...ed access lists associated with Telnet sessions Functional Notes When using the access class in command to associate an access list with a Telnet session remember to duplicate the access class in command for all configured Telnet sessions 0 through 4 Telnet access to the unit using a particular Telnet session is not possible Users will be assigned the first available Telnet session Usage Examples ...

Страница 554: ...nd to disable this feature Variations of this command include accounting commands level name accounting commands level default Syntax Description level Specifies a command level 1 or 15 name Applies a named accounting method to this line default Applies the default accounting method to a line Default Values The default for this command is off Usage Examples The following example applies the defaul...

Страница 555: ...aaa on on page 321 Use the no form of this command to disable this feature Variations of this command include the following accounting connection name accounting connection default Syntax Description name Applies a named accounting method to this line default Applies the default accounting method to a line Default Values By default there is no accounting method applied to a line Usage Examples The...

Страница 556: ...ommand aaa on on page 321 Use the no form of this command to disable this feature Variations of this command include the following accounting exec name accounting exec default Syntax Description name Applies a named accounting method to this line default Applies the default accounting method to a line Default Values By default there is no accounting method applied to a line Usage Examples The foll...

Страница 557: ...and to disable this feature Variations of this command include authorization commands level name authorization commands level default Syntax Description level Specifies a command level 1 or 15 name Applies a named authorization method to this line default Applies the default authorization method to a line Default Values The default for this command is off Usage Examples The following example appli...

Страница 558: ...re the SROS terminates the session Use the no form of this command to return to the default value Syntax Description minutes Specifies the number of minutes a line session may remain inactive before the SROS terminates the session Entering a line timeout value of 0 disables the feature Default Values minutes 15 minutes Console and Telnet Usage Examples The following example specifies a timeout of ...

Страница 559: ...ed using the password command Use the no form of this command to disable the login feature Syntax Description No subcommands Default Values By default there is no login password set for access to the unit Usage Examples The following example enables the security login feature and specifies a password on all the available Telnet sessions 0 through 4 ProCurve config line telnet 0 4 ProCurve config t...

Страница 560: ...ecifies the AAA login list to use for authentication Default Values The default value is the default AAA list Functional Notes If the AAA subsystem is activated but no login authentication list is given the default list is used If the default list is used but the default list is not configured the behavior for telnets is to use the local user database Usage Examples The following example specifies...

Страница 561: ...in local userlist feature Syntax Description No subcommands Default Values By default there is no login password set for access to the unit Usage Examples The following example displays creating a local userlist and enabling the security login feature ProCurve config username my_user password my_password ProCurve config line telnet 0 ProCurve config telnet0 login local userlist When connecting to ...

Страница 562: ... password Alphanumeric character string up to 16 characters used to specify the password for the line session Default Values By default there is no login password set for access to the unit Usage Examples The following example enables the security login feature and specifies a password for the Telnet session 0 ProCurve config line telnet 0 ProCurve config telnet0 login ProCurve config telnet0 pass...

Страница 563: ...r example ProCurve enable ProCurve configure terminal ProCurve config line ssh 2 ProCurve config ssh2 The following commands are common to multiple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below bind from interface slot port tdm group to interface slot port on page 1431 do on page 1435 end on page 1436 exit on page 1437 p...

Страница 564: ...or all access list descriptors are case sensitive Default Values By default there are no configured access lists associated with SSH sessions Functional Notes When using the access class in command to associate an access list with an SSH session remember to duplicate the access class in command for all configured SSH sessions 0 through 4 SSH access to the unit using a particular SSH session is not...

Страница 565: ...isable this feature Variations of this command include accounting commands level name accounting commands level default Syntax Description level Specifies a command level 1 or 15 name Applies a named accounting method to this line default Applies the default accounting method to a line Default Values By default AAA accounting methods are not applied to SSH lines Usage Examples The following exampl...

Страница 566: ...mand aaa on on page 321 Use the no form of this command to disable this feature Variations of this command include the following accounting connection name accounting connection default Syntax Description name Applies a named accounting method to this line default Applies the default accounting method to a line Default Values By default there is no accounting method applied to a line Usage Example...

Страница 567: ...the command aaa on on page 321 Use the no form of this command to disable this feature Variations of this command include the following accounting exec name accounting exec default Syntax Description name Applies a named accounting method to this line default Applies the default accounting method to a line Default Values By default there is no accounting method applied to a line Usage Examples The...

Страница 568: ... this feature Variations of this command include authorization commands level name authorization commands level default Syntax Description level Specifies a command level 1 or 15 name Applies a named authorization method to this line default Applies the default authorization method to a line Default Values By default AAA authorization methods are not applied to SSH lines Usage Examples The followi...

Страница 569: ...ssion Use the no form of this command to return to the default value Syntax Description minutes Specifies the number of minutes a line session may remain inactive before the SROS terminates the session Valid range 0 to 35 791 Entering a line timeout value of 0 disables the feature Default Values By default the line timeout is set to 15 minutes Usage Examples The following example specifies a timeo...

Страница 570: ...n list Syntax Description aaa login list Specifies the name of the AAA login list to use for authentication Default Values The default value is the default AAA list Functional Notes If the AAA subsystem is activated but no login authentication list is given the default list is used If the default list is used but the default list is not configured SSH uses the local user database Usage Examples Th...

Страница 571: ...to disable the login local userlist feature Syntax Description No subcommands Default Values By default there is no login password set for access to the unit Usage Examples The following example creates a local userlist and enables the security login feature ProCurve config username my_user password my_password ProCurve config line ssh 0 ProCurve config ssh0 login local userlist When connecting to...

Страница 572: ...dsl 1 1 The following commands are common to multiple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below alias text on page 1430 bind from interface slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 exit on page 1437 ping address on page 1438 shutdown on page 1442 All other ...

Страница 573: ...ackard Development Company L P 571 retrain Use the retrain command to force the modem to retrain Syntax Description No subcommands Default Values No default is necessary for this command Usage Examples The following example forces a modem retrain ProCurve config interface adsl1 1 ProCurve config adsl 1 1 retrain ...

Страница 574: ...se the snr margin command to set the minimum Signal to Noise Ratio margin in dB Syntax Description margin Sets the minimum SNR margin in dB The range is from 1 to 15 Default Values By default SNR margin is 0 dB Usage Examples The following example sets the SNR margin to a minimum level of 3 dB ProCurve config interface adsl 1 1 ProCurve config adsl 1 1 snr margin 3 ...

Страница 575: ...nitoring Syntax Description showtime monitor Enables margin monitoring to retrain the ADSL interface if the specified minimum margin is violated during showtime training monitor Enables margin monitoring to retrain the ADSL interface if the specified minimum margin is violated during training Default Values By default SNR margin monitoring is disabled Usage Examples The following example enables S...

Страница 576: ...DSL2 mode ADSL2 ANNEX M Specifies ITU G 992 5 Annex M ADSL2 mode G DMT Specifies ANSI full rate mode G LITE Specifies ANSI splitterless mode Multi Mode Specifies auto detect mode When set to multi mode the ADSL interface attempts to train to the DSLAM using each of the supported training modes until a match is found READLS2 Specifies ITU G 992 3 Annex L mode T1 413 Specifies ANSI T1 413 mode Defau...

Страница 577: ...35 end on page 1436 exit on page 1437 ping address on page 1438 shutdown on page 1442 All other commands for this command set are described in this section in alphabetical order bonding commands begin on page 576 caller id override always number if no cid number on page 582 isdn ldn 1 ldn 2 ldn on page 583 isdn spid 1 spid 2 spid string LDN on page 584 isdn switch type basic 5ess basic dms basic n...

Страница 578: ...he bonded aggregate before considering the bonding negotiation a failure Default Values By default the bonding txadd timer value is set to 50 seconds Functional Notes Specifies the length of time both endpoints wait for additional calls to be connected at the end of negotiation before deciding that the bonding call has failed The factory default setting is sufficient for most calls to connect alth...

Страница 579: ... seconds Specifies the number of seconds the endpoint may negotiate data rates and channel capacities before considering the bonding negotiation a failure Default Values By default the bonding txcid timer value is set to 5 seconds Functional Notes Specifies the length of time both endpoints attempt to negotiate an agreeable value for bearer channels and channel capacities before deciding the bondi...

Страница 580: ... no form of this command to return to the default value Syntax Description seconds Specifies the number of seconds the endpoint allots for attempting to equalize the network delay between bearer channels before considering the bonding negotiation a failure Default Values By default the bonding txdeq timer value is set to 50 seconds Usage Examples The following example defines a bonding txdeq timer...

Страница 581: ...etect the bonding frame pattern when a call is connected before considering the bonding negotiation a failure Default Values By default the bonding txfa timer value is set to 10 seconds Functional Notes Specifies the length of time the endpoint attempts to detect the bonding frame pattern when a call is connected before deciding the bonding call has failed When operating with other manufacturers b...

Страница 582: ...conds the endpoint waits to detect the bonding negotiation frame pattern from the remote endpoint when a call is connected before considering the bonding negotiation a failure Default Values By default the bonding txinit timer value is set to 10 seconds Functional Notes Specifies the length of time the originating endpoint attempts to detect the bonding negotiation pattern from the answering endpo...

Страница 583: ...riginating endpoint after answering a call before considering the bonding negotiation a failure Default Values By default the bonding txnull timer value is set to 10 seconds Functional Notes Specifies the length of time the answering endpoint attempts to detect the bonding negotiation pattern from the originating endpoint before deciding the bonding call has failed It may be necessary to shorten t...

Страница 584: ... number with the number given if no cid number Replaces the incoming caller ID number with the number given only if there is no caller ID information available for the incoming call Default Values By default this command is disabled Functional Notes Forces a replacement of the incoming caller ID number with the number given The received caller ID if any is discarded and the given override number i...

Страница 585: ...rvice provider The LDN is the number used by remote callers to dial into the ISDN circuit Default Values By default there are no configured LDNs Functional Notes Inbound calls are not accepted on interfaces without programmed LDNs LDNs can also be entered using the isdn spid command The isdn spid and isdn ldn commands overwrite the existing programmed LDN therefore the last LDN programming entered...

Страница 586: ...iated with SPID 1 An LDN programmed using the isdn spid 2 command is automatically associated with SPID 2 The LDN is the number used by remote callers to dial into the ISDN circuit Inbound calls are not accepted on interfaces without programmed LDNs LDNs can also be entered using the isdn ldn command The isdn spid and isdn ldn commands overwrite the existing programmed LDN therefore the last LDN p...

Страница 587: ...ng basic dms Specifies Nortel DMS 100 custom signaling The basic dms signaling type is not compatible with proprietary SL 1 DMS signaling basic net3 Specifies Net3 Euro ISDN signaling basic ni Specifies National ISDN 1 signaling Default Values By default the ISDN signaling type is set to National ISDN 1 Functional Notes The isdn switch type command specifies the type of ISDN signaling implemented ...

Страница 588: ... the established D channel between the ISDN module and the Central Office switch drops b1 Loops the data on B1 back towards the router A B1 loopback does not disrupt D channel signaling b2 Loops the data on B2 back towards the router A B2 loopback does not disrupt D channel signaling both Loops the data on B1 and B2 back towards the router but does not disrupt D channel signaling Default Values No...

Страница 589: ...n B1 back towards the network A B1 loopback does not disrupt D channel signaling b2 Loops the data on B2 back towards the network A B2 loopback does not disrupt D channel signaling both Loops the data on B1 and B2 back towards the network but does not disrupt D channel signaling Default Values No default necessary for this command Usage Examples The following example enables a b2 loopback of the b...

Страница 590: ...Syntax Description reset Forces a complete reset of the interface by initiating the SABME UA process restart d Resets the D channel by sending a Q 931 RESTART message to the Central Office Switch Default Values No default necessary for this command Usage Examples The following example resets the bri 1 2 interface ProCurve config interface bri 1 2 ProCurve config bri 1 2 maintenance reset Caution T...

Страница 591: ...s the name of the resource pool to which this interface is assigned priority Optional Specifies the priority of using this interface versus other interfaces contained in the specified resource pool using a number 1 to 255 Lower numbers indicate higher priority Interfaces with the same priority are selected in alphabetical order by interface name Default Values By default BRI interfaces are not ass...

Страница 592: ...ce from test mode using the no test call dial command speed 56 64 Specifies a channel rate of 56 or 64 kbps for the test call answer Places the interface in test answer mode and configures it to accept inbound calls Using the test call answer command supersedes any other interface configuration that may exist Test calls answered by the interface while in test mode will perform channel negotiation ...

Страница 593: ...a centralized section of this guide For more information refer to the sections listed below alias text on page 1430 bind from interface slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 shutdown on page 1442 All other commands for this command set are described in this section in alphab...

Страница 594: ...yntax Description ami Configures the line coding for alternate mark inversion AMI b8zs Configures the line coding for bipolar eight zero substitution B8ZS Default Values By default all DSX 1 interfaces are configured with B8ZS line coding Functional Notes The line coding configured in the unit must match the line coding of the DSX 1 circuit A mismatch will result in line errors e g BPVs Usage Exam...

Страница 595: ...ifies D4 superframe SF format esf Specifies extended superframe ESF format Default Values By default the framing format is set to esf Functional Notes A frame is comprised of a single byte from each of the T1 s timeslots there are 24 timeslots on a single T1 circuit Framing bits are used to separate the frames and indicate the order of information arriving at the receiving equipment D4 and ESF are...

Страница 596: ... 655 feet Default Values By default the line build out is set to 0 feet Functional Notes The line length value represents the physical distance between DSX equipment measured in cable length Based on this setting the SROS device increases signal strength to compensate for the distance the signal must travel Valid distance ranges are listed below 0 to 133 feet 134 to 265 feet 266 to 399 feet 400 to...

Страница 597: ...ate the loopback Syntax Description line Initiates a metallic loopback of the physical DSX 1 network interface payload Initiates a loopback of the T1 framer CSU portion of the DSX 1 network interface Default Values No default necessary for this command Functional Notes The following diagram depicts the difference between a line and payload loopback Usage Examples The following example initiates a ...

Страница 598: ...Description inband Uses the inband channel to initiate a full 1 544 Mbps physical metallic loopback of the signal received by the remote unit from the network Default Values No defaults necessary for this command Functional Notes A remote loopback can only be issued if a bind does not exist on the interface and if the signaling mode is set to none The following diagram depicts the difference betwe...

Страница 599: ...figure the interface to respond to loopbacks initiated by a remote unit or the service provider Use the no form of this command to disable this feature Syntax Description No subcommands Default Values By default all interfaces respond to remote loopbacks Usage Examples The following example enables remote loopbacks on the DSX 1 interface ProCurve config interface t1 1 2 ProCurve config t1 1 2 remo...

Страница 600: ...ssage oriented Specifies clear channel signaling on Channel 24 only Use this signaling type with QSIG installations none Specifies clear channel signaling on all 24 DS0s Use this signaling type with data only or PRI DSX 1 installations robbed bit Specifies robbed bit signaling on all DS0s Use this signaling type for voice only DSX 1 applications Default Values By default the signaling mode is set ...

Страница 601: ...here is an interface status change Use the no form of this command to disable this trap Syntax Description No subcommands Default Values By default the ifLinkUpDownTrapEnable OID is enabled for all interfaces except virtual Frame Relay interfaces Functional Notes The snmp trap link status command is used to control the RFC2863 ifLinkUpDownTrapEnable OID OID number 1 3 6 1 2 1 31 1 1 1 14 0 Usage E...

Страница 602: ...ttern generation can be used to verify a data path when used in conjunction with an active loopback Use the no form of this command to cease pattern generation Syntax Description ones Generates a test pattern of continous ones zeros Generates a test pattern of continous zeros Default Values No defaults necessary for this command Usage Examples The following example activates the pattern generator ...

Страница 603: ...xt on page 1430 bind from interface slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 shutdown on page 1442 All other commands for this command set are described in this section in alphabetical order clock source internal line through on page 602 coding ami hdb3 on page 603 framing crc4...

Страница 604: ... the internal oscillator line Configures the unit to recover clocking from the E1 circuit through Configures the unit to recover clocking from the circuit connected to the G 703 interface Default Values By default the unit is configured to recover clocking from the primary circuit Functional Notes When operating on a circuit that is providing timing setting the clock source to line can avoid error...

Страница 605: ...vider Syntax Description ami Configures the line coding for alternate mark inversion AMI hdb3 Configures the line coding for high density bipolar 3 HDB3 Default Values By default all E1 interfaces are configured with HDB3 line coding Functional Notes The line coding configured in the unit must match the line coding of the E1 circuit A mismatch will result in line errors e g BPVs Usage Examples The...

Страница 606: ... form of this command to return to the default value Syntax Description crc4 Enables CRC 4 bits to be transmitted in the outgoing data stream Also the received signal is checked for CRC 4 errors Default Values By default CRC 4 framing is disabled Functional Notes The framing value must match the configuration of the E1 circuit A mismatch will result in a loss of frame alarm Usage Examples The foll...

Страница 607: ...mmand is enabled Functional Notes This command enables the detection of a loopback alarm This alarm works in conjunction with the sa4tx bit command setting The loopback condition is detected by comparing the transmitted sa4tx bit value to the received Sa4 bit value If the bits match a loopback is assumed This detection method only works with a network in which the far end is transmitting the oppos...

Страница 608: ... this command to deactivate the loopback Syntax Description line Initiates a metallic loopback of the physical E1 network interface payload Initiates a loopback of the E1 framer CSU portion of the E1 network interface Default Values No default necessary for this command Functional Notes The following diagram depicts a line loopback Usage Examples The following example initiates a line loopback of ...

Страница 609: ...h a V 54 loopback pattern Use the no form of this command to deactivate the loopback Syntax Description No subcommands Default Values No default value is necessary for this command Functional Notes This command causes a V 54 inband loop code to be sent in the payload towards the far end Usage Examples The following example sends a V 54 inband loop code to the far end ProCurve config interface e1 1...

Страница 610: ...e in interface operational status ais Specifies sending an alarm indication signal AIS as an unframed all ones signal Default Values The default for this command is rai Functional Notes An E1 will respond to a loss of frame on the receive signal by transmitting a remote alarm to the far end to indicate the error condition TS0 of an E1 contains the Frame Alignment Signal FAS in the even numbered fr...

Страница 611: ...e the no form of this command to disable this feature Syntax Description No subcommands Default Values By default all interfaces respond to remote loopbacks Functional Notes This controls the acceptance of any remote loopback requests When enabled remote loopbacks are detected and cause a loopback to be applied When disabled remote loopbacks are ignored Usage Examples The following example enables...

Страница 612: ... Description No subcommands Default Values The default value for this command is 1 Functional Notes This command assigns a value to the Tx spare bit in position 4 The odd numbered frames of TS0 are not used for frame alignment Bits in position 4 through 8 are called spare bits Values of 0 or 1 are accepted Usage Examples The following example sets the Tx value of Sa4 to 0 ProCurve config interface...

Страница 613: ... is an interface status change Use the no form of this command to disable this trap Syntax Description No subcommands Default Values By default the dsx1LineStatusChangeTrapEnable OID is set to enabled for all interfaces except virtual Frame Relay Interfaces Functional Notes The snmp trap line status command is used to control the RFC2495 dsx1LineStatusChangeTrapEnable OID OID number 1 3 6 1 2 1 10...

Страница 614: ...here is an interface status change Use the no form of this command to disable this trap Syntax Description No subcommands Default Values By default the ifLinkUpDownTrapEnable OID is enabled for all interfaces except virtual Frame Relay interfaces Functional Notes The snmp trap link status command is used to control the RFC2863 ifLinkUpDownTrapEnable OID OID number 1 3 6 1 2 1 31 1 1 1 14 0 Usage E...

Страница 615: ... This can be entered as a single number representing one of the 31 E1 channel timeslots or as a contiguous group of channels For example 1 10 specifies the first 10 channels of the E1 speed 56 l 64 Optional Specifies the individual channel rate on the E1 interface to be 56 or 64 kbps The default speed is 64 kbps 56 kbps operation is not available on all E1 interfaces Refer to the Quick Start Guide...

Страница 616: ...count using the errors keyword errors Displays the test pattern error count insert Inserts an error into the currently active test pattern Display the error count using the errors keyword ones Generates a test pattern of continuous ones p215 Generates a pseudorandom test pattern based on a 15 bit shift register p220 Generates a pseudorandom test pattern based on a 20 bit shift register p511 Genera...

Страница 617: ... subcommands Default Values No defaults necessary for this command Functional Notes If timeslot 16 is used on the incoming E1 do not map timeslot 16 using the tdm group command By default all timeslots not physically mapped using the tdm group command are passed through to the G 703 interface Leaving timeslot 16 unmapped makes it available for multiframe signaling by the connected E1 device Usage ...

Страница 618: ...t command at the Global Configuration mode prompt For example ProCurve enable ProCurve configure terminal ProCurve config interface ethernet 0 1 ProCurve config eth 0 1 To activate the Ethernet Sub Interface Configuration mode enter the interface ethernet command at the Global Configuration mode prompt For example ProCurve enable ProCurve configure terminal ProCurve config interface ethernet 0 1 1...

Страница 619: ...et are described in this section in alphabetical order access policy policyname on page 619 arp arpa on page 620 bandwidth value on page 621 bridge group group on page 622 bridge group group vlan transparent on page 623 crypto map mapname on page 624 dynamic dns on page 626 encapsulation 802 1q on page 628 full duplex on page 629 Note Not all Ethernet commands apply to all Ethernet types Use the c...

Страница 620: ...bilities system description system name on page 661 lldp send and receive on page 662 mac address address on page 663 max reserved bandwidth percent on page 664 mtu size on page 665 port auth supplicant username username password password on page 666 qos policy in out mapname on page 667 snmp trap on page 668 snmp trap link status on page 669 spanning tree commands begin on page 670 speed 10 100 a...

Страница 621: ... refer to ip policy class policyname on page 426 Usage Examples The following example associates the access policy UnTrusted to allow inbound traffic to the Web server to the Ethernet 0 1 interface Enable the SROS security features ProCurve config ip firewall Create the access list this is the packet selector ProCurve config ip access list extended InWeb ProCurve config ext nacl permit tcp any hos...

Страница 622: ...e arp arpa command to enable address resolution protocol ARP on the Ethernet interface Syntax Description arpa Sets standard address resolution protocol for this interface Default Values The default for this command is arpa Usage Examples The following example enables standard ARP for the Ethernet interface ProCurve config interface eth 0 1 ProCurve config eth 0 1 arp arpa ...

Страница 623: ...and to restore the default value Syntax Description value Specifies bandwidth in kbps Default Values To view default values use the show interfaces command Functional Notes The bandwidth command is an informational value that is communicated to the higher level protocols to be used in cost calculations This is a routing parameter only and does not affect the physical interface Usage Examples The f...

Страница 624: ...Specifies the bridge group number 1 to 255 Default Values By default there are no configured bridge groups Functional Notes A bridged network can provide excellent traffic management to reduce collisions and limit the amount of bandwidth wasted with unnecessary transmissions when routing is not necessary Any two interfaces can be bridged e g Ethernet to T1 bridge Ethernet to Frame Relay sub interf...

Страница 625: ...he interface to remove the VLAN tag from the packet Syntax Description group Specifies the bridge group number Valid range is 1 to 255 Default Values By default VLAN tags are removed from the data Usage Examples The following example removes the VLAN tags from the packets on the Ethernet interface 0 1 ProCurve config interface ethernet 0 1 ProCurve config eth 0 1 bridge group 1 vlan transparent No...

Страница 626: ...ing the policy class and associated access control lists ACLs that describe the behavior of the firewall do not forget to include the traffic coming into the system over a VPN tunnel terminated by the system The firewall should be set up with respect to the unencrypted traffic that is destined to be sent or received over the VPN tunnel The following diagram represents typical SROS data flow logic ...

Страница 627: ...rypted data is processed by the firewall The ACLs for a crypto map on an interface work in reverse logic to the ACLs for a policy class on an interface When specifying the ACLs for a crypto map the source information is the private local side unencrypted source of the data The destination information will be the far end unencrypted destination of the data However ACLs for a policy class work in re...

Страница 628: ...ol over your domain name regardless of where you purchased registered it This allows to manage IP address mappings A records domain aliases CNAME records and mail servers MX records dyndns The Dynamic DNSSM service allows you to alias a dynamic IP address to a static hostname in various domains This allows your unit to be more easily accessed from various locations on the Internet This service is ...

Страница 629: ...onger to propagate though the DNS system This service is provided for up to five hostnames If your IP address doesn t change often or at all but you still want an easy name to remember it by without having to purchase your own domain name Static DNS service is ideal for you If you would like to use your own domain name such as yourname com you need Custom DNS service which also provides full dynam...

Страница 630: ...t the interface into 802 1q VLAN mode Syntax Description No subcommands Default Values No default value is necessary for this command Usage Examples The following example puts interface eth 0 1 in 802 1q mode and configures a sub interface for vlan usage ProCurve config interface ethernet 0 1 ProCurve config eth 0 1 encapsulation 802 1q ProCurve config eth 0 1 interface ethernet 0 1 1 ProCurve con...

Страница 631: ...e ability to send and receive data simultaneously over the link Theoretically this simultaneous action can provide twice the bandwidth of normal half duplex Ethernet To deploy full duplex Ethernet each end of the link must only connect to a single device a workstation or a switched hub port With only two devices on a full duplex link there is no need to use the medium access control mechanism to s...

Страница 632: ...oviding mechanisms to avoid collisions A host on a half duplex link must listen on the link and only transmit when there is an idle period Packets transmitted on the link are broadcast so it will be heard by all hosts on the network In the event of a collision two hosts transmitting at once a message is sent to inform all hosts of the collision and a backoff algorithm is implemented The backoff al...

Страница 633: ...ied interface out Enables access control on packets transmitted on the specified interface Default Values By default these commands are disabled Functional Notes When this command is enabled the IP destination address of each packet must be validated before being passed through If the packet is not acceptable per these settings it is dropped Usage Examples The following example sets up the router ...

Страница 634: ...pecifying an interface defines the client identifier as the hexadecimal MAC address of the specified interface including a hexadecimal number added to the front of the MAC address to identify the media type For example specifying the client id ethernet 0 1 where the Ethernet interface has a MAC address of 0012 7991 1150 defines the client identifier as 01 00 12 79 91 11 50 where 01 defines the med...

Страница 635: ...t the hostname is the name configured using the Global Configuration hostname command Functional Notes Dynamic Host Configuration Protocol DHCP allows interfaces to acquire a dynamically assigned IP address from a configured DHCP server on the network Many Internet Service Providers ISPs require the use of DHCP when connecting to their services Using DHCP reduces the number of dedicated IP address...

Страница 636: ...s secondary IP addresses for the specified interface Multiple secondary IP addresses may be assigned no limit Default Values By default there are no assigned IP addresses Functional Notes Use secondary IP addresses to allow dual subnets on a single interface when you need more IP addresses than the primary subnet can provide When using secondary IP addresses avoid routing loops by verifying that a...

Страница 637: ...ically assigned IP address from a configured DHCP server on the network Many Internet Service Providers ISPs require the use of DHCP when connecting to their services Using DHCP reduces the number of dedicated IP addresses the ISP must obtain Usage Examples The following example releases the IP address assigned by DHCP on the Ethernet interface eth 0 1 ProCurve config int eth 0 1 ProCurve config e...

Страница 638: ...essary for this command Functional Notes Dynamic Host Configuration Protocol DHCP allows interfaces to acquire a dynamically assigned IP address from a configured DHCP server on the network Many Internet Service Providers ISPs require the use of DHCP when connecting to their services Using DHCP reduces the number of dedicated IP addresses the ISP must obtain Usage Examples The following example re...

Страница 639: ...s When broadcast packets of the specified type forwarded using the ip forward protocol command are received on the interface they will be forwarded to the device that needs the information Only packets meeting the following criteria are considered eligible by the ip helper address feature 1 The packet IP protocol is User Datagram Protocol UDP 2 Any UDP port specified using the ip forward protocol ...

Страница 640: ...t group s multicast packets to the interface Range 100 to 65535 ms Default 1000 ms querier timeout seconds Specifies the number of seconds that the router waits after the current querier s last query before it takes over as querier IGMP V2 Range 60 300 seconds Default 2x the query interval value query interval seconds Specifies the interval at which IGMP queries are sent on an interface Host query...

Страница 641: ...ub helper address and ip mcast stub upstream commands Downstream interfaces connect to segments with multicast hosts Multiple interfaces may be configured in downstream mode however interfaces connecting to the multicast network upstream should not be configured in downstream mode Interfaces configured as downstream should have the lowest IP address of all IGMP capable routers on the connected seg...

Страница 642: ...his command is disabled Functional Notes Multicast routing must be enabled prior to setting ip mcast stub fixed on the selected interface Also use the ip igmp static group A B C D command to receive multicast traffic without host initiated Internet Group Management Protocol IGMP activity on the selected interface Otherwise all host initiated IGMP transactions will enter multicast routes on the rou...

Страница 643: ...stub downstream interfaces The address specified may be the next upstream hop or any upstream address on the distribution tree for the multicast source up to and including the multicast source The router selects from the list of multicast stub upstream interfaces the interface on the shortest path to the specified address The router then proxies on the selected upstream interface using an IGMP hos...

Страница 644: ...ion with the ip mcast stub helper address and ip mcast stub downstream commands When enabled the interface becomes a candidate to be a helper forwarding interface If chosen as the best path toward the helper address by the router s unicast route table the IGMP host function is dynamically enabled and the interface becomes the active upstream interface enabling the router to perform as an IGMP prox...

Страница 645: ...onds Specifies the interval between hello packets sent on the interface Range 0 to 32 767 message digest key keyid md5 key Configures OSPF Message Digest 5 MD5 authentication 16 byte max keys The SROS allows two keys key ID 1 and key ID 2 priority value Set the OSPF priority The value set in this field helps determine the designated router for this network Range 0 to 255 retransmit interval second...

Страница 646: ...uthenticate an interface that is performing OSPF authentication Syntax Description message digest Optional Selects message digest authentication type null Optional Specifies that no authentication be used Default Values By default this is set to null meaning no authentication is used Usage Examples The following example specifies that no authentication will be used on the Ethernet interface ProCur...

Страница 647: ...of network on this interface Syntax Description broadcast Sets the network type for broadcast point to point Sets the network type for point to point Default Values By default Ethernet defaults to broadcast All other interfaces default to point to point Functional Notes A point to point network will not elect designated routers Usage Examples The following example designates a broadcast network ty...

Страница 648: ...ion No subcommands Default Values By default PIM Sparse Mode is disabled for all interfaces Functional Notes PIM Sparse Mode is a multicast routing protocol that makes use of the unicast forwarding table PIM systems builds unidirectional shared trees rooted at a Rendezvous Point RP for a multicast group or a shortest path tree rooted at a specific source for a multicast group Usage Examples The fo...

Страница 649: ...hello messages transmitted on the interface Routers use the priority values to determine the appropriate DR The router on the network segment with the highest priority is selected as the DR If a hello message is received on the interface from a router on the network segment and it does not contain a priority the entire network segment defaults to DR selection based on IP addresses instead of prior...

Страница 650: ...sent out the interface Valid range is 10 to 3600 seconds Default Values By default hellos are transmitted on PIM interfaces every 60 seconds Functional Notes Hello messages are used to inform neighbors of a router s presence Hello messages normally generate a small amount of traffic on an interface Setting the hello timer to a small interval increases the number of hellos sent thus increasing the ...

Страница 651: ...eighbor is not present Use the no form of this command to return to the default value Syntax Description time Specifies the time interval in seconds the PIM interface waits before a neighbor is considered not present Valid range is 30 to 10 800 seconds Default Values By default the nbr timeout is set to 105 seconds Usage Examples The following example specifies a wait interval of 360 seconds on th...

Страница 652: ...Use the no form of this command to return to the default value Syntax Description time Specifies the delay interval in milliseconds after a join prune in which another router on the LAN may override the join prune Valid range is 0 to 65 535 milliseconds Default Values By default the override interval is set to 2500 milliseconds Usage Examples The following example sets the delay interval for join ...

Страница 653: ...nds to estimate the amount of delay found in the local link Use the no form of this command to return to the default value Syntax Description time Specifies the expected propagation delay in the local link in milliseconds Valid range is 0 to 32 767 milliseconds Default Values By default the propagation delay is set to 500 milliseconds Usage Examples The following example sets the expected propagat...

Страница 654: ...s command to remove the assignment Removing a route map from the interface does not remove the route map configuration parameters from the system Syntax Description mapname Specifies the route map to associate with this interface Default Values By default policy based routing is disabled for all interfaces Usage Examples The following example associates the route map named MyMap with the eth 0 1 i...

Страница 655: ...address Default Values By default ip proxy arp is enabled Functional Notes In general the principle of proxy ARP allows a router to insert its IP address in the source IP address field of a packet if the packet is from a host on one of its subnetworks This allows hosts to reach devices on other subnetworks without implementing routing or specifying a default gateway If proxy ARP is enabled the SRO...

Страница 656: ...1 packets received on the interface 2 Accepts RIP version 2 packets received on the interface Default Values By default all interfaces implement RIP version 1 Functional Notes Use the ip rip receive version command to specify a RIP version that overrides the version in the Router RIP configuration The SROS only accepts one version either 1 or 2 on a given interface Usage Examples The following exa...

Страница 657: ...the interface 2 Transmits RIP version 2 packets received on the interface Default Values By default all interfaces transmit RIP version 1 the default value for the version command Functional Notes Use the ip rip send version command to specify a RIP version that overrides the version in the Router RIP configuration The SROS only transmits one version either 1 or 2 on a given interface Usage Exampl...

Страница 658: ...fies the IP address of the network to be summarized network mask Specifies the network mask to be applied to the specific network to be summarized Default Values By default no manual summarization is applied by RIP Functional Notes Unlike the automatic summarization on classful network boundaries only specific network advertisements are made by RIP using the ip rip summary address command This com...

Страница 659: ... Syntax Description No subcommands Default Values By default route caching is enabled on all interfaces Functional Notes Route caching allows an IP interface to provide optimum performance when processing IP traffic Usage Examples The following example enables route caching on the Ethernet interface ProCurve config interface ethernet 0 1 ProCurve config eth 0 1 ip route cache Note Using Network Ad...

Страница 660: ... a PPP interface use ppp 1 for an ATM sub interface use atm 1 1 and for a wireless virtual access point use dot11ap 1 1 1 Type ip unnumbered for a list of valid interfaces Default Values By default all interfaces are configured to use a specified IP address using the ip address command Functional Notes If ip unnumbered is enabled on an interface all IP traffic from the interface will use a source ...

Страница 661: ...n Applies the filter to the inbound traffic out Applies the filter to the outbound traffic Default Values By default there are no URL filters applied to any interfaces Functional Notes The firewall must be enabled using the ip firewall command in order to use URL filters The URL filter must be created by using the ip urlfilter filtername http command before applying it to the interface See ip urlf...

Страница 662: ...660 lldp receive Use the lldp receive command to allow LLDP packets to be received on this interface Syntax Description No subcommands Default Values By default all interfaces are configured to send and receive LLDP packets Usage Examples The following example configures Ethernet interface 0 1 to receive LLDP packets ProCurve config eth 0 1 lldp receive ...

Страница 663: ...s transmission of this device s system capabilities on this interface system description Enables transmission of this device s system description on this interface system name Enables transmission of this device s system name on this interface Default Values Be default all interfaces are configured to transmit and receive LLDP packets of all types Functional Notes Individual LLDP information can b...

Страница 664: ...o transmit and receive LLDP packets of all types Functional Notes Individual LLDP information can be enabled or disabled using the various forms of the lldp send command For example use the lldp send and receive command to enable transmit and receive of all LLDP information Then use the no lldp send port description command to prevent LLDP from transmitting port description information Usage Examp...

Страница 665: ...twork providers require MAC address registration to connect to their networks Locking access to the public network based on MAC addresses can cause problems for multi computer offices For example many cable internet providers register the MAC address of your computer s Ethernet card limiting the use of the network access to the registered computer Use the mac address command to program the compute...

Страница 666: ...on percent Specifies the percentage of interface bandwidth to make available for user defined priority or class based queues Enter an integer 1 to 100 Default Values By default max reserved bandwidth is set to 75 which reserves 25 percent of the interface bandwidth for system critical traffic Usage Examples The following example specifies 85 percent of the bandwidth on the eth 0 1 interface to be ...

Страница 667: ...500 Tunnel interfaces 64 to 18 190 Virtual Frame Relay sub interfaces 64 to 1520 Virtual PPP interfaces 64 to 1500 Default Values size The default values for the various interfaces are listed below ATM interfaces 1500 Demand interfaces 1500 Ethernet interfaces 1500 FDL interfaces 256 HDLC interfaces 1500 Loopback interfaces 1500 Tunnel interfaces 1500 Virtual Frame Relay sub interfaces 1500 Virtua...

Страница 668: ...he default username is username password password Specifies the password to use during the authentication process The default password is password Default Values By default this command disabled Functional Notes If your network infrastructure is configured to use 802 1x on every port configure the router to function as an 802 1x client The router when configured as a 802 1x client passes username ...

Страница 669: ...following changes 1 A priority or class based entry is added to deleted from or changed in a QoS map set 2 The interface bandwidth is changed by the bandwidth command on the interface 3 A QoS policy is applied to an interface 4 A bind is created that includes an interface with a QoS policy 5 The interface queuing method is changed to fair queue to use weighted fair queuing 6 The interface operatio...

Страница 670: ...o enable all supported Simple Network Management Protocol SNMP traps on the interface Syntax Description No subcommands Default Values By default all interfaces except virtual Frame Relay interfaces and sub interfaces have SNMP traps enabled Usage Examples The following example enables SNMP capability on the Ethernet interface ProCurve config interface eth 0 1 ProCurve config eth 0 1 snmp trap ...

Страница 671: ...hen there is an interface status change Use the no form of this command to disable this trap Syntax Description No subcommands Default Values By default the ifLinkUpDownTrapEnable OID is enabled for all interfaces except virtual Frame Relay interfaces Functional Notes The snmp trap link status command is used to control the RFC2863 ifLinkUpDownTrapEnable OID OID number 1 3 6 1 2 1 31 1 1 1 14 0 Us...

Страница 672: ...ting Syntax Description enable Enables bpdufilter for this interface disable Disables bpdufilter for this interface Default Values By default this setting is disabled Functional Notes The bpdufilter blocks any BPDUs from being transmitted and received on an interface Usage Examples The following example enables the bpdufilter on the interface eth 0 1 ProCurve config interface eth 0 1 ProCurve conf...

Страница 673: ...ommand to return to the default setting Syntax Description enable Enables bpduguard for this interface disable Disables bpduguard for this interface Default Values By default this setting is disabled Functional Notes The bpduguard blocks any BPDUs from being received on an interface Usage Examples The following example enables the bpduguard on the interface eth 0 1 ProCurve config interface eth 0 ...

Страница 674: ...bcommands Default Values By default this setting is disabled Functional Notes Enabling this command configures the interface to go to a forwarding state when the link goes up Usage Examples The following example configures the interface to be an edgeport ProCurve config interface eth 0 1 ProCurve config eth 0 1 spanning tree edgeport An individual interface can be configured to not be considered a...

Страница 675: ...alf duplex is set to shared link type and a port configured for full duplex is set to point to point link type Setting the link type manually overrides the default and forces the port to use the specified link type Use the link type auto command to restore the convention of determining link type based on duplex settings Usage Examples The following example forces the link type to point to point ev...

Страница 676: ...escription priority level Specifies a value from 0 to 255 Default Values By default this set to 128 Functional Notes The only time that this priority level is used is when two interfaces with a path to the root have equal cost At that point the level set in this command will determine which port the spanning tree will use Set the priority value lower to increase the chance the interface will be us...

Страница 677: ...omatically detects 10 or 100 Mb Ethernet and negotiates the duplex setting in the following order 100 full 100 half 10 full 10 half Default Values By default speed is set to auto Usage Examples The following example configures the Ethernet port for 100 Mb operation ProCurve config interface ethernet 0 1 ProCurve config eth 0 1 speed 100 Note Some Ethernet equipment though rare is unable to negotia...

Страница 678: ... by 5 to represent the number of bytes that would flow within 200 ms Default Values By default traffic shaping rate is disabled Functional Notes Traffic shaping can be used to limit an Ethernet segment to a particular rate or to specify use of QoS on Ethernet or VLAN interfaces Usage Examples The following example sets the outbound rate of eth 0 1 to 128 kbps and applies a QoS policy that all RTP ...

Страница 679: ...of this command to remove an entry Syntax Description vlan id Specifies a valid VLAN interface ID number 1 to 4095 native Optional Specifies that data for that VLAN ID goes out untagged If native is not specified data for that VLAN ID goes out tagged Default Values By default no VLAN ID is set Usage Examples The following example configures a native VLAN of 5 for the Ethernet interface 0 1 ProCurv...

Страница 680: ...llowing commands are common to multiple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below alias text on page 1430 bind from interface slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 shutdown on page 1442 All oth...

Страница 681: ... Syntax Description ami Configures the line coding for alternate mark inversion AMI hdb3 Configures the line coding for high density bipolar 3 HDB3 Default Values By default all E1 interfaces are configured with HDB3 line coding Functional Notes The line coding configured in the unit must match the line coding of the E1 circuit A mismatch will result in line errors e g BPVs Usage Examples The foll...

Страница 682: ...no form of this command to return to the default value Syntax Description crc4 Enables CRC 4 bits to be transmitted in the outgoing data stream Also the received signal is checked for CRC 4 errors Default Values By default CRC 4 framing is enabled Functional Notes The framing value must match the configuration of the E1 circuit A mismatch will result in a loss of frame alarm Usage Examples The fol...

Страница 683: ... this command to deactivate the loopback Syntax Description line Initiates a metallic loopback of the physical E1 network interface payload Initiates a loopback of the E1 framer CSU portion of the E1 network interface Default Values No default necessary for this command Functional Notes The following diagram depicts a line loopback Usage Examples The following example initiates a line loopback of ...

Страница 684: ...here is an interface status change Use the no form of this command to disable this trap Syntax Description No subcommands Default Values By default the ifLinkUpDownTrapEnable OID is enabled for all interfaces except virtual Frame Relay interfaces Functional Notes The snmp trap link status command is used to control the RFC2863 ifLinkUpDownTrapEnable OID OID number 1 3 6 1 2 1 31 1 1 1 14 0 Usage E...

Страница 685: ...ttern generation can be used to verify a data path when used in conjunction with an active loopback Use the no form of this command to cease pattern generation Syntax Description ones Generates a test pattern of continous ones zeros Generates a test pattern of continous zeros Default Values No defaults necessary for this command Usage Examples The following example activates the pattern generator ...

Страница 686: ...No subcommands Default Values No defaults necessary for this command Functional Notes If timeslot 16 is used on the incoming E1 do not map timeslot 16 using the tdm group command By default all timeslots not physically mapped using the tdm group command are passed through to the G 703 interface Leaving timeslot 16 unmapped makes it available for multiframe signaling by the connected E1 device Usag...

Страница 687: ...iple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below alias text on page 1430 bind from interface slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 shutdown on page 1442 All other commands for this command set ar...

Страница 688: ...lock recovered from the receive signal to generate et clock txclock Specifies using the clock recovered from the transmit signal to generate et clock Default Values By default the clock recovered from the transmit signal is used to generate the et clock Functional Notes The et clock is an interface timing signal provided by the DTE device used to synchronize the transfer of transmit data Usage Exa...

Страница 689: ...No subcommands Default Values By default the serial interface does not ignore a change in status of the DCD signal Functional Notes When configured to follow DCD default condition the serial interface will not attempt to establish a connection when DCD is not present When configured to ignore DCD the serial interface will continue to attempt to establish a connection even when DCD is not present U...

Страница 690: ...form of this command to return to the default value Syntax Description No subcommands Default Values By default the serial interface does not invert et clock Functional Notes If the serial interface cable is long causing a phase shift in the data the et clock can be inverted using the invert etclock command This switches the phase of the clock which compensates for a long cable Usage Examples The ...

Страница 691: ...By default the serial interface does not expect an inverted receive clock rxclock Functional Notes If the serial interface cable is long causing a phase shift in the data the transmit clock can be inverted using the invert txclock command This switches the phase of the clock which compensates for a long cable If the transmit clock of the connected device is inverted use the invert rxclock command ...

Страница 692: ...efault Values By default the serial interface does not invert transmit clock txclock Functional Notes If the serial interface cable is long causing a phase shift in the data the transmit clock can be inverted using the invert txclock command This switches the phase of the clock which compensates for a long cable If the transmit clock of the connected device is inverted use the invert rxclock comma...

Страница 693: ...r use with the V 35 adapter cable J8757A X21 Configures the interface for use with the X 21 adapter cable J8755A Default Values By default the serial interface is configured for a V 35 adapter cable Functional Notes The pinouts for each of the available interfaces can be found in the Hardware Configuration Guide located on the ProCurve SROS Documentation CD provided in your shipment Usage Examples...

Страница 694: ...e Network Management Protocol SNMP traps on the interface Use the no form of this command to disable SNMP on the interface Syntax Description No subcommands Default Values By default all interfaces except virtual Frame Relay interfaces and sub interfaces have SNMP traps enabled Usage Examples The following example enables SNMP on the serial interface ProCurve config interface serial 1 1 ProCurve c...

Страница 695: ...en there is an interface status change Use the no form of this command to disable this trap Syntax Description No subcommands Default Values By default the ifLinkUpDownTrapEnable OID is enabled for all interfaces except virtual Frame Relay interfaces Functional Notes The snmp trap link status command is used to control the RFC2863 ifLinkUpDownTrapEnable OID OID number 1 3 6 1 2 1 31 1 1 1 14 0 Usa...

Страница 696: ...of this guide For more information refer to the sections listed below alias text on page 1430 description text on page 1434 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 shutdown on page 1442 All other commands for this command set are described in this section in alphabetical order caller id override always number if no cid number on page 695 dialin on page 696 init...

Страница 697: ...with the number given if no cid number Replaces the incoming caller ID number with the number given only if there is no caller ID information available for the incoming call Default Values By default this command is disabled Functional Notes This command forces a replacement of the incoming caller ID number with the number given The received caller ID if any is discarded and the given override num...

Страница 698: ...alin command to enable the modem for remote console dial in disabling the use of the modem for backup Use the no form of this command to disable this feature Syntax Description No subcommands Default Values By default dialin is disabled Usage Examples The following example enables remote console dial in ProCurve config interface modem 1 2 ProCurve config modem 1 2 dialin ...

Страница 699: ...string must start with AT and cannot contain spaces Default Values string ate0q0v1x4 n0 at All initialization strings must begin with AT e0 Disables command echo q0 Response messages on v1 Formats result codes in long word form x4 Specifies extended response set dial tone and busy signal detection for result codes following modem operations n0 Selects standard buffered connection only Usage Exampl...

Страница 700: ...ecifies the name of the resource pool to which this interface is assigned cost Optional Specifies the cost of using this resource interface within the specified pool In the event of a tie a resource with a lower cost will be selected first Interfaces with the same cost will be selected in alphabetical order by interface name Default Values By default the interface is not assigned to any resource p...

Страница 701: ...ias text on page 1430 bind from interface slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 shutdown on page 1442 All other commands for this command set are described in this section in alphabetical order clock source internal line through on page 700 coding ami b8zs on page 701 fdl an...

Страница 702: ...ide clocking using the internal oscillator line Configures the unit to recover clocking from the T1 circuit through Configures the unit to recover clocking from the circuit connected to the DSX 1 interface Default Values By default the clock source is set to line Functional Notes When operating on a circuit that is providing timing setting the clock source to line can avoid errors such as Clock Sl...

Страница 703: ... Syntax Description ami Configures the line coding for alternate mark inversion AMI b8zs Configures the line coding for bipolar eight zero substitution B8ZS Default Values By default all T1 interfaces are configured with B8ZS line coding Functional Notes The line coding configured in the unit must match the line coding of the T1 circuit A mismatch will result in line errors e g BPVs Usage Examples...

Страница 704: ...03 standard att Configures the FDL for AT T TR 54016 standard none Disables FDL on this circuit Default Values By default the FDL is configured for ansi Functional Notes T1 circuits using ESF framing format specified using the framing command reserve 12 bits as a data link communication channel referred to as the FDL between the equipment on either end of the circuit The FDL allows the transmissio...

Страница 705: ...ies D4 superframe SF format esf Specifies extended superframe ESF format Default Values By default the framing format is configured for esf Functional Notes A frame is comprised of a single byte from each of the T1 s timeslots there are 24 timeslots on a single T1 circuit Framing bits are used to separate the frames and indicate the order of information arriving at the receiving equipment D4 and E...

Страница 706: ... 655 Configures the LBO in feet for T1 interfaces with cable lengths less than 655 feet Range is 0 to 655 feet Default Values By default the build out is set to 0 dB Functional Notes Line build out LBO is artificial attenuation of a T1 output signal to simulate a degraded signal This is useful to avoid overdriving a receiver s circuits The shorter the distance between T1 equipment measured in cabl...

Страница 707: ...tivate the loopback Syntax Description line Initiates a metallic loopback of the physical T1 network interface payload Initiates a loopback of the T1 framer CSU portion of the T1 network interface Default Values No default necessary for this command Functional Notes The following diagram depicts the difference between a line and payload loopback Usage Examples The following example initiates a pay...

Страница 708: ...fdl Uses the facility data link FDL to initiate a full 1 544 Mbps physical metallic loopback of the signal received by the remote unit from the network inband Uses the inband channel to initiate a full 1 544 Mbps physical metallic loopback of the signal received by the remote unit from the network Default Values No defaults necessary for this command Functional Notes The following diagram depicts ...

Страница 709: ...ed from the network maintaining bit sequence integrity for the information bits by synchronizing regenerating the timing Use the no form of this command to send a loopdown code to the remote unit to deactivate the loopback Syntax Description No subcommands Default Values No defaults necessary for this command Functional Notes The following diagram depicts the difference between a line and payload ...

Страница 710: ...eceive signal Use the no form of this command to disable all transmitted alarms Syntax Description rai Specifies sending a remote alarm indication RAI in response to a loss of frame Also prevents a received RAI from causing a change in interface operational status Default Values The default for this command is rai Usage Examples The following example enables transmission of RAI in response to a lo...

Страница 711: ...figure the interface to respond to loopbacks initiated by a remote unit or the service provider Use the no form of this command to disable this feature Syntax Description No subcommands Default Values By default all interfaces respond to remote loopbacks Usage Examples The following example enables remote loopbacks on the T1 interface ProCurve config interface t1 1 1 ProCurve config t1 1 1 remote ...

Страница 712: ... is an interface status change Use the no form of this command to disable this trap Syntax Description No subcommands Default Values By default the dsx1LineStatusChangeTrapEnable OID is set to enabled for all interfaces except virtual Frame Relay Interfaces Functional Notes The snmp trap line status command is used to control the RFC2495 dsx1LineStatusChangeTrapEnable OID OID number 1 3 6 1 2 1 10...

Страница 713: ...here is an interface status change Use the no form of this command to disable this trap Syntax Description No subcommands Default Values By default the ifLinkUpDownTrapEnable OID is enabled for all interfaces except virtual Frame Relay interfaces Functional Notes The snmp trap link status command is used to control the RFC2863 ifLinkUpDownTrapEnable OID OID number 1 3 6 1 2 1 31 1 1 1 14 0 Usage E...

Страница 714: ... group This can be entered as a single number representing one of the 24 T1 channel timeslots or as a contiguous group of DS0s For example 1 10 specifies the first 10 channels of the T1 speed 56 l 64 Optional Specifies the individual DS0 rate on the T1 interface to be 56 or 64 kbps The default speed is 64 kbps 56 kbps operation is not available on all T1 interfaces Refer to the Quick Start Guide p...

Страница 715: ...ng the errors keyword errors Displays the test pattern error count insert Inserts an error into the currently active test pattern Display the error count using the errors keyword ones Generates a test pattern of continous ones p215 Generates a pseudorandom test pattern sequence based on a 15 bit shift register p220 Generates a pseudorandom test pattern sequence based on a 20 bit shift register p51...

Страница 716: ...ig interface atm 1 ProCurve config atm 1 The following commands are common to multiple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below alias text on page 1430 bind from interface slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 exit on page 1437 ping address on page 1438...

Страница 717: ...nd to enable all supported Simple Network Management Protocol SNMP traps on the interface Syntax Description No subcommands Default Values By default all interfaces except virtual Frame Relay interfaces and sub interfaces have SNMP traps enabled Usage Examples The following example enables SNMP on the ATM interface ProCurve config interface atm 1 ProCurve config atm 1 snmp trap ...

Страница 718: ... there is an interface status change Use the no form of this command to disable this trap Syntax Description No subcommands Default Values By default the ifLinkUpDownTrapEnable OID is enabled for all interfaces except virtual Frame Relay interfaces Functional Notes The snmp trap link status command is used to control the RFC2863 ifLinkUpDownTrapEnable OID OID number 1 3 6 1 2 1 31 1 1 1 14 0 Usage...

Страница 719: ...face slot port on page 1431 description text on page 1434 do on page 1435 exit on page 1437 ping address on page 1438 shutdown on page 1442 All other commands for this command set are described in this section in alphabetical order access policy policyname on page 718 atm routed bridged ip on page 719 backup commands begin on page 720 bandwidth value on page 737 bridge group group on page 738 cryp...

Страница 720: ... refer to ip policy class policyname on page 426 Usage Examples The following example associates the access policy UnTrusted to allow inbound traffic to the Web server to the ATM sub interface labeled 1 1 Enable the SROS security features ProCurve config ip firewall Create the access list this is the packet selector ProCurve config ip access list extended InWeb ProCurve config ext nacl permit tcp ...

Страница 721: ...d bridged ip command to enable routed IP bridge encapsulation RBE on an interface Use the no form of this command to disable RBE operation Syntax Description No subcommands Default Values By default routed bridge encapsulation is disabled Usage Examples The following example enables routed bridge encapsulation ProCurve config interface atm 1 1 ProCurve config atm 1 1 atm routed bridged ip ...

Страница 722: ... the sub interface to automatically attempt a backup upon failure Use the no form of this command to disable automatic backup on an interface Syntax Description No subcommands Default Values By default all backup endpoints will automatically attempt backup upon a failure Usage Examples The following enables automatic backup on the endpoint ProCurve config interface atm 1 1 ProCurve config atm 1 1 ...

Страница 723: ...network conditions are operational Use the no form of this command to disable the auto restore feature Syntax Description No subcommands Default Values By default all backup endpoints will automatically restore the primary connection when the failure condition clears Usage Examples The following example configures the SROS to restore the primary connection automatically when the failure condition ...

Страница 724: ...se the no form of this command to return to the default value Syntax Description seconds Specifies the delay period in seconds a failure must be active before the SROS will enter backup operation on the interface Range 10 to 86 400 seconds Default Values By default the backup delay period is set to 10 seconds Usage Examples The following example configures the SROS to wait 60 seconds on an endpoin...

Страница 725: ...e Originates backup call on primary link failure originate answer Originates or answers call on primary link failure originate answer always Originates on failure answers and backs up always Default Values By default backup call mode is set to originate answer Functional Notes The majority of the configuration for the SROS backup implementation is configured via the backup PPP interface configurat...

Страница 726: ... ppp 1 backup number 5552222 analog ppp 1 no shutdown interface ppp 1 ip address 172 22 56 1 255 255 255 252 ppp authentication chap username remoterouter password remotepass ppp chap hostname localrouter ppp chap password procurve no shutdown ip route 192 168 2 0 255 255 255 0 172 22 56 2 255 255 255 252 line telnet 0 4 password password Sample config for central router dialing in hostname Centra...

Страница 727: ...chap hostname remoterouter ppp chap password remotepass no shutdown ip route 192 168 1 0 255 255 255 0 172 22 56 1 255 255 255 252 line telnet 0 4 password password Usage Examples The following example configures the SROS to generate backup calls for this endpoint using an analog modem interface to phone number 555 1111 but never answer calls and specifies ppp 2 as the backup interface ProCurve co...

Страница 728: ...related PPP interface for authentication and IP negotiation 4 If the call fails to connect on the first number dialed the SROS places a call to the second number if a second number is configured The second number to be dialed references a separate PPP interface Dialing In 1 The SROS receives an inbound call on a physical interface 2 Caller ID is used to match the backup number command to the confi...

Страница 729: ...call again or dialing a different number It is recommended this number be greater than 60 Syntax Description seconds Selects the amount of time in seconds that the router will wait for a connection before attempting another call valid range 10 to 300 Default Values By default the backup connect timeout period is set to 60 seconds Usage Examples The following configures the SROS to wait 120 seconds...

Страница 730: ...up to allow maintenance to be performed on the primary link without disrupting data Use the no form of this command to return to the normal backup operation state Syntax Description backup Forces backup regardless of primary link state primary Forces primary link regardless of its state Default Values By default this feature is disabled Usage Examples The following configures the SROS to force thi...

Страница 731: ...nctionality refer to the Functional Notes section of the command backup call mode role on page 723 Syntax Description attempts Selects the number of call retries that will be made after a link failure valid range is 0 to 15 Setting this value to 0 will allow unlimited retries during the time the network is failed Default Values By default backup maximum retry is set to 0 attempts Usage Examples Th...

Страница 732: ... analog Indicates number connects to an analog modem digital 56k Indicates number belongs to a digital 56 kbps per DS0 connection digital 64k Indicates number belongs to a digital 64 kbps per DS0 connection isdn min chan Specifies the minimum number of DS0s required for a digital 56 or 64 kbps connection Range 1 to 24 isdn max chan Specifies the maximum number of DS0s desired for a digital 56 or 6...

Страница 733: ...y lower priority links Use the no form of this command to return to the default value For more detailed information on backup functionality refer to the Functional Notes section of the command backup call mode role on page 723 Syntax Description value Sets the relative priority of this link valid range 0 to 100 A value of 100 designates the highest priority Default Values By default backup priorit...

Страница 734: ...form of this command to return to the default value For more detailed information on backup functionality refer to the Functional Notes section of the command backup call mode role on page 723 Syntax Description No subcommands Default Values By default the SROS does not randomize the backup call timers Usage Examples The following example configures the SROS to randomize the backup timers associat...

Страница 735: ...e detailed information on backup functionality refer to the Functional Notes section of the command backup call mode role on page 723 Syntax Description seconds Specifies the delay in seconds between attempting to re dial a failed backup attempt Range 10 to 3600 Default Values By default backup redial delay is set to 10 seconds Usage Examples The following example configures a redial delay of 25 s...

Страница 736: ...uncing in and out of alarm For more detailed information on backup functionality refer to the Functional Notes section of the command backup call mode role on page 723 Syntax Description seconds Specifies the number of seconds the SROS will wait after a primary link is restored before disconnecting backup operation Range 10 to 86 400 Default Values By default backup restore delay is set to 10 seco...

Страница 737: ...mode role on page 723 Syntax Description day Sets the days to allow backup valid range Monday through Sunday enable time Sets the time of day to enable backup Time is entered in 24 hour format 00 00 disable time Sets the time of day to disable backup Default Values By default backup is enabled for all days and times if the backup auto backup command has been issued and the backup schedule has not ...

Страница 738: ...e or respond to backup sequences in the event of a network outage Use the no form of this command to reactivate the backup interface For more detailed information on backup functionality refer to the Functional Notes section of the command backup call mode role on page 723 Syntax Description No subcommands Default Values By default all SROS backup interfaces are disabled Usage Examples The followi...

Страница 739: ...and to restore the default values Syntax Description value Enter bandwidth in kbps Default Values To view default values use the show interfaces command Functional Notes The bandwidth command is an informational value that is communicated to the higher level protocols to be used in cost calculations This is a routing parameter only and does not affect the physical interface Usage Examples The foll...

Страница 740: ...roup number to the interface range is 1 to 255 Default Values By default there are no configured bridge groups Functional Notes A bridged network can provide excellent traffic management to reduce collisions and limit the amount of bandwidth wasted with unnecessary transmissions when routing is not necessary Any two interfaces can be bridged Ethernet to T1 bridge Ethernet to Frame Relay sub interf...

Страница 741: ...the policy class and associated access control lists ACLs that describe the behavior of the firewall do not forget to include the traffic coming into the system over a VPN tunnel terminated by the system The firewall should be set up with respect to the unencrypted traffic that is destined to be sent or received over the VPN tunnel The following diagram represents typical SROS data flow logic Note...

Страница 742: ...crypted data is processed by the firewall The ACLs for a crypto map on an interface work in reverse logic to the ACLs for a policy class on an interface When specifying the ACLs for a crypto map the source information is the private local side unencrypted source of the data The destination information will be the far end unencrypted destination of the data However ACLs for a policy class work in r...

Страница 743: ...r your domain name regardless of where you purchased registered it This allows you to manage IP address mappings A records domain aliases CNAME records and mail servers MX records dyndns The Dynamic DNSSM service allows you to alias a dynamic IP address to a static hostname in various domains This allows your unit to be more easily accessed from various locations on the Internet This service is pr...

Страница 744: ...ough the DNS system This service is provided for up to five hostnames If your IP address doesn t change often or at all but you still want an easy name to remember it by without having to purchase your own domain name Static DNS service is ideal for you If you would like to use your own domain name such as yourname com you need Custom DNS service which also provides full dynamic and static IP addr...

Страница 745: ...P protocol aal5mux ppp Specifies encapsulation type for multiplexed virtual circuits using the Point to Point PPP protocol aal5snap Specifies encapsulation type that supports LLC SNAP protocols Default Values By default the encapsulation type is aal5snap Functional Notes For PPP and PPPoE the encapsulation type can be aal5snap or aal5mux ppp For IP with no bridging the encapsulation type can be aa...

Страница 746: ...g for an interface WFQ is enabled by default for WAN interfaces Syntax Description threshold Optional Specifies the maximum number of packets that can be present in each conversation sub queue Packets received for a conversation after this limit is reached are discarded Range 16 to 512 Default Values By default fair queue is enabled with a threshold of 64 packets Usage Examples The following examp...

Страница 747: ... no form of this command to return to the default setting Syntax Description queue size Specifies the total number of packets the output queue can contain before packets are dropped Range 16 to 1000 Default Values The default queue size for WFQ is 400 The default queue size for PPP FIFO and Frame Relay round robin is 200 Usage Examples The following example sets the overall output queue size to 70...

Страница 748: ...ived on the specified interface out Enables access control on packets transmitted on the specified interface Default Values By default these commands are disabled Functional Notes When this command is enabled the IP destination address of each packet must be validated before being passed through to the router system If the packet is not acceptable per these settings it is dropped Usage Examples Th...

Страница 749: ...fying an interface defines the client identifier as the hexadecimal MAC address of the specified interface including a hexadecimal number added to the front of the MAC address to identify the media type For example specifying the client id ethernet 0 1 where the Ethernet interface has a MAC address of 0012 7991 1150 defines the client identifier as 01 00 12 79 91 11 50 where 01 defines the media t...

Страница 750: ...ame is the name configured using the Global Configuration hostname command Functional Notes Dynamic Host Configuration Protocol DHCP allows interfaces to acquire a dynamically assigned IP address from a configured DHCP server on the network Many Internet Service Providers ISPs require the use of DHCP when connecting to their services Using DHCP reduces the number of dedicated IP addresses the ISP ...

Страница 751: ...l Defines a secondary IP address for the specified interface Default Values By default there are no assigned IP addresses Functional Notes Use secondary IP addresses to allow dual subnets on a single interface when you need more IP addresses than the primary subnet can provide When using secondary IP addresses avoid routing loops by verifying that all devices on the network segment are configured ...

Страница 752: ... renew the DHCP IP address This command is only applicable when using DHCP for IP address assignment Syntax Description release Releases DHCP IP address renew Renews DHCP IP address Default Values No default values required for this command Usage Examples The following example releases the IP DHCP address for the ATM sub interface 1 1 ProCurve config interface atm 1 1 ProCurve config atm 1 1 ip dh...

Страница 753: ... packets When broadcast packets of the specified type forwarded using the ip forward protocol command are received on the interface they will be forwarded to the device that needs the information Only packets meeting the following criteria are considered eligible by the ip helper address feature 1 The packet IP protocol is UDP 2 Any UDP port specified using the ip forward protocol command 3 The me...

Страница 754: ...p and stops sending that group s multicast packets to the interface Range 100 to 65535 ms Default 1000 ms querier timeout seconds Specifies the number of seconds that the router waits after the current querier s last query before it takes over as querier IGMP V2 Range 60 300 seconds Default 2x the query interval value query interval seconds Specifies the interval at which IGMP queries are sent on ...

Страница 755: ...lper address and ip mcast stub upstream commands Downstream interfaces connect to segments with multicast hosts Multiple interfaces may be configured in downstream mode however interfaces connecting to the multicast network upstream should not be configured in downstream mode Interfaces configured as downstream should have the lowest IP address of all IGMP capable routers on the connected segment ...

Страница 756: ...s command is disabled Functional Notes Multicast routing must be enabled prior to setting ip mcast stub fixed on the selected interface Also use the ip igmp static group A B C D command to receive multicast traffic without host initiated Internet Group Management Protocol IGMP activity on the selected interface Otherwise all host initiated IGMP transactions will enter multicast routes on the route...

Страница 757: ...tub applications in conjunction with the ip mcast stub helper address ip mcast stub upstream and ip mcast stub downstream commands When enabled the interface becomes a helper forwarding interface The IGMP host function is dynamically enabled and the interface becomes the active upstream interface enabling the router to perform as an IGMP proxy Refer to ip mcast stub helper address ip address on pa...

Страница 758: ...mcast stub downstream commands When enabled the interface becomes a candidate to be a helper forwarding interface If chosen as the best path toward the helper address by the router s unicast route table the IGMP host function is dynamically enabled and the interface becomes the active upstream interface enabling the router to perform as an IGMP proxy Though multiple interfaces may be candidates no...

Страница 759: ...l between hello packets sent on the interface Range 0 to 32 767 message digest key keyid md5 key Configures OSPF Message Digest 5 MD5 authentication 16 byte max keys The SROS allows two keys key ID 1 and key ID 2 priority value Set the OSPF priority The value set in this field helps determine the designated router for this network Range 0 to 255 retransmit interval seconds Specifies the time betwe...

Страница 760: ... interface that is performing OSPF authentication Syntax Description message digest Specifies message digest authentication type null Specifies that no authentication be used Default Values By default this is set to null meaning no authentication is used Usage Examples The following example specifies that no authentication will be used on the ATM sub interface 1 1 ProCurve config interface atm 1 1...

Страница 761: ...terface Syntax Description broadcast Sets the network type for broadcast point to point Sets the network type for point to point Default Values By default Ethernet defaults to broadcast All other interfaces default to point to point Functional Notes A point to point network will not elect designated routers Usage Examples The following example designates a broadcast network type ProCurve config in...

Страница 762: ...bcommands Default Values By default PIM Sparse Mode is disabled for all interfaces Functional Notes PIM Sparse Mode is a multicast routing protocol that makes use of the unicast forwarding table PIM systems builds unidirectional shared trees rooted at a Rendezvous Point RP for a multicast group or a shortest path tree rooted at a specific source for a multicast group Usage Examples The following e...

Страница 763: ...o messages transmitted on the interface Routers use the priority values to determine the appropriate DR The router on the network segment with the highest priority is selected as the DR If a hello message is received on the interface from a router on the network segment and it does not contain a priority the entire network segment defaults to DR selection based on IP addresses instead of priority ...

Страница 764: ...nt out the interface Valid range is 10 to 3600 seconds Default Values By default hellos are transmitted on PIM interfaces every 60 seconds Functional Notes Hello messages are used to inform neighbors of a router s presence Hello messages normally generate a small amount of traffic on an interface Setting the hello timer to a small interval increases the amount of hellos sent thus increasing the am...

Страница 765: ...bor is not present Use the no form of this command to return to the default value Syntax Description time Specifies the time interval in seconds the PIM interface waits before a neighbor is considered not present Valid range is 30 to 10 800 seconds Default Values By default the nbr timeout is set to 105 seconds Usage Examples The following example specifies a wait interval of 360 seconds on the AT...

Страница 766: ...the no form of this command to return to the default value Syntax Description time Specifies the delay interval in milliseconds after a join prune in which another router on the LAN may override the join prune Valid range is 0 to 65 535 milliseconds Default Values By default the override interval is set to 2500 milliseconds Usage Examples The following example sets the delay interval for join prun...

Страница 767: ... to estimate the amount of delay found in the local link Use the no form of this command to return to the default value Syntax Description time Specifies the expected propagation delay in the local link in milliseconds Valid range is 0 to 32 767 milliseconds Default Values By default the propagation delay is set to 500 milliseconds Usage Examples The following example sets the expected propagation...

Страница 768: ...command to remove the assignment Removing a route map from the interface does not remove the route map configuration parameters from the system Syntax Description mapname Specifies the route map to associate with this interface Default Values By default policy based routing is disabled for all interfaces Usage Examples The following example associates the route map named MyMap with ATM interface 1...

Страница 769: ... Default Values By default proxy ARP is enabled Functional Notes In general the principle of proxy ARP allows a router to insert its IP address in the source IP address field of a packet if the packet is from a host on one of its subnetworks This allows hosts to reach devices on other subnetworks without implementing routing or specifying a default gateway If proxy ARP is enabled the SROS will res...

Страница 770: ...rsion 1 packets received on the interface 2 Accepts only RIP version 2 packets received on the interface Default Values By default all interfaces implement RIP version 1 the default value for the version command Functional Notes Use the ip rip receive version to specify a RIP version that will override the version in the Router RIP configuration The SROS only accepts one version either 1 or 2 on a...

Страница 771: ...y RIP version 1 packets on the interface 2 Transmits only RIP version 2 packets on the interface Default Values By default all interfaces transmit RIP version 1 the default value for the version command Functional Notes Use the ip rip send version to specify a RIP version that will override the version in the Router RIP configuration The SROS only transmits one version either 1 or 2 on a given int...

Страница 772: ...ies the IP address of the network to be summarized network mask Specifies the network mask to be applied to the specific network to be summarized Default Values By default no manual summarization is applied by RIP Functional Notes Unlike the automatic summarization on classful network boundaries only specific network advertisements are made by RIP using the ip rip summary address command This comm...

Страница 773: ...ntax Description No subcommands Default Values By default route caching is enabled on all interfaces Functional Notes Route caching allows an IP interface to provide optimum performance when processing IP traffic Usage Examples The following example enables route caching on the ATM sub interface 1 1 ProCurve config interface atm 1 1 ProCurve config atm 1 1 ip route cache Note Using Network Address...

Страница 774: ...all interfaces are configured to use a specified IP address using the ip address command Functional Notes If ip unnumbered is enabled on an interface all IP traffic from the interface will use a source IP address taken from the specified interface For example specifying ip unnumbered eth 0 1 while in the ATM Sub Interface Configuration mode configures the ATM sub interface to use the IP address as...

Страница 775: ... Applies the filter to the inbound traffic out Applies the filter to the outbound traffic Default Values By default there are no URL filters applied to any interfaces Functional Notes The firewall must be enabled using the ip firewall command in order to use URL filters The URL filter must be created by using the ip urlfilter filtername http command before applying it to the interface See ip urlfi...

Страница 776: ...iption percent Specifies the percentage of interface bandwidth to make available for user defined priority or class based queues Enter an integer 1 to 100 Default Values By default max reserved bandwidth is set to 75 which reserves 25 percent of the interface bandwidth for system critical traffic Usage Examples The following example specifies 85 percent of the bandwidth on the atm 1 1 interface to...

Страница 777: ...nnel interfaces 64 to 18 190 Virtual Frame Relay sub interfaces 64 to 1520 Virtual PPP interfaces 64 to 1500 Default Values size The default values for the various interfaces are listed below ATM interfaces 1500 Demand interfaces 1500 Ethernet interfaces 1500 FDL interfaces 256 HDLC interfaces 1500 Loopback interfaces 1500 Tunnel interfaces 1500 Virtual Frame Relay sub interfaces 1500 Virtual PPP ...

Страница 778: ...ll generation and OAM management for an ATM interface Use the no form of this command to disable generation of OAM loopback cells Syntax Description frequency Specifies the time delay between transmitting OAM loopback cells The range is from 0 to 600 seconds Default Values By default the frequency is 1 second Usage Examples The following example enables OAM loopback cell generation with a frequenc...

Страница 779: ...hange a PVC connection state to up The range is from 1 to 255 down count Specifies the number of consecutive end to end F5 OAM loopback cell responses that are not received in order to change a PVC state to down The range is from 1 to 255 retry frequency Specifies the frequency in seconds that end to end F5 OAM loopback cells are transmitted when a change in the up down state of a PVC is being ver...

Страница 780: ...is command to remove the link Syntax Description VPI VCI Specifies the ATM network virtual path identifier VPI for this PVC and the ATM network virtual path identifier VPI for this PVC The VPI value range is 0 to 255 and the VCI value range is 32 to 65 535 Default Values No default value is necessary for this command Usage Examples The following example sets the VPI to 8 and the VCI to 35 ProCurve...

Страница 781: ...ove the map from the interface The keyword out specifies that this policy will be applied to outgoing packets Syntax Description mapname Specifies the name of a previously created QoS map refer to qos map mapname sequence number on page 486 for more information Default Values No default value is necessary for this command Usage Examples The following example applies the QoS map VOICEMAP to the ATM...

Страница 782: ...o form of this command Syntax Description enable Enables the BPDU filter disable Disables the BPDU filter Default Values By default this command is set to disable Functional Notes The purpose of this command is to remove a port from participation in the spanning tree This might be beneficial while debugging a network setup It normally should not be used in a live network Usage Examples The followi...

Страница 783: ...mmand to block BPDUs from being received on this interface To return to the default value use the no form of this command Syntax Description enable Enables the BPDU block disable Disables the BPDU block Default Values By default this command is set to disable Usage Examples The following example enables the BPDU guard on the interface ProCurve config interface atm 1 1 ProCurve config atm 1 1 spann...

Страница 784: ...no form of this command to return the interface to normal operation non edgeport Syntax Description No subcommands Default Values By default this command is set to disable Usage Examples The following example configures the interface to be an edgeport ProCurve config interface atm 1 1 ProCurve config atm 1 1 spanning tree edgeport An individual interface can be configured to not be considered an e...

Страница 785: ...ype and a port configured for full duplex is set to point to point link type Setting the link type manually overrides the default and forces the port to use the specified link type Using the link type auto command restores the convention of determining link type based on duplex settings Usage Examples The following example forces the link type to point to point even if the port is configured to be...

Страница 786: ...ue is inversely proportional to the likelihood the bridge interface will be chosen as the root path Set the path cost value lower to increase the chance the interface will be the root To obtain the most accurate spanning tree calculations develop a system for determining path costs for links and apply it to all bridged interfaces Usage Examples The following example assigns a path cost of 100 for ...

Страница 787: ...he bridge group the lower the value the higher the priority valid range 0 to 255 Default Values By default the priority value is set to 128 Functional Notes The only time that this priority level is used is when two interfaces with a path to the root have equal cost At that point the level set in this command will determine which port the bridge will use Set the priority value lower to increase th...

Страница 788: ...ig bridge irb ProCurve config interface bvi 1 ProCurve config bvi 1 The following commands are common to multiple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below bind from interface slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 end on page 1436 exit on page 1437 ping ...

Страница 789: ...SROS Command Line Interface Reference Guide BVI Interface Config Command Set 5991 2114 Copyright 2007 Hewlett Packard Development Company L P 787 traffic shape rate value burst on page 816 ...

Страница 790: ...terface enter the interface configuration mode for the desired interface and enter access policy policy name For more details on creating and using access policies refer to ip policy class policyname on page 426 Usage Examples The following example associates the access policy Private to allow inbound traffic to the Web server to BVI interface 1 Enable the SROS security features ProCurve config ip...

Страница 791: ...the default values Syntax Description value Specifies bandwidth in kbps Range is 1 to 4 294 967 295 kbps Default Values To view default values use the show interfaces command Functional Notes The bandwidth command is an informational value that is communicated to the higher level protocols to be used in cost calculations This is a routing parameter only and does not affect the physical interface U...

Страница 792: ...e policy class and associated access control lists ACLs that describe the behavior of the firewall do not forget to include the traffic coming into the system over a VPN tunnel terminated by the system The firewall should be set up with respect to the unencrypted traffic that is destined to be sent or received over the VPN tunnel The following diagram represents typical SROS data flow logic Note W...

Страница 793: ...nencrypted data is processed by the firewall The ACLs for a crypto map on an interface work in reverse logic to the ACLs for a policy class on an interface When specifying the ACLs for a crypto map the source information is the private local side unencrypted source of the data The destination information will be the far end unencrypted destination of the data However ACLs for a policy class work i...

Страница 794: ...dless of where you purchased registered it This allows to manage IP address mappings A records domain aliases CNAME records and mail servers MX records dyndns The Dynamic DNSSM offered by Dynamic Network Services Inc DynDNS org allows you to alias a dynamic IP address to a static host name in various domains This allows your unit to be more easily accessed from various locations on the Internet Th...

Страница 795: ...ate though the DNS system This service is provided for up to five host names If your IP address does not change often or at all but you still want an easy name to remember it by without having to purchase your own domain name Static DNS service is ideal for you If you would like to use your own domain name such as yourname com you need Custom DNS service which also provides full dynamic and static...

Страница 796: ...eived on the specified interface out Enables access control on packets transmitted on the specified interface Default Values By default these commands are disabled Functional Notes When this command is enabled the IP destination address of each packet must be validated before being passed through If the packet is not acceptable per these settings it is dropped Usage Examples The following example ...

Страница 797: ...fier as the hexadecimal MAC address of the specified interface including a hexadecimal number added to the front of the MAC address to identify the media type For example specifying the client id ethernet 0 1 where the Ethernet interface has a MAC address of d217 0491 1150 defines the client identifier as 01 d2 17 04 91 11 50 where 01 defines the media type as Ethernet Refer to hardware address ha...

Страница 798: ...e configured using the Global Configuration hostname command Functional Notes DHCP allows interfaces to acquire a dynamically assigned IP address from a configured DHCP server on the network Many Internet Service Providers ISPs require the use of DHCP when connecting to their services Using DHCP reduces the number of dedicated IP addresses the ISP must obtain Consult your ISP to determine the prop...

Страница 799: ...ion for example 255 255 255 0 or as a prefix length for example 24 secondary Optional Configures a secondary IP address for the specified interface Default Values By default there are no assigned IP addresses Functional Notes Use secondary IP addresses to allow dual subnets on a single interface when you need more IP addresses than the primary subnet can provide When using secondary IP addresses a...

Страница 800: ...he destination subnet The packet is then sent as a link layer broadcast The ip directed broadcast command controls the distribution of directed broadcasts when they reach their target subnets Only the final transmission of the directed broadcast on its ultimate destination subnet is affected It does not affect the transit unicast routing of IP directed broadcasts If ip directed broadcast is enable...

Страница 801: ...t packets of the specified type forwarded using the ip forward protocol command are received on the interface they will be forwarded to the device that needs the information Only packets meeting the following criteria are considered eligible by the ip helper address feature 1 The packet IP protocol is User Datagram Protocol UDP 2 Any UDP port specified using the ip forward protocol command 3 The m...

Страница 802: ...es any computed cost value Range 1 to 65 535 dead interval seconds Sets the maximum interval allowed between hello packets If the maximum is exceeded neighboring devices will determine that the device is down Range 0 to 32767 hello interval seconds Specifies the interval between hello packets sent on the interface Range 0 to 32 767 message digest key keyid md5 key Configures OSPF Message Digest 5 ...

Страница 803: ...and Set 5991 2114 Copyright 2007 Hewlett Packard Development Company L P 801 Usage Examples The following example sets the maximum number of seconds allowed between hello packets to 25 000 ProCurve config interface bvi 1 ProCurve config bvi 1 ip ospf dead interval 25000 ...

Страница 804: ...te an interface that is performing OSPF authentication Syntax Description message digest Specifies message digest authentication type null Specifies that no authentication be used Default Values By default this is set to null meaning no authentication is used Usage Examples The following example specifies that no authentication will be used on BVI interface 1 ProCurve config interface bvi 1 ProCur...

Страница 805: ...terface Syntax Description broadcast Sets the network type for broadcast point to point Sets the network type for point to point Default Values By default Ethernet defaults to broadcast All other interfaces default to point to point Functional Notes A point to point network will not elect designated routers Usage Examples The following example designates a broadcast network type ProCurve config in...

Страница 806: ...s command to remove the assignment Removing a route map from the interface does not remove the route map configuration parameters from the system Syntax Description mapname Specifies the route map to associate with this interface Default Values By default policy based routing is disabled for all interfaces Usage Examples The following example assigns the policy route map policy1 to the interface P...

Страница 807: ...dress Default Values By default proxy ARP is enabled Functional Notes In general the principle of proxy ARP allows a router to insert its IP address in the source IP address field of a packet if the packet is from a host on one of its subnetworks This allows hosts to reach devices on other subnetworks without implementing routing or specifying a default gateway If proxy ARP is enabled the SROS wil...

Страница 808: ...IP version 1 packets received on the interface 2 Accepts only RIP version 2 packets received on the interface Default Values By default all interfaces implement RIP version 1 the default value for the version command Functional Notes Use the ip rip receive version to specify a RIP version that will override the version in the Router RIP configuration The SROS only accepts one version either 1 or 2...

Страница 809: ...s only RIP version 1 packets on the interface 2 Transmits only RIP version 2 packets on the interface Default Values By default all interfaces transmit RIP version 1 the default value for the version command Functional Notes Use the ip rip send version to specify a RIP version that will override the version in the Router RIP configuration The SROS only transmits one version either 1 or 2 on a give...

Страница 810: ...ies the IP address of the network to be summarized network mask Specifies the network mask to be applied to the specific network to be summarized Default Values By default no manual summarization is applied by RIP Functional Notes Unlike the automatic summarization on classful network boundaries only specific network advertisements are made by RIP using the ip rip summary address command This comm...

Страница 811: ...Syntax Description No subcommands Default Values By default route caching is enabled on all interfaces Functional Notes Route caching allows an IP interface to provide optimum performance when processing IP traffic Usage Examples The following example enables fast cache switching on a BVI interface ProCurve config interface bvi 1 ProCurve config bvi 1 ip route cache Note Using Network Address Tran...

Страница 812: ...By default all interfaces are configured to use a specified IP address using the ip address command Functional Notes If ip unnumbered is enabled on an interface all IP traffic from the interface will use a source IP address taken from the specified interface For example specifying ip unnumbered eth 0 1 while in the BVI interface Configuration mode configures the BVI interface to use the IP address...

Страница 813: ...nd traffic out Applies the filter to the outbound traffic Default Values By default there are no URL filters applied to any interfaces Functional Notes The firewall must be enabled using the ip firewall command in order to use URL filters The URL filter must be created by using the ip urlfilter name http command before applying it to the interface Refer to ip urlfilter name http on page 455 for mo...

Страница 814: ...the no form of this command to return to the default MAC address programmed by ProCurve Syntax Description mac address Specifies a valid 48 bit MAC address MAC addresses should be expressed in following format xx xx xx xx xx xx for example 00 A0 C8 00 00 01 Default Values A unique default MAC address is programmed in each unit shipped by ProCurve Usage Examples The following example configures a M...

Страница 815: ...on percent Specifies the percentage of interface bandwidth to make available for user defined priority or class based queues Enter an integer 1 to 100 Default Values By default max reserved bandwidth is set to 75 which reserves 25 percent of the interface bandwidth for system critical traffic Usage Examples The following example specifies 85 percent of the bandwidth on BVI interface 1 be available...

Страница 816: ...00 Tunnel interfaces 64 to 18 190 Virtual Frame Relay sub interfaces 64 to 1520 Virtual PPP interfaces 64 to 1500 Default Values size The default values for the various interfaces are listed below ATM interfaces 1500 Demand interfaces 1500 Ethernet interfaces 1500 FDL interfaces 256 HDLC interfaces 1500 Loopback interfaces 1500 Tunnel interfaces 1500 Virtual Frame Relay sub interfaces 1500 Virtual...

Страница 817: ... based entry is added to deleted from or changed in a QoS map set 2 The interface bandwidth is changed by the bandwidth command on the interface 3 A QoS policy is applied to an interface 4 A bind is created that includes an interface with a QoS policy 5 The interface queuing method is changed to fair queue to use weighted fair queuing 6 The interface operational status changes 7 The interface band...

Страница 818: ...urst is specified as the rate divided by 5 and represents the number of bytes that would flow within 200 ms Default Values By default traffic shape rate is disabled Functional Notes Traffic shaping can be used to limit the VLAN interface to a particular rate or to specify use of QoS Usage Examples The following example sets the outbound rate of bvi 1 to 128 kbps and applies a QoS policy that gives...

Страница 819: ...ce slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 shutdown on page 1442 All other commands for this command set are described in this section in alphabetical order access policy policyname on page 819 bandwidth value on page 820 called number DNIS number on page 821 caller number CLI...

Страница 820: ... 857 lldp receive on page 858 lldp send management address l port description l system capabilities l system description l system name on page 859 match interesting list acl name reverse list acl name in out on page 861 max reserved bandwidth percent on page 862 mtu size on page 863 peer default ip address address on page 864 ppp commands begin on page 865 qos policy in out mapname on page 873 res...

Страница 821: ...fer to ip policy class policyname on page 426 Usage Examples The following example associates the access policy UnTrusted to allow inbound traffic to the Web server to the demand interface Enable the SROS security features ProCurve config ip firewall Create the access list this is the packet selector ProCurve config ip access list extended InWeb ProCurve config ext nacl permit tcp any host 10 12 5...

Страница 822: ... restore the default values Syntax Description value Specifies the bandwidth value in kbps Default Values To view default values use the show interfaces command Functional Notes The bandwidth command is an informational value that is communicated to the higher level protocols to be used in cost calculations This is a routing parameter only and does not affect the physical interface Usage Examples ...

Страница 823: ...mbers Multiple called numbers may be specified for an interface Use the no form of this command to remove a configured called number Syntax Description DNIS number Identifies the called number to be linked to an interface The DNIS number is limited to 20 digits Default Values By default no called numbers are defined Usage Examples The following example links calls with a DNIS number of 9165551212 ...

Страница 824: ...fied allowing the interface to accept calls from different remote resources Use the no form of this command to remove a configured caller number Syntax Description CLID number Identifies the caller s number to be linked to an interface The CLID number is limited to 20 digits Default Values By default no caller numbers are defined Usage Examples The following example links calls with a CLID number ...

Страница 825: ...s command to restore the default values Syntax Description answer Specifies the interface may be used to answer calls but not originate calls originate Specifies the interface may be used to originate calls but not answer calls either Specifies the interface may be used to answer and originate calls Default Values By default the connect mode is set to both answer and originate calls Usage Examples...

Страница 826: ...ifies the connect sequence be processed beginning with the last successful entry or the first entry if there are no previous connections round robin Specifies the connect sequence be processed beginning with the entry that follows the last successful entry or the first entry if there are no previous connections sequential Specifies the connect sequence be processed from the beginning of the list D...

Страница 827: ...reshold value connect sequence sequence number dial string string isdn 64k connect sequence sequence number dial string string isdn 64k busyout threshold value Syntax Description sequence number Specifies the number for this connection specification entry Range 1 to 65 535 string Specifies the telephone number to dial when using this connection The dial string is limited to 20 digits forced analog...

Страница 828: ...very mode Refer to connect sequence interface recovery retry interval seconds max retries value on page 827 for more information Use the no form of this command to restore the default values Syntax Description value Specifies the number of times the connect sequence will cycle through its entries if it is unable to make a connection Range is 0 to 65 535 Default Values By default the connect sequen...

Страница 829: ...s Optional Specifies the number of seconds the interface will wait between connect sequence cycles during recovery attempts max retries value Optional Specifies the maximum number of times the connect sequence will cycle in an attempt to bring the interface back up When in interface recovery mode this value overrides the connect sequence attempts value Default Values By default the connect sequenc...

Страница 830: ...class and associated access control lists ACLs that describe the behavior of the firewall do not forget to include the traffic coming into the system over a VPN tunnel terminated by the system The firewall should be set up with respect to the unencrypted traffic that is destined to be sent or received over the VPN tunnel The following diagram represents typical SROS data flow logic Note When you a...

Страница 831: ...ncrypted data is processed by the firewall The ACLs for a crypto map on an interface work in reverse logic to the ACLs for a policy class on an interface When specifying the ACLs for a crypto map the source information is the private local side unencrypted source of the data The destination information will be the far end unencrypted destination of the data However ACLs for a policy class work in ...

Страница 832: ...se the no form of this command to restore the default values Syntax Description packets Specifies the number of packets that may be stored in the hold queue Range is 0 to 100 seconds Specifies the number of seconds a packet may remain in the hold queue Range is 0 to 255 seconds Default Values By default the hold queue is disabled Usage Examples The following example configures demand interface 1 t...

Страница 833: ...l over your domain name regardless of where you purchased registered it This allows to manage IP address mappings A records domain aliases CNAME records and mail servers MX records dyndns The Dynamic DNSSM service allows you to alias a dynamic IP address to a static hostname in various domains This allows your unit to be more easily accessed from various locations on the Internet This service is p...

Страница 834: ...though the DNS system This service is provided for up to five hostnames If your IP address doesn t change often or at all but you still want an easy name to remember it by without having to purchase your own domain name Static DNS service is ideal for you If you would like to use your own domain name such as yourname com you need Custom DNS service which also provides full dynamic and static IP ad...

Страница 835: ...terface WFQ is enabled by default for WAN interfaces Syntax Description threshold Optional Specifies the maximum number of packets that can be present in each conversation sub queue Packets received for a conversation after this limit is reached are discarded Range 16 to 512 packets Default Values By default fair queue is enabled with a threshold of 64 packets Usage Examples The following example ...

Страница 836: ... traffic when there is contention for the demand resources being used by this interface Use the no form of this command to restore the default values Syntax Description seconds Specifies the number of seconds the interface will remain up in the absence of interesting traffic Range is 1 to 2 147 483 Default Values By default fast idle is set to 120 seconds Usage Examples The following example sets ...

Страница 837: ...erface s WAN output queue Syntax Description queue size Specifies the total number of packets the output queue can contain before packets are dropped Range is 16 to 1000 Default Values The default queue size for WFQ is 400 The default queue size for PPP FIFO and Frame Relay round robin is 200 Usage Examples The following example sets the overall output queue size to 700 ProCurve config interface d...

Страница 838: ...ch interesting commands Refer to match interesting list acl name reverse list acl name in out on page 861 for more information Use the no form of this command to restore the default values Syntax Description seconds Specifies the number of seconds the interface will remain up in the absence of interesting traffic Range is 1 to 2 147 483 Default Values By default idle timeout is set to 120 seconds ...

Страница 839: ... packets received on the specified interface out Enables access control on packets transmitted on the specified interface Default Values By default these commands are disabled Functional Notes When this command is enabled the IP destination address of each packet must be validated before being passed through If the packet is not acceptable per these settings it is dropped Usage Examples The follow...

Страница 840: ...efault route Some systems already have a default route configured and need a static route to the PPP interface to function correctly Default Values By default the interface is assigned an address with the ip address address mask command Usage Examples The following example enables the demand interface to negotiate an IP address from the far end connection ProCurve config interface demand 1 ProCurv...

Страница 841: ...ies the subnet mask that corresponds to the listed IP address secondary Optional Configures a secondary IP address for the specified interface Default Values By default there are no assigned IP addresses Functional Notes Use secondary IP addresses to allow dual subnets on a single interface when you need more IP addresses than the primary subnet can provide When using secondary IP addresses avoid ...

Страница 842: ...s When broadcast packets of the specified type forwarded using the ip forward protocol command are received on the interface they will be forwarded to the device that needs the information Only packets meeting the following criteria are considered eligible by the ip helper address feature 1 The packet IP protocol is User Datagram Protocol UDP 2 Any UDP port specified using the ip forward protocol ...

Страница 843: ...stops sending that group s multicast packets to the interface Range 100 to 65535 ms Default 1000 ms querier timeout seconds Specifies the number of seconds that the router waits after the current querier s last query before it takes over as querier IGMP V2 Range 60 300 seconds Default 2x the query interval value query interval seconds Specifies the interval at which IGMP queries are sent on an int...

Страница 844: ...helper address and ip mcast stub upstream commands Downstream interfaces connect to segments with multicast hosts Multiple interfaces may be configured in downstream mode however interfaces connecting to the multicast network upstream should not be configured in downstream mode Interfaces configured as downstream should have the lowest IP address of all IGMP capable routers on the connected segmen...

Страница 845: ...his command is disabled Functional Notes Multicast routing must be enabled prior to setting ip mcast stub fixed on the selected interface Also use the ip igmp static group A B C D command to receive multicast traffic without host initiated Internet Group Management Protocol IGMP activity on the selected interface Otherwise all host initiated IGMP transactions will enter multicast routes on the rou...

Страница 846: ...t stub applications in conjunction with the ip mcast stub helper address ip mcast stub upstream and ip mcast stub downstream commands When enabled the interface becomes a helper forwarding interface The IGMP host function is dynamically enabled and the interface becomes the active upstream interface enabling the unit to perform as an IGMP proxy Refer to ip mcast stub helper address ip address on p...

Страница 847: ...p mcast stub downstream commands When enabled the interface becomes a candidate to be a helper forwarding interface If chosen as the best path toward the helper address by the router s unicast route table the IGMP host function is dynamically enabled and the interface becomes the active upstream interface enabling the router to perform as an IGMP proxy Though multiple interfaces may be candidates ...

Страница 848: ...ds Specifies the interval between hello packets sent on the interface Range 0 to 32 767 message digest key keyid md5 key Configures OSPF Message Digest 5 MD5 authentication 16 byte max keys The SROS allows two keys key ID 1 and key ID 2 priority value Set the OSPF priority The value set in this field helps determine the designated router for this network Range 0 to 255 retransmit interval seconds ...

Страница 849: ...at is performing OSPF authentication Syntax Description message digest Optional Selects message digest authentication type null Optional Specifies that no authentication be used Default Values By default ip ospf authentication is set to null meaning no authentication is used Usage Examples The following example specifies that no authentication will be used on the demand interface ProCurve config i...

Страница 850: ...interface Syntax Description broadcast Sets the network type for broadcast point to point Sets the network type for point to point Default Values By default Ethernet defaults to broadcast All other interfaces default to point to point Functional Notes A point to point network will not elect designated routers Usage Examples The following example designates a broadcast network type ProCurve config ...

Страница 851: ...s command to remove the assignment Removing a route map from the interface does not remove the route map configuration parameters from the system Syntax Description mapname Specifies the route map to associate with this interface Default Values By default policy based routing is disabled for all interfaces Usage Examples The following example associates the route map named MyMap with demand interf...

Страница 852: ...ault Values By default proxy ARP is enabled Functional Notes In general the principle of proxy ARP allows a router to insert its IP address in the source IP address field of a packet if the packet is from a host on one of its subnetworks This allows hosts to reach devices on other subnetworks without implementing routing or specifying a default gateway If proxy ARP is enabled the SROS will respond...

Страница 853: ...ived RIP version 1 packets on the interface 2 Accepts only received RIP version 2 packets on the interface Default Values By default all interfaces implement RIP version 1 the default value for the version command Functional Notes Use the ip rip receive version to specify a RIP version that overrides the version in the Router RIP configuration The SROS only accepts one version either 1 or 2 on a g...

Страница 854: ...nly RIP version 1 packets on the interface 2 Transmits only RIP version 2 packets on the interface Default Values By default all interfaces transmit RIP version 1 the default value for the version command Functional Notes Use the ip rip send version to specify a RIP version that overrides the version in the Router RIP configuration The SROS only transmits one version either 1 or 2 on a given inter...

Страница 855: ...ifies the IP address of the network to be summarized network mask Specifies the network mask to be applied to the specific network to be summarized Default Values By default no manual summarization is applied by RIP Functional Notes Unlike the automatic summarization on classful network boundaries only specific network advertisements are made by RIP using the ip rip summary address command This co...

Страница 856: ...yntax Description No subcommands Default Values By default route caching is enabled on all interfaces Functional Notes Fast cache switching allows an IP interface to provide optimum performance when processing IP traffic Usage Examples The following example enables fast cache switching on the virtual demand interface ProCurve config interface demand 1 ProCurve config demand 1 ip route cache Note U...

Страница 857: ...nfigured to use a specified IP address using the ip address command Functional Notes If ip unnumbered is enabled on an interface all IP traffic from the interface will use a source IP address taken from the specified interface For example specifying ip unnumbered eth 0 1 while in the Demand Interface Configuration mode configures the demand interface to use the IP address assigned to the Ethernet ...

Страница 858: ...in Applies the filter to the inbound traffic out Applies the filter to the outbound traffic Default Values By default there are no URL filters applied to any interfaces Functional Notes The firewall must be enabled using the ip firewall command in order to use URL filters The URL filter must be created by using the ip urlfilter filtername http command before applying it to the interface See ip url...

Страница 859: ... Syntax Description seconds Defines the time interval in seconds between transmitted keepalive packets valid range 0 to 32 767 seconds Default Values By default the time interval between transmitted keepalive packets is 10 seconds Functional Notes If three keepalive packets are sent to an interface with no response the interface is considered down To detect interface failures quickly specify a sma...

Страница 860: ...se the lldp receive command to allow LLDP packets to be received on this interface Syntax Description No subcommands Default Values By default all interfaces are configured to send and receive LLDP packets Usage Examples The following example configures the demand interface to receive LLDP packets ProCurve config interface demand 1 ProCurve config demand 1 lldp receive ...

Страница 861: ... of this device s system capabilities on this interface system description Enables transmission of this device s system description on this interface system name Enables transmission of this device s system name on this interface Default Values Be default all interfaces are configured to transmit and receive LLDP packets of all types Functional Notes Individual LLDP information can be enabled or d...

Страница 862: ... LLDP packets of all types Functional Notes Individual LLDP information can be enabled or disabled using the various forms of the lldp send command For example use the lldp send and receive command to enable transmit and receive of all LLDP information Then use the no lldp send port description command to prevent LLDP from transmitting port description information Usage Examples The following exam...

Страница 863: ...t values Syntax Description list acl name Specifies using an ACL with normal source destination ACL matching logic reverse list acl name Specifies using an ACL with reverse destination source ACL matching logic in Optional Specifies that only incoming traffic is interesting out Optional Specifies that only outgoing traffic is interesting Default Values By default no interesting traffic is defined ...

Страница 864: ...escription percent Specifies the percentage of interface bandwidth to make available for user defined priority or class based queues Enter an integer 1 to 100 Default Values By default max reserved bandwidth is set to 75 which reserves 25 percent of the interface bandwidth for system critical traffic Usage Examples The following example specifies 85 percent of the bandwidth on demand interface 1 t...

Страница 865: ...unnel interfaces 64 to 18 190 Virtual Frame Relay sub interfaces 64 to 1520 Virtual PPP interfaces 64 to 1500 Default Values size The default values for the various interfaces are listed below ATM interfaces 1500 Demand interfaces 1500 Ethernet interfaces 1500 FDL interfaces 256 HDLC interfaces 1500 Loopback interfaces 1500 Tunnel interfaces 1500 Virtual Frame Relay sub interfaces 1500 Virtual PPP...

Страница 866: ... end of this interface Syntax Description address Specifies the default IP address for the remote end A B C D Default Values By default there is no assigned peer default IP address Functional Notes This command is useful if the peer does not send the IP address option during PPP negotiations Usage Examples The following example sets the default peer IP address to 192 168 71 50 ProCurve config inte...

Страница 867: ...the connecting private circuit PAP requires two way message passing First the router that is required to be authenticated say the peer sends an authentication request with its username and password to the router requiring authentication say the local router The local router then looks up the username and password in the username database within the PPP interface and if they match sends an authenti...

Страница 868: ...word near Peer config demand 1 ppp pap sent username farend password far Now both routers send the authentication request verify that the username and password sent match what is expected in the database and send an authentication acknowledge Defining CHAP The Challenge Handshake Authentication Protocol CHAP is a three way authentication protocol composed of a challenge response and success or fai...

Страница 869: ...its hostname in the response to the local router Configuring CHAP Example 2 Both routers require the peer to authenticate itself On the local router hostname Local Local config demand 1 ppp authentication chap Local config demand 1 username Peer password same On the peer hostname Peer Peer config demand 1 ppp authentication chap Peer config demand 1 username Local password same This is basically i...

Страница 870: ...uthentication chap Local config demand 1 username Peer password different On the peer hostname Peer Peer config demand 1 username Local password same Peer config demand 1 ppp chap password different Here the local router challenges with hostname Local The peer verifies the name in the username database but instead of sending the password same in the response it uses the one in the ppp chap passwor...

Страница 871: ... remove a configured hostname For more information on PAP and CHAP functionality refer to the Technology Review section for the command ppp authentication chap pap on page 865 Syntax Description hostname Specifies a hostname using an alphanumeric string up to 80 characters in length Default Values By default there are no configured PPP CHAP hostnames Usage Examples The following example specifies ...

Страница 872: ...mmand to remove a configured password For more information on PAP and CHAP functionality refer to the Technology Review section for the command ppp authentication chap pap on page 865 Syntax Description password Specifies a password using an alphanumeric string up to 80 characters in length Default Values By default there is no defined PPP CHAP password Usage Examples The following example specifi...

Страница 873: ... links Receiving fragments over the physical links and reassembling them into PDUs The fragmentation and interleave options can be used to enhance the multilink operation Fragmentation is used to reduce serialization delays of large packets The fragmentation process evenly divides the data among all links in the bundle with a minimum packet size of 96 bytes The interleave operation is used with st...

Страница 874: ...lity refer to the Technology Review section for the command ppp authentication chap pap on page 865 Syntax Description username Specifies a username by alphanumeric string up to 80 characters in length the username is case sensitive password Specifies a password by alphanumeric string up to 80 characters in length the password is case sensitive Default Values By default there is no defined ppp pap...

Страница 875: ... the map from the interface Syntax Description mapname Specifies the name of a previously created QoS map refer to qos map mapname sequence number on page 486 for more information in Assigns a QoS map to this interface s input out Assigns a QoS map to this interface s output Default Values No default value is necessary for this command Usage Examples The following example applies the QoS map VOICE...

Страница 876: ...face Refer to resource pool member pool name cost on page 1211 for more information Use the no form of this command to restore the default values Syntax Description pool name Specifies the resource pool that this interface will use to originate answer demand connections Default Values By default no resource pool is associated with this interface Usage Examples The following example associates the ...

Страница 877: ...re is an interface status change Use the no form of this command to disable this trap Syntax Description No subcommands Default Values By default the ifLinkUpDownTrapEnable OID is enabled for all interfaces except virtual Frame Relay interfaces Functional Notes The snmp trap link status command is used to control the RFC2863 ifLinkUpDownTrapEnable OID OID number 1 3 6 1 2 1 31 1 1 1 14 0 Usage Exa...

Страница 878: ...th the username is case sensitive password Specifies a password by alphanumerical string up to 30 characters in length the password is case sensitive Default Values By default there is no established username and password Functional Notes PAP uses this entry to check received information from the peer CHAP uses this entry to check the received peer hostname and a common password Usage Examples The...

Страница 879: ... a centralized section of this guide For more information refer to the sections listed below alias text on page 1430 bind from interface slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 shutdown on page 1442 All other commands for this command set are described in this section in alpha...

Страница 880: ...mand to restore the default values Syntax Description value Specifies bandwidth in kbps Default Values No default value is necessary for this command Functional Notes The bandwidth command is an informational value that is communicated to the higher level protocols to be used in cost calculations This is a routing parameter only and does not affect the physical interface Usage Examples The followi...

Страница 881: ...ay interface as IETF RFC 1490 Currently this is the only encapsulation setting Settings for this option must match the far end router s settings in order for the Frame Relay interface to become active Syntax Description No subcommands Default Values By default all Frame Relay interfaces use IETF encapsulation Usage Examples The following example configures the endpoint for IETF encapsulation ProCu...

Страница 882: ...ng for an interface WFQ is enabled by default for WAN interfaces Syntax Description threshold Optional Specifies the maximum number of packets that can be present in each conversation sub queue Packets received for a conversation after this limit is reached are discarded Range 16 to 512 Default Values By default fair queue is enabled with a threshold of 64 packets Usage Examples The following exam...

Страница 883: ... or network signaling role Use this interface type when you need the unit to emulate the frame switch dte Specifies DTE or user signaling role Use this interface type when connecting to a Frame Relay switch or piece of equipment emulating a frame switch nni Configures the interface to support both network and user signaling DTE or DCE when necessary Default Values By default frame relay intf type ...

Страница 884: ...Syntax Description polls Sets the counter value Range 1 to 255 Default Values By default the polling counter for the DCE endpoint is set to six polls Functional Notes The N391 counter determines how many link integrity polls occur in between full status polls The number of link integrity polls between full status polls is n 1 where n represents the full status poll n can be set to any number betwe...

Страница 885: ...Syntax Description polls Sets the counter value Range 1 to 255 Default Values By default the polling counter for the DTE endpoint is set to six polls Functional Notes The N391 counter determines how many link integrity polls occur in between full status polls The number of link integrity polls between full status polls is n 1 where n represents the full status poll n can be set to any number betwe...

Страница 886: ...y default the error threshold for the DCE endpoint is set to three errors Functional Notes If the error threshold is met the signaling state status is changed to down indicating a service affecting condition This condition is cleared once N393 consecutive error free events are received N392 defines the number of errors required in a given event window while N393 defines the number of polling event...

Страница 887: ... default the error threshold for the DTE endpoint is set to three errors Functional Notes If the error threshold is met the signaling state status is changed to down indicating a service affecting condition This condition is cleared once N393 consecutive error free events are received N392 defines the number of errors required in a given event window while N393 defines the number of polling events...

Страница 888: ...CE endpoint Typical applications should leave the default value for this counter Use the no form of this command to return to the default value Syntax Description counter Sets the counter value Range 1 to 10 Default Values By default the LMI monitored event counter for the DCE endpoint is set to four events Usage Examples The following example sets the N393 threshold for five events ProCurve confi...

Страница 889: ...he DTE endpoint Typical applications should leave the default value for this counter Use the no form of this command to return to the default value Syntax Description counter Sets the counter value Range 1 to 10 Default Values By default the LMI monitored event counter for the DTE endpoint is set to four events Usage Examples The following example sets the N393 threshold for five events ProCurve c...

Страница 890: ...the default value for this timer Use the no form of this command to return to the default value Syntax Description seconds Sets the timer value in seconds Range 5 to 30 Default Values By default the signal polling timer for the DTE endpoint is set to 10 seconds Functional Notes The T391 timer sets the time in seconds between polls to the Frame Relay network Usage Examples The following example set...

Страница 891: ... form of this command to return to the default value Syntax Description seconds Sets the timer value in seconds Range 5 to 30 Default Values By default the polling verification timer for the DCE endpoint is set to 10 seconds Functional Notes The T392 sets the timeout in seconds between polling intervals This parameter needs to be a few seconds longer than the T391 setting of the attached Frame Rel...

Страница 892: ... on ANSI T1 617 standard for Frame Relay auto Automatically determines signaling type by messages received on the frame circuit cisco Specifies Cisco LMI signaling method reserves DLCI 1023 none Turns off signaling on the endpoint This is used for backup connections q933a Specifies Annex A signaling method based on the ITU T Q 933A frame format for Frame Relay Default Values By default the Frame R...

Страница 893: ...ss Class C is specified Range 1 to 65 535 links bid string Optional Specifies a bundle ID up to 48 characters for the multilink bundle All hello messages sent on links belonging to the multilink bundle contain the bundle ID By default the SROS creates a generic bundle ID for each configured multilink bundle using the following MFR interface number where the interface number corresponds to the inte...

Страница 894: ...between hello messages to 45 seconds ProCurve config interface frame relay 1 ProCurve config fr 1 frame relay multilink hello 45 The following example specifies Class B operation ProCurve config interface frame relay 1 ProCurve config fr 1 frame relay multilink bandwidth class b The following example specifies Class C operation with a threshold of 5 ProCurve config interface frame relay 1 ProCurve...

Страница 895: ...e the no form of this command to return to the default settings Syntax Description queue size The total number of packets the output queue can contain before packets are dropped Range 16 to 1000 Default Values The default queue size for WFQ is 400 The default queue size for PPP FIFO and Frame Relay round robin is 200 Usage Examples The following example sets the overall output queue size to 700 Pr...

Страница 896: ...tion percent Specifies the percentage of interface bandwidth to make available for user defined priority or class based queues Enter an integer 1 to 100 Default Values By default max reserved bandwidth is set to 75 which reserves 25 percent of the interface bandwidth for system critical traffic Usage Examples The following example specifies 85 percent of the bandwidth on the frame relay 1 interfac...

Страница 897: ...emove the map from the interface The out keyword specifies that this policy will be applied to outgoing packets Syntax Description map name Specifies the name of a previously created QoS map see qos map mapname sequence number on page 486 for more information Default Values No default value is necessary for this command Usage Examples The following example applies the QoS map VOICEMAP to the Frame...

Страница 898: ...Network Management Protocol SNMP traps on the interface Use the no form of this command to disable SNMP traps Syntax Description No subcommands Default Values By default all interfaces except virtual Frame Relay interfaces and sub interfaces have SNMP traps enabled Usage Examples The following example enables SNMP on the virtual Frame Relay interface ProCurve config interface frame relay 1 ProCurv...

Страница 899: ...re is an interface status change Use the no form of this command to disable this trap Syntax Description No subcommands Default Values By default the ifLinkUpDownTrapEnable OID is enabled for all interfaces except virtual Frame Relay interfaces Functional Notes The snmp trap link status command is used to control the RFC2863 ifLinkUpDownTrapEnable OID OID number 1 3 6 1 2 1 31 1 1 1 14 0 Usage Exa...

Страница 900: ...from interface slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 shutdown on page 1442 All other commands for this command set are described in this section in alphabetical order access policy policyname on page 900 backup commands begin on page 901 bandwidth value on page 918 bridge gr...

Страница 901: ...and Line Interface Reference Guide Frame Relay Sub Interface Config Command Set 5991 2114 Copyright 2007 Hewlett Packard Development Company L P 899 mtu size on page 960 spanning tree commands begin on page 963 ...

Страница 902: ...cy class policyname on page 426 Usage Examples The following example associates the access policy UnTrusted to allow inbound traffic to the Web server to the Frame Relay sub interface labeled 1 16 Enable the SROS security features ProCurve config ip firewall Create the access list this is the packet selector ProCurve config ip access list extended InWeb ProCurve config ext nacl permit tcp any host...

Страница 903: ... the sub interface to automatically attempt a backup upon failure Use the no form of this command to disable automatic backup on an interface Syntax Description No subcommands Default Values By default all backup endpoints will automatically attempt backup upon a failure Usage Examples The following enables automatic backup on the endpoint ProCurve config interface frame relay 1 1 ProCurve config ...

Страница 904: ...all network conditions are operational Use the no form of this command to disable the auto restore feature Syntax Description No subcommands Default Values By default all backup endpoints will automatically restore the primary connection when the failure condition clears Usage Examples The following configures the SROS to automatically restore the primary connection when the failure condition clea...

Страница 905: ... Use the no form of this command to return to the default value Syntax Description seconds Specifies the delay period in seconds a failure must be active before the SROS will enter backup operation on the interface valid range 10 to 86400 seconds Default Values By default the backup backup delay is set to 10 seconds Usage Examples The following configures the SROS to wait 60 seconds on an endpoint...

Страница 906: ...ate Originates backup call on primary link failure originate answer Originates or answers call on primary link failure originate answer always Originates on failure answers and backs up always Default Values By default the backup call mode is set to originate answer Functional Notes The majority of the configuration for the SROS backup implementation is configured via the backup PPP interface conf...

Страница 907: ...alog ppp 1 backup number 5552222 analog ppp 1 no shutdown interface ppp 1 ip address 172 22 56 1 255 255 255 252 ppp authentication chap username remoterouter password remotepass ppp chap hostname localrouter ppp chap password procurve no shutdown ip route 192 168 2 0 255 255 255 0 172 22 56 2 255 255 255 252 line telnet 0 4 password password Sample config for central router dialing in hostname Ce...

Страница 908: ...urve ppp chap hostname remoterouter ppp chap password remotepass no shutdown ip route 192 168 1 0 255 255 255 0 172 22 56 1 255 255 255 252 line telnet 0 4 password password Usage Examples The following configures the SROS to generate backup calls for this endpoint using an analog modem interface to phone number 555 1111 but never answer calls and specifies ppp 2 as the backup interface ProCurve c...

Страница 909: ...uration of the related PPP interface for authentication and IP negotiation 4 If the call fails to connect on the first number dialed the SROS places a call to the second number if configured The second number to be dialed references a separate PPP interface Dialing In 1 The SROS receives an inbound call on a physical interface 2 Caller ID is used to match the backup number command to the configure...

Страница 910: ...ng to call again or dialing a different number It is recommended this number be greater than 60 Syntax Description seconds Selects the amount of time in seconds that the router will wait for a connection before attempting another call valid range 10 to 300 Default Values By default backup connect timeout is set to 60 seconds Usage Examples The following configures the SROS to wait 120 seconds befo...

Страница 911: ...kup to allow maintenance to be performed on the primary link without disrupting data Use the no form of this command to return to the normal backup operation state Syntax Description backup Forces backup regardless of primary link state primary Forces primary link regardless of its state Default Values By default this feature is disabled Usage Examples The following configures the SROS to force th...

Страница 912: ... backup functionality refer to the Functional Notes section of the command backup call mode role on page 904 Syntax Description attempts Selects the number of call retries that will be made after a link failure valid range 0 to 15 Setting this value to 0 will allow unlimited retries during the time the network is failed Default Values By default backup maximum retry is set to 0 attempts Usage Exam...

Страница 913: ...alog Indicates number connects to an analog modem digital 56k Indicates number belongs to a digital 56 kbps per DS0 connection digital 64k Indicates number belongs to a digital 64 kbps per DS0 connection isdn min chan Specifies the minimum number of DS0s required for a digital 56 or 64 kbps connection Range 1 to 24 isdn mas chan Specifies the maximum number of DS0s desired for a digital 56 or 64 k...

Страница 914: ...r priority links Use the no form of this command to return to the default value For more detailed information on Frame Relay backup functionality refer to the Functional Notes section of the command backup call mode role on page 904 Syntax Description value Sets the relative priority of this link valid range 0 to 100 A value of 100 designates the highest priority Default Values By default backup p...

Страница 915: ...f this command to return to the default value For more detailed information on Frame Relay backup functionality refer to the Functional Notes section of the command backup call mode role on page 904 Syntax Description No subcommands Default Values By default the SROS does not randomize the backup call timers Usage Examples The following example configures the SROS to randomize the backup timers as...

Страница 916: ...ailed information on Frame Relay backup functionality refer to the Functional Notes section of the command backup call mode role on page 904 Syntax Description seconds Specifies the delay in seconds between attempting to re dial a failed backup attempt Range 10 to 3600 Default Values By default backup redial delay is set to 10 seconds Usage Examples The following example configures a redial delay ...

Страница 917: ... in and out of alarm For more detailed information on Frame Relay backup functionality refer to the Functional Notes section of the command backup call mode role on page 904 Syntax Description seconds Specifies the number of seconds the SROS will wait after a primary link is restored before disconnecting backup operation Range 10 to 86 400 Default Values By default backup restore delay is set to 1...

Страница 918: ...up call mode role on page 904 Syntax Description day Sets the days to allow backup valid range Monday through Sunday enable time Sets the time of day to enable backup Time is entered in 24 hour format 00 00 disable time Sets the time of day to disable backup Default Values By default backup is enabled for all days and times if the backup auto backup command has been issued and the backup schedule ...

Страница 919: ...spond to backup sequences in the event of a network outage Use the no form of this command to reactivate the backup interface For more detailed information on Frame Relay backup functionality refer to the Functional Notes section of the command backup call mode role on page 904 Syntax Description No subcommands Default Values By default all SROS backup interfaces are disabled Usage Examples The fo...

Страница 920: ...to restore the default values Syntax Description value Specifies bandwidth in kbps Default Values To view default values use the show interfaces command Functional Notes The bandwidth command is an informational value that is communicated to the higher level protocols to be used in cost calculations This is a routing parameter only and does not affect the physical interface Usage Examples The foll...

Страница 921: ...rom the bridge group Syntax Description group Specifies the bridge group number 1 to 255 Default Values By default there are no configured bridge groups Functional Notes A bridged network can provide excellent traffic management to reduce collisions and limit the amount of bandwidth wasted with unnecessary transmissions when routing is not necessary Any two interfaces can be bridged Ethernet to T1...

Страница 922: ...ing the policy class and associated access control lists ACLs that describe the behavior of the firewall do not forget to include the traffic coming into the system over a VPN tunnel terminated by the system The firewall should be set up with respect to the unencrypted traffic that is destined to be sent or received over the VPN tunnel The following diagram represents typical SROS data flow logic ...

Страница 923: ...ted data is processed by the firewall The ACLs for a crypto map on an interface work in reverse logic to the ACLs for a policy class on an interface When specifying the ACLs for a crypto map the source information is the private local side unencrypted source of the data The destination information will be the far end unencrypted destination of the data However ACLs for a policy class work in rever...

Страница 924: ...ol over your domain name regardless of where you purchased registered it This allows to manage IP address mappings A records domain aliases CNAME records and mail servers MX records dyndns The Dynamic DNSSM service allows you to alias a dynamic IP address to a static hostname in various domains This allows your unit to be more easily accessed from various locations on the Internet This service is ...

Страница 925: ...ough the DNS system This service is provided for up to five hostnames If your IP address doesn t change often or at all but you still want an easy name to remember it by without having to purchase your own domain name Static DNS service is ideal for you If you would like to use your own domain name such as yourname com you need Custom DNS service which also provides full dynamic and static IP addr...

Страница 926: ...fault Values By default the committed burst value is set to 0 no limit Functional Notes The time interval is always one second so this can also be considered bits per second Shaping is performed on a sliding one second window to make maximum use of configured bandwidth Note that when both bc and be are non zero shaping is performed on the virtual circuit The circuit is limited to the sum of bc and...

Страница 927: ...fault Values By default the excessive burst value is set to 0 no limit Functional Notes The time interval is always one second so this can also be considered bits per second Shaping is performed on a sliding one second window to make maximum use of configured bandwidth Note that when both bc and be are non zero shaping is performed on the virtual circuit The circuit is limited to the sum of bc and...

Страница 928: ...is necessary for this command Functional Notes For Frame Relay fragmentation to take effect rate limiting must be enabled by setting the committed burst rate and excessive burst rate See frame relay bc committed burst value on page 924 and frame relay be excessive burst value on page 925 for more information Usage Examples The following example enables FRF 12 fragmentation on a sublink ProCurve co...

Страница 929: ... supplied by your Frame Relay service provider Use the no form of this command to remove the configured DLCI Syntax Description dlci Specifies numeric value supplied by your provider Default Values By default the DLCI is populated with the sub interface identifier For example if configuring the virtual Frame Relay sub interface labeled fr 1 20 the default DLCI is 20 Usage Examples The following ex...

Страница 930: ...ess control on packets transmitted on the specified interface Default Values By default these commands are disabled Functional Notes When this command is enabled the IP destination address of each packet must be processed by the assigned access list parameters before being passed through to the router system If the packet is not acceptable per these settings it is dropped Usage Examples The follow...

Страница 931: ...pecifying an interface defines the client identifier as the hexadecimal MAC address of the specified interface including a hexadecimal number added to the front of the MAC address to identify the media type For example specifying the client id ethernet 0 1 where the Ethernet interface has a MAC address of 0012 7991 1150 defines the client identifier as 01 00 12 79 91 11 50 where 01 defines the med...

Страница 932: ...2 ADDRESS Where the FR_PORT specifies the label assigned to the virtual Frame Relay interface using four hexadecimal bytes For example a virtual Frame Relay interface labeled 1 would have a FR_PORT of 00 00 00 01 The Q 922 ADDRESS field is populated using the following Where the FECN BECN C R DE and high order extended address EA bits are assumed to be 0 and the lower order EA bit is set to 1 The ...

Страница 933: ...urve config interface frame relay 1 16 ProCurve config fr 1 16 ip address dhcp The following example enables DHCP operation on the virtual Frame Relay sub interface labeled 1 16 utilizing hostname procurve and does not allow obtaining a default route domain name or nameservers It also sets the administrative distance as 5 ProCurve config interface frame relay 1 16 ProCurve config fr 1 16 ip addres...

Страница 934: ...used to configure a secondary IP address for the specified interface Default Values By default there are no assigned IP addresses Functional Notes Use secondary IP addresses to allow dual subnets on a single interface when you need more IP addresses than the primary subnet can provide When using secondary IP addresses avoid routing loops by verifying that all devices on the network segment are con...

Страница 935: ...or renew the DHCP IP address This command is only applicable when using DHCP for IP address assignment Syntax Description release Releases DHCP IP address renew Renews DHCP IP address Default Values No default values required for this command Usage Examples The following example releases the IP DHCP address for the virtual interface ProCurve config interface frame relay 1 16 ProCurve config fr 1 1...

Страница 936: ... of the specified type forwarded using the ip forward protocol command are received on the interface they will be forwarded to the device that needs the information Only packets meeting the following criteria are considered eligible by the ip helper address feature 1 The packet IP protocol is User Datagram Protocol UDP 2 Any UDP port specified using the ip forward protocol command 3 The media acce...

Страница 937: ... and stops sending that group s multicast packets to the interface Range 100 to 65535 ms Default 1000 ms querier timeout seconds Specifies the number of seconds that the router waits after the current querier s last query before it takes over as querier IGMP V2 Range 60 300 seconds Default 2x the query interval value query interval seconds Specifies the interval at which IGMP queries are sent on a...

Страница 938: ...er address and ip mcast stub upstream commands Downstream interfaces connect to segments with multicast hosts Multiple interfaces may be configured in downstream mode however interfaces connecting to the multicast network upstream should not be configured in downstream mode Interfaces configured as downstream should have the lowest IP address of all IGMP capable routers on the connected segment in...

Страница 939: ...s command is disabled Functional Notes Multicast routing must be enabled prior to setting ip mcast stub fixed on the selected interface Also use the ip igmp static group A B C D command to receive multicast traffic without host initiated Internet Group Management Protocol IGMP activity on the selected interface Otherwise all host initiated IGMP transactions will enter multicast routes on the route...

Страница 940: ... in IP multicast stub applications in conjunction with the ip mcast stub helper address ip mcast stub upstream and ip mcast stub downstream commands When enabled the interface becomes a helper forwarding interface The IGMP host function is dynamically enabled and the interface becomes the active upstream interface enabling the unit to perform as an IGMP proxy Refer to ip mcast stub helper address ...

Страница 941: ...cast stub downstream commands When enabled the interface becomes a candidate to be a helper forwarding interface If chosen as the best path toward the helper address by the router s unicast route table the IGMP host function is dynamically enabled and the interface becomes the active upstream interface enabling the router to perform as an IGMP proxy Though multiple interfaces may be candidates no ...

Страница 942: ...Specifies the interval between hello packets sent on the interface Range 0 to 32 767 message digest key keyid md5 key Configures OSPF Message Digest 5 MD5 authentication 16 byte max keys The SROS allows two keys key ID 1 and key ID 2 priority value Set the OSPF priority The value set in this field helps determine the designated router for this network Range 0 to 255 retransmit interval seconds Spe...

Страница 943: ...e that is performing OSPF authentication Syntax Description message digest Optional Selects message digest authentication type null Optional Specifies that no authentication be used Default Values By default this is set to null meaning no authentication is used Usage Examples The following example specifies that no authentication will be used on the Frame Relay interface ProCurve config interface ...

Страница 944: ...terface Syntax Description broadcast Sets the network type for broadcast point to point Sets the network type for point to point Default Values By default Ethernet defaults to broadcast All other interfaces default to point to point Functional Notes A point to point network will not elect designated routers Usage Examples The following example designates a broadcast network type ProCurve config in...

Страница 945: ...mmands Default Values By default PIM Sparse Mode is disabled for all interfaces Functional Notes PIM Sparse Mode is a multicast routing protocol that makes use of the unicast forwarding table PIM systems builds unidirectional shared trees rooted at a Rendezvous Point RP for a multicast group or a shortest path tree rooted at a specific source for a multicast group Usage Examples The following exam...

Страница 946: ...essages transmitted on the interface Routers use the priority values to determine the appropriate DR The router on the network segment with the highest priority is selected as the DR If a hello message is received on the interface from a router on the network segment and it does not contain a priority the entire network segment defaults to DR selection based on IP addresses instead of priority In ...

Страница 947: ...out the interface Valid range is 10 to 3600 seconds Default Values By default hellos are transmitted on PIM interfaces every 60 seconds Functional Notes Hello messages are used to inform neighbors of a router s presence Hello messages normally generate a small amount of traffic on an interface Setting the hello timer to a small interval increases the amount of hellos sent thus increasing the amoun...

Страница 948: ... is not present Use the no form of this command to return to the default value Syntax Description time Specifies the time interval in seconds the PIM interface waits before a neighbor is considered not present Valid range is 30 to 10 800 seconds Default Values By default the nbr timeout is set to 105 seconds Usage Examples The following example specifies a wait interval of 360 seconds on the Frame...

Страница 949: ... no form of this command to return to the default value Syntax Description time Specifies the delay interval in milliseconds after a join prune in which another router on the LAN may override the join prune Valid range is 0 to 65 535 milliseconds Default Values By default the override interval is set to 2500 milliseconds Usage Examples The following example sets the delay interval for join prune o...

Страница 950: ...estimate the amount of delay found in the local link Use the no form of this command to return to the default value Syntax Description time Specifies the expected propagation delay in the local link in milliseconds Valid range is 0 to 32 767 milliseconds Default Values By default the propagation delay is set to 500 milliseconds Usage Examples The following example sets the expected propagation del...

Страница 951: ...mand to remove the assignment Removing a route map from the interface does not remove the route map configuration parameters from the system Syntax Description mapname Specifies the route map to associate with this interface Default Values By default policy based routing is disabled for all interfaces Usage Examples The following example associates the route map named MyMap with Frame Relay interf...

Страница 952: ...fault Values By default proxy ARP is enabled Functional Notes In general the principle of proxy ARP allows a router to insert its IP address in the source IP address field of a packet if the packet is from a host on one of its subnetworks This allows hosts to reach devices on other subnetworks without implementing routing or specifying a default gateway If proxy ARP is enabled the SROS will respon...

Страница 953: ... version 1 packets on the interface 2 Accepts only received RIP version 2 packets on the interface Default Values By default all interfaces implement RIP version 1 the default value for the version command Functional Notes Use the ip rip receive version command to specify a RIP version that will override the version in the Router RIP configuration The SROS only accepts one version either 1 or 2 on...

Страница 954: ...RIP version 1 packets on the interface 2 Transmits only RIP version 2 packets on the interface Default Values By default all interfaces transmit RIP version 1 the default value for the version command Functional Notes Use the ip rip send version to specify a RIP version that will override the version in the Router RIP configuration The SROS only transmits one version either 1 or 2 on a given inter...

Страница 955: ...es the IP address of the network to be summarized network mask Specifies the network mask to be applied to the specific network to be summarized Default Values By default no manual summarization is applied by RIP Functional Notes Unlike the automatic summarization on classful network boundaries only specific network advertisements are made by RIP using the ip rip summary address command This comma...

Страница 956: ...tax Description No subcommands Default Values By default route caching is enabled on all interfaces Functional Notes Route caching allows an IP interface to provide optimum performance when processing IP traffic Usage Examples The following example enables route caching on a Frame Relay sub interface ProCurve config interface frame relay 1 16 ProCurve config fr 1 16 ip route cache Note Using Netwo...

Страница 957: ...nfigured to use a specified IP address using the ip address command Functional Notes If ip unnumbered is enabled on an interface all IP traffic from the interface will use a source IP address taken from the specified interface For example specifying ip unnumbered eth 0 1 while in the Frame Relay Sub Interface Configuration mode configures the Frame Relay sub interface to use the IP address assigne...

Страница 958: ... Applies the filter to the inbound traffic out Applies the filter to the outbound traffic Default Values By default there are no URL filters applied to any interfaces Functional Notes The firewall must be enabled using the ip firewall command in order to use URL filters The URL filter must be created by using the ip urlfilter filtername http command before applying it to the interface See ip urlfi...

Страница 959: ...lldp receive command to allow LLDP packets to be received on this interface Syntax Description No subcommands Default Values By default all interfaces are configured to send and receive LLDP packets Usage Examples The following example configures the Frame Relay sub interface to receive LLDP packets ProCurve config interface frame relay 1 16 ProCurve config fr 1 16 lldp receive ...

Страница 960: ...s device s system capabilities on this interface system description Enables transmission of this device s system description on this interface system name Enables transmission of this device s system name on this interface Default Values By default all interfaces are configured to transmit and receive LLDP packets of all types Functional Notes Individual LLDP information can be enabled or disabled...

Страница 961: ...ackets of all types Functional Notes Individual LLDP information can be enabled or disabled using the various forms of the lldp send command For example use the lldp send and receive command to enable transmit and receive of all LLDP information Then use the no lldp send port description command to prevent LLDP from transmitting port description information Usage Examples The following example con...

Страница 962: ...nnel interfaces 64 to 18 190 Virtual Frame Relay sub interfaces 64 to 1520 Virtual PPP interfaces 64 to 1500 Default Values size The default values for the various interfaces are listed below ATM interfaces 1500 Demand interfaces 1500 Ethernet interfaces 1500 FDL interfaces 256 HDLC interfaces 1500 Loopback interfaces 1500 Tunnel interfaces 1500 Virtual Frame Relay sub interfaces 1500 Virtual PPP ...

Страница 963: ...dules Schedules are expressed in the format time day month year for example 08 15 2 February 2007 time Time is expressed in the 24 hour format hours minutes hh mm for example 08 15 day The day of the month is expressed with a number Range is 1 to 31 month The name of the month can be spelled out or abbreviated year The year is expressed in the format yyyy for example 2007 periodic Specifies the we...

Страница 964: ...d and enters the Schedule Configuration mode config schedule Closed config schedule Closed The following example sets the start time in the schedule named Closed to 8 15 a m on February 2 2007 and sets the end time to 10 15 a m on April 2 2007 config schedule Closed absolute start 08 15 2 february 2007 end 10 15 2 april 2007 The following example sets the recurring start and end day and time in th...

Страница 965: ...o form of this command Syntax Description enable Enables the BPDU filter disable Disables the BPDU filter Default Values By default this command is set to disable Functional Notes The purpose of this command is to remove a port from participation in the spanning tree This might be beneficial while debugging a network setup It normally should not be used in a live network Usage Examples The followi...

Страница 966: ...mand to block BPDUs from being received on this interface To return to the default value use the no form of this command Syntax Description enable Enables the BPDU block disable Disables the BPDU block Default Values By default this command is set to disable Usage Examples The following example enables the BPDU guard on the interface ProCurve config interface frame relay 1 16 ProCurve config fr 1 ...

Страница 967: ...rm of this command to return the interface to normal operation non edgeport Syntax Description No subcommands Default Values By default this command is set to disable Usage Examples The following example configures the interface to be an edgeport ProCurve config interface frame relay 1 16 ProCurve config fr 1 16 spanning tree edgeport An individual interface can be configured to not be considered ...

Страница 968: ...k type and a port configured for full duplex is set to point to point link type Setting the link type manually overrides the default and forces the port to use the specified link type Using the link type auto command restores the convention of determining link type based on duplex settings Usage Examples The following example forces the link type to point to point even if the port is configured to...

Страница 969: ...ersely proportional to the likelihood the bridge interface will be chosen as the root path Set the path cost value lower to increase the chance the interface will be the root To obtain the most accurate spanning tree calculations develop a system for determining path costs for links and apply it to all bridged interfaces Usage Examples The following example assigns a path cost of 100 for bridge gr...

Страница 970: ... lower the value the higher the priority valid range 0 to 255 Default Values By default the bridge group priority value is set at 128 Functional Notes The only time that this priority level is used is when two interfaces with a path to the root have equal cost At that point the level set in this command will determine which port the bridge will use Set the priority value lower to increase the chan...

Страница 971: ...terface slot port on page 1431 description text on page 1434 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 shutdown on page 1442 All other commands for this command set are described in this section in alphabetical order access policy policyname on page 971 alias link text on page 972 backup commands begin on page 973 bandwidth value on page 990 bridge group group on...

Страница 972: ...nce Guide HDLC Command Set 5991 2114 Copyright 2007 Hewlett Packard Development Company L P 970 max reserved bandwidth percent on page 1027 mtu size on page 1028 qos policy in out mapname on page 1029 snmp trap link status on page 1030 ...

Страница 973: ...er to ip policy class policyname on page 426 Usage Examples The following example associates the access policy UnTrusted to allow inbound traffic to the Web server to the HDLC interface labeled 1 Enable the SROS security features ProCurve config ip firewall Create the access list this is the packet selector ProCurve config ip access list extended InWeb ProCurve config ext nacl permit tcp any host ...

Страница 974: ...rovide the management station an identifying description for each link HDLC physical Syntax Description text Describes the interface for SNMP by alphanumeric character string must be encased in quotation marks Default Values By default the HDLC identification string appears as empty quotes Functional Notes The alias link string should be used to uniquely identify an HDLC link Enter a string that c...

Страница 975: ... interface to automatically attempt a backup upon failure Use the no form of this command to disable auto backup functionality Syntax Description No subcommands Default Values By default all backup endpoints will automatically attempt backup upon a failure Usage Examples The following enables automatic backup on the endpoint ProCurve config interface hdlc 1 ProCurve config hdlc 1 backup auto backu...

Страница 976: ... conditions are operational Use the no form of this command to disable the auto restore feature Syntax Description No subcommands Default Values By default all backup endpoints will automatically restore the primary connection when the failure condition clears Usage Examples The following configures the SROS to automatically restore the primary connection when the failure condition clears ProCurve...

Страница 977: ...no form of this command to return to the default value Syntax Description seconds Specifies the delay period in seconds a failure must be active before the SROS will enter backup operation on the interface valid range 10 to 86400 seconds Default Values By default the backup backup delay is set to 10 seconds Usage Examples The following configures the SROS to wait 60 seconds on an endpoint with an ...

Страница 978: ... backup call on primary link failure originate answer Originates or answers call on primary link failure originate answer always Originates on failure answers and backs up always Default Values By default the backup call mode is set to originate answer Functional Notes The majority of the configuration for the SROS backup implementation is configured via the backup PPP interface configuration comm...

Страница 979: ...kup number 5552222 analog ppp 1 no shutdown interface ppp 1 ip address 172 22 56 1 255 255 255 252 ppp authentication chap username remoterouter password remotepass ppp chap hostname localrouter ppp chap password procurve no shutdown ip route 192 168 2 0 255 255 255 0 172 22 56 2 255 255 255 252 line telnet 0 4 password password Sample config for central router dialing in hostname Central7203dl en...

Страница 980: ...255 0 172 22 56 1 255 255 255 252 line telnet 0 4 password password Usage Examples The following configures the SROS to generate backup calls for this endpoint using an analog modem interface to phone number 555 1111 but never answer calls and specifies ppp 2 as the backup interface ProCurve config interface hdlc 1 ProCurve config hdlc 1 backup call mode originate ProCurve config hdlc 1 backup num...

Страница 981: ...he first number dialed the SROS places a call to the second number if configured The second number to be dialed references a separate PPP interface Dialing In 1 The SROS receives an inbound call on a physical interface 2 Caller ID is used to match the backup number command to the configured PPP interface 3 If a match is found the call connects and the SROS pulls down the primary connection if it i...

Страница 982: ...greater than 60 For more detailed on backup functionality refer to the Functional Notes section of the command backup call mode role on page 976 Syntax Description seconds Selects the amount of time in seconds that the router will wait for a connection before attempting another call valid range 10 to 300 Default Values By default backup connect timeout is set to 60 seconds Usage Examples The follo...

Страница 983: ...pting data Use the no form of this command to return to the normal backup operation state For more detailed on backup functionality refer to the Functional Notes section of the command backup call mode role on page 976 Syntax Description backup Forces backup regardless of primary link state primary Forces primary link regardless of its state Default Values By default this feature is disabled Usage...

Страница 984: ...y refer to the Functional Notes section of the command backup call mode role on page 976 Syntax Description attempts Selects the number of call retries that will be made after a link failure valid range is 0 to 15 Setting this value to 0 will allow unlimited retries during the time the network is failed Default Values By default backup maximum retry is set to 0 attempts Usage Examples The followin...

Страница 985: ...s initiated analog Indicates number connects to an analog modem digital 56k Indicates number belongs to a digital 56 kbps per DS0 connection digital 64k Indicates number belongs to a digital 64 kbps per DS0 connection isdn min chan Specifies the minimum number of DS0s required for the backup link Range 1 to 24 isdn mas chan Specifies the maximum number of DS0s desired for the backup link Range 1 t...

Страница 986: ...r priority links Use the no form of this command to return to the default value For more detailed information on backup functionality refer to the Functional Notes section of the command backup call mode role on page 976 Syntax Description value Sets the relative priority of this link valid range 0 to 100 A value of 100 designates the highest priority Default Values By default backup priority is s...

Страница 987: ...his command to return to the default value For more detailed information on backup functionality refer to the Functional Notes section of the command backup call mode role on page 976 Syntax Description No subcommands Default Values By default the SROS does not randomize the backup call timers Usage Examples The following example configures the SROS to randomize the backup timers associated with t...

Страница 988: ...d information on backup functionality refer to the Functional Notes section of the command backup call mode role on page 976 Syntax Description seconds Specifies the delay in seconds between attempting to re dial a failed backup attempt Range 10 to 3600 Default Values By default backup redial delay is set to 10 seconds Usage Examples The following example configures a redial delay of 25 seconds on...

Страница 989: ... and out of alarm For more detailed information on backup functionality refer to the Functional Notes section of the command backup call mode role on page 976 Syntax Description seconds Specifies the number of seconds the SROS will wait after a primary link is restored before disconnecting backup operation Range 10 to 86 400 Default Values By default backup restore delay is set to 10 seconds Usage...

Страница 990: ...le on page 976 Syntax Description day Sets the days to allow backup valid range Monday through Sunday enable time Sets the time of day to enable backup Time is entered in 24 hour format 00 00 disable time Sets the time of day to disable backup Default Values By default backup is enabled for all days and times if the backup auto backup command has been issued and the backup schedule has not been en...

Страница 991: ...spond to backup sequences in the event of a network outage Use the no form of this command to reactivate the backup interface For more detailed information on backup functionality refer to the Functional Notes section of the command backup call mode role on page 976 Syntax Description No subcommands Default Values By default all SROS interfaces are disabled Usage Examples The following example dea...

Страница 992: ...restore the default values Syntax Description value Enter bandwidth in kbps Default Values To view default values use the show interfaces command Functional Notes The bandwidth command is an informational value that is communicated to the higher level protocols to be used in cost calculations This is a routing parameter only and does not affect the physical interface Usage Examples The following e...

Страница 993: ... 255 specified using the bridge group command Default Values By default there are no configured bridge groups Functional Notes A bridged network can provide excellent traffic management to reduce collisions and limit the amount of bandwidth wasted with unnecessary transmissions when routing is not necessary Any two interfaces can be bridged Ethernet to T1 bridge Ethernet to Frame Relay sub interfa...

Страница 994: ...ass and associated access control lists ACLs that describe the behavior of the firewall do not forget to include the traffic coming into the system over a VPN tunnel terminated by the system The firewall should be set up with respect to the un encrypted traffic that is destined to be sent or received over the VPN tunnel The following diagram represents typical SROS data flow logic Note When you ap...

Страница 995: ...ata is processed by the firewall The ACLs for a crypto map on an interface work in reverse logic to the ACLs for a policy class on an interface When specifying the ACLs for a crypto map the source information is the private local side un encrypted source of the data The destination information will be the far end un encrypted destination of the data However ACLs for a policy class work in reverse ...

Страница 996: ...omain name regardless of where you purchased registered it This allows to manage IP address mappings A records domain aliases CNAME records and mail servers MX records dyndns The Dynamic DNSSM service allows you to alias a dynamic IP address to a static hostname in various domains This allows your unit to be more easily accessed from various locations on the Internet This service is provided for u...

Страница 997: ...DNS system This service is provided for up to five hostnames If your IP address doesn t change often or at all but you still want an easy name to remember it by without having to purchase your own domain name Static DNS service is ideal for you If you would like to use your own domain name such as yourname com you need Custom DNS service which also provides full dynamic and static IP address suppo...

Страница 998: ...WFQ is enabled by default for WAN interfaces Syntax Description threshold Optional Value that specifies the maximum number of packets that can be present in each conversation sub queue Packets received for a conversation after this limit is reached are discarded Valid range is 16 to 512 Default Values By default fair queue is enabled with a threshold of 64 packets Usage Examples The following exam...

Страница 999: ...m of this command to return to the default setting Syntax Description queue size The total number of packets the output queue can contain before packets are dropped Valid range is 16 1000 Default Values The default queue size for WFQ is 400 The default queue size for PPP FIFO and Frame Relay round robin is 200 Usage Examples The following example sets the overall output queue size to 700 ProCurve ...

Страница 1000: ...es access control on packets transmitted on the specified interface Default Values By default these commands are disabled Functional Notes When this command is enabled the IP destination address of each packet must be validated before being passed through to the router system If the packet is not acceptable per these settings it is dropped Usage Examples The following example sets up the unit to o...

Страница 1001: ...d to configure a secondary IP address for the specified interface Default Values By default there are no assigned IP addresses Functional Notes Use secondary IP addresses to allow dual subnets on a single interface when you need more IP addresses than the primary subnet can provide When using secondary IP addresses avoid routing loops by verifying that all devices on the network segment are config...

Страница 1002: ...adcast packets of the specified type forwarded using the ip forward protocol command are received on the interface they will be forwarded to the device that needs the information Only packets meeting the following criteria are considered eligible by the ip helper address feature 1 The packet IP protocol is User Datagram Protocol UDP 2 Any UDP port specified using the ip forward protocol command 3 ...

Страница 1003: ...that group s multicast packets to the interface Range 100 to 65535 ms Default 1000 ms querier timeout seconds Specifies the number of seconds that the router waits after the current querier s last query before it takes over as querier IGMP V2 Range 60 300 seconds Default 2x the query interval value query interval seconds Specifies the interval at which IGMP queries are sent on an interface Host qu...

Страница 1004: ...and ip mcast stub upstream commands Downstream interfaces connect to segments with multicast hosts Multiple interfaces may be configured in downstream mode however interfaces connecting to the multicast network upstream should not be configured in downstream mode Interfaces configured as downstream should have the lowest IP address of all IGMP capable routers on the connected segment in order to b...

Страница 1005: ...d is disabled Functional Notes Multicast routing must be enabled prior to setting ip mcast stub fixed on the selected interface Also use the ip igmp static group A B C D command to receive multicast traffic without host initiated Internet Group Management Protocol IGMP activity on the selected interface Otherwise all host initiated IGMP transactions will enter multicast routes on the router s inte...

Страница 1006: ...lticast stub applications in conjunction with the ip mcast stub helper address ip mcast stub upstream and ip mcast stub downstream commands When enabled the interface becomes a helper forwarding interface The IGMP host function is dynamically enabled and the interface becomes the active upstream interface enabling the unit to perform as an IGMP proxy Refer to ip mcast stub helper address ip addres...

Страница 1007: ...ownstream commands When enabled the interface becomes a candidate to be a helper forwarding interface If chosen as the best path toward the helper address by the router s unicast route table the IGMP host function is dynamically enabled and the interface becomes the active upstream interface enabling the router to perform as an IGMP proxy Though multiple interfaces may be candidates no more than o...

Страница 1008: ...s the interval between hello packets sent on the interface Range 0 to 32 767 message digest key keyid md5 key Configures OSPF Message Digest 5 MD5 authentication 16 byte max keys The SROS allows two keys key ID 1 and key ID 2 priority value Set the OSPF priority The value set in this field helps determine the designated router for this network Range 0 to 255 retransmit interval seconds Specifies t...

Страница 1009: ...hat is performing OSPF authentication Syntax Description message digest Optional Select message digest authentication type null Optional Select for no authentication to be used Default Values By default this is set to null meaning no authentication is used Usage Examples The following example specifies that no authentication will be used on the HDLC interface ProCurve config interface hdlc 1 ProCu...

Страница 1010: ... Syntax Description broadcast Set the network type for broadcast point to point Set the network type for point to point Default Values By default Ethernet defaults to broadcast All other interfaces default to point to point Functional Notes A point to point network will not elect designated routers Usage Examples The following example designates a broadcast network type ProCurve config interface h...

Страница 1011: ...s Default Values By default PIM Sparse Mode is disabled for all interfaces Functional Notes PIM Sparse Mode is a multicast routing protocol that makes use of the unicast forwarding table PIM systems builds unidirectional shared trees rooted at a Rendezvous Point RP for a multicast group or a shortest path tree rooted at a specific source for a multicast group Usage Examples The following example e...

Страница 1012: ...es transmitted on the interface Routers use the priority values to determine the appropriate DR The router on the network segment with the highest priority is selected as the DR If a hello message is received on the interface from a router on the network segment and it does not contain a priority the entire network segment defaults to DR selection based on IP addresses instead of priority In this ...

Страница 1013: ...e interface Valid range is 10 to 3600 seconds Default Values By default hellos are transmitted on PIM interfaces every 60 seconds Functional Notes Hello messages are used to inform neighbors of a router s presence Hello messages normally generate a small amount of traffic on an interface Setting the hello timer to a small interval increases the amount of hellos sent thus increasing the amount of t...

Страница 1014: ...ot present Use the no form of this command to return to the default value Syntax Description time Specifies the time interval in seconds the PIM interface waits before a neighbor is considered not present Valid range is 30 to 10 800 seconds Default Values By default the nbr timeout is set to 105 seconds Usage Examples The following example specifies a wait interval of 360 seconds on the HDLC inter...

Страница 1015: ...orm of this command to return to the default value Syntax Description time Specifies the delay interval in milliseconds after a join prune in which another router on the LAN may override the join prune Valid range is 0 to 65 535 milliseconds Default Values By default the override interval is set to 2500 milliseconds Usage Examples The following example sets the delay interval for join prune overri...

Страница 1016: ...ate the amount of delay found in the local link Use the no form of this command to return to the default value Syntax Description time Specifies the expected propagation delay in the local link in milliseconds Valid range is 0 to 32 767 milliseconds Default Values By default the propagation delay is set to 500 milliseconds Usage Examples The following example sets the expected propagation delay to...

Страница 1017: ...to remove the assignment Removing a route map from the interface does not remove the route map configuration parameters from the system Syntax Description mapname Specifies the route map to associate with this interface Default Values By default policy based routing is disabled for all interfaces Usage Examples The following example associates the route map named MyMap with HDLC interface 1 ProCur...

Страница 1018: ...efault Values By default proxy arp is enabled Functional Notes In general the principle of proxy ARP allows a router to insert its IP address in the source IP address field of a packet if the packet is from a host on one of its subnetworks This allows hosts to reach devices on other subnetworks without implementing routing or specifying a default gateway If proxy ARP is enabled the SROS will respo...

Страница 1019: ...nterface 2 Only accept received RIP version 2 packets on the interface Default Values By default all interfaces implement RIP version 1 the default value for the version command Functional Notes Use the ip rip receive version command to specify a RIP version that overrides the version in the Router RIP configuration See version 1 l 2 on page 1390 for more information The SROS only accepts one vers...

Страница 1020: ...terface 2 Only transmits RIP version 2 packets on the interface Default Values By default all interfaces transmit RIP version 1 the default value for the version command Functional Notes Use the ip rip send version command to specify a RIP version that overrides the version in the Router RIP configuration See version 1 l 2 on page 1390 for more information The SROS only transmits one version eithe...

Страница 1021: ...P address of the network to be summarized network mask Specifies the network mask to be applied to the specific network to be summarized Default Values By default no manual summarization is applied by RIP Functional Notes Unlike the automatic summarization on classful network boundaries only specific network advertisements are made by RIP using the ip rip summary address command This command is on...

Страница 1022: ...Description No subcommands Default Values By default route caching is enabled on all interfaces Functional Notes Route caching allows an IP interface to provide optimum performance when processing IP traffic Usage Examples The following example enables route caching on the HDLC interface ProCurve config interface hdlc 1 ProCurve config hdlc 1 ip route cache Note Using Network Address Translation N...

Страница 1023: ...terfaces are configured to use a specified IP address using the ip address command Functional Notes If ip unnumbered is enabled on an interface all IP traffic from the interface will use a source IP address taken from the specified interface For example specifying ip unnumbered eth 0 1 while in the Frame Relay Sub Interface Configuration mode configures the Frame Relay sub interface to use the IP ...

Страница 1024: ...s the filter to the inbound traffic out Applies the filter to the outbound traffic Default Values By default there are no URL filters applied to any interfaces Functional Notes The firewall must be enabled using the ip firewall command in order to use URL filters The URL filter must be created by using the ip urlfilter filtername http command before applying it to the interface See ip urlfilter na...

Страница 1025: ...e time interval in seconds between transmitted keepalive packets valid range 0 to 32 767 seconds Default Values By default the time interval between transmitted keepalive packets is 10 seconds Functional Notes If three keepalive packets are sent to an interface with no response the interface is considered down To detect interface failures quickly specify a smaller keepalive time Usage Examples The...

Страница 1026: ...dp receive command to allow LLDP packets to be received on this interface Syntax Description No subcommands Default Values By default all interfaces are configured to send and receive LLDP packets Usage Examples The following example configures the HDLC interface to receive LLDP packets ProCurve config interface hdlc 1 ProCurve config hdlc 1 lldp receive ...

Страница 1027: ...evice s system capabilities on this interface system description Enables transmission of this device s system description on this interface system name Enables transmission of this device s system name on this interface Default Values Be default all interfaces are configured to transmit and receive LLDP packets of all types Functional Notes Individual LLDP information can be enabled or disabled us...

Страница 1028: ...ets of all types Functional Notes Individual LLDP information can be enabled or disabled using the various forms of the lldp send command For example use the lldp send and receive command to enable transmit and receive of all LLDP information Then use the no lldp send port description command to prevent LLDP from transmitting port description information Usage Examples The following example config...

Страница 1029: ...ercent Specifies the percentage of interface bandwidth to make available for user defined priority or class based queues Enter an integer 1 to 100 Default Values By default max reserved bandwidth is set to 75 which reserves 25 percent of the interface bandwidth for system critical traffic Usage Examples The following example specifies 85 percent of the bandwidth on the hdlc 1 interface to be avail...

Страница 1030: ...interfaces 64 to 18 190 Virtual Frame Relay sub interfaces 64 to 1520 Virtual PPP interfaces 64 to 1500 Default Values size The default values for the various interfaces are listed below ATM interfaces 1500 Demand interfaces 1500 Ethernet interfaces 1500 FDL interfaces 256 HDLC interfaces 1500 Loopback interfaces 1500 Tunnel interfaces 1500 Virtual Frame Relay sub interfaces 1500 Virtual PPP inter...

Страница 1031: ...ap from the interface Syntax Description mapname Specifies the name of a previously created QoS map see qos map mapname sequence number on page 486 for more information in Assigns a QoS map to this interface s input out Assigns a QoS map to this interface s output Default Values No default value is necessary for this command Usage Examples The following example applies the QoS map VOICEMAP to the ...

Страница 1032: ...tatus change Use the no form of this command to disable this trap Syntax Description No subcommands Default Values By default the ifLinkUpDownTrapEnable OID is enabled for all interfaces except virtual Frame Relay interfaces Functional Notes The snmp trap link status command is used to control the RFC2863 ifLinkUpDownTrapEnable OID OID number 1 3 6 1 2 1 31 1 1 1 14 0 Usage Examples The following ...

Страница 1033: ... multiple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below alias text on page 1430 bind from interface slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 shutdown on page 1442 All other commands for this command s...

Страница 1034: ...licies refer to ip policy class policyname on page 426 Usage Examples The following example associates the access policy UnTrusted to allow inbound traffic to the Web server to the loopback interface Enable the SROS security features ProCurve config ip firewall Create the access list this is the packet selector ProCurve config ip access list extended InWeb ProCurve config ext nacl permit tcp any h...

Страница 1035: ...mand to restore the default values Syntax Description value Specifies bandwidth in kbps Default Values To view default values use the show interfaces command Functional Notes The bandwidth command is an informational value that is communicated to the higher level protocols to be used in cost calculations This is a routing parameter only and does not affect the physical interface Usage Examples The...

Страница 1036: ...fining the policy class and associated access control lists ACLs that describe the behavior of the firewall do not forget to include the traffic coming into the system over a VPN tunnel terminated by the system The firewall should be set up with respect to the unencrypted traffic that is destined to be sent or received over the VPN tunnel The following diagram represents typical SROS data flow log...

Страница 1037: ...nencrypted data is processed by the firewall The ACLs for a crypto map on an interface work in reverse logic to the ACLs for a policy class on an interface When specifying the ACLs for a crypto map the source information is the private local side unencrypted source of the data The destination information will be the far end unencrypted destination of the data However ACLs for a policy class work i...

Страница 1038: ...ol over your domain name regardless of where you purchased registered it This allows to manage IP address mappings A records domain aliases CNAME records and mail servers MX records dyndns The Dynamic DNSSM service allows you to alias a dynamic IP address to a static hostname in various domains This allows your unit to be more easily accessed from various locations on the Internet This service is ...

Страница 1039: ...e though the DNS system This service is provided for up to five hostnames If your IP address doesn t change often or at all but you still want an easy name to remember it by without having to purchase your own domain name Static DNS service is ideal for you If you would like to use your own domain name such as yourname com you need Custom DNS service which also provides full dynamic and static IP ...

Страница 1040: ... on the specified interface out Enables access control on packets transmitted on the specified interface Default Values By default these commands are disabled Functional Notes When this command is enabled the IP destination address of each packet must be validated before being passed through to the router system If the packet is not acceptable per these settings it is dropped Usage Examples The fo...

Страница 1041: ...nal Configures a secondary IP address for the specified interface Default Values By default there are no assigned IP addresses Functional Notes Use secondary IP addresses to allow dual subnets on a single interface when you need more IP addresses than the primary subnet can provide When using secondary IP addresses avoid routing loops by verifying that all devices on the network segment are config...

Страница 1042: ...ost that transmits the broadcast packets When broadcast packets of the specified type forwarded using the ip forward protocol command are received on the interface they will be forwarded to the device that needs the information Only packets meeting the following criteria are considered eligible by the ip helper address feature 1 The packet IP protocol is User Datagram Protocol UDP 2 Any UDP port s...

Страница 1043: ...d stops sending that group s multicast packets to the interface Range 100 to 65535 ms Default 1000 ms querier timeout seconds Specifies the number of seconds that the router waits after the current querier s last query before it takes over as querier IGMP V2 Range 60 300 seconds Default 2x the query interval value query interval seconds Specifies the interval at which IGMP queries are sent on an i...

Страница 1044: ... helper address and ip mcast stub upstream commands Downstream interfaces connect to segments with multicast hosts Multiple interfaces may be configured in downstream mode however interfaces connecting to the multicast network upstream should not be configured in downstream mode Interfaces configured as downstream should have the lowest IP address of all IGMP capable routers on the connected segme...

Страница 1045: ... this command is disabled Functional Notes Multicast routing must be enabled prior to setting ip mcast stub fixed on the selected interface Also use the ip igmp static group A B C D command to receive multicast traffic without host initiated Internet Group Management Protocol IGMP activity on the selected interface Otherwise all host initiated IGMP transactions will enter multicast routes on the r...

Страница 1046: ...lticast stub applications in conjunction with the ip mcast stub helper address ip mcast stub upstream and ip mcast stub downstream commands When enabled the interface becomes a helper forwarding interface The IGMP host function is dynamically enabled and the interface becomes the active upstream interface enabling the unit to perform as an IGMP proxy Refer to ip mcast stub helper enable on page 10...

Страница 1047: ...ip mcast stub downstream commands When enabled the interface becomes a candidate to be a helper forwarding interface If chosen as the best path toward the helper address by the router s unicast route table the IGMP host function is dynamically enabled and the interface becomes the active upstream interface enabling the router to perform as an IGMP proxy Though multiple interfaces may be candidates...

Страница 1048: ...econds Specifies the interval between hello packets sent on the interface Range 0 to 32 767 message digest key keyid md5 key Configure OSPF Message Digest 5 MD5 authentication 16 byte max keys The SROS allows two keys key ID 1 and key ID 2 priority value Sets the OSPF priority The value set in this field helps determine the designated router for this network Range 0 to 255 retransmit interval seco...

Страница 1049: ...erface that is performing OSPF authentication Syntax Description message digest Optional Specifies message digest authentication type null Optional Specifies that no authentication be used Default Values By default this is set to null meaning no authentication is used Usage Examples The following example specifies that no authentication will be used on the loopback interface ProCurve config interf...

Страница 1050: ...s interface Syntax Description broadcast Sets the network type for broadcast point to point Sets the network type for point to point Default Values By default Ethernet defaults to broadcast All other interfaces default to point to point Functional Notes A point to point network will not elect designated routers Usage Examples The following example designates a broadcast network type ProCurve confi...

Страница 1051: ...o subcommands Default Values By default PIM Sparse Mode is disabled for all interfaces Functional Notes PIM Sparse Mode is a multicast routing protocol that makes use of the unicast forwarding table PIM systems builds unidirectional shared trees rooted at a Rendezvous Point RP for a multicast group or a shortest path tree rooted at a specific source for a multicast group Usage Examples The followi...

Страница 1052: ...hello messages transmitted on the interface Routers use the priority values to determine the appropriate DR The router on the network segment with the highest priority is selected as the DR If a hello message is received on the interface from a router on the network segment and it does not contain a priority the entire network segment defaults to DR selection based on IP addresses instead of prior...

Страница 1053: ...ent out the interface Valid range is 10 to 3600 seconds Default Values By default hellos are transmitted on PIM interfaces every 60 seconds Functional Notes Hello messages are used to inform neighbors of a router s presence Hello messages normally generate a small amount of traffic on an interface Setting the hello timer to a small interval increases the amount of hellos sent thus increasing the a...

Страница 1054: ...ghbor is not present Use the no form of this command to return to the default value Syntax Description time Specifies the time interval in seconds the PIM interface waits before a neighbor is considered not present Valid range is 30 to 10 800 seconds Default Values By default the nbr timeout is set to 105 seconds Usage Examples The following example specifies a wait interval of 360 seconds on the ...

Страница 1055: ...e the no form of this command to return to the default value Syntax Description time Specifies the delay interval in milliseconds after a join prune in which another router on the LAN may override the join prune Valid range is 0 to 65 535 milliseconds Default Values By default the override interval is set to 2500 milliseconds Usage Examples The following example sets the delay interval for join pr...

Страница 1056: ...nds to estimate the amount of delay found in the local link Use the no form of this command to return to the default value Syntax Description time Specifies the expected propagation delay in the local link in milliseconds Valid range is 0 to 32 767 milliseconds Default Values By default the propagation delay is set to 500 milliseconds Usage Examples The following example sets the expected propagat...

Страница 1057: ...s command to remove the assignment Removing a route map from the interface does not remove the route map configuration parameters from the system Syntax Description mapname Specifies the route map to associate with this interface Default Values By default policy based routing is disabled for all interfaces Usage Examples The following example associates the route map named MyMap with loopback inte...

Страница 1058: ...P address Default Values By default proxy ARP is enabled Functional Notes In general the principle of proxy ARP allows a router to insert its IP address in the source IP address field of a packet if the packet is from a host on one of its subnetworks This allows hosts to reach devices on other subnetworks without implementing routing or specifying a default gateway If proxy ARP is enabled the SROS...

Страница 1059: ... on the interface 2 Accepts only received RIP version 2 packets on the interface Default Values By default all interfaces implement RIP version 1 the default value for the version command Functional Notes Use the ip rip receive version to specify a RIP version that overrides the version in the Router RIP configuration The SROS only accepts one version either 1 or 2 on a given interface Usage Examp...

Страница 1060: ...its only RIP version 1 packets on the interface 2 Transmits only RIP version 2 packets on the interface Default Values By default all interfaces transmit RIP version 1 the default value for the version command Functional Notes Use the ip rip send version to specify a RIP version that overrides the version in the Router RIP configuration The SROS only transmits one version either 1 or 2 on a given ...

Страница 1061: ...cifies the IP address of the network to be summarized network mask Specifies the network mask to be applied to the specific network to be summarized Default Values By default no manual summarization is applied by RIP Functional Notes Unlike the automatic summarization on classful network boundaries only specific network advertisements are made by RIP using the ip rip summary address command This c...

Страница 1062: ...de Syntax Description No subcommands Default Values By default route caching is enabled on all interfaces Functional Notes Route caching allows an IP interface to provide optimum performance when processing IP traffic Usage Examples The following example enables route caching on the loopback interface ProCurve config interface loopback 1 ProCurve config loop 1 ip route cache Note Using Network Add...

Страница 1063: ... By default all interfaces are configured to use a specified IP address using the ip address command Functional Notes If ip unnumbered is enabled on an interface all IP traffic from the interface will use a source IP address taken from the specified interface For example specifying ip unnumbered ppp 1 while in the Loopback Interface Configuration mode configures the Loopback interface to use the I...

Страница 1064: ... in Applies the filter to the inbound traffic out Applies the filter to the outbound traffic Default Values By default there are no URL filters applied to any interfaces Functional Notes The firewall must be enabled using the ip firewall command in order to use URL filters The URL filter must be created by using the ip urlfilter filtername http command before applying it to the interface See ip ur...

Страница 1065: ... Tunnel interfaces 64 to 18 190 Virtual Frame Relay sub interfaces 64 to 1520 Virtual PPP interfaces 64 to 1500 Default Values size The default values for the various interfaces are listed below ATM interfaces 1500 Demand interfaces 1500 Ethernet interfaces 1500 FDL interfaces 256 HDLC interfaces 1500 Loopback interfaces 1500 Tunnel interfaces 1500 Virtual Frame Relay sub interfaces 1500 Virtual P...

Страница 1066: ...o enable all supported Simple Network Management Protocol SNMP traps on the interface Syntax Description No subcommands Default Values By default all interfaces except virtual Frame Relay interfaces and sub interfaces have SNMP traps enabled Usage Examples The following example enables SNMP capability on the Ethernet interface ProCurve config interface loopback 1 ProCurve config loop 1 snmp trap ...

Страница 1067: ...n there is an interface status change Use the no form of this command to disable this trap Syntax Description No subcommands Default Values By default the ifLinkUpDownTrapEnable OID is enabled for all interfaces except virtual Frame Relay interfaces Functional Notes The snmp trap link status command is used to control the RFC2863 ifLinkUpDownTrapEnable OID OID number 1 3 6 1 2 1 31 1 1 1 14 0 Usag...

Страница 1068: ...ce slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 shutdown on page 1442 All other commands for this command set are described in this section in alphabetical order access policy policyname on page 1068 alias link text on page 1069 backup commands begin on page 1070 bandwidth value on...

Страница 1069: ...ny L P 1067 max reserved bandwidth percent on page 1128 mtu size on page 1129 peer default ip address address on page 1130 ppp commands begin on page 1131 pppoe ac name name on page 1139 pppoe service name name on page 1140 qos policy out mapname on page 1141 snmp trap link status on page 1142 username username password password on page 1143 ...

Страница 1070: ...ame on page 426 Usage Examples The following example associates the access policy UnTrusted to allow inbound traffic to the Web server to the virtual PPP interface Enable the SROS security features ProCurve config ip firewall Create the access list this is the packet selector ProCurve config ip access list extended InWeb ProCurve config ext nacl permit tcp any host 10 12 5 253 eq 80 Create the acc...

Страница 1071: ...tifying description for each link PPP physical Syntax Description text Describes the interface for SNMP by alphanumeric character string must be encased in quotation marks Default Values By default the PPP identification string appears as empty quotes Functional Notes The alias link string should be used to uniquely identify a PPP link Enter a string that clearly identifies the link Usage Examples...

Страница 1072: ... attempt a backup upon failure For more detailed information on PPP backup functionality refer to the Functional Notes section of the command backup call mode role on page 1073 Syntax Description No subcommands Default Values By default all backup endpoints will automatically attempt backup upon a failure Usage Examples The following example enables automatic backup on the endpoint ProCurve config...

Страница 1073: ...isable the auto restore feature For more detailed information on PPP backup functionality refer to the Functional Notes section of the command backup call mode role on page 1073 Syntax Description No subcommands Default Values By default all backup endpoints will automatically restore the primary connection when the failure condition clears Usage Examples The following example configures the SROS ...

Страница 1074: ...detailed information on PPP backup functionality refer to the Functional Notes section of the command backup call mode role on page 1073 Syntax Description seconds Specifies the delay period in seconds a failure must be active before the SROS will enter backup operation on the interface valid range 10 to 86400 seconds Default Values By default the backup delay period is set to 10 seconds Usage Exa...

Страница 1075: ...e Originates backup call on primary link failure originate answer Originates or answers call on primary link failure originate answer always Originates on failure answers and backs up always Default Values By default backup call mode is set to originate answer Functional Notes The majority of the configuration for the SROS backup implementation is configured via the backup PPP interface configurat...

Страница 1076: ...og ppp 1 backup number 5552222 analog ppp 1 no shutdown interface ppp 1 ip address 172 22 56 1 255 255 255 252 ppp authentication chap username remoterouter password remotepass ppp chap hostname localrouter ppp chap password procurve no shutdown ip route 192 168 2 0 255 255 255 0 172 22 56 2 255 255 255 252 line telnet 0 4 password password Sample config for central router dialing in hostname Cent...

Страница 1077: ...ocurve ppp chap hostname remoterouter ppp chap password remotepass no shutdown ip route 192 168 1 0 255 255 255 0 172 22 56 1 255 255 255 252 line telnet 0 4 password password Usage Examples The following configures the SROS to generate backup calls for this endpoint using an analog modem interface to phone number 555 1111 but never answer calls and specifies ppp 2 as the backup interface ProCurve...

Страница 1078: ...ation of the related PPP interface for authentication and IP negotiation 4 If the call fails to connect on the first number dialed the SROS places a call to the second number if configured The second number to be dialed references a separate PPP interface Dialing In 1 The SROS receives an inbound call on a physical interface 2 Caller ID is used to match the backup number command to the configured ...

Страница 1079: ...be greater than 60 For more detailed information on backup functionality refer to the Functional Notes section of the command backup call mode role on page 1073 Syntax Description seconds Selects the amount of time in seconds that the router will wait for a connection before attempting another call valid range 10 to 300 Default Values By default the backup connect timeout period is set to 60 secon...

Страница 1080: ...rupting data Use the no form of this command to return to the normal backup operation state For more detailed information on backup functionality refer to the Functional Notes section of the command backup call mode role on page 1073 Syntax Description backup Forces backup regardless of primary link state primary Forces primary link regardless of its state Default Values By default this feature is...

Страница 1081: ...up functionality refer to the Functional Notes section of the command backup call mode role on page 1073 Syntax Description attempts Selects the number of call retries that will be made after a link failure valid range is 0 to 15 Setting this value to 0 will allow unlimited retries during the time the network is failed Default Values By default backup maximum retry is set to 0 attempts Usage Examp...

Страница 1082: ...itiated analog Indicates number connects to an analog modem digital 56k Indicates number belongs to a digital 56 kbps per DS0 connection digital 64k Indicates number belongs to a digital 64 kbps per DS0 connection isdn min chan Specifies the minimum number of DS0s required for a digital 56 or 64 kbps connection Range 1 to 24 isdn mas chan Specifies the maximum number of DS0s desired for a digital ...

Страница 1083: ...d by lower priority links Use the no form of this command to return to the default value For more detailed information on backup functionality refer to the Functional Notes section of the command backup call mode role on page 1073 Syntax Description value Sets the relative priority of this link valid range 0 to 100 A value of 100 designates the highest priority Default Values By default backup pri...

Страница 1084: ...no form of this command to return to the default value For more detailed information on backup functionality refer to the Functional Notes section of the command backup call mode role on page 1073 Syntax Description No subcommands Default Values By default the SROS does not randomize the backup call timers Usage Examples The following example configures the SROS to randomize the backup timers asso...

Страница 1085: ... more detailed information on backup functionality refer to the Functional Notes section of the command backup call mode role on page 1073 Syntax Description seconds Specifies the delay in seconds between attempting to re dial a failed backup attempt Range 10 to 3600 Default Values By default backup redial delay is set to 10 seconds Usage Examples The following example configures a redial delay of...

Страница 1086: ... bouncing in and out of alarm For more detailed information on backup functionality refer to the Functional Notes section of the command backup call mode role on page 1073 Syntax Description seconds Specifies the number of seconds the SROS will wait after a primary link is restored before disconnecting backup operation Range 10 to 86 400 Default Values By default backup restore delay is set to 10 ...

Страница 1087: ...p call mode role on page 1073 Syntax Description day Sets the days to allow backup valid range Monday through Sunday enable time Sets the time of day to enable backup Time is entered in 24 hour format 00 00 disable time Sets the time of day to disable backup Default Values By default backup is enabled for all days and times if the backup auto backup command has been issued and the backup schedule ...

Страница 1088: ...nitiate or respond to backup sequences in the event of a network outage Use the no form of this command to reactivate the backup interface For more detailed information on backup functionality refer to the Functional Notes section of the command backup call mode role on page 1073 Syntax Description No subcommands Default Values By default all SROS interfaces are disabled Usage Examples The followi...

Страница 1089: ...nd to restore the default values Syntax Description value Specifies the bandwidth value in kbps Default Values To view default values use the show interfaces command Functional Notes The bandwidth command is an informational value that is communicated to the higher level protocols to be used in cost calculations This is a routing parameter only and does not affect the physical interface Usage Exam...

Страница 1090: ...ax Description group Assigns a bridge group number range 1 to 255 Default Values By default there are no configured bridge groups Functional Notes A bridged network can provide excellent traffic management to reduce collisions and limit the amount of bandwidth wasted with unnecessary transmissions when routing is not necessary Any two interfaces can be bridged Ethernet to T1 bridge Ethernet to Fra...

Страница 1091: ...the interface to remove the VLAN tag from the packet Syntax Description group Specifies the bridge group number Valid range is 1 to 255 Default Values By default VLAN tags are removed from the data Usage Examples The following example removes the VLAN tags from the packets on the PPP interface labeled 1 ProCurve config interface ppp 1 ProCurve config ppp 1 no bridge group 1 vlan transparent Note T...

Страница 1092: ...lass and associated access control lists ACLs that describe the behavior of the firewall do not forget to include the traffic coming into the system over a VPN tunnel terminated by the system The firewall should be set up with respect to the unencrypted traffic that is destined to be sent or received over the VPN tunnel The following diagram represents typical SROS data flow logic Note When you ap...

Страница 1093: ...y unencrypted data is processed by the firewall The ACLs for a crypto map on an interface work in reverse logic to the ACLs for a policy class on an interface When specifying the ACLs for a crypto map the source information is the private local side unencrypted source of the data The destination information will be the far end unencrypted destination of the data However ACLs for a policy class wor...

Страница 1094: ... over your domain name regardless of where you purchased registered it This allows to manage IP address mappings A records domain aliases CNAME records and mail servers MX records dyndns The Dynamic DNSSM service allows you to alias a dynamic IP address to a static hostname in various domains This allows your unit to be more easily accessed from various locations on the Internet This service is pr...

Страница 1095: ...e though the DNS system This service is provided for up to five hostnames If your IP address doesn t change often or at all but you still want an easy name to remember it by without having to purchase your own domain name Static DNS service is ideal for you If you would like to use your own domain name such as yourname com you need Custom DNS service which also provides full dynamic and static IP ...

Страница 1096: ...interface WFQ is enabled by default for WAN interfaces Syntax Description threshold Optional Specifies the maximum number of packets that can be present in each conversation sub queue Packets received for a conversation after this limit is reached are discarded Range 16 to 512 packets Default Values By default fair queue is enabled with a threshold of 64 packets Usage Examples The following exampl...

Страница 1097: ... the no form of this command to return to the default setting Syntax Description queue size Specifies the total number of packets the output queue can contain before packets are dropped Range 16 to 1000 Default Values The default queue size for WFQ is 400 The default queue size for PPP FIFO and Frame Relay round robin is 200 Usage Examples The following example sets the overall output queue size t...

Страница 1098: ...received on the specified interface out Enables access control on packets transmitted on the specified interface Default Values By default these commands are disabled Functional Notes When this command is enabled the IP destination address of each packet must be validated before being passed through to the router system If the packet is not acceptable per these settings it is dropped Usage Example...

Страница 1099: ...55 track name Optional Attaches a network monitoring track to the DHCP client The DHCP gateway route for this client will only reside in the route table while the track is in the pass state For more information on configuring track objects refer to track name on page 532 Default Values By default the administrative distance value is 1 Functional Notes Dynamic Host Configuration Protocol DHCP allow...

Страница 1100: ...ance to use when adding the PPP route to the route table It is used to determine the best route when multiple routes to the same destination exist The smaller the administrative distance the more reliable the route Range is 1 to 255 ip address Optional Specifies a valid IP address IP addresses should be expressed in dotted decimal notation for example 10 10 10 1 no default Optional Prevents the in...

Страница 1101: ...ample enables the PPP interface to negotiate an IP address from the far end connection ProCurve config interface ppp 1 ProCurve config ppp 1 ip address negotiated The following example enables the PPP interface to negotiate an IP address from the far end connection without inserting a default route ProCurve config interface ppp 1 ProCurve config ppp 1 ip address negotiated no default ...

Страница 1102: ...nal Configures a secondary IP address for the specified interface Default Values By default there are no assigned IP addresses Functional Notes Use secondary IP addresses to allow dual subnets on a single interface when you need more IP addresses than the primary subnet can provide When using secondary IP addresses avoid routing loops by verifying that all devices on the network segment are config...

Страница 1103: ...ets When broadcast packets of the specified type forwarded using the ip forward protocol command are received on the interface they will be forwarded to the device that needs the information Only packets meeting the following criteria are considered eligible by the ip helper address feature 1 The packet IP protocol is User Datagram Protocol UDP 2 Any UDP port specified using the ip forward protoco...

Страница 1104: ...s sending that group s multicast packets to the interface Range 100 to 65535 ms Default 1000 ms querier timeout seconds Specifies the number of seconds that the router waits after the current querier s last query before it takes over as querier IGMP V2 Range 60 300 seconds Default 2x the query interval value query interval seconds Specifies the interval at which IGMP queries are sent on an interfa...

Страница 1105: ... helper address and ip mcast stub upstream commands Downstream interfaces connect to segments with multicast hosts Multiple interfaces may be configured in downstream mode however interfaces connecting to the multicast network upstream should not be configured in downstream mode Interfaces configured as downstream should have the lowest IP address of all IGMP capable routers on the connected segme...

Страница 1106: ... this command is disabled Functional Notes Multicast routing must be enabled prior to setting ip mcast stub fixed on the selected interface Also use the ip igmp static group A B C D command to receive multicast traffic without host initiated Internet Group Management Protocol IGMP activity on the selected interface Otherwise all host initiated IGMP transactions will enter multicast routes on the r...

Страница 1107: ...ult this command is disabled Functional Notes This command is used in IP multicast stub applications in conjunction with the ip mcast stub helper address ip mcast stub upstream and ip mcast stub downstream commands When enabled the interface becomes a helper forwarding interface The IGMP host function is dynamically enabled and the interface becomes the active upstream interface enabling the unit ...

Страница 1108: ...ions in conjunction with the ip mcast stub helper address and ip mcast stub downstream commands When enabled the interface becomes a candidate to be a helper forwarding interface If chosen as the best path toward the helper address by the router s unicast route table the IGMP host function is dynamically enabled and the interface becomes the active upstream interface enabling the router to perform...

Страница 1109: ...erval between hello packets sent on the interface Range 0 to 32 767 message digest key keyid md5 key Configures OSPF Message Digest 5 MD5 authentication 16 byte max keys The SROS allows two keys key ID 1 and key ID 2 priority value Set the OSPF priority The value set in this field helps determine the designated router for this network Range 0 to 255 retransmit interval seconds Specifies the time b...

Страница 1110: ...e that is performing OSPF authentication Syntax Description message digest Optional Selects message digest authentication type null Optional Specifies that no authentication be used Default Values By default ip ospf authentication is set to null meaning no authentication is used Usage Examples The following example specifies that no authentication will be used on the PPP interface ProCurve config ...

Страница 1111: ...s interface Syntax Description broadcast Sets the network type for broadcast point to point Sets the network type for point to point Default Values By default Ethernet defaults to broadcast All other interfaces default to point to point Functional Notes A point to point network will not elect designated routers Usage Examples The following example designates a broadcast network type ProCurve confi...

Страница 1112: ...No subcommands Default Values By default PIM Sparse Mode is disabled for all interfaces Functional Notes PIM Sparse Mode is a multicast routing protocol that makes use of the unicast forwarding table PIM systems builds unidirectional shared trees rooted at a Rendezvous Point RP for a multicast group or a shortest path tree rooted at a specific source for a multicast group Usage Examples The follow...

Страница 1113: ... hello messages transmitted on the interface Routers use the priority values to determine the appropriate DR The router on the network segment with the highest priority is selected as the DR If a hello message is received on the interface from a router on the network segment and it does not contain a priority the entire network segment defaults to DR selection based on IP addresses instead of prio...

Страница 1114: ...e sent out the interface Valid range is 10 to 3600 seconds Default Values By default hellos are transmitted on PIM interfaces every 60 seconds Functional Notes Hello messages are used to inform neighbors of a router s presence Hello messages normally generate a small amount of traffic on an interface Setting the hello timer to a small interval increases the amount of hellos sent thus increasing th...

Страница 1115: ...neighbor is not present Use the no form of this command to return to the default value Syntax Description time Specifies the time interval in seconds the PIM interface waits before a neighbor is considered not present Valid range is 30 to 10 800 seconds Default Values By default the nbr timeout is set to 105 seconds Usage Examples The following example specifies a wait interval of 360 seconds on t...

Страница 1116: ... Use the no form of this command to return to the default value Syntax Description time Specifies the delay interval in milliseconds after a join prune in which another router on the LAN may override the join prune Valid range is 0 to 65 535 milliseconds Default Values By default the override interval is set to 2500 milliseconds Usage Examples The following example sets the delay interval for join...

Страница 1117: ...onds to estimate the amount of delay found in the local link Use the no form of this command to return to the default value Syntax Description time Specifies the expected propagation delay in the local link in milliseconds Valid range is 0 to 32 767 milliseconds Default Values By default the propagation delay is set to 500 milliseconds Usage Examples The following example sets the expected propaga...

Страница 1118: ...this command to remove the assignment Removing a route map from the interface does not remove the route map configuration parameters from the system Syntax Description mapname Specifies the route map to associate with this interface Default Values By default policy based routing is disabled for all interfaces Usage Examples The following example associates the route map named MyMap with ppp 1 inte...

Страница 1119: ...ress Default Values By default proxy ARP is enabled Functional Notes In general the principle of proxy ARP allows a router to insert its IP address in the source IP address field of a packet if the packet is from a host on one of its subnetworks This allows hosts to reach devices on other subnetworks without implementing routing or specifying a default gateway If proxy ARP is enabled the SROS will...

Страница 1120: ...received RIP version 1 packets on the interface 2 Accepts only received RIP version 2 packets on the interface Default Values By default all interfaces implement RIP version 1 the default value for the version command Functional Notes Use the ip rip receive version to specify a RIP version that overrides the version in the Router RIP configuration The SROS only accepts one version either 1 or 2 on...

Страница 1121: ...ts only RIP version 1 packets on the interface 2 Transmits only RIP version 2 packets on the interface Default Values By default all interfaces transmit RIP version 1 the default value for the version command Functional Notes Use the ip rip send version to specify a RIP version that overrides the version in the Router RIP configuration The SROS only transmits one version either 1 or 2 on a given i...

Страница 1122: ...ecifies the IP address of the network to be summarized network mask Specifies the network mask to be applied to the specific network to be summarized Default Values By default no manual summarization is applied by RIP Functional Notes Unlike the automatic summarization on classful network boundaries only specific network advertisements are made by RIP using the ip rip summary address command This ...

Страница 1123: ...e Syntax Description No subcommands Default Values By default route caching is enabled on all interfaces Functional Notes Route caching allows an IP interface to provide optimum performance when processing IP traffic Usage Examples The following example enables route caching on the virtual PPP interface ProCurve config interface ppp 1 ProCurve config ppp 1 ip route cache Note Using Network Address...

Страница 1124: ...ed IP address using the ip address command Functional Notes If ip unnumbered is enabled on an interface all IP traffic from the interface will use a source IP address taken from the specified interface For example specifying ip unnumbered eth 0 1 while in the PPP Interface Configuration mode configures the PPP interface to use the IP address assigned to the Ethernet interface for all IP processing...

Страница 1125: ...ace in Applies the filter to the inbound traffic out Applies the filter to the outbound traffic Default Values By default there are no URL filters applied to any interfaces Functional Notes The firewall must be enabled using the ip firewall command in order to use URL filters The URL filter must be created by using the ip urlfilter filtername http command before applying it to the interface See ip...

Страница 1126: ...efines the time interval in seconds between transmitted keepalive packets valid range 0 to 32 767 seconds Default Values By default the time interval between transmitted keepalive packets is 10 seconds Functional Notes If three keepalive packets are sent to an interface with no response the interface is considered down To detect interface failures quickly specify a smaller keepalive time Usage Exa...

Страница 1127: ...ve Use the lldp receive command to allow LLDP packets to be received on this interface Syntax Description No subcommands Default Values By default all interfaces are configured to send and receive LLDP packets Usage Examples The following example configures the PPP interface to receive LLDP packets ProCurve config interface ppp 1 ProCurve config ppp 1 lldp receive ...

Страница 1128: ...ion of this device s system capabilities on this interface system description Enables transmission of this device s system description on this interface system name Enables transmission of this device s system name on this interface Default Values Be default all interfaces are configured to transmit and receive LLDP packets of all types Functional Notes Individual LLDP information can be enabled o...

Страница 1129: ...ive LLDP packets of all types Functional Notes Individual LLDP information can be enabled or disabled using the various forms of the lldp send command For example use the lldp send and receive command to enable transmit and receive of all LLDP information Then use the no lldp send port description command to prevent LLDP from transmitting port description information Usage Examples The following e...

Страница 1130: ...Description percent Specifies the percentage of interface bandwidth to make available for user defined priority or class based queues Enter an integer 1 to 100 Default Values By default max reserved bandwidth is set to 75 which reserves 25 percent of the interface bandwidth for system critical traffic Usage Examples The following example specifies 85 percent of the bandwidth on the ppp 1 interface...

Страница 1131: ...0 Tunnel interfaces 64 to 18 190 Virtual Frame Relay sub interfaces 64 to 1520 Virtual PPP interfaces 64 to 1500 Default Values size The default values for the various interfaces are listed below ATM interfaces 1500 Demand interfaces 1500 Ethernet interfaces 1500 FDL interfaces 256 HDLC interfaces 1500 Loopback interfaces 1500 Tunnel interfaces 1500 Virtual Frame Relay sub interfaces 1500 Virtual ...

Страница 1132: ...te end of this interface Syntax Description address Specifies the default IP address for the remote end A B C D Default Values By default there is no assigned peer default IP address Functional Notes This command is useful if the peer does not send the IP address option during PPP negotiations Usage Examples The following example sets the default peer IP address to 192 168 71 50 ProCurve config in...

Страница 1133: ...res two way message passing First the router that is required to be authenticated say the peer sends an authentication request with its username and password to the router requiring authentication say the local router The local router then looks up the username and password in the username database within the PPP interface and if they match sends an authentication acknowledge back to the peer Seve...

Страница 1134: ...thentication protocol composed of a challenge response and success or failure The MD5 protocol is used to protect usernames and passwords in the response First the local router requiring its peer to be authenticated sends a challenge containing only its own unencrypted username to the peer The peer then looks up the username in the username database within the PPP interface and if found takes the ...

Страница 1135: ...ame Local Local config ppp 1 ppp authentication chap Local config ppp 1 username Peer password same Local config ppp 1 ppp chap hostname nearend On the peer hostname Peer Peer config ppp 1 username nearend password same Notice the peer is expecting username nearend even though the local router s hostname is Local Therefore the local router can use the ppp chap hostname command to send the correct ...

Страница 1136: ...ve a configured hostname For more information on PAP and CHAP functionality refer to the Technology Review section for the command ppp authentication chap l pap on page 1131 Syntax Description hostname Specifies a hostname by alphanumeric string up to 80 characters in length Default Values By default there are no configured PPP CHAP hostnames Usage Examples The following example specifies a PPP CH...

Страница 1137: ... command to remove a configured password For more information on PAP and CHAP functionality refer to the Technology Review section for the command ppp authentication chap l pap on page 1131 Syntax Description password Specifies a password by alphanumeric string up to 80 characters in length Default Values By default there is no defined PPP CHAP password Usage Examples The following example specifi...

Страница 1138: ...commands Default Values By default MPPP is disabled Functional Notes When enabled this interface is capable of the following Combining multiple physical links into one logical link Receiving upper layer protocol data units PDU fragmenting and transmitting over the physical links based upon the physical link MTU Receiving fragments over the physical links and reassembling them into PDUs Usage Examp...

Страница 1139: ...l links Receiving fragments over the physical links and reassembling them into PDUs The fragmentation and interleave options can be used to enhance the multilink operation Fragmentation is used to reduce serialization delays of large packets The fragmentation process evenly divides the data among all links in the bundle with a minimum packet size of 96 bytes The interleave operation is used with s...

Страница 1140: ...ality refer to the Technology Review section for the command ppp authentication chap l pap on page 1131 Syntax Description username Specifies a username by alphanumeric string up to 80 characters in length the username is case sensitive password Specifies a password by alphanumeric string up to 80 characters in length the password is case sensitive Default Values By default there is no defined ppp...

Страница 1141: ...ng Syntax Description name Specifies an AC by text string up to 255 characters corresponding to the AC Name Tag under RFC 2516 If this field is not specified any access concentrator is acceptable The AC value may be a combination of trademark model and serial ID information or simply the MAC address of the unit Default Values By default no AC is specified Usage Examples The following example ident...

Страница 1142: ...turn to the default setting Syntax Description name Specifies a service name by text string up to 255 characters corresponding to the Service Name Tags under RFC 2516 This string indicates an ISP name or a class or quality of service If this field is not specified any service is acceptable Default Values By default no names are specified Usage Examples The following example defines a service type ...

Страница 1143: ... to remove the map from the interface The keyword out specifies that this policy will be applied to outgoing packets Syntax Description mapname Specifies the name of a previously created QoS map refer to qos map mapname sequence number on page 486 for more information Default Values No default value is necessary for this command Usage Examples The following example applies the QoS map VOICEMAP to ...

Страница 1144: ... there is an interface status change Use the no form of this command to disable this trap Syntax Description No subcommands Default Values By default the ifLinkUpDownTrapEnable OID is enabled for all interfaces except virtual Frame Relay interfaces Functional Notes The snmp trap link status command is used to control the RFC2863 ifLinkUpDownTrapEnable OID OID number 1 3 6 1 2 1 31 1 1 1 14 0 Usage...

Страница 1145: ...username is case sensitive password Specifies a password by alphanumerical string up to 30 characters in length the password is case sensitive Default Values By default there is no established username and password Functional Notes PAP uses this entry to check received information from the peer CHAP uses this entry to check the received peer hostname and a common password Usage Examples The follow...

Страница 1146: ... 1430 bind from interface slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 shutdown on page 1442 All other commands for this command set are described in this section in alphabetical order access policy policyname on page 1146 backup commands begin on page 1147 bandwidth value on page ...

Страница 1147: ...mmand Set 5991 2114 Copyright 2007 Hewlett Packard Development Company L P 1145 tunnel destination ip address on page 1199 tunnel key value on page 1200 tunnel mode gre on page 1201 tunnel sequence datagrams on page 1202 tunnel source ip address interface on page 1203 ...

Страница 1148: ...s refer to ip policy class policyname on page 426 Usage Examples The following example associates the access policy UnTrusted to allow inbound traffic to the Web server to the tunnel interface labeled 1 Enable the SROS security features ProCurve config ip firewall Create the access list this is the packet selector ProCurve config ip access list extended InWeb ProCurve config ext nacl permit tcp an...

Страница 1149: ...up auto backup command to configure the sub interface to automatically attempt a backup upon failure Syntax Description No subcommands Default Values By default all backup endpoints will automatically attempt backup upon a failure Usage Examples The following enables automatic backup on the endpoint ProCurve config interface tunnel 1 ProCurve config tunnel 1 backup auto backup ...

Страница 1150: ... network conditions are operational Use the no form of this command to disable the auto restore feature Syntax Description No subcommands Default Values By default all backup endpoints will automatically restore the primary connection when the failure condition clears Usage Examples The following configures the SROS to automatically restore the primary connection when the failure condition clears ...

Страница 1151: ...e the no form of this command to return to the default value Syntax Description seconds Specifies the delay period in seconds a failure must be active before the SROS will enter backup operation on the interface valid range 10 to 86400 seconds Default Values By default the backup backup delay is set to 10 seconds Usage Examples The following configures the SROS to wait 60 seconds on an endpoint wi...

Страница 1152: ...riginates backup call on primary link failure originate answer Originates or answers call on primary link failure originate answer always Originates on failure answers and backs up always Default Values By default the backup call mode is set to originate answer Functional Notes The majority of the configuration for the SROS backup implementation is configured via the backup PPP interface configura...

Страница 1153: ...ppp 1 backup number 5552222 analog ppp 1 no shutdown interface ppp 1 ip address 172 22 56 1 255 255 255 252 ppp authentication chap username remoterouter password remotepass ppp chap hostname localrouter ppp chap password procurve no shutdown ip route 192 168 2 0 255 255 255 0 172 22 56 2 255 255 255 252 line telnet 0 4 password password Sample config for central router dialing in hostname Central...

Страница 1154: ...ace ppp 1 ip address 172 22 56 2 255 255 255 252 ppp authentication chap username localrouter password procurve ppp chap hostname remoterouter ppp chap password remotepass no shutdown ip route 192 168 1 0 255 255 255 0 172 22 56 1 255 255 255 252 line telnet 0 4 password password Usage Examples The following configures the SROS to generate backup calls for this endpoint using an analog modem inter...

Страница 1155: ...rying to call again or dialing a different number Recommended value is greater than 60 Syntax Description seconds Selects the amount of time in seconds that the router will wait for a connection before attempting another call valid range 10 to 300 Default Values By default backup connect timeout is set to 60 seconds Usage Examples The following configures the SROS to wait 120 seconds before retryi...

Страница 1156: ... to allow maintenance to be performed on the primary link without disrupting data Use the no form of this command to return to the normal backup operation state Syntax Description backup Forces backup regardless of primary link state primary Forces primary link regardless of its state Default Values By default this feature is disabled Usage Examples The following configures the SROS to force this ...

Страница 1157: ...p functionality refer to the Functional Notes section of the command backup call mode role on page 1150 Syntax Description attempts Selects the number of call retries that will be made after a link failure valid range 0 to 15 Setting this value to 0 will allow unlimited retries during the time the network is failed Default Values By default backup maximum retry is set to 0 attempts Usage Examples ...

Страница 1158: ...analog Indicates number connects to an analog modem digital 56k Indicates number belongs to a digital 56 kbps per DS0 connection digital 64k Indicates number belongs to a digital 64 kbps per DS0 connection isdn min chan Specifies the minimum number of DS0s required for a digital 56 or 64 kbps connection Range 1 to 24 isdn mas chan Specifies the maximum number of DS0s desired for a digital 56 or 64...

Страница 1159: ... priority links Use the no form of this command to return to the default value For more detailed information on tunnel backup functionality refer to the Functional Notes section of the command backup call mode role on page 1150 Syntax Description value Sets the relative priority of this link valid range 0 to 100 A value of 100 designates the highest priority Default Values By default backup priori...

Страница 1160: ... this command to return to the default value For more detailed information on tunnel backup functionality refer to the Functional Notes section of the command backup call mode role on page 1150 Syntax Description No subcommands Default Values By default the SROS does not randomize the backup call timers Usage Examples The following example configures the SROS to randomize the backup timers associa...

Страница 1161: ...iled information on tunnel backup functionality refer to the Functional Notes section of the command backup call mode role on page 1150 Syntax Description seconds Specifies the delay in seconds between attempting to re dial a failed backup attempt Range 10 to 3600 Default Values By default backup redial delay is set to 10 seconds Usage Examples The following example configures a redial delay of 25...

Страница 1162: ...in and out of alarm For more detailed information on tunnel backup functionality refer to the Functional Notes section of the command backup call mode role on page 1150 Syntax Description seconds Specifies the number of seconds the SROS will wait after a primary link is restored before disconnecting backup operation Range 10 to 86 400 Default Values By default backup restore delay is set to 10 sec...

Страница 1163: ...ode role on page 1150 Syntax Description day Sets the days to allow backup valid range Monday through Sunday enable time Sets the time of day to enable backup Time is entered in 24 hour format 00 00 disable time Sets the time of day to disable backup Default Values By default backup is enabled for all days and times if the backup auto backup command has been issued and the backup schedule has not ...

Страница 1164: ... respond to backup sequences in the event of a network outage Use the no form of this command to reactivate the backup interface For more detailed information on tunnel backup functionality refer to the Functional Notes section of the command backup call mode role on page 1150 Syntax Description No subcommands Default Values By default all SROS interfaces are disabled Usage Examples The following ...

Страница 1165: ...o restore the default values Syntax Description value Specifies bandwidth in kbps Default Values To view default values use the show interfaces command Functional Notes The bandwidth command is an informational value that is communicated to the higher level protocols to be used in cost calculations This is a routing parameter only and does not affect the physical interface Usage Examples The follo...

Страница 1166: ...policy class and associated access control lists ACLs that describe the behavior of the firewall do not forget to include the traffic coming into the system over a VPN tunnel terminated by the system The firewall should be set up with respect to the unencrypted traffic that is destined to be sent or received over the VPN tunnel The following diagram represents typical SROS data flow logic Note Whe...

Страница 1167: ...pted data is processed by the firewall The ACLs for a crypto map on an interface work in reverse logic to the ACLs for a policy class on an interface When specifying the ACLs for a crypto map the source information is the private local side un encrypted source of the data The destination information will be the far end un encrypted destination of the data However ACLs for a policy class work in re...

Страница 1168: ... your domain name regardless of where you purchased registered it This allows to manage IP address mappings A records domain aliases CNAME records and mail servers MX records dyndns The Dynamic DNSSM service allows you to alias a dynamic IP address to a static hostname in various domains This allows your unit to be more easily accessed from various locations on the Internet This service is provide...

Страница 1169: ...s does not change often or at all but you still want an easy name to remember it by without having to purchase your own domain name Static DNS service is ideal for you If you would like to use your own domain name such as yourname com you need Custom DNS service which also provides full dynamic and static IP address support Dynamic DNS service can be extremely helpful for site to site VPN connecti...

Страница 1170: ...nables access control on packets transmitted on the specified interface Default Values By default these commands are disabled Functional Notes When this command is enabled the IP destination address of each packet must be validated before being passed through to the router system If the packet is not acceptable per these settings it is dropped Usage Examples The following example sets up the unit ...

Страница 1171: ...d decimal notation for example 192 168 73 101 mask Specifies the subnet mask that corresponds to the listed IP address secondary Optional Configures a secondary IP address for the specified interface Default Values By default there are no assigned IP addresses Usage Examples The following example configures an IP address of 192 168 72 101 30 ProCurve config interface tunnel 1 ProCurve config tunne...

Страница 1172: ...adcast packets of the specified type forwarded using the ip forward protocol command are received on the interface they will be forwarded to the device that needs the information Only packets meeting the following criteria are considered eligible by the ip helper address feature 1 The packet IP protocol is User Datagram Protocol UDP 2 Any UDP port specified using the ip forward protocol command 3 ...

Страница 1173: ...ng that group s multicast packets to the interface Range 100 to 65 535 ms Default 1000 ms querier timeout seconds Specifies the number of seconds that the router waits after the current querier s last query before it takes over as querier IGMP V2 Range 60 to 300 seconds Default 2x the query interval value query interval seconds Specifies the interval at which IGMP queries are sent on an interface ...

Страница 1174: ...er address and ip mcast stub upstream commands Downstream interfaces connect to segments with multicast hosts Multiple interfaces may be configured in downstream mode however interfaces connecting to the multicast network upstream should not be configured in downstream mode Interfaces configured as downstream should have the lowest IP address of all IGMP capable routers on the connected segment in...

Страница 1175: ...command is disabled Functional Notes Multicast routing must be enabled prior to setting ip mcast stub fixed on the selected interface Also use the ip igmp static group A B C D command to receive multicast traffic without host initiated Internet Group Management Protocol IGMP activity on the selected interface Otherwise all host initiated IGMP transactions will enter multicast routes on the router ...

Страница 1176: ... applications in conjunction with the ip mcast stub helper address ip mcast stub upstream and ip mcast stub downstream commands When enabled the interface becomes a helper forwarding interface The IGMP host function is dynamically enabled and the interface becomes the active upstream interface enabling the unit to perform as an IGMP proxy Refer to ip mcast stub helper address ip address on page 42...

Страница 1177: ...st stub downstream commands When enabled the interface becomes a candidate to be a helper forwarding interface If chosen as the best path toward the helper address by the router s unicast route table the IGMP host function is dynamically enabled and the interface becomes the active upstream interface enabling the router to perform as an IGMP proxy Though multiple interfaces may be candidates no mo...

Страница 1178: ...pecifies the interval between hello packets sent on the interface Range 0 to 32 767 message digest key keyid md5 key Configures OSPF Message Digest 5 MD5 authentication 16 byte max keys The SROS allows two keys key ID 1 and key ID 2 priority value Set the OSPF priority The value set in this field helps determine the designated router for this network Range 0 to 255 retransmit interval seconds Spec...

Страница 1179: ...ce that is performing OSPF authentication Syntax Description message digest Optional Selects message digest authentication type null Optional Specifies that no authentication is used Default Values By default this is set to null meaning no authentication is used Usage Examples The following example specifies that no authentication will be used on the tunnel interface ProCurve config interface tunn...

Страница 1180: ...rface Syntax Description broadcast Sets the network type for broadcast point to point Sets the network type for point to point Default Values By default Ethernet defaults to broadcast All other interfaces default to point to point Functional Notes A point to point network will not elect designated routers Usage Examples The following example designates a broadcast network type ProCurve config inte...

Страница 1181: ...mmands Default Values By default PIM Sparse Mode is disabled for all interfaces Functional Notes PIM Sparse Mode is a multicast routing protocol that makes use of the unicast forwarding table PIM systems builds unidirectional shared trees rooted at a Rendezvous Point RP for a multicast group or a shortest path tree rooted at a specific source for a multicast group Usage Examples The following exam...

Страница 1182: ...essages transmitted on the interface Routers use the priority values to determine the appropriate DR The router on the network segment with the highest priority is selected as the DR If a hello message is received on the interface from a router on the network segment and it does not contain a priority the entire network segment defaults to DR selection based on IP addresses instead of priority In ...

Страница 1183: ...out the interface Valid range is 10 to 3600 seconds Default Values By default hellos are transmitted on PIM interfaces every 60 seconds Functional Notes Hello messages are used to inform neighbors of a router s presence Hello messages normally generate a small amount of traffic on an interface Setting the hello timer to a small interval increases the amount of hellos sent thus increasing the amoun...

Страница 1184: ...r is not present Use the no form of this command to return to the default value Syntax Description time Specifies the time interval in seconds the PIM interface waits before a neighbor is considered not present Valid range is 30 to 10 800 seconds Default Values By default the nbr timeout is set to 105 seconds Usage Examples The following example specifies a wait interval of 360 seconds on the tunn...

Страница 1185: ...e no form of this command to return to the default value Syntax Description time Specifies the delay interval in milliseconds after a join prune in which another router on the LAN may override the join prune Valid range is 0 to 65 535 milliseconds Default Values By default the override interval is set to 2500 milliseconds Usage Examples The following example sets the delay interval for join prune ...

Страница 1186: ... estimate the amount of delay found in the local link Use the no form of this command to return to the default value Syntax Description time Specifies the expected propagation delay in the local link in milliseconds Valid range is 0 to 32 767 milliseconds Default Values By default the propagation delay is set to 500 milliseconds Usage Examples The following example sets the expected propagation de...

Страница 1187: ...mmand to remove the assignment Removing a route map from the interface does not remove the route map configuration parameters from the system Syntax Description mapname Specifies the route map to associate with this interface Default Values By default policy based routing is disabled for all interfaces Usage Examples The following example associates the route map named MyMap with tunnel interface ...

Страница 1188: ...ess Default Values By default proxy arp is enabled Functional Notes In general the principle of proxy ARP allows a router to insert its IP address in the source IP address field of a packet if the packet is from a host on one of its subnetworks This allows hosts to reach devices on other subnetworks without implementing routing or specifying a default gateway If proxy ARP is enabled the SROS will ...

Страница 1189: ...the interface 2 Only accept received RIP version 2 packets on the interface Default Values By default all interfaces implement RIP version 1 the default value for the version command Functional Notes Use the ip rip receive version command to specify a RIP version that overrides the version in the Router RIP configuration See version 1 l 2 on page 1390 for more information The SROS only accepts one...

Страница 1190: ...he interface 2 Only transmits RIP version 2 packets on the interface Default Values By default all interfaces transmit RIP version 1 the default value for the version command Functional Notes Use the ip rip send version command to specify a RIP version that overrides the version in the Router RIP configuration See version 1 l 2 on page 1390 for more information The SROS only transmits one version ...

Страница 1191: ... the IP address of the network to be summarized network mask Specifies the network mask to be applied to the specific network to be summarized Default Values By default no manual summarization is applied by RIP Functional Notes Unlike the automatic summarization on classful network boundaries only specific network advertisements are made by RIP using the ip rip summary address command This command...

Страница 1192: ...ntax Description No subcommands Default Values By default route caching is enabled on all interfaces Functional Notes Route caching allows an IP interface to provide optimum performance when processing IP traffic Usage Examples The following example enables route caching on the tunnel interface ProCurve config interface tunnel 1 ProCurve config tunnel 1 ip route cache Note Using Network Address Tr...

Страница 1193: ...pplies the filter to the inbound traffic out Applies the filter to the outbound traffic Default Values By default there are no URL filters applied to any interfaces Functional Notes The firewall must be enabled using the ip firewall command in order to use URL filters The URL filter must be created by using the ip urlfilter filtername http command before applying it to the interface See ip urlfilt...

Страница 1194: ...ge 1 to 32 767 seconds retries Defines the number of times to retry after failed keepalives before determining that the tunnel endpoint is down valid range 1 to 255 times Default Values By default keepalives are disabled When enabled the keepalive period defaults to 10 seconds and the retry count defaults to 3 times Functional Notes Keepalives do not have to be configured on both ends of the tunne...

Страница 1195: ...he lldp receive command to allow LLDP packets to be received on this interface Syntax Description No subcommands Default Values By default all interfaces are configured to send and receive LLDP packets Usage Examples The following example configures the tunnel interface to receive LLDP packets ProCurve config interface tunnel 1 ProCurve config tunnel 1 lldp receive ...

Страница 1196: ...his device s system capabilities on this interface system description Enables transmission of this device s system description on this interface system name Enables transmission of this device s system name on this interface Default Values Be default all interfaces are configured to transmit and receive LLDP packets of all types Functional Notes Individual LLDP information can be enabled or disabl...

Страница 1197: ...packets of all types Functional Notes Individual LLDP information can be enabled or disabled using the various forms of the lldp send command For example use the lldp send and receive command to enable transmit and receive of all LLDP information Then use the no lldp send port description command to prevent LLDP from transmitting port description information Usage Examples The following example co...

Страница 1198: ...nnel interfaces 64 to 18 190 Virtual Frame Relay sub interfaces 64 to 1520 Virtual PPP interfaces 64 to 1500 Default Values size The default values for the various interfaces are listed below ATM interfaces 1500 Demand interfaces 1500 Ethernet interfaces 1500 FDL interfaces 256 HDLC interfaces 1500 Loopback interfaces 1500 Tunnel interfaces 1500 Virtual Frame Relay sub interfaces 1500 Virtual PPP ...

Страница 1199: ...is inversely proportional to the likelihood the bridge interface will be chosen as the root path Set the path cost value lower to increase the chance the interface will be the root To obtain the most accurate spanning tree calculations develop a system for determining path costs for links and apply it to all bridged interfaces Usage Examples The following example assigns a path cost of 100 for bri...

Страница 1200: ...th ends of the tunnel must have tunnel checksum enabled in order for the tunnel checksum feature to function When both endpoints have tunnel checksum enabled a packet with an incorrect checksum will be dropped If the endpoints differ in their checksum configuration all packets will still flow without any checksum verification Usage Examples The following example enables checksum on the tunnel 1 in...

Страница 1201: ...ation field of the outer IP header after GRE encapsulation of the original packet A route must be defined for the destination address Make certain there are no recursive routes by ensuring that a tunnel s destination address will be routed out a physical interface There is a possibility of creating a routing loop when tunnel interface traffic gets routed back to the same tunnel interface or to ano...

Страница 1202: ...orm of this command to disable the key Syntax Description value Defines the key value for this tunnel valid range 1 to 4 294 967 294 Default Values By default a key is not configured Functional Notes When enabled the key will be stored in the GRE header and the key present bit will be set If tunnel keys are used a matching key value must be defined on both endpoints of the tunnel or packets will b...

Страница 1203: ...ic Routing Encapsulation GRE header Use the no form of this command to set the tunnel to its default mode Syntax Description No subcommands Default Values By default the tunnel interface will be configured for GRE mode Functional Notes GRE is currently the only allowed mode for tunnel interface operation Usage Examples The following example configures the tunnel interface for GRE mode ProCurve con...

Страница 1204: ... numbering enabled a packet arriving with a sequence number less than the current expected value will be dropped If the endpoints differ in their sequence numbering configuration all packets will still flow without any sequence number verification Be careful enabling sequence number verification on a tunnel The tunnel can easily become out of sequence due to network conditions outside of the tunne...

Страница 1205: ...e slot port that contains the IP address to use as the source address for all packets transmitted on this interface Default Values By default a tunnel source is not defined Functional Notes Until a tunnel interface has a source IP address defined and the physical interface used as the source is operational the tunnel is not operational The tunnel source IP address will be the value put into the so...

Страница 1206: ...owing commands are common to multiple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below bind from interface slot port tdm group to interface slot port on page 1431 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 All other commands for this command set are described in this section in alphabetical...

Страница 1207: ... type data Use the call type data command to specify data operation for the ISDN group Syntax Description data Specifies use as digital line Default Values By default the call type is set to data Usage Examples The following example sets the call type for ISDN group 1 to data ProCurve config isdn group 1 ProCurve config isdn group 1 call type data ...

Страница 1208: ...Use the no form of this command to remove the specified interface from the ISDN group Syntax Description bri Connects a BRI interface to the ISDN group Use the show modules command for a list of valid BRI interfaces installed in the system Default Values No default value necessary for this command Usage Examples The following example associates the bri 1 1 interface with ISDN group 1 ProCurve conf...

Страница 1209: ...the system Incoming accept numbers are entered as a single number or as a range of numbers using the available wildcard characters The following wildcard inputs can be used to define numbers X Any single digit 0 through 9 N Any single digit 2 through 9 1 2 3 Specifies single digit in this group Any number effectively functions as a don t care The following list provides some examples for proper wi...

Страница 1210: ...991 2114 Copyright 2007 Hewlett Packard Development Company L P 1208 Usage Examples The following example configures the group to accept calls for 916 555 1000 through 916 555 2000 ProCurve config isdn group 1 ProCurve config isdn group 1 incoming accept number 916 555 1 2 XXX ...

Страница 1211: ...escription 1 255 Specifies the maximum number of channels allocated for the ISDN group Valid range is from 1 to 255 Default Values By default the maximum number of channels is set to 0 When max channels is set to 0 the group does not limit the number of usable channels and can use all available channels Use the no max channels command to return to the default value Usage Examples The following exa...

Страница 1212: ...cifies the minimum number of channels allocated for the ISDN group Valid range is from 1 to 255 Default Values By default the minimum number of channels is set to 0 When min channels is set to 0 no channels are reserved for this group This group can use available channels but does not have any channels specifically reserved Use the no min channels command to return to the default value Usage Examp...

Страница 1213: ...name Specifies the name of the resource pool to which this group is assigned cost Optional Specifies the cost of using this resource group within the specified pool In the event of a tie a resource with a lower cost will be selected first Interfaces with the same cost will be selected in alphabetical order by group name Default Values By default the group is not assigned to any resource pool Usage...

Страница 1214: ...s are common to multiple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below bind from interface slot port tdm group to interface slot port on page 1431 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 All other commands for this command set are described in this section in alphabetical order crl op...

Страница 1215: ...RL verification optional Syntax Description No subcommands Default Values By default CRL optional is enabled Functional Notes If enabled the SROS is able to accept certificates even if no CRL is loaded into the configuration Currently this is the only mode supported by the SROS for CRL negotiations Usage Examples The following example sets CRL verification as optional ProCurve ca profile crl optio...

Страница 1216: ...mail address to use when sending certificate requests This field allows up to 51 characters Default Values No defaults necessary for this command Functional Notes Configuring this setting simplifies the crypto ca enroll dialog allowing you to enter the email address only once rather than every time you go through the enrollment process See crypto ca enroll name on page 340 Usage Examples The follo...

Страница 1217: ...ate request when it does not receive a response from the previous request Range 1 to 100 period minutes Specifies the time period between certificate request retries The default is 1 minute between retries Range 1 to 60 minutes Default Values By default period is set to 5 minutes and count is set to 12 retries Usage Examples The following example configures the SROS to send certificate requests ev...

Страница 1218: ...abled Functional Notes This mode is overridden if the enrollment url command specifies the CA to which automatic certificate requests are to be sent via simple certificate exchange protocol SCEP Issuing an enrollment terminal command after using the enrollment url command deletes the URL and forces the unit to use manual enrollment See enrollment url url on page 1217 for more information Usage Exa...

Страница 1219: ...arated with a colon The CA may have other necessary information to include in the CGI path before ending with the actual CGI program An example template to follow is http hostname port path to program exe NOTE To use the default program pkiclient exe without specifying it end the URL with a slash Otherwise you must enter the program name to use For example http 10 10 10 1 400 abcdefg will assume p...

Страница 1220: ...ion fqdn Specifies the FQDN e g company com to be included in requests Default Values No defaults necessary for this command Functional Notes Configuring this setting simplifies the crypto ca enroll dialog allowing you to enter the FQDN only once rather than every time you go through the enrollment process See crypto ca enroll name on page 340 Usage Examples The following example specifies company...

Страница 1221: ...he IP address in dotted decimal notation e g 192 22 73 101 Default Values No defaults necessary for this command Functional Notes Configuring this setting simplifies the crypto ca enroll dialog allowing you to enter the IP address only once rather than every time you go through the enrollment process Refer to crypto ca enroll name on page 340 Usage Examples The following example specifies 66 203 5...

Страница 1222: ...s the SCEP password up to 80 characters Default Values By default no password is required Functional Notes There are two places for configuring a SCEP password At the ca profile prompt If it is not configured at the ca profile prompt you are prompted to enter one when going through the certificate enrollment process The password is sent to the CA from which you are requesting a certificate The CA ...

Страница 1223: ...will be included in the certificate request Syntax Description No subcommands Default Values By default this command is disabled Functional Notes By default this command is set to no serial number which means that the serial number is not included in the certificate requests Usage Examples The following example configures Secure Router OS to include a serial number in the certificate request ProCu...

Страница 1224: ...bject name string with up to 256 characters entered in X 500 LDAP format Default Values By default there is no subject name configured Functional Notes Configuring this setting simplifies the crypto ca enroll dialog allowing you to enter the subject name only once rather than every time you go through the enrollment process Refer to crypto ca enroll name on page 340 Usage Examples The following ex...

Страница 1225: ...ve config crypto ca certificate chain MyProfile ProCurve config cert chain The following commands are common to multiple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below bind from interface slot port tdm group to interface slot port on page 1431 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 Al...

Страница 1226: ... serial number up to 51 characters This value can be found for existing certificates by using the show run command Default Values No defaults necessary for this command Functional Notes The user typically does not enter this command It is primarily used to restore certificates from the startup configuration when the product is powered up Usage Examples The following example removes the certificate...

Страница 1227: ...number Specifies the certificate s serial number up to 51 characters This value can be found for existing certificates by using the show run command Default Values No defaults necessary for this command Functional Notes The user typically does not enter this command It is primarily used to restore certificates from the startup configuration when the product is powered up Usage Examples The followi...

Страница 1228: ...he CRL for the specific CA Syntax Description No subcommands Default Values No defaults necessary for this command Functional Notes The user typically does not enter this command It is primarily used to restore CRLs from the startup configuration when the product is powered up Usage Examples The following example removes the CRL for the current CA ProCurve config crypto ca certificate chain MyProf...

Страница 1229: ...are covered in a centralized section of this guide For more information refer to the sections listed below bind from interface slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 All other commands for this command set are described in this section in alphabetical order antireplay on page...

Страница 1230: ...replay sequence number checking for all security associations created on this crypto map Use the no form of this command to disable Syntax Description No subcommands Default Values By default this command is enabled Usage Examples The following example enables antireplay sequence checking on crypto map VPN 100 ProCurve config crypto map VPN 100 ipsec ike ProCurve config crypto map antireplay ...

Страница 1231: ...rth message of quick mode before bringing up its IPSec security associations SA s By default this feature is enabled on all SROS routers Some vendors however may have incorrect implementations of the commit bit that do not interoperate well with SROS routers In that case the commit bit should be disabled on all crypto maps that have a peer which does not support the commit bit Usage Example The fo...

Страница 1232: ...1230 crypto ipsec transform set esp aes 256 cbc esp sha hmac esp aes 256 cbc esp sha hmac mode tunnel crypto map VPN 10 ipsec ike description VPN to Main Site match address VPN 10 vpn selectors set peer 192 168 1 1 set transform set esp aes 256 cbc esp sha hmac set security association lifetime seconds 3600 no commit bit ike policy 100 ...

Страница 1233: ...Syntax Description policy number Specifies the policy number of the policy to assign to this crypto map Default Values No defaults necessary for this command Usage Examples The following example shows a typical crypto map configuration ProCurve config crypto ike policy 100 ProCurve config crypto map VPN 10 ipsec ike ProCurve config crypto map description Remote Office ProCurve config crypto map ma...

Страница 1234: ...hich data to secure Instead the crypto map entry refers to an access control list An access control list ACL is assigned to the crypto map using the match address command If no ACL is configured for a crypto map then the entry is incomplete and will have no effect on the system The entries of the ACL used in a crypto map should be created with respect to traffic sent by the product The source info...

Страница 1235: ...atches the unsecure traffic the traffic is discarded When a packet is to be transmitted on an interface the crypto map set associated with that interface is processed in order The first crypto map entry that matches the packet will be used to secure the packet If a suitable SA exists that is used for transmission Otherwise IKE is used to establish an SA with the peer If no SA exists and the crypto...

Страница 1236: ...ministrative distance for the static route Range is 1 to 255 tag value Optional Specifies that a tag will be added to the static route in the route table Range from 1 to 65 535 Default Values By default reverse routing is disabled Functional Notes Reverse route injection automatically inserts a static route to a peer s remote network into the route table of a VPN gateway The tags used in reverse r...

Страница 1237: ...s are configured the entry will only be used to respond to IPSec requests it cannot initiate the requests since it doesn t know which IP address to send the packet to If a single peer IP address is configured the crypto map entry can be used to both initiate and respond to SAs The peer IP address is the public IP address of the device which will terminate the IPSec tunnel If the peer IP address is...

Страница 1238: ...ffie Hellman Group 2 1024 bit modulus exchange during IPSec SA key generation group5 Requires IPSec to use Diffie Hellman Group 5 1536 bit modulus exchange during IPSec SA key generation Default Values By default no PFS will be used during IPSec SA key generation Functional Notes If left at the default setting no perfect forward secrecy PFS will be used during IPSec SA key generation If PFS is spe...

Страница 1239: ...me limit in kilobytes seconds value Specifies the SA lifetime limit in seconds Default Values By default the security association lifetime is set to 28 800 seconds and there is no default for the kilobytes lifetime Functional Notes Values can be entered for this command in both kilobytes and seconds Whichever limit is reached first will end the security association Usage Examples The following exa...

Страница 1240: ...es By default there is no transform set assigned to the crypto map Functional Notes Crypto map entries do not directly contain the transform configuration for securing data Instead the crypto map is associated with transform sets which contain specific security algorithms If no transform set is configured for a crypto map then the entry is incomplete and will have no effect on the system Usage Exa...

Страница 1241: ... following commands are common to multiple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below bind from interface slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 All other commands for this command set are descri...

Страница 1242: ...replay sequence number checking for all security associations created on this crypto map Use the no form of this command to disable Syntax Description No subcommands Default Values By default this command is enabled Usage Examples The following example enables antireplay sequence checking on crypto map VPN 100 ProCurve config crypto map VPN 100 ipsec manual ProCurve config crypto map antireplay ...

Страница 1243: ...Syntax Description policy number Specifies the policy number of the policy to assign to this crypto map Default Values No defaults necessary for this command Usage Examples The following example shows a typical crypto map configuration ProCurve config crypto ike policy 100 ProCurve config crypto map VPN 10 ipsec manual ProCurve config crypto map description Remote Office ProCurve config crypto map...

Страница 1244: ...sed to determine which data to secure Instead the crypto map entry refers to an access control list An access control list ACL is assigned to the crypto map using the match address command see crypto map on page 351 If no ACL is configured for a crypto map then the entry is incomplete and will have no effect on the system The entries of the ACL used in a crypto map should be created with respect t...

Страница 1245: ... matches the unsecured traffic the traffic is discarded When a packet is to be transmitted on an interface the crypto map set associated with that interface is processed in order The first crypto map entry that matches the packet will be used to secure the packet If a suitable SA exists that is used for transmission Otherwise IKE is used to establish an SA with the peer If no SA exists and the cry...

Страница 1246: ...the peer device Default Values There are no default settings for this command Functional Notes If no peer IP address is configured the manual crypto map is not valid and not complete A peer IP address is required for manual crypto maps To change the peer IP address the no set peer command must be issued first then the new peer IP address can be configured Usage Examples The following example sets ...

Страница 1247: ...fines encryption keys for outbound traffic ah SPI Specifies authentication header protocol esp SPI Specifies encapsulating security payload protocol cipher keyvalue Specifies encryption decryption key authenticator keyvalue Specifies authentication key Default Values There are no default settings for this command Functional Notes The inbound local security parameter index SPI must equal the outbou...

Страница 1248: ...urve config ip crypto Step 3 Define the transform set A transform set defines the encryption and or authentication algorithms to be used to secure the data transmitted over the VPN tunnel Multiple transform sets may be defined in a system Once a transform set is defined many different crypto maps within the system can reference it In this example a transform set named highly_secure has been create...

Страница 1249: ...und traffic The local system s inbound SPI and keys will be the peer s outbound SPI and keys The local system s outbound SPI and keys will be the peer s inbound SPI and keys In this example the following keys and SPIs are used Inbound cipher SPI 300Inbound cipher key 2te g89jnr j 4rvnfhg5e Outbound cipher SPI 400Outbound cipher key 8564hgjelrign gnb 1 d3 Inbound authenticator key r5 ughembkdhj34 x...

Страница 1250: ...evelopment Company L P 1248 Step 7 Configure private interface to allow all traffic destined for the VPN tunnel to be routed to the appropriate gateway ProCurve config interface ethernet 0 1 ProCurve config eth 0 1 ip address 10 10 10 254 255 255 255 0 ProCurve config eth 0 1 no shutdown ProCurve config eth 0 1 exit ...

Страница 1251: ... map Functional Notes Crypto map entries do not directly contain the transform configuration for securing data Instead the crypto map is associated with transform sets which contain specific security algorithms If no transform set is configured for a crypto map then the entry is incomplete and will have no effect on the system For manual key crypto maps only one transform set can be specified Usag...

Страница 1252: ...following commands are common to multiple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 All other commands for this command set are described in this section in alphabetical order dns server address1 address2 on page 1251 ip range start ip end i...

Страница 1253: ...o assign to a client Use the no form of this command to remove defined server address es Syntax Description address1 Assigns the first DNS server address address2 Optional Assigns the second DNS server address Default Values By default no DNS server address is defined Usage Examples The following example defines two DNS server addresses for this configuration pool ProCurve config ike client pool d...

Страница 1254: ...signing an IP address to a client Use the no form of this command to remove defined IP ranges Syntax Description start ip Specifies the first IP address in the range for this pool end ip Specifies the last IP address in the range for this pool Default Values By default no IP address range is defined Usage Examples The following example defines an IP address range for this configuration pool ProCur...

Страница 1255: ...name servers to assign to a client Use the no form of this command to remove assigned name servers Syntax Description address1 Specifies the first WINs server address to assign address2 Specifies the second WINs server address to assign Default Values By default no WINs server address is defined Usage Examples The following example defines two WINs server addresses for this configuration pool ProC...

Страница 1256: ...mands are common to multiple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 All other commands for this command set are described in this section in alphabetical order authentication dss sig pre share rsa sig on page 1255 encryption aes xxx cbc d...

Страница 1257: ... to use DSS signed certificates during IKE negotiation to validate the peer pre share Specifies the use of pre shared secrets during IKE negotiation to validate the peer rsa sig Specifies to use RSA signed certificates during IKE negotiation to validate the peer Default Values By default this command is enabled Functional Notes Both sides must share the same pre shared secret in order for the nego...

Страница 1258: ... IKE generated SA Syntax Description aes 128 cbc Specifies the AES 128 CBC encryption algorithm aes 192 cbc Specifies the AES 192 CBC encryption algorithm aes 256 cbc Specifies the AES 256 CBC encryption algorithm des Specifies the DES encryption algorithm 3des Specifies the 3DES encryption algorithm Default Values By default encryption is set to des Usage Examples The following example selects 3D...

Страница 1259: ...rate the keys which are then used to create the IPSec SA Syntax Description 1 Specifies 768 bit mod P 2 Specifies 1024 bit mod P 5 Specifies 1536 bit mod P Default Values By default group is set to 1 Functional Notes The local IKE policy and the peer IKE policy must have matching group settings in order for negotiation to be successful Usage Examples The following example sets this IKE policy to u...

Страница 1260: ...a Use the hash command to specify the hash algorithm to be used to authenticate the data transmitted over the IKE SA Syntax Description md5 Choose the MD5 hash algorithm sha Choose the SHA hash algorithm Default Values By default hash is set to sha Usage Examples The following example specifies md5 as the hash algorithm ProCurve config ike attribute hash md5 ...

Страница 1261: ...etime seconds Use the lifetime command to specify how long an IKE SA is valid before expiring Syntax Description seconds Specifies how many seconds an IKE SA will last before expiring Default Values By default lifetime is set to 28 800 seconds Usage Examples The following example sets a lifetime of two hours ProCurve config ike attribute lifetime 7200 ...

Страница 1262: ...436 exit on page 1437 ping address on page 1438 All other commands for this command set are described in this section in alphabetical order attribute policynumber on page 1261 client authentication host on page 1262 client authentication host xauth type generic otp radius on page 1263 client authentication server list listname on page 1264 client configuration pool poolname on page 1265 initiate a...

Страница 1263: ...5 535 to the attribute policy The number is the attribute s priority number and specifies the order in which the resulting VPN proposals get sent to the far end This command takes you to the config ike attribute prompt From here you can configure the settings for the attribute as outlined in the section IKE Policy Attributes Command Set on page 1254 Default Values By default no attribute is define...

Страница 1264: ...the password passphrase phrase Optional Enter the value sent via Xauth as the passphrase This is only used with authentication type OTP one time password Default Values By default if this command is not present in the IKE policy the unit does not act as an Xauth host Functional Notes The specified credentials are programmed into the unit and there is no prompt for entering values real time Therefo...

Страница 1265: ...eric authentication type otp Specifies OTP authentication type radius Specifies RADIUS authentication type Default Values By default this is set to generic Functional Notes This command is used along with the client authentication host username See client configuration pool poolname on page 1265 for more information When acting as an Xauth host this command allows the user to specify the Xauth aut...

Страница 1266: ...authentication is not performed Functional Notes When this IKE policy is negotiated and the peer has indicated Xauth via the IKE authentication method and or the Xauth vendor ID this command allows the unit to perform as an Xauth server edge device The specified AAA login method is used to identify the location of the user authentication database The client authentication host and the client authe...

Страница 1267: ...l poolname initiate respond client configuration pool poolname respond client configuration pool poolname respond initiate Syntax Description poolname The pool from which to obtain parameters to assign to the client Default Values By default if this command is not present in the IKE policy the device allocates mode config IP addresses DNS server addresses and NetBIOS name server addresses and mode...

Страница 1268: ...c address must be the initiator of the traffic and tunnel The side with the static address must be the responder main Specifies to initiate using main mode Main mode requires that each end of the VPN tunnel has a static WAN IP address Main mode is more secure than aggressive mode because more of the main mode negotiations are encrypted Default Values By default the main initiation is enabled Funct...

Страница 1269: ...the global system command ProCurve config crypto ike local id address This command which by default is executed on start up makes the local ID of an IKE policy equal to the IPv4 address of the interface on which an IKE negotiation is occurring This is particularly useful for products that could have multiple public interfaces The second method is to use the IKE policy command ProCurve config ike l...

Страница 1270: ...Enter v1 or v2 to select the NAT traversal version allow Sets the IKE policy to allow the specified NAT traversal version disable Sets the IKE policy to disable the specified NAT traversal version force Sets the IKE policy to force the specified NAT traversal version Default Values The defaults for this command are nat traversal v1 allow and nat traversal v2 allow Usage Examples The following exam...

Страница 1271: ...ing pre shared secret DES MD5 and Diffie Hellman Group 1 ProCurve config crypto ike policy 100 ProCurve config ike peer 172 17 45 57 ProCurve config ike peer 172 31 15 129 ProCurve config ike peer 192 168 1 3 ProCurve config ike respond anymode ProCurve config ike initiate main The following example sets up a policy allowing any peer to initiate using pre shared secret DES MD5 and Diffie Hellman G...

Страница 1272: ...Specifies to respond only to aggressive mode anymode Specifies to respond to any mode main Specifies to respond only to main mode Default Values By default respond to any mode is enabled Functional Notes By using the initiate and respond commands you can configure the IKE policy to initiate and respond initiate only or respond only It is an error if you have both initiate and respond disabled Usag...

Страница 1273: ...ure terminal ProCurve config ip as path list listname ProCurve config as path list The following commands are common to multiple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below do on page 1435 end on page 1436 exit on page 1437 All other commands for this command set are described in this section in alphabetical order deny...

Страница 1274: ...rameters can be present in the command internet Denies routes that contain the reserved community number for the INTERNET community local as Denies routes that contain the reserved community number for NO_EXPORT_SUBCONFED Routes containing this attribute should not be advertised to external BGP peers no export Denies routes that contain the reserved community number for NO_EXPORT Routes containing...

Страница 1275: ...y number Multiple community number parameters can be present in the command internet Permits routes that contain the reserved community number for the INTERNET community local as Permits routes that contain the reserved community number for NO_EXPORT_SUBCONFED Routes containing this attribute should not be advertised to external BGP peers no export Permits routes that contain the reserved communit...

Страница 1276: ...etical order match as path name on page 1276 match community name exact match on page 1277 match ip address access list name on page 1278 match ip address prefix list prefix list name on page 1279 match ip dscp value afxx csxx default ef on page 1280 match ip precedence value critical flash flash override immediate internet network priority routine on page 1283 match metric value on page 1286 matc...

Страница 1277: ...OS Command Line Interface Reference Guide Route Map Command Set 5991 2114 Copyright 2007 Hewlett Packard Development Company L P 1275 set local preference value on page 1298 set metric value on page 1299 ...

Страница 1278: ...orm of this command to discontinue matching Syntax Description name Specifies the name of the AS path list to match AS path lists are created using the ip as path list command in the Global configuration mode Default Values No default value necessary for this command Usage Examples The following example instructs the route map named MyMap to match the AS path list named TestPath ProCurve config ro...

Страница 1279: ... no form of this command to discontinue matching Syntax Description name Specifies the name of the community you want to match exact match Optional Specifies that the route map must match the community name exactly Default Values No default value necessary for this command Usage Examples The following example instructs the route map named MyMap to match the community named MyCommunity ProCurve con...

Страница 1280: ...ss list command Refer to ip access list extended listname on page 375 for more information Use the no form of this command to discontinue matching Syntax Description access list name Specifies the name of the access list to match Default Values No default value necessary for this command Usage Examples The following example instructs the route map named MyMap to match the IP address access list na...

Страница 1281: ... the ip prefix list command Refer to ip prefix list listname description text on page 435 for more information Use the no form of this command to discontinue matching Syntax Description prefix list name Specifies matching the IP address based on the prefix list name Default Values No default value necessary for this command Usage Examples The following example instructs the route map named MyMap t...

Страница 1282: ...f Service field by creating a six bit sequence combining the precedence value with the delay throughput and reliability bits This six bit sequence increased the number of available values from 8 to 64 The DiffServ model introduced a new concept to QoS in the IP network environment per hop behaviors PHBs The PHB premise is that pieces equipment using the DiffServ model have an agreed upon set of ru...

Страница 1283: ...enting IP precedence The following table is a comparison of IP precedence values to their corresponding DSCP values Assured Forwarding PHB The flexibility of DiffServ allows for more developed subclasses of service within each main class using the last three bits of the DSCP As defined in RFC2597 the Assured Forwarding PHB creates four main classes of service The first three bits of the DSCP speci...

Страница 1284: ...service to reduce latency jitter and dropped packets and should be guaranteed bandwidth during the entire end to end transmission journey through the network The DSCP value for the Expedited Forwarding PHB is 46 DSCP bits are 101110 Usage Examples The following example instructs the route map named MyMap to match the IP header with a DSCP Assured Forwarding Class 1 Subclass 2 af12 ProCurve config ...

Страница 1285: ...value of 1 immediate Specifies matching the IP precedence immediate Numeric value of 2 flash Specifies matching the IP precedence flash Numeric value of 3 flash override Specifies matching the IP precedence flash override Numeric value of 4 critical Specifies matching the IP precedence critical Numeric value of 5 internet Specifies matching the IP precedence internet Numeric value of 6 This level ...

Страница 1286: ...red to recognize and handle IP Precedence values While it is a good idea to set the values for critical traffic it does not guarantee special handling In addition to the IP Precedence values RFC791 specifies bits for delay throughput and reliability to help balance the needs of particular traffic types when traveling on the IP network infrastructure When these bits are set to 0 they are handled wi...

Страница 1287: ...nue matching Syntax Description minimum Specifies the minimum packet length you want to match Valid range 1 to 4 294 967 295 maximum Specifies the maximum packet length you want to match Valid range 1 to 4 294 967 295 Default Values No default value necessary for this command Usage Examples The following example instructs the route map named MyMap to match packets with a minimum length of 1 and a ...

Страница 1288: ...cified Multi Exit Discriminators MED value Use the no form of this command to discontinue matching Syntax Description value Specifies the MED value you want to match Valid range 1 to 4 294 967 295 Default Values No default value necessary for this command Usage Examples The following example instructs the route map named MyMap to match the MED value of 100 ProCurve config route map MyMap permit 10...

Страница 1289: ... match command will pass if any value matches Valid range is 1 to 65 535 Default Values No default value is necessary for this command Functional Notes More than one value may be specified as a tag to be matched The ip route command is related to the match tag command in that it includes an optional parameter to set the route tag value for local static routes VPN RRI Reverse Route Injection routes...

Страница 1290: ... form of this command to disable this feature Syntax Description as path prepend number Specifies a number to be prepended to the AS path value as an autonomous number Valid range 1 to 65 535 as path prepend last as number Specifies a number to be prepended to the last AS path number Valid range 1 to 10 Default Values No default value necessary for this command Usage Examples The following example...

Страница 1291: ...ify a list of communities to delete Use the no form of this command to disable this feature Syntax Description name Specifies the name of the list of communities to delete Default Values No default value necessary for this command Usage Examples The following example deletes the community list named listname ProCurve config route map MyMap permit 100 ProCurve config route map set comm list listnam...

Страница 1292: ...te map local as Sets the community attribute to the NO_EXPORT_SUBCONFED community number for routes serviced by this route map Routes containing this attribute should not be advertised to external BGP peers no export Sets the community attribute to the NO_EXPORT community number for routes serviced by this route map Routes containing this attribute should not be advertised to BGP peers outside a c...

Страница 1293: ...ed the router uses the first available interface from the list Use the no form of this command to remove the default interface Syntax Description interface Specifies the default interface Type set default interface for a list of valid interface types null 0 Redirects traffic to the specified interface regardless of available routing information Default Values No default value necessary for this co...

Страница 1294: ...cket along the first usable interface Use the no form of this command to cancel output from the specified interface Syntax Description interface Sets output interface type for the packet Type set interface for a list of valid interfaces interface id Specifies the ID of the specified interface type Default Values No default value necessary for this command Usage Examples The following example sets ...

Страница 1295: ...formation available Use the no form of this command to remove the configured default next hop Syntax Description interface Specifies the default interface Type set default next hop for a list of valid interface types null 0 Redirects traffic to the specified interface regardless of available routing information Default Values No default value necessary for this command Usage Examples The following...

Страница 1296: ...df command to identify the packet as don t fragment DF Use the no form of this command to remove this designation Syntax Description No subcommands Default Values No default value necessary for this command Usage Examples The following example designates the packet as don t fragment ProCurve config route map MyMap permit 100 ProCurve config route map set ip df ...

Страница 1297: ...Syntax Description value Specifies the DSCP numeric value Valid range 0 to 63 afxx Specifies the assured forwarding AF class and subclass Select from 11 001010 12 001100 13 001110 21 010010 22 010100 23 010110 31 011010 32 011100 33 011110 41 100010 42 100100 or 43 100110 csxx Specifies the class selector CS value Valid range 1 to 7 default Specifies the default IP DSCP value 000000 ef Specifies m...

Страница 1298: ...the no form of this command to remove the configured next hop address Syntax Description address Specifies the IP address in dotted decimal notation a b c d More than one address can be entered and the router uses the first available route from the list Default Values No default value necessary for this command Usage Examples The following example sets the ip next hop interface to 192 168 5 61 Pro...

Страница 1299: ... 7 in ascending order of importance routine Specifies the IP precedence routine Numeric value of 0 priority Specifies the IP precedence priority Numeric value of 1 immediate Specifies the IP precedence immediate Numeric value of 2 flash Specifies the IP precedence flash Numeric value of 3 flash override Specifies the IP precedence flash override Numeric value of 4 critical Specifies the IP precede...

Страница 1300: ...o a local autonomous system Use the no form of this command to cancel the local preference Syntax Description value Sets the local preference value Valid range 0 to 4 294 967 295 Default Values No default value necessary for this command Usage Examples The following example sets the local preference fro MyMap to a value of 100 ProCurve config route map MyMap permit 100 ProCurve config route map se...

Страница 1301: ...y a metric value for the route map Use the no form of this command to cancel the metric value Syntax Description value Sets the metric value Valid range 0 to 4 294 967 295 Default Values No default value necessary for this command Usage Examples The following example sets the metric value for MyMap to 100 ProCurve config route map MyMap permit 100 ProCurve config route map set metric 100 ...

Страница 1302: ...ted below bind from interface slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 All other commands for this command set are described in this section in alphabetical order bgp always compare med on page 1301 bgp compare med ignore med on page 1302 bgp default local preference metric on ...

Страница 1303: ...SROS to always compare the Multi Exit Discriminators MEDs for all paths for a route regardless of the autonomous system AS through which the paths pass Use the no form of this command to disable this feature Syntax Description No subcommands Default Values By default this command is disabled Usage Examples The following example enables this option ProCurve config router bgp 65000 ProCurve config b...

Страница 1304: ...re the Multi Exit Discriminators MEDs for all routes from the same autonomous system AS Use the bgp ignore med to configure the SROS to disregard all MED attributes for all received routes Syntax Description No subcommands Default Values By default the SROS compares the MED attributes for routes from the same AS Usage Examples The following example enables this option ProCurve config router bgp 65...

Страница 1305: ...tive to other routes in the local autonomous system AS BGP4 neighbors can send the local preference value as an attribute of a route in an UPDATE message Local preference only applies to routes within the local AS Use the no form of this command to return to the default setting Syntax Description metric Specifies the new local preference Valid range is 0 to 4 294 967 295 Default Values The default...

Страница 1306: ...SROS to compare the Multi Exit Discriminators MEDs for all BGP routes received from different neighbors within the same AS Use the no form of this command to disable this option Syntax Description No subcommands Default Values By default this option is disabled Usage Examples The following example enables the SROS to use the deterministic MED option ProCurve config router bgp 65000 ProCurve config...

Страница 1307: ... feature Syntax Description No subcommands Default Values By default this command is enabled Functional Notes When enabled if the link interface over which the router is communicating with a BGP peer goes down the BGP session with that peer is immediately cleared When fallover is disabled and the link goes down the session is maintained until the BGP hold timer expires Usage Examples The following...

Страница 1308: ...f this command to return to the default setting Syntax Description No subcommands Default Values By default neighbor changes are not logged Functional Notes This command controls logging of BGP neighbor state changes up down and resets This information is useful for troubleshooting and determining network stability Usage Examples The following example enables logging of BGP neighbor state changes ...

Страница 1309: ...ault no router ID is configured The default action is detailed in Functional Notes below Functional Notes This command allows an IP address to be specified for use as the BGP router ID If no IP address is configured at BGP startup it uses the highest IP address configured on a loopback interface If no loopback interfaces are configured it uses the highest IP address configured on any interface tha...

Страница 1310: ...ocal Sets the administrative distance for BGP routes learned via the network command and redistribution A value of 255 means the route is not installed in the route table Range 1 to 254 Default Values By default external is set to 20 internal to 200 and local to 200 Normally these default settings should not be changed Functional Notes This command sets the administrative distance for BGP routes T...

Страница 1311: ...lues By default the hold time is 90 seconds Functional Notes Using the hold timer command in BGP configuration mode sets the default hold time for all neighbors in that BGP process Using the hold timer command in BGP neighbor configuration mode sets the hold time for only that neighbor The peers will negotiate and use the lowest configured setting The keepalive interval will be set to one third of...

Страница 1312: ...bled BGP4 can balance traffic to a specific destination across up to six equal paths Use the no form of this command to return to the default value Syntax Description value Specifies the number of parallel routes eBGP neighbors can inject into the route table Valid range is 1 to 6 Default Values By default a single path can exist in the route table Usage Examples The following example configures t...

Страница 1313: ...on Command Set on page 1313 for more information on neighbor specific configuration parameters Use the no form of this command to remove the configured neighbor Syntax Description address Specifies the IP address for the neighbor in dotted decimal notation Default Values By default there are no configured BGP neighbors Usage Examples The following example configures a BGP neighbor with an IP addre...

Страница 1314: ...x Description address Specifies the network address for the neighbor the SROS will advertise over BGP Enter the network in dotted decimal notation A B C D mask mask Specifies the subnet mask for the specified neighbor in dotted decimal notation A B C D Default Values By default there are no configured BGP networks Usage Examples The following example adds the 172 20 2 0 network with a subnet mask ...

Страница 1315: ...rmation refer to the sections listed below bind from interface slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 exit on page 1437 ping address on page 1438 shutdown on page 1442 All other commands for this command set are described in this section in alphabetical order advertisement interval seconds on page 1314 as path list listname in out on p...

Страница 1316: ...ecifies the advertisement interval in seconds Range 0 to 600 Default Values By default the advertisement interval is 30 seconds for external neighbors and 5 seconds for internal neighbors Functional Notes This command sets the minimum interval between sending updates to the specified neighbor Usage Examples The following example configures the BGP process to wait at least 100 seconds before sendin...

Страница 1317: ...signs an AS path list to this BGP neighbor in Specifies the filtering of all inbound BGP route updates out Specifies the filtering of all outbound BGP route updates Default Values By default no AS path lists are specified for filtering Functional Notes Before they can be assigned to a neighbor AS path lists must first be defined using the ip as path list command See ip as path list listname on pag...

Страница 1318: ...op is set to 1 Functional Notes This command allows an eBGP neighbor to be on a network that is not directly connected Normally eBGP peers are directly connected In certain applications a non BGP device such as a firewall or router may reside between eBGP peers In this case the eBGP multihop command is required to allow updates to have a TTL greater than 1 and to allow received BGP updates to be a...

Страница 1319: ...d time is 90 seconds Functional Notes Using the hold timer command in BGP configuration mode sets the default hold time for all BGP neighbors Using the hold timer command in BGP neighbor configuration mode sets the hold time for the specific neighbor The peers will negotiate and use the lowest configured setting The keepalive interval will be set to one third of the negotiated hold time Usage Exam...

Страница 1320: ...mples The following example configures this BGP neighbor s AS number to be 300 ProCurve config router bgp 65000 ProCurve config bgp neighbor 172 24 3 192 ProCurve config bgp neighbor local as 300 Technology Review This router appears to the peer router to be in the AS specified with the local as command In network advertisements from routers using the local as command the first router s true AS nu...

Страница 1321: ... a next hop set to the IP address that the receiving peer has configured in its neighbor statement for this router In the eBGP case where the receiving router is in the same subnet as the current next hop the current next hop is not changed For broadcast multiaccess networks Ethernet this provides more efficient routing For non broadcast multiaccess networks NBMA such as Frame Relay with a partial...

Страница 1322: ...is case sensitive and must not exceed 80 characters Default Values By default authentication is disabled Functional Notes Authentication must be configured on both peers using the same password Every BGP TCP segment sent is authenticated Configuring authentication causes an existing session to be torn down and re established using the currently specified authentication Usage Examples The following...

Страница 1323: ...ifies the filtering of all inbound BGP route updates received from the specified peer out Specifies the filtering of all outbound BGP route updates being sent to the specified peer Default Values By default no prefix lists are specified for filtering Functional Notes Before they can be assigned to a BGP neighbor prefix lists must first be defined using the ip prefix list command See ip prefix list...

Страница 1324: ...nd to return to default settings Syntax Description as number Specifies the AS number This number must be different from the AS number of the local router which is defined using the router bgp command Range 1 to 65 535 See router bgp AS number on page 491 for more information Default Values By default no BGP neighbors are defined Usage Examples The following example configures a remote AS number o...

Страница 1325: ...to this BGP neighbor in Specifies the filtering modification of all inbound BGP route updates out Specifies the filtering modification of all outbound BGP route updates Default Values By default no route map is assigned Functional Notes Before a route map can be assigned to a BGP neighbor it must first be defined using the route map command See route map map name permit deny sequence number on pag...

Страница 1326: ...into all outgoing route updates for this neighbor Use the no form of this command to return to default settings Syntax Description No subcommands Default Values By default this command is disabled Usage Examples The following example inserts a standard BGP community attribute into all outgoing route updates for the specified neighbor ProCurve config router bgp 65000 ProCurve config bgp neighbor 17...

Страница 1327: ... subcommands Default Values By default this command is enabled Functional Notes BGP updates are stored prior to filtering thus allowing the clear ip bgp soft command to be used in the absence of route refresh RFC2918 capability This command affects all neighbors See clear ip bgp as number ip address in out soft on page 37 for more information Usage Examples The following example enables the unit t...

Страница 1328: ...ax Description interface Specifies the interface ID e g loopback 1 of the virtual interface to be used as the source IP address Default Values By default the outbound interface s IP address is used for BGP updates Functional Notes This is most often configured as a loopback interface that is reachable by the peer router The peer will specify this address in its neighbor commands for this router Us...

Страница 1329: ...ProCurve config comm list The following commands are common to multiple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below bind from interface slot port tdm group to interface slot port on page 1431 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 All other commands for this command set are describ...

Страница 1330: ...s the well known reserved community number for the INTERNET community local as Denies routes that contain this value in their community attribute This represents the well known reserved community number for NO_EXPORT_SUBCONFED Routes containing this attribute should not be advertised to external BGP peers no export Denies routes containing this value in their community attribute This represents th...

Страница 1331: ...nts the well known reserved community number for the INTERNET community local as Permits routes that contain this value in their community attribute This represents the well known reserved community number for NO_EXPORT_SUBCONFED Routes containing this attribute should not be advertised to external BGP peers no export Permits routes containing this value in their community attribute This represent...

Страница 1332: ...be These are explained in the Network Monitor Track Configuration Command Set on page 1347 To activate the Network Monitor Probe Configuration mode enter the probe command at the Global Configuration mode prompt followed by the probe name Specify the probe type of icmp echo tcp connect or http request For example ProCurve enable ProCurve configure terminal ProCurve config probe probe1 icmp echo Pr...

Страница 1333: ...ddress on page 1341 source port port on page 1342 timeout value on page 1343 tolerance on page 1344 The following commands are applicable to HTTP request probe types and can be executed after this command ProCurve config probe probe name http request absolute path on page 1332 destination on page 1334 expect regex expression on page 1335 expect status minimum maximum on page 1336 period value on p...

Страница 1334: ... form of this command to return to the default Syntax Description name Specifies a pathname Default Values By default the path name is the forward slash symbol Functional Notes This command can only be executed while in the probe name http request command set Usage Examples The following example sets the absolute path to home index html ProCurve config probe probe1 http request ProCurve config pro...

Страница 1335: ...rn Specifies a hexadecimal data pattern Default Values By default the data pattern is a standard ping packet pattern of data values starting with 0x00 incrementing by one for the length of the packet Refer to ping address on page 1438 for more information on ping packet data patterns Functional Notes This command can only be executed while in the probe name icmp echo command set Usage Examples The...

Страница 1336: ...dress port number Syntax Description hostname Specifies the IP host by name ip address Specifies a valid IP address IP addresses should be expressed in dotted decimal notation for example 10 10 10 1 port Optional Specifies port number This feature is not used with icmp echo probes Default Values By default there is no setting for this command Usage Examples The following example specifies www proc...

Страница 1337: ...atch anything the probe fails Use the no form of this command to return to the default Syntax Description expression Specifies the expression to display Default Values By default no regular expression is defined Functional Notes This command can only be executed while in the probe name http request command set Usage Examples The following example only allows the probe1 test to pass if the word suc...

Страница 1338: ...iption minimum Specifies a minimum number value for the status code Valid range is 0 to 999 maximum Optional Specifies a maximum number to create a range of status codes Valid range is 0 to 999 Default Values By default there is no setting for this command Functional Notes This command can only be executed while in the probe name http request command set Specifying only a minimum value indicates o...

Страница 1339: ...pts Use the no form of this command to return to the default Syntax Description value Specifies the time in seconds between probe test attempts Valid range is 1 to 4 294 967 295 seconds Default Values By default the period between probe tests is 60 seconds Usage Examples The following example specifies probe1 to initiate probe tests every 90 seconds ProCurve config probe probe1 icmp echo ProCurve ...

Страница 1340: ...on page 1346 for more information The following system variables can be used in the text SYSTEM_NAME The host name of the system SYSTEM_SERIAL_NUMBER The serial number of the system SYSTEM_DESCRIPTION The product name and part number of the system SYSTEM_SOFTWARE_VERSION The firmware version of the system Usage Examples The following example configures a RAW HTTP request that attempts to access up...

Страница 1341: ...m of this command to enable a probe to generate traffic Syntax Description No subcommands Default Values By default probes are shut down when created Functional Notes A probe must be created first using the probe command Refer to probe on page 485 for more information Issuing the shutdown command at the probe configuration prompt will disable a probe causing it to cease generating traffic Usage Ex...

Страница 1342: ...s command to return to the default Syntax Description data length Specifies size of ICMP datagram Valid range is 0 to 1448 bytes Default Values By default the data length is 64 bytes Functional Notes This command can only be executed while in the probe name icmp echo command set Usage Examples The following example sets the length of the ICMP packet s data section for probe1 to 25 bytes ProCurve c...

Страница 1343: ...ve the source IP address Syntax Description ip address Specifies a valid IP address IP addresses should be expressed in dotted decimal notation for example 10 10 10 1 Default Values By default the IP address of the outbound interface is used Functional Notes A valid local IP address must be entered for proper functionality Usage Examples The following example configures the source IP address on pr...

Страница 1344: ...is command to return to the default Syntax Description port Specifies the port number Valid range is 1 to 65 535 Default Values By default the probe automatically selects the port number Functional Notes This command can be executed while in the probe name tcp connect or http request command set Usage Examples The following example configures the source port on probe1 as 5000 ProCurve config probe...

Страница 1345: ...ecifies the timeout value in milliseconds This value must be less than the probe period value refer to period value on page 1337 Valid range is 250 to 4 294 967 296 milliseconds Default Values By default the timeout is 1500 milliseconds for ICMP echo probes 10 000 milliseconds 10 seconds for TCP connect probes and 10 000 milliseconds 10 seconds HTTP request probes Usage Examples The following exam...

Страница 1346: ... that probe state transitions occur after a certain ratio of test results conflict with the current state fail number Specifies the number of failures that must occur before transitioning the probe to the FAIL state Valid ranges are 1 to 255 consecutive failures and 1 to 254 failures per set pass number Specifies the number of passes before transitioning the probe to the PASS state Valid ranges ar...

Страница 1347: ...cutive passes to change its status to PASS when in the FAIL state ProCurve config probe probe1 icmp echo ProCurve config probe probe1 tolerance consecutive fail 10 pass 5 In the following example the probe is configured for rate tolerance To move to the FAIL state 5 of the last 10 tests must fail Once in this state 8 of the last 10 tests must pass in order to transition the probe back to PASS ProC...

Страница 1348: ... get type head type raw Syntax Description get Specifies the probe use HTTP get request head Specifies the probe use HTTP head request raw Specifies the probe use HTTP raw request Default Values By default the probe s HTTP request is set to get Functional Notes This command can only be executed while in the probe name http request command set Usage Examples The following example configures probe1 ...

Страница 1349: ... state an event is sent to the track Additional configuration commands are available for creating probes These are explained in the Network Monitor Probe Command Set on page 1330 To activate the Network Monitor Track Configuration mode enter the track command at the Global Configuration mode prompt followed by the name of the track For example enable configure terminal config track track1 config t...

Страница 1350: ...to wait before allowing a new probe status change to trigger a new action Use the no form of this command to return to the default Syntax Description value Specifies the time interval value in seconds Valid range is 1 to 4 294 967 295 Default Values By default the interval is set to 0 seconds Usage Examples The following example sets the dampening interval to 90 seconds ProCurve config track track...

Страница 1351: ... displayed real time on the terminal or Telnet screen Use the no form of this command to disable this feature Unlike track debug commands the log changes command appears in the running configuration and can be saved to persist through a unit restart Syntax Description No subcommands Default Values By default this feature is disabled Usage Examples The following example enables the logging of statu...

Страница 1352: ...nd to enable a track Syntax Description No subcommands Default Values By default tracks are active when created Functional Notes A track must be created first using the track command in the Global Configuration mode Refer to the command track name on page 532 for more information Issuing the shutdown command at the track configuration prompt will force the track to fail Usage Examples The followin...

Страница 1353: ... schedule or probe is in an ACTIVE or PASS state Conversely the track will FAIL if the schedule or probe is in an INACTIVE or FAIL state The test if not command specifies a conditional test where the track state pass or fail is dependant upon the state of the object probe or schedule being tested The not keyword indicates that the track state will negate the result of the object test For example t...

Страница 1354: ...me active The following bullets describe the setup via CLI to accomplish the customer s goals A schedule called DELAY AFTER BOOT is created and specified to become active 180 seconds after the SROS unit has booted up A track named DELAY is created Track DELAY is associated with the schedule DELAY AFTER BOOT via the following command config track DELAY test if not schedule DELAY AFTER BOOT The inve...

Страница 1355: ...the default route to null interface 0 has a lower administrative distance than the demand interface default route As soon as a default route has been assigned to the primary Ethernet WAN interface the route will appear in the routing table with an administrative distance of 1 which is lower than the administrative distance of 10 for the null interface Due to the lower administrative distance all t...

Страница 1356: ...test list to fail or Specifies the relationship between all objects placed in this list The logical OR relationship means that only one of the objects in this list must be in the PASS state for the track test list to pass and all objects in a FAIL state for the track test list to fail if probe schedule Specifies a single conditional test to be added to the test track list if not probe schedule Spe...

Страница 1357: ...test exit ProCurve config track track LB no shutdown The show track LB command is executed to see whether track LB is in a PASS state ProCurve show track LB Current State PASS Admin UP Testing probe LB PASS AND probe LB2 PASS Dampening Interval 1 seconds Time in current state 0 days 0 hours 0 minutes 29 seconds Track State Changes 2 Tracking Currently track LB is in a PASS state Due to the AND Boo...

Страница 1358: ...ion Command Set 5991 2114 Copyright 2006 Hewlett Packard Development Company L P 1356 Note If the test list in this example had specified the OR Boolean logic using the test list or command then track LB would have passed even though one of the test probes was in the FAIL state ...

Страница 1359: ...ption if probe schedule Specifies a single conditional test to be added to the test track list if not probe schedule Specifies a single conditional test to be added to the test track list The not keyword indicates that the individual track state will negate the result of the object test name Specifies the name of the probe or schedule weight value Specifies the weight value to use if this test is ...

Страница 1360: ...roCurve config track LB test ProCurve config track LB test test list weighted ProCurve config track LB test test if probe LB weight 10 ProCurve config track LB test test if probe LB2 weight 20 ProCurve config track LB test test if probe LB3 weight 30 ProCurve config track LB test test threshold pass 35 fail 25 ProCurve config track LB test test exit ProCurve config track LB test no shutdown The sh...

Страница 1361: ...SS 30 if probe LB3 FAIL Total 20 currently 35 changes state to PASS Dampening Interval 1 seconds Time in current state 0 days 0 hours 0 minutes 33 seconds Track State Changes 1 Tracking Only probe LB2 is in the PASS state Therefore the sum of the assigned weights equals 20 The value of 20 falls below the FAIL threshold of 25 As a result the current state of the track is now FAIL ...

Страница 1362: ...page 1437 ping address on page 1438 All other commands for this command set are described in this section in alphabetical order area area id default cost value on page 1361 area area id range ip address network mask advertise not advertise on page 1362 area area id stub no summary on page 1363 auto cost reference bandwidth rate on page 1364 distance intra area inter area external value on page 136...

Страница 1363: ...the no form of this command to delete the assigned cost Syntax Description area id Specifies identifier for this area Enter as an integer range 0 to 4 294 967 295 or an IP address A B C D value Specifies default summary route cost Range 0 to 166 777 214 Default Values By default the summary route cost is set to 0 There is no default for the area ID Usage Examples The following example defines a de...

Страница 1364: ...er as an integer range 0 to 4 294 967 295 or an IP address A B C D ip address The IP address of the advertised summary route network mask The mask of the advertised summary route advertise The specified address range will be advertised to other networks not advertise The specified address range will not be advertised to other networks Default Values By default OSPF is not enabled Usage Examples Th...

Страница 1365: ... keyword to designate the area as a total stub area No summary link advertisements will be sent by the ABR into the stub area Default Values By default OSPF is not enabled Technology Review It is important to coordinate configuration of all routers and access servers in the stub area The area stub command must be configured for each of those pieces of equipment Use the area router configuration co...

Страница 1366: ...terface cost to an interface It may be necessary to assign a higher number to high bandwidth links This value is used in OSPF metric calculations Syntax Description rate Sets the default reference bandwidth rate range 1 to 4 294 967 Mbps Default Values By default the rate is set to 100 Usage Examples The following example sets the auto cost reference bandwidth to 1000 Mbps ProCurve config router o...

Страница 1367: ...enerates one unless the always keyword is used Syntax Description always Specifies to always advertise default route metric value Configures metric value range is 0 to 16 777 214 metric type type Configures metric type 1 or 2 Default Values metric value 10 metric type type 2 Usage Examples The following example configures a router to always advertise default routes and assigns the default routes a...

Страница 1368: ... at 20 Functional Notes The metric value defined using the redistribute command overrides the default metric command s metric setting See redistribute ospf metric value on page 1386 and redistribute static metric value on page 1387 for related information Usage Examples The following example shows a router using both RIP and OSPF routing protocols The example advertises RIP derived routes using th...

Страница 1369: ...into the route table Range is 0 to 255 intra area Specifies using a unique administrative distance for route paths between a source and destination in the same routing area inter area Specifies using a unique administrative distance for route paths between a source and destination in different areas external Specifies using a unique administrative distance for route paths between different autonom...

Страница 1370: ...um number of multipath routes to advertise to the route table via OSPF Syntax Description number Specifies the number of routes OSPF can insert into the route table Valid range 1 to 6 Default Values By default maximum paths is set to 4 Usage Examples The following example sets the maximum number of multipath routes OSPF can insert in the route table to 5 ProCurve config router ospf ProCurve config...

Страница 1371: ...an IP address A B C D Default Values No default values required for this command Technology Review In order for OSPF to operate on an interface the primary address for the interface must be included in the network area command Assigning an interface to an OSPF area is done using the network area command There is no limit to the number of network area commands used on a router If the address ranges...

Страница 1372: ...cription metric value Optional Specifies a metric value to be carried from one OSPF process to the next if no other value is specified metric type type Optional Specifies a type 1 or type 2 external route as the external link type If not specified the default is 2 subnets Optional Specifies subnet redistribution when redistributing routes into OSPF Default Values By default this command is disable...

Страница 1373: ...ic Specifies advertising static routes using OSPF metric value Optional Specifies a metric value to be carried from one OSPF process to the next if no other value is specified metric type type Optional Specifies a type 1 or type 2 external route as the external link type If not specified the default is 2 subnets Optional Specifies subnet redistribution when redistributing routes into OSPF Default ...

Страница 1374: ... routes that match the specified mask prefix mask pair Syntax Description address Specifies IP address or Prefix A B C D mask prefix mask Routes matching this mask prefix mask pair will be suppressed if the not advertise command is enabled not advertise Optional Causes suppression of routes that match the specified mask prefix mask pair Default Values By default this command is disabled Usage Exam...

Страница 1375: ... timers lsa group pacing command to change the link state advertisement LSA refresh interval Syntax Description seconds Sets the LSA refresh interval in seconds range 10 to 1 800 Default Values By default this value is set at 240 seconds Usage Examples The following example sets the refresh interval for six minutes ProCurve config router ospf ProCurve config ospf timers lsa group pacing 360 ...

Страница 1376: ... and hold intervals Syntax Description delay Specifies time in seconds between OSPF s receipt of topology changes and the beginning of SPF calculations hold Specifies time in seconds between consecutive SPF calculations Range 10 to 1800 seconds Default Values delay 5 seconds hold 10 seconds Usage Examples The following example defines a delay of 10 seconds and a hold time of 30 seconds ProCurve co...

Страница 1377: ...er pim sparse ProCurve config pim sparse The following commands are common to multiple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below bind from interface slot port tdm group to interface slot port on page 1431 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438All other commands for this command s...

Страница 1378: ...g rate for PIM sparse join prune messages Use the no form of this command to return to the default setting Syntax Description seconds Specifies the PIM sparse join prune message interval Valid range 10 to 65 534 seconds Default Values By default the message interval is set to 60 seconds Usage Examples The following example sets the interval for 50 seconds ProCurve config router pim sparse ProCurve...

Страница 1379: ...s then a hash algorithm determines the appropriate hierarchy see below The results of the hash algorithm can be seen with the show ip pim sparse rp map command The hash algorithm is defined in RFC 2117 section 3 7 as follows For each RP address C i in the RP Set whose Group prefix covers G compute a value Value G M C i 1103515245 1103515245 G M 12345 XOR C i 12345 mod 2 31 where M is a hash mask i...

Страница 1380: ... of packets the router sends using the rendezvous point RP before switching to the SPT Syntax Description packets Specifies the number of packets the router sends using the RP before switching to the SPT Valid range 1 to 4 294 967 295 infinity Causes all sources to use the shared RP tree Default Values By default the SPT threshold is set to 1 packet Usage Examples The following example sets the SP...

Страница 1381: ...d section of this guide For more information refer to the sections listed below do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 All other commands for this command set are described in this section in alphabetical order auto summary on page 1380 default metric value on page 1381 distribute list access list in out interface type slot port on page 1382 network address su...

Страница 1382: ...arization Syntax Description No subcommands Default Values By default auto summary is disabled Functional Notes Use this command if you are subdividing a classful network into many subnets and these subnets are to be advertised over a slow link 64K or less to a router that can only reach the classful network via the router you are configuring Usage Examples The following example configures the rou...

Страница 1383: ... Default Values By default this value is set at 0 Functional Notes The metric value defined using the redistribute command overrides the default metric command s metric setting See redistribute ospf metric value on page 1386 and redistribute static metric value on page 1387 for related information Usage Examples The following example shows a router using both RIP and OSPF routing protocols The exa...

Страница 1384: ...which the contents of the incoming outgoing routing updates are matched in Applies RIP filtering to inbound data out Applies RIP filtering to outbound data interface type slot port Optional Specifies the interface in which to apply the ACL Type distribute list xxxx in for a complete list of applicable interfaces Default Values By default distribute list filtering is disabled Usage Examples The fol...

Страница 1385: ...tional Notes The SROS will only allow processing sending and receiving RIP messages on interfaces with IP addresses that are contained in the networks listed using this command All RIP messages received on interfaces not listed using this command will be discarded To allow for receiving and participating in RIP but not for transmitting use the passive interface command refer to passive interface i...

Страница 1386: ...that will not transmit routing updates Default Values By default RIP is not enabled Functional Notes All routing updates received on that interface will still be processed and advertised to other interfaces but no updates will be transmitted to the network connected to the specified interface Multiple passive interface commands may be used to create a customized list of interfaces Usage Examples T...

Страница 1387: ...le the propagation of the specified route type Syntax Description metric value Optional Specifies the hop count to use when advertising redistributed OSPF routes using the RIP protocol Default Values By default RIP is not enabled Functional Notes Redistributing connected routes imports those routes into RIP without the interfaces in question actually participating in RIP The connected routes impor...

Страница 1388: ...to use when advertising redistributed OSPF routes using the RIP protocol Default Values By default this command is disabled Functional Notes Redistributing OSPF routes imports those routes into RIP without the interfaces in question actually participating in RIP The OSPF routes imported this way are not covered by a network command and therefore do not send receive RIP traffic If redistribute ospf...

Страница 1389: ...pecified route type Syntax Description metric value Optional Specifies the hop count to use for advertising redistributed OSPF routes in RIP Default Values By default this command is disabled Functional Notes Redistributing static routes allows other network devices to learn about paths not compatible with their system without requiring manual input to each device on the network Usage Examples The...

Страница 1390: ...ll be removed from the route table Use the no form of this command to return to the default settings Syntax Description seconds Sets the timeout timer value Valid range 5 to 4294967295 seconds Default Values By default this value is set at 180 seconds Functional Notes Note that the timeout timer value cannot be set to a value less than the update timer value It is recommended that this timer be se...

Страница 1391: ...Specifies the number of seconds allowed to elapse between RIP update packet transmissions Valid range 5 to 4 294 967 295 seconds Default Values By default this value is set at 30 seconds Functional Notes Note that the timeout timer value cannot be set to a value less than the update timer value It is recommended that the timeout timer be set to a value that is three times the value of the update t...

Страница 1392: ...ion used on all IP interfaces This global configuration is overridden using the configuration commands ip rip send version and ip rip receive version Use the no form of this command to return to the default value Syntax Description 1 RIP version 1 2 RIP version 2 Default Values By default RIP is not enabled Usage Examples The following example specifies RIP version 2 as the global RIP version ProC...

Страница 1393: ...rder to actively process traffic Any traffic for the interface that is not sent to the priority queue is sent using the default queuing method for the interface such as weighted fair queuing For example ProCurve enable ProCurve configure terminal ProCurve config qos map VOICEMAP 10 ProCurve config qos map match precedence 5 ProCurve config qos map priority 512 ProCurve config qos map exit ProCurve...

Страница 1394: ...h between all priority entries and class based entries bandwidth in a QoS map set should not be configured beyond the specified max reserved bandwidth default 75 percent on the interface that the QoS policy is applied to using the qos policy command or the map will be disabled Even with the configuration limit class based queues can still use more than the max reserved bandwidth limitation up to 1...

Страница 1395: ...where Bandwidth minimum amount of bandwidth needed for the traffic in kbps max reserved bandwidth specifies the percentage of the total line rate available for use by QoS Line Rate total data rate configured on the interface for example 8 DS0s 64 kbps per DS0 on a T1 equals a line rate of 512 kbps Priority Traffic amount of bandwidth reserved using the priority command For example to specify 80 kb...

Страница 1396: ...o each class ProCurve config qos map MyMap 1 ProCurve config qos map match precedence 5 ProCurve config qos map bandwidth percent 25 ProCurve config qos map MyMap 2 ProCurve config qos map match precedence 3 ProCurve config qos map bandwidth percent 10 ProCurve config qos map MyMap 3 ProCurve config qos map match precedence 2 ProCurve config qos map bandwidth percent 10 ProCurve config qos map MyM...

Страница 1397: ...ect from 11 001010 12 001100 13 001110 21 010010 22 010100 23 010110 31 011010 32 011100 33 011110 41 100010 42 100100 or 43 100110 csx Specifies the class selector CS value Valid range is 1 to 7 default Specifies the default IP DSCP value 000000 dscp 0 63 Matches IP packets with the specified Differentiated Service Code Point DSCP value ef Specifies marking for expedited forwarding EF ip rtp star...

Страница 1398: ...qos map match list Class_A ProCurve config qos map match list Class_B ProCurve config qos map bandwidth percent 25 Alternately the following configuration is also valid ProCurve config qos map MyMap 1 ProCurve config qos map match list Class_A ProCurve config qos map bandwidth percent 25 ProCurve config qos map MyMap 2 ProCurve config qos map match list Class_B ProCurve config qos map bandwidth pe...

Страница 1399: ...fig qos map match list CLASS_1 ProCurve config qos map bandwidth 96 ProCurve config qos map MyMap 3 ProCurve config qos map match list CLASS_2 ProCurve config qos map bandwidth 52 3 Specify the reserved bandwidth and apply the map ProCurve config fr 1 max reserved bandwidth 85 ProCurve config fr 1 qos policy out MyMap Technology Review RFC791 created a single octet labeled Type of Service to help ...

Страница 1400: ...y A 1 in the throughput position indicates that the traffic has higher bandwidth requirements that should be met A 1 in the reliability position indicates that the traffic is sensitive to delivery issues and care should be taken to ensure proper delivery with all packets of this type These extra bits are rarely used because they are quite difficult to balance the cost and benefits of each paramete...

Страница 1401: ...implementing IP precedence The following table is a comparison of IP precedence values to their corresponding DSCP values Assured Forwarding PHB The flexibility of DiffServ allows for more developed sub classes of service within each main class using the last three bits of the DSCP As defined in RFC2597 the Assured Forwarding PHB creates four main classes of service The first three bits of the DSC...

Страница 1402: ...tended to provide the best service possible on an IP network Packets using the Expedited Forwarding PHB markings should be provided service to reduce latency jitter dropped packets and be guaranteed bandwidth during the entire end to end transmission journey through the network The DSCP value for the Expedited Forwarding PHB is 46 DSCP bits are 101110 Bit 3 Bit 4 Drop Precedence 0 1 Low 1 0 Medium...

Страница 1403: ...urst size in bytes for traffic in this priority queue This parameter should be left unconfigured for optimal performance Range 3 to 1 000 000 percent value Allocates a minimum bandwidth for a traffic class specifying the minimum as a percentage of the total interface bandwidth This command is especially useful for protecting bandwidth allocation in multilink applications See Functional Notes for m...

Страница 1404: ...ng needs Reserve 15 of the line rate for routing traffic and L2 protocol traffic max reserved bandwidth 85 Line Rate 512 kbps Guaranteed 256 kbps for Voice Guaranteed 96 kbps for Class 1 Guaranteed 52 kbps for Class 2 To configure this QoS policy enter the following QoS map and interface commands 1 Allocate LLQ Priority voice traffic ProCurve config qos map MyMap 1 ProCurve config qos map match li...

Страница 1405: ...o 7 default Specifies the default IP DSCP value 000000 ef Specifies marking for expedited forwarding EF Default Values No default value is necessary for this command Functional Notes QoS policies are configured in the SROS CLI to dictate the priority for servicing specified traffic types on a particular interface QoS policies contain at least one match reference using the match command and one or ...

Страница 1406: ...nd Line Interface Reference Guide Quality of Service QoS Map Commands 5991 2114 Copyright 2007 Hewlett Packard Development Company L P 1404 ProCurve config qos map VOICEMAP 10 ProCurve config qos map set dscp 46 ...

Страница 1407: ... a particular interface QoS policies contain at least one match reference using the match command and one or more action items using the priority bandwidth or set commands The set precedence command can be used to change the Differentiated Services DS Field for incoming traffic serviced by the QoS policy Every IPv4 header contains an 8 bit Type of Service ToS field used for marking data types requ...

Страница 1408: ...o on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 All other commands for this command set are described in this section in alphabetical order bootfile filename on page 1407 client identifier identifier on page 1408 client name name on page 1410 default router address secondary on page 1411 dns server address secondary on page 1412 domain name domain on page 1413 hardware ...

Страница 1409: ...ternal flash drive can receive a bootfile from a TFTP server The ProCurve Secure Router DHCP server can provide these devices with the address of the network TFTP server and the configuration filename For example some IP phones use this functionality to download the feature and key activation file Use the tftp server command in the DHCP Pool command set to specify the IP address of the network TFT...

Страница 1410: ...net For example a custom client identifier of 0f ff ff ff ff 51 04 99 a1 may be entered using the identifier option Default Values By default the client identifier is populated using the following formula TYPE INTERFACE SPECIFIC INFO MAC ADDRESS Where TYPE specifies the media type in the form of one hexadecimal byte refer to hardware address hardware address type on page 1414 for a detailed listin...

Страница 1411: ... 80 0x1401 Functional Notes DHCP clients use client identifiers in place of hardware addresses To create the client identifier begin with the two digit numerical code representing the media type and append the client s MAC address For example a Microsoft client with an Ethernet 01 MAC address d2 17 04 91 11 50 uses a client identifier of 01 d2 17 04 91 11 50 Usage Examples The following example sp...

Страница 1412: ...rm of this command to remove the configured client name Syntax Description name Identifies the DHCP client example is client1 with an alphanumeric string up to 32 characters in length Default Values By default there are no specified client names Usage Examples The following example specifies a client name of myclient ProCurve config ip dhcp server pool MyPool ProCurve config dhcp client name mycli...

Страница 1413: ...e 192 168 4 254 secondary Optional Specifies the address in dotted decimal notation of the second preferred router on the client s subnet example 192 168 4 253 Default Values By default there are no specified default routers Functional Notes When specifying a router to use as the primary secondary preferred router verify that the listed router is on the same subnet as the DHCP client The SROS allo...

Страница 1414: ...Syntax Description address Specifies the address in dotted decimal notation of the preferred DNS server on the network example 192 168 4 254 secondary Optional Specifies the address in dotted decimal notation of the second preferred DNS server on the network example 192 168 4 253 Default Values By default there are no specified default DNS servers Usage Examples The following example specifies a d...

Страница 1415: ...n Protocol DHCP client Use the no form of this command to remove the configured domain name Syntax Description name Identifies the DHCP client e g procurve com with an alphanumeric string up to 32 characters in length Default Values By default there are no specified domain names Usage Examples The following example specifies a domain name of procurve com ProCurve config ip dhcp server pool MyPool ...

Страница 1416: ...re protocol of the DHCP client The hardware type field can be entered as follows ethernet Specifies standard Ethernet networks ieee802 Specifies IEEE 802 standard networks 1 21 Enter one of the hardware types listed in RFC1700 The valid hardware types are as follows 1 10 Mb Ethernet 2 Experimental 3 Mb Ethernet 3 Amateur Radio AX 25 4 Proteon ProNET Token Ring 5 Chaos 6 IEEE 802 Networks 7 ARCNET ...

Страница 1417: ...4 Copyright 2007 Hewlett Packard Development Company L P 1415 Usage Examples The following example specifies an Ethernet client with a MAC address of ae 11 54 60 99 10 ProCurve config ip dhcp server pool MyPool ProCurve config dhcp hardware address ae 11 54 60 99 10 ethernet ...

Страница 1418: ...d the DHCP server examines its address pools to obtain an appropriate mask If no valid mask is found in the address pools the DHCP server uses the Class A B or C natural mask prefix length Optional Alternately the prefix length may be used to specify the number of bits that comprise the network address The prefix length must be preceded by a forward slash For example to specify an IP address with ...

Страница 1419: ...urs in a lease You may only enter a value in the hours field if the days field is specified minutes Optional Specifies the number of minutes in a lease You may only enter a value in the minutes field if the days and hours fields are specified Default Values By default an IP address lease is one day Usage Examples The following example specifies a lease of 2 days ProCurve config ip dhcp server pool...

Страница 1420: ...ntax Description address Specifies the address in dotted decimal notation of the preferred NetBIOS WINS name server on the network example 192 168 6 99 secondary Optional Specifies the address in dotted decimal notation of the second preferred NetBIOS WINS name server on the network example 192 168 8 15 Default Values By default there are no configured NetBIOS WINS name servers Usage Examples The ...

Страница 1421: ... node type used with DHCP clients Valid node types are as follows b node 1 Broadcast node p node 2 Peer to Peer node m node 4 Mixed node h node 8 Hybrid node Recommended Alternately the node type can be specified using the numerical value listed next to the nodes above Default Values type h node 8 Hybrid node Usage Examples The following example specifies a client s NetBIOS node type as h node Pro...

Страница 1422: ... the subnet mask is left unspecified the DHCP server uses the Class A B or C natural mask prefix length Optional Alternately the prefix length may be used to specify the number of bits that comprise the network address The prefix length must be preceded by a forward slash For example to specify an IP address with a subnet mask of 255 255 0 0 enter 16 after the address Default Values By default the...

Страница 1423: ...mmand to specify the name of the Network Time Protocol NTP server published to the client Syntax Description ip address Specifies the IP address of the NTP server Default Values By default no NTP server is defined Usage Examples The following example specifies the IP address of the NTP server ProCurve config ip dhcp server pool MyPool ProCurve config dhcp ntp server 192 168 1 1 ...

Страница 1424: ...DHCP option information in ascii format hex Specifies the DHCP option information in hexidecimal format ip Specifies the DHCP option information in IP format value Specifies the ASCII hexidecimal or IP value The value for ascii is simple text The value for hex is an 8 digit hexidecimal number 32 bit The value for ip is a standard IP address in the format A B C D Default Values No default value nec...

Страница 1425: ...x Description server Specifies the DNS name or dotted notation IP address of the server Default Values By default no tftp server is defined Usage Examples The following example specifies the IP address of the TFTP server ProCurve config ip dhcp server pool MyPool ProCurve config dhcp tftp server 192 168 1 1 The following example specifies the DNS name of the TFTP server ProCurve config ip dhcp ser...

Страница 1426: ...ecifies the timezone adjustment in hours published to the client Use an integer from 12 to 12 Default Values No default value necessary for this command Usage Examples The following example sets the timezone adjustment for the client to 3 hours For example if the server time is configured for eastern time and the client is configured for Pacific time you can set the client timezone adjustment to 3...

Страница 1427: ...nfig aaa group server radius myServer ProCurve config sg radius The following commands are common to multiple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below bind from interface slot port tdm group to interface slot port on page 1431 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 All other com...

Страница 1428: ...mber Defines the accounting port value auth port port number Defines the authorization port value Default Values No defaults necessary for this command Usage Examples The following example adds a server to the myServers list ProCurve config aaa group server radius myServers ProCurve config sg radius server 1 2 3 4 acct port 786 auth port 1812 ProCurve config sg radius server 4 3 2 1 ProCurve confi...

Страница 1429: ... at the Global Configuration mode prompt For example ProCurve enable ProCurve configure terminal ProCurve config aaa group server tacacs TEST GROUP ProCurve config sg tacacs The following commands are common to multiple command sets and are covered in a centralized section of this guide For more information refer to the sections listed below do on page 1435 end on page 1436 exit on page 1437 ping ...

Страница 1430: ...d to specify a particular TACACS server s IP address or host name Syntax Description host Specifies a TACACS server IP address Default Values No default is necessary for this command Usage Examples The following example specifies the IP address of the TACACS server ProCurve config aaa group server tacacs TEST_GROUP ProCurve config sg tacacs server 192 168 1 1 ProCurve config sg tacacs ...

Страница 1431: ...escriptions of commands which are common across multiple command sets These commands are listed in alphabetical order alias text on page 1430 bind from interface slot port tdm group to interface slot port on page 1431 description text on page 1434 do on page 1435 end on page 1436 exit on page 1437 ping address on page 1438 show running config on page 1440 shutdown on page 1442 ...

Страница 1432: ...must be encased in quotation marks Default Values No defaults required for this command Functional Notes The ifAlias OID is a member of the ifXEntry object type defined in RFC2863 used to provide a non volatile unique name for various interfaces This name is preserved through power cycles Enter a string using the alias command which clearly identifies the interface Usage Examples The following exa...

Страница 1433: ...uld be t1 1 1 tdm group Specifies which configured tdm group to use for this bind This subcommand only applies to T1 physical interfaces to interface Specifies the virtual interface on the other end of the bind Use the to display a list of valid interfaces slot port Used when a physical interface is specified in the to interface subcommand For example specifying the primary T1 port of a T1 module ...

Страница 1434: ...nd 1 t1 1 1 1 fr 1 Technology Review Creating an endpoint that uses a layer 2 protocol such as Frame Relay is generally a four step process Step 1 Create the Frame Relay virtual endpoint using the interface frame relay command and set the signaling method using the frame relay lmi type command Also included in the Frame Relay virtual endpoint are all the applicable Frame Relay timers logging thres...

Страница 1435: ...mmand to specify the per DS0 signaling rate on the interface For example the following creates a tdm group labeled 9 containing 20 DS0s each DS0 having a data rate of 56 kbps ProCurve config interface t1 1 1 ProCurve config t1 1 1 tdm group 9 timeslots 1 20 speed 56 ProCurve config t1 1 1 exit Step 4 Make the association between the layer 2 endpoint and the physical interface using the bind comman...

Страница 1436: ...oth physical and virtual for example circuit ID contact information etc Syntax Description text Identifies the specified interface using up to 80 alphanumeric characters Default Values No defaults required for this command Usage Examples The following example enters comment information using the description command ProCurve config interface t1 1 1 ProCurve config t1 1 1 description This is the Dal...

Страница 1437: ...red for this command Functional Notes Use the do command to view configurations or interface states after configuration changes are made without exiting to the Enable mode Usage Examples The do command provides a way to execute commands in other configuration modes without taking the time to exit the current configuration mode and enter the desired one The following example shows the do command us...

Страница 1438: ...able Security mode Syntax Description No subcommands Default Values No defaults necessary for this command Usage Examples The following example shows the end command being executed in the T1 Configuration mode ProCurve config t1 1 1 end Enable Security mode command prompt Note When exiting the Global Configuration mode remember to perform a copy running config startup config to save all configurat...

Страница 1439: ... the Global Configuration mode When using the exit command in the Basic mode the current session will be terminated Syntax Description No subcommands Default Values No defaults necessary for this command Usage Examples The following example shows the exit command being executed in the Global Configuration mode ProCurve config exit Enable Security mode command prompt Note When exiting the Global Co...

Страница 1440: ...a specified IP address or provides a set of prompts to configure a more specific PING configuration The following is a list of output messages from the ping command Success Destination Host Unreachable Invalid Host Address X TTL Expired in Transit Unknown Host Request Timed Out The following is a list of available extended PING fields with descriptions Target IP Address Specifies the IP address of...

Страница 1441: ...ies the interval used to determine packet size when performing the sweep valid range 1 to 1448 Verbose Output Specifies an extended results output Usage Examples The following is an example of a successful ping command ping Target IP address 192 168 0 30 Repeat count 1 1000000 5 Datagram Size 1 1000000 100 Timeout in seconds 1 5 2 Extended Commands y or n n Type CTRL C to abort Legend Success Unkn...

Страница 1442: ...g config interface vlan vlan id show running config interface vlan vlan id verbose show running config policy class show running config policy class verbose show running config qos map show running config qos map verbose show running config verbose Syntax Description access lists Displays the current running configuration for all configured IP access lists interface interface Displays the current ...

Страница 1443: ...ample output from the show running config command enable show running config Building configuration no enable password ip subnet zero ip classless ip routing event history on no logging forwarding logging forwarding priority level info no logging email ip policy timeout tcp all ports 600 ip policy timeout udp all ports 60 ip policy timeout icmp 60 interface eth 0 1 ...

Страница 1444: ...irtual so that no data will be passed through Use the no form of this command to turn on the interface and allow it to pass data By default all interfaces are disabled Syntax Description No subcommands Default Values By default all interfaces are disabled Usage Examples The following example administratively disables the modem interface ProCurve config interface modem 1 2 ProCurve config modem 1 2...

Страница 1445: ...up delay 722 903 975 1072 1149 backup call mode 723 904 976 1073 1150 backup connect timeout 727 908 980 1077 1153 backup force 728 909 981 1078 1154 backup maximum retry 729 910 982 1079 1155 backup number 730 911 983 1080 1156 backup priority 731 912 984 1081 1157 backup randomize timers 732 913 985 1082 1158 backup redial delay 733 914 986 1083 1159 backup restore delay 734 915 987 1084 1160 ba...

Страница 1446: ...client authentication server list 1264 client configuration pool 1265 client identifier 1408 client name 1410 clock auto correct dst 62 333 clock set 63 334 clock source 602 700 clock timezone 64 335 coding 592 603 679 701 command descriptions 10 command level path 7 Command Line Interface accessing with PC 5 error messages 9 shortcuts 7 command security levels basic 5 enable 5 commit bit 1229 com...

Страница 1447: ... ip tcp events 124 debug ip tcp md5 125 debug ip udp 126 debug ip urlfilter 127 debug isdn 128 debug isdn events 129 debug isdn resource manager 130 debug isdn verbose 131 debug lldp 132 debug port auth 133 debug ppp 134 debug pppoe client 135 debug probe 136 debug radius 137 debug sip 138 debug sip stack 139 debug sntp 140 debug spanning tree 141 debug spanning tree bpdu 142 debug system 143 debu...

Страница 1448: ...lobal Configuration Mode command set 299 group 1257 H half duplex 630 hardware address 1414 hash 1258 HDLC Configuration command set 969 hold queue 745 835 893 997 1095 hold timer 1309 1317 host 1416 hostname 362 I ignore dcd 687 IKE Client command set 1250 IKE Policy Attributes command set 1254 IKE Policy command set 1260 ike policy 1231 1241 qos policy 667 873 1029 incoming accept number 1207 in...

Страница 1449: ... ospf authentication 644 758 802 847 941 1007 1047 1108 1177 ip ospf network 645 759 803 848 942 1008 1048 1109 1178 ip pim sparse mode 646 760 943 1009 1049 1110 1179 ip pim sparse dr priority 647 761 944 1010 1050 1111 1180 ip pim sparse hello timer 648 762 945 1011 1051 1112 1181 ip pim sparse nbr timeout 649 763 946 1012 1052 1113 1182 ip pim sparse override interval 650 764 947 1013 1053 1114...

Страница 1450: ...ce 474 logging facility 475 logging forwarding on 476 logging forwarding priority level 476 477 logging forwarding receiver ip 478 logging forwarding source interface 479 login 543 557 login authentication 544 558 568 login local userlist 545 559 569 logout 14 156 loop alarm detect 605 Loopback Interface Configuration command set 1031 loopback local 586 loopback network 587 595 606 681 705 loopbac...

Страница 1451: ...ter OSPF Configuration command set 1360 Router PIM Sparse Configuration command set 1375 Router RIP Configuration command set 1379 router bgp 491 router ospf 492 1360 router pim sparse 493 router rip 494 rp address 1377 S sa4tx bit 610 safe mode 496 schedule 498 961 send community standard 1324 Serial Interface Configuration command set 685 serial mode 691 serial number 1221 server 1426 1428 servi...

Страница 1452: ...tatistics 250 show memory 251 show modules 252 show output startup 253 show port auth 254 show pppoe 255 show processes 257 show qos map 258 show queue 261 show queuing 262 show radius statistics 263 show route map 264 show running config 266 1440 show schedule 269 show sip 270 show sip location 272 show snmp 16 273 show sntp 275 show spanning tree status 276 show startup config 277 show startup c...

Страница 1453: ...Interface Configuration command set 699 tacacs 452 TACACS Plus Group Configuration command set 1427 tacacs server 529 tdm group 613 712 telnet 18 293 terminal length 294 test if 1351 test list 1354 test list weighted 1357 test call 590 test pattern 600 614 683 713 tftp server 1423 thresholds 530 timeout 1343 timeout timer 1388 timers lsa group pacing 1373 timers spf 1374 timezone offset 1424 toler...

Страница 1454: ......

Страница 1455: ...bject to change without notice Copyright 2005 2007 Hewlett Packard Development Company L P Reproduction adaptation or translation without prior written permission is prohibited except as allowed under the copyright laws September 2007 Manual Part Number 5991 2114 61195880L1 35H ...

Отзывы:

Нет отзывов

Похожие инструкции для ProCurve Secure 7102dl

Бренд: TC Electronic Страницы: 2

Бренд: JB Systems Страницы: 24

Бренд: JB Systems Страницы: 61

MediaStream ConnectPlus 1000

Бренд: Avid Technology Страницы: 74

Бренд: NETGEAR Страницы: 2

HAWA-Frontside 60/B

Бренд: hawa Страницы: 28

tBOX330-870-FL Series

Бренд: AXIOMTEK Страницы: 2

Бренд: Funkwerk Страницы: 2

Бренд: ROE Страницы: 41

DiamondLink 3201

Бренд: Patton Страницы: 12

Ezi-SERVOII EtherCAT TO

Бренд: Fastech Страницы: 108

Бренд: Global411 Страницы: 15

Sinus 154 data II

Бренд: T-COM Страницы: 12

Бренд: Maipu Страницы: 26

Бренд: Technics Страницы: 20

Бренд: ZyXEL Communications Страницы: 66

Бренд: ADTRAN Страницы: 161

Бренд: Corsair Страницы: 10

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды