ProCurve 3500yl Series Скачать руководство пользователя страница 599 | Manualshive

Страница: 599 / 732

ProCurve 3500yl Series Скачать руководство пользователя страница 599

B-69

Monitoring and Analyzing Switch Operation

Traffic Mirroring

Remote Mirroring Destination Using a VLAN Interface
and an ACL for Mirroring Criteria

In the network shown in figure B-33, the system operator has connected a
traffic analyzer to port A15 (in VLAN 30) on switch D, and wants to monitor
the Telnet traffic to the server at 10.10.30.153 from the workstations on
switches A and B. The operator does this by configuring remote mirroring
sessions on these two switches, and a mirroring destination on switch D.
(Telnet traffic to the server from sources on switch C is not of interest, and
routing is enabled on switches C and D.)

Figure B-33. Example Topology for Remote Mirroring from a VLAN Interface

The operator does the following:

1.

On switch D, configure a mirroring destination using port A15 In VLAN 30
as the exit port.

2.

Configure switches A and B with mirroring sessions to the destination
interface on switch D. Use a randomly selected UDP port number of 9300.
(For information on selecting UDP port numbers to use for remote
mirroring, refer to the syntax description on page B-45.) You can use the
same random UDP port number on different interfaces because the
identity of the mirroring source is the combination of the unique interface
identity and the UDP port number, and not the UDP port number alone.

3.

Configure an ACL on switches A and B to select inbound Telnet traffic
intended for the server at 10.10.30.153.

4.

Using the ACLs to select the traffic to mirror, configure mirroring sessions
for Telnet traffic entering switches A and B on VLANs 10 and 20. (Because
the sessions are on different switches, you can use the same session
number for both sessions if you want to.)

VLAN 10

10.10.10.119

Traffic

Analyzer

Switch A

A15

VLAN 20

10.10.20.145

VLAN 10

10.10.10.1

VLAN 20

10.10.20.1

VLAN 30

10.10.30.1

VLAN 30

10.10.30.2

VLAN 40

10.10.40.1

10.10.30.153

Switch B

Switch C

Switch D

Server

A10

3500-5400-6200-8200-MCG-Jan08-K_13_01.book Page 69 Monday, January 28, 2008 10:04 AM

«
...
597
598
599
600
601
...
»

Содержание 3500yl Series

Страница 1: ...Management and Configuration Guide www procurve com ProCurve Switches K 13 01 8200zl 6200yl 5400zl 3500yl...

Страница 2: ......

Страница 3: ...3500yl Switches Series 5400zl Switches 6200yl Switch Series 8200zl Switches Management and Configuration Guide January 2008 K 13 01 3500 5400 6200 8200 MCG Jan08 K_13_01 book Page i Monday January 28...

Страница 4: ...t to change without notice HEWLETT PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS MATERIAL INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A P...

Страница 5: ...3 Configuration and Operation Examples 1 3 Keys 1 3 Sources for More Information 1 4 Getting Documentation From the Web 1 6 Online Help 1 6 Menu Interface 1 6 Command Line Interface 1 7 Web Browser I...

Страница 6: ...rowser Access 2 9 Configuring and Displaying a Non Default Banner 2 10 Example of Configuring and Displaying a Banner 2 11 Operating Notes 2 13 3 Using the Menu Interface Contents 3 1 Overview 3 2 Sta...

Страница 7: ...b Browser Interface Session with the Switch 5 4 Using a Standalone Web Browser in a PC or UNIX Workstation 5 4 Using ProCurve Manager PCM or ProCurve Manager Plus PCM 5 5 Tasks for Your First ProCurve...

Страница 8: ...Menu Implementing Configuration Changes 6 10 Using Save and Cancel in the Menu Interface 6 10 Rebooting from the Menu Interface 6 11 Web Implementing Configuration Changes 6 13 Using Primary and Seco...

Страница 9: ...erver 6 38 TFTP Copying a Configuration File to a Remote Host 6 38 TFTP Copying a Configuration File from a Remote Host 6 39 Xmodem Copying a Configuration File to a Serially Connected Host 6 39 Xmode...

Страница 10: ...Displaying Loopback Interface Configurations 8 18 IP Preserve Retaining VLAN 1 IP Addressing Across Configuration File Downloads 8 20 Operating Rules for IP Preserve 8 20 Enabling IP Preserve 8 21 9...

Страница 11: ...g Port Parameters 10 2 Menu Port Configuration 10 5 CLI Viewing Port Status and Configuring Port Parameters 10 7 Viewing Port Status and Configuration 10 7 Viewing Port Utilization Statistics 10 9 Vie...

Страница 12: ...ining the Amount of PoE Power Available 11 10 Power Priority Operation 11 10 When Is Power Allocation Prioritized 11 10 How Is Power Allocation Prioritized 11 11 PoE Priority With Two or More Modules...

Страница 13: ...tional PoE Event Log Messages 11 37 Warning PoE Event Log Messages 11 38 12 Port Trunking Contents 12 1 Overview 12 2 Port Trunk Features and Operation 12 4 Trunk Configuration Methods 12 4 Menu Viewi...

Страница 14: ...MP Rate Limiting 13 15 ICMP Rate Limiting Trap and Event Log Messages 13 17 Guaranteed Minimum Bandwidth GMB 13 19 Introduction 13 19 Terminology 13 19 GMB Operation 13 19 Impacts of QoS Queue Configu...

Страница 15: ...evels 14 11 SNMPv3 Communities 14 11 Menu Viewing and Configuring non SNMP version 3 Communities 14 13 CLI Viewing and Configuring SNMP Community Names 14 15 SNMP Notifications 14 17 Supported Notific...

Страница 16: ...ring Per Port Transmit and Receive Modes 14 52 Configuring Basic LLDP Per Port Advertisement Content 14 53 Configuring Support for Port Speed and Duplex Advertisements 14 55 LLDP MED Media Endpoint Di...

Страница 17: ...t Modules 15 15 Hotswapping Out the Active Management Module 15 15 When the Standby Module is not Available 15 16 Hotswapping In a Management Module 15 16 Software Version Mismatch Between Active and...

Страница 18: ...Browser for Redundant Management 15 36 Identity Page 15 36 Overview Page 15 37 Redundancy Status Page 15 37 Device View Page 15 38 Management Module LED Behavior 15 40 Active Actv LED Behavior 15 40 S...

Страница 19: ...Switch Download A 20 Menu Switch to Switch Download to Primary Flash A 20 CLI Switch To Switch Downloads A 21 Using PCM to Update Switch Software A 22 Copying Software Images A 23 TFTP Copying a Soft...

Страница 20: ...sing USB Autorun A 37 How It Works A 37 Security Considerations A 38 Troubleshooting Autorun Operations A 39 Configuring Autorun on the Switch A 40 Enabling Secure Mode A 40 Operating Notes and Restri...

Страница 21: ...erface Status Information B 25 Traffic Mirroring B 26 Terminology B 27 Mirrored Traffic Destinations B 29 Local Destinations B 29 Remote Destinations B 29 Mirrored Traffic Sources B 29 Criteria for Se...

Страница 22: ...ry B 61 Displaying the Remote Endpoint Configuration B 63 Displaying a Mirroring Session Configuration on a Source Switch B 64 Viewing Mirroring in the Current Configuration File B 67 Mirroring Config...

Страница 23: ...g the Event Log for Troubleshooting Switch Problems C 27 Event Log Entries C 27 Menu Displaying and Navigating in the Event Log C 35 CLI Displaying the Event Log C 36 CLI Clearing Event Log Entries C...

Страница 24: ...solution with DNS Compatible Commands C 66 Configuring a DNS Entry C 67 Example Using DNS Names with Ping and Traceroute C 68 Viewing the Current DNS Configuration C 70 Operating Notes C 71 Event Log...

Страница 25: ...of Connected Devices D 7 E Monitoring Resources Contents E 1 Viewing Information on Resource Usage E 2 Policy Enforcement Engine E 2 Displaying Current Resource Usage E 3 When Insufficient Resources A...

Страница 26: ...xxiv 3500 5400 6200 8200 MCG Jan08 K_13_01 book Page xxiv Monday January 28 2008 10 04 AM...

Страница 27: ...elow is available in PDF format on the ProCurve Web site as described in the Note at the top of this page Management and Configuration Guide Describes how to configure manage and monitor basic switch...

Страница 28: ...Premium License and installing it on the Intelligent Edge version of these switches These features are automatically included on the ProCurve 6200yl and 8200zl switches Intelligent Edge Software Feat...

Страница 29: ...DHCP Option 82 X DHCP Snooping X DHCP Bootp Operation X Diagnostic Tools X Downloading Software X Dynamic ARP Protection X Dynamic Configuration Arbiter X Eavesdrop Protection X Event Log X Factory De...

Страница 30: ...ased Authentication X Management VLAN X Meshing X Monitoring and Analysis X Multicast Filtering X Multiple Configuration Files X Network Management Applications SNMP X OpenView Device Management X Pas...

Страница 31: ...Configuration X Rate Limiting X RIP X RMON 1 2 3 9 X Routing X Routing IP Static X Secure Copy X sFlow X SFTP X SNMPv3 X Software Downloads SCP SFTP TFPT Xmodem X Source Port Filters X Spanning Tree...

Страница 32: ...Link Detection UDLD X UDP Forwarder X USB Device Support X Virus Throttling Connection Rate Filtering X VLANs X VLAN Mirroring 1 static VLAN X Voice VLAN X Web Authentication RADIUS Support X Web base...

Страница 33: ...Keys 1 3 Sources for More Information 1 4 Getting Documentation From the Web 1 6 Online Help 1 6 Menu Interface 1 6 Command Line Interface 1 7 Web Browser Interface 1 7 Need Only a Quick Start 1 8 IP...

Страница 34: ...x and displayed information Command Syntax Statements Syntax ip default gateway ip addr routing Syntax show interfaces port list Vertical bars separate alternative mutually exclusive elements Square b...

Страница 35: ...a Simulated Screen In some cases brief command output sequences appear without figure iden tification For example ProCurve config clear public key ProCurve config show ip client public key show_client...

Страница 36: ...ed in current and previous releases Product Notes and Software Update Information The printed Read Me First shipped with your switch provides software update information product notes and other inform...

Страница 37: ...for information on topics such as Local username and password security Web Based and MAC based authentication RADIUS and TACACS authentication SSH Secure Shell and SSL Secure Socket Layer operation 80...

Страница 38: ...on the product for which you want to view or download a manual If you need further information on ProCurve switch technology visit the ProCurve Networking web site at www procurve com Online Help Men...

Страница 39: ...online Help You can access the Help by clicking on the question mark button in the upper right corner of any of the web browser interface screens Figure 1 4 Button for Web Browser Interface Online He...

Страница 40: ...uide you received with the switch To Set Up and Install the Switch in Your Network Physical Installation Use the ProCurve Installation and Getting Started Guide shipped with the switch for the followi...

Страница 41: ...of Using the Web Browser Interface 2 5 Advantages of Using ProCurve Manager or ProCurve Manager Plus 2 7 Custom Login Banners for the Console and Web Browser Interfaces 2 9 Banner Operation with Teln...

Страница 42: ...r 2 5 ProCurve Manager PCM a windows based network management solution included in box with all manageable ProCurve devices Features include automatic device discovery network status summary topology...

Страница 43: ...a menu driven subset of switch configuration and performance features The menu interface also provides access for Offers out of band access through the RS 232 connection to the switch so network bott...

Страница 44: ...ess through the RS 232 connection or Telnet in band access Enables quick detailed system configuration and management access to system operators and administrators experienced in command prompt interf...

Страница 45: ...pendix B For information on individual CLI commands refer to the Index or to the online Help provided in the CLI interface Advantages of Using the Web Browser Interface Figure 2 3 Example of the Web B...

Страница 46: ...een so you can view all values at once More visual cues using colors status bars device icons and other graphical objects instead of relying solely on alphanumeric values Display of acceptable ranges...

Страница 47: ...r Plus PCM and PCM from a PC on the network to monitor traffic manage your hubs and switches and proactively recommend network changes to increase network uptime and optimize performance Easy to insta...

Страница 48: ...vels physical view subnet view or VLAN view Device Management Many device focused tasks can be performed directly by the software or the user can access web browser and command line interfaces with th...

Страница 49: ...anner displays product registration information the copyright splash is no longer displayed If a banner is configured the banner page is displayed when you access the Web user interface The default pr...

Страница 50: ...the current banner status Syntax banner motd delimiter no banner motd This command defines the single character used to termi nate the banner text and enables banner text input You can use any charact...

Страница 51: ...the Enter key to create line breaks blank spaces for line centering and the symbol to terminate the banner message Figure 2 5 Example of Configuring a Login Banner To view the current banner configur...

Страница 52: ...time someone logs onto the switch s management CLI the following appears Figure 2 8 Example of CLI Result of the Login Banner Configuration Shows the current banner configuration The login screen disp...

Страница 53: ...configuration The switch supports one banner at any time Configuring a new banner replaces any former banner configured on the switch If the switch is configured with ssh version 1 or ssh version 1 or...

Страница 54: ...2 14 Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus 3500 5400 6200 8200 MCG Jan08 K_13_01 book Page 14 Monday January 28 2008 10 04 AM...

Страница 55: ...a Menu Interface Session 3 4 How To End a Menu Session and Exit from the Console 3 5 Main Menu Features 3 7 Screen Structure and Navigation 3 9 Rebooting the Switch 3 12 Menu Features List 3 14 Where...

Страница 56: ...page 3 14 Privilege Levels and Password Security ProCurve strongly recom mends that you configure a Manager password to help prevent unauthorized access to your network A Manager password grants full...

Страница 57: ...nterface overwrites earlier changes made through any other interface The Menu Interface and the CLI Command Line Interface both use the switch console To enter the menu from the CLI use the menu comma...

Страница 58: ...r more times until a prompt appears 3 When the switch screen appears do one of the following If a password has been configured the password prompt appears Password _ Type the Manager password and pres...

Страница 59: ...allation and Getting Started Guide you received with the switch How To End a Menu Session and Exit from the Console The method for ending a menu session and exiting from the console depends on whether...

Страница 60: ...a switch reboot thatis if anasterisk appearsnexttoaconfigureditemornexttoSwitch Configuration in the Main Menu a Return to the Main Menu b Press 6 to select Reboot Switch and follow the instructions...

Страница 61: ...f features and parameters configurable through the menu interface see the Menu Fea tures List on page 3 14 For an index of the features covered in the software manuals for your switch refer to the Sof...

Страница 62: ...e VLAN Support parameter See Rebooting from the Menu Interface on page 6 11 Download OS Enables you to download a new switch software version to the switch See Appendix A File Transfers Run Setup Disp...

Страница 63: ...er these screens you see the current configuration for the item you have selected To change the configuration the basic operation is to 1 Press E to select the Edit action 2 Navigate through the scree...

Страница 64: ...3 6 If you are finished editing parameters in the displayed screen press Enter to return to the Actions line and do one of the following Tosaveandactivateconfigurationchanges press S forthe Save actio...

Страница 65: ...on or data field The help line under the Actions items describes the currently selected action or data field For guidance on how to navigate in a screen Seetheinstructionsprovided at the bottom of the...

Страница 66: ...ounters to zero Note that statistical counters can be reset to zero without rebooting the switch To Reboot the switch use the Reboot Switch option in the Main Menu Note that Reboot Switch is not avail...

Страница 67: ...parameter an asterisk appears next to the VLAN Support entry in the VLAN Menu screen and also next to the Switch Configuration entry in the Main Menu Figure 3 7 Indication of a Configuration Change Re...

Страница 68: ...dress Table Port Address Table Switch Configuration System Information Port Trunk Settings Network Monitoring Port IP Configuration SNMP Community Names IP authorized Managers VLAN Menu Console Passwo...

Страница 69: ...to configure and use passwords and other security features Refer to the Access Security Guide for your switch To learn how to use the Event Log Using the Event Log for Troubleshooting Switch Problems...

Страница 70: ...3 16 Using the Menu Interface Where To Go From Here 3500 5400 6200 8200 MCG Jan08 K_13_01 book Page 16 Monday January 28 2008 10 04 AM...

Страница 71: ...s 4 4 Manager Privileges 4 5 How To Move Between Levels 4 7 Listing Commands and Command Options 4 8 Listing Commands Available at Any Privilege Level 4 8 Listing Command Options 4 10 Displaying CLI H...

Страница 72: ...ault interface when you start a console session You can access the console out of band by directly connect ing a terminal device to the switch or in band by using Telnet either from a terminal device...

Страница 73: ...vilege levels control the type of access to the CLI To implement this control you must set at least a Manager password Without a Manager password configured anyone having serial port Telnet or web bro...

Страница 74: ...m physical access by unauthorized persons If you are concerned about switch security and operation you should install the switch in a secure location such as a locked wiring closet Privilege Level Ope...

Страница 75: ...ion changes to any of the switch s software features The prompt for the Global Configuration level includes the system name and config To select this level enter the config command at the Manager prom...

Страница 76: ...anagerLevel ProCurve Perform system level actions such as system control monitoring and diagnostic commands plusanyoftheOperator levelcommands Foralist of available commands enter at the prompt Global...

Страница 77: ...and Result Operator level to Manager level ProCurve enable Password _ After you enter enable the Password prompt appears After you enter the Manager password the system prompt appears with the symbol...

Страница 78: ...all of the commands available at that level List the options for a specific command Listing Commands Available at Any Privilege Level At a given privilege level you can list and execute the commands t...

Страница 79: ...r Complete a Command Word You can use Tab to help you find CLI commands or to quickly complete the current word in a command To do so type one or more consecutive characters in a command and then pres...

Страница 80: ...ased priority device priorityConfigure device based priority dscp mapDefine mapping between a DSCP Differentiated Services Codepoint value and 802 1p priority type of serviceConfigure the Type of Serv...

Страница 81: ...al Command For example to list the Help for the interface command in the Global Config uration privilege level Syntax help Displays a listing of command Help summaries for all commands available at th...

Страница 82: ...ndividual command from a privilege level that does not include that command results in an error message For example trying to list the help for the interface command while at the global configuration...

Страница 83: ...ed port s or trunk group plus the global config uration Manager and Operator commands The prompt for this mode includes the identity of the selected port s ProCurve config interface c3 c6 ProCurve eth...

Страница 84: ...rt Context In the port context the first block of commands in the listing show the context specific commands that will affect only ports C3 C6 The remaining commands in the listing are Manager Operato...

Страница 85: ...Context ProCurve config vlan 100 Command executed at configuration level to enter VLAN 100 context ProCurve vlan 100 Resulting prompt showing VLAN 100 context ProCurve vlan 100 Lists commands you can...

Страница 86: ...command line Ctrl L or Ctrl R Repeats current command line on a new line Ctrl N or v Enters the next command line in the history buffer Ctrl P or Enters the previous command line in the history buffer...

Страница 87: ...5 8 Entering a User Name and Password 5 10 Using a User Name 5 10 If You Lose the Password 5 10 Online Help for the Web Browser Interface 5 11 Support Mgmt URLs Feature 5 12 Support URL 5 13 Help and...

Страница 88: ...ion for the Alert Log operation page 5 24 Getting access to online help for the web browser interface page 5 11 Description of the web browser interface Overview window and tabs page 5 16 Port Utiliza...

Страница 89: ...nfiguration Device view Port configuration VLAN configuration Fault detection Quality of service QoS Port monitoring mirroring System information IP configuration Support and management server URLs De...

Страница 90: ...IP address refer to IP Configuration on page 8 2 1 Ensure that the JavaTM applets are enabled for your browser For more information on this topic refer to your browser s online Help 2 Use the web bro...

Страница 91: ...access has been assigned an IP address and optionally a DNS name and has been discovered by PCM or PCM For more on assigning an IP address refer to IP Configuration on page 8 2 To establish a web bro...

Страница 92: ...Browser Interface Starting a Web Browser Interface Session with the Switch Figure 5 1 Example of Status Overview Screen First time install alert 3500 5400 6200 8200 MCG Jan08 K_13_01 book Page 6 Monda...

Страница 93: ...switch s web browser interface for the first time the Alert log contains a First Time Install alert as shown in figure 5 2 This gives you information about first time installations and provides an im...

Страница 94: ...password screen by clicking on the Configuration tab and then the Fault Detection key Security Creating Usernames and Passwords in the Browser Interface Not e On the switches covered in this guide you...

Страница 95: ...Device Passwords window and enter user names and passwords You will be required to repeat the password strings in the confirmation boxes Both the user names and passwords can be up to 16 printable ASC...

Страница 96: ...capabilities Entering the operator password gives you read and limited trouble shooting capabilities Using a User Name If you also set user names in the web browser interface screen you must supply t...

Страница 97: ...owser Interface Online Help is available for the web browser interface You can use it by clicking on the question mark button in the upper right corner of any of the web browser interface screens Figu...

Страница 98: ...rmation source you want the switch to access when you click on the web browser interface Support tab The default is the URL for the ProCurve Networking home page TheURLofaPCM ProCurveNetworkManager wo...

Страница 99: ...e URL the switch uses to find online Help for the web browser interface If you install PCM ProCurve Manager in your network the PCM manage ment station acts as the web browser Help server for the swit...

Страница 100: ...ot have HTTP access to the ProCurve Support Web site 1 Go to the ProCurve Support web site to get the Device Help files www hp com rnd device_help 2 Copy the Web help files to the PCM server under C p...

Страница 101: ...8040 is the standard port number to use 4 Restart the Discovery process for the change to be applied Not e Changing the Discovery s Global properties file will redirect the Device Help URL for all de...

Страница 102: ...e Overview Window The Overview Window is the home screen for any entry into the web browser interface The following figure identifies the various parts of the screen Figure 5 8 The Status Overview Win...

Страница 103: ...identifies traffic types and their associated colors on the bar graph Unicast Rx All Tx This is all unicast traffic received and all transmitted traffic of any type This indicator a blue color on many...

Страница 104: ...t click on the Port Counters button to get a detailed set of counters for the port To change the amount of bandwidth the Port Utilization bar graph shows Clickonthebandwidthdisplaycontrolbuttonintheup...

Страница 105: ...le may not be connected to the port or the device at the other end may be powered off or inoperable or the cable or connected device could be faulty Port Disabled the port has been configured as disab...

Страница 106: ...t was received by the web browser interface This value is shown in the format DD MM YY HH MM SS AM PM for example 16 Sep 99 7 58 44 AM Description A short narrative statement that describes the event...

Страница 107: ...ement buttons Acknowledge Event removes the New symbol from the log entry Delete Event removes the alert from the Alert Log Cancel closes the detail view with no change to the status of the alert and...

Страница 108: ...s Bar The Status Bar appears in the upper left corner of the web browser interface window Figure 5 15 shows an expanded view of the status bar Figure 5 15 Example of the Status Bar Status Indicator Mo...

Страница 109: ...ystem Info screen of the menu interface Most Critical Alert Description A brief description of the earliest unacknowledged alert with the current highest severity in the Alert Log appearing in the rig...

Страница 110: ...rted to the Alert Log based on their level of severity Set this policy in the Fault Detection window figure 5 16 Figure 5 16 The Fault Detection Window The Fault Detection screen contains a list box f...

Страница 111: ...olicy is most effective on a network where there are normally a lot of problems and you want to be informed of only the most severe ones Never Disables the Alert Log and transmission of alerts traps t...

Страница 112: ...5 26 Using the ProCurve Web Browser Interface Status Reporting Features 3500 5400 6200 8200 MCG Jan08 K_13_01 book Page 26 Monday January 28 2008 10 04 AM...

Страница 113: ...witch Software Downloads 6 16 Local Switch Software Replacement and Removal 6 17 Rebooting the Switch 6 19 Operating Notes about Booting 6 19 Boot and Reload Command Comparison 6 20 Setting the Defaul...

Страница 114: ...tion To Reset the Switch to Its Default Configuration 6 37 Transferring Startup Config Files To or From a Remote Server 6 38 TFTP Copying a Configuration File to a Remote Host 6 38 TFTP Copying a Conf...

Страница 115: ...nning Config File Exists in volatile memory and controls switch operation If no configuration changes have been made in the CLI since the switch was last booted the running config file is identical to...

Страница 116: ...sume operation using the new configuration insteadof theconfigurationpreviously defined in the startup config file There are three ways to save a new configuration In the CLI Use the write memory comm...

Страница 117: ...ProCurve config menu Do you want to save current configuration y n If you type Y the switch overwrites the startup config file with the running config file and your configuration change s will be pres...

Страница 118: ...le show config status Compares the startup config file to the running config file and lists one of the following results If the two configurations are the same you will see Running configuration is th...

Страница 119: ...executing the following command ProCurve config write memory The new mode auto 10 on port A5 is now saved in the startup config file and the startup config and running config files are identical If y...

Страница 120: ...e For example Figure 6 2 Boot Prompt for an Unsaved Configuration The above prompt means that one or more parameter settings in the running config file differ from their counterparts in the startup co...

Страница 121: ...enu interface display for that parameter However as indicated above unless you also make a configuration change in the menu interface only the write memory command in the CLI will actually save the ch...

Страница 122: ...aving to reboot the switch That is when you save a configuration change in the menu interface you simultaneously change both the running config file and the startup config file Not e The only exceptio...

Страница 123: ...ooting the switch Rebooting from the Menu Interface Terminates the current session and performs a reset of the operating system Activates any configuration changes that require a reboot Resets statist...

Страница 124: ...arameters go to the Main menu and select 2 Switch Configuration then 8 VLAN Menu then 1 VLAN Support If configuration changes requiring a reboot have been made the switch displays an asterisk next to...

Страница 125: ...ses by clicking on Apply Changes or Apply Settings you simultaneously change both the running config file and the startup config file Not e If you reconfigure a parameter in the CLI and then go to the...

Страница 126: ...your system The switch can use only one image at a time The following tasks involve primary secondary flash options Displaying the current flash image data and determining which switch software versi...

Страница 127: ...Are Installed The show ver sion command displays which software version the switch is currently running and whether that version booted from primary or secondary flash Thus if the switch booted from...

Страница 128: ...download the switch reboots with the image previ ously stored in primary flash In the unlikely event that the primary image is corrupted as a result ofan interruption the switchwillrebootfrom secondar...

Страница 129: ...y or the reverse the switch overwrites the file in the destination location with a copy of the file from the source location This means you do not have to erase the current image at the destination lo...

Страница 130: ...image location secondary orprimary Ifthe switchhasonly oneflashimage loaded ineither primary or secondary flash and you erase that image then the switch does not have a software image stored in flash...

Страница 131: ...condary flash by entering either the boot system flash primary secondary or boot set default flash primary secondary command Both the boot command and the reload command will reboot based on how these...

Страница 132: ...d at and reload after command information is not saved across reboots If the switch is rebooted before a scheduledreloadcommand isexecuted thecommandiseffectivelycancelled When entering a reload at or...

Страница 133: ...rm all system self tests Yes No The reload command provides a faster system reboot Choice of primary or secondary flash image Yes No Uses the current flash image Performascheduled reboot No Yes Usethe...

Страница 134: ...stem flash primary secondary config FILENAME Reboots the switch from the flash that you are currently booted on primary or secondary You can select which image to boot from during the boot process its...

Страница 135: ...at the second prompt initiates the reboot operation ProCurve config show flash Image Size Bytes Date Version Build Primary Image 7497114 03 29 07 K 12 XX 57 Secondary Image 7497114 03 29 07 K 12 XX 57...

Страница 136: ...if you use either of the boot command options If you are using redundant management and redundancy is enabled the switch will failover to the other management module Syntax reload For example if you c...

Страница 137: ...d after 03 00 To schedule a reload for the same time the following day ProCurve reload after 01 00 00 To schedule a reload for the same day at 12 05 ProCurve reload at 12 05 To schedule a reload on so...

Страница 138: ...ess ProCurve config reload after 04 14 00 Reload scheduled in 4 days 14 hours 0 minutes This command will cause a switchover at the scheduled time to the other management module which may not be runni...

Страница 139: ...provision that if an unattended reboot occurs the switch will come up with the known good configuration instead of repeating a reboot with a misconfiguration General Operation Multiple Configuration...

Страница 140: ...ake configuration changes in the running config file and then execute write mem The result is that the startup config file used to reboot the switch is modified by the actions in step 2 Figure 6 20 Ex...

Страница 141: ...lot 1 Saves a copy of the existing startup config file in memory slot 2 with the filename workingConfig Assigns the workingConfig file as the active configuration and the default configuration for all...

Страница 142: ...asterisk in this column indicates that the corresponding startup config file is currently assigned to the primary boot path sec An asterisk in this column indicates that the corresponding startup con...

Страница 143: ...supports multiple configuration files and boot from the flash location of this version the switch copies the existing startup config file named oldConfig into memory slot 2 renames this file to worki...

Страница 144: ...be used The following two commands configure the desired behavior Syntax startup default primary secondary config filename Specifies a boot configuration policy option primary secondary config filenam...

Страница 145: ...lename Specifies the name of the startup config file to apply for the immediate boot instance only This command overrides the current reboot policy Syntax reload This command boots the switch from the...

Страница 146: ...ry slot to a new startup config file in another empty memory slot This enables you to use a sepa rate configuration file to experiment with configuration changes while preserving the source file uncha...

Страница 147: ...tup Config File Not e You can also generate a new startup config file by booting the switch from a flash memory location from which you have erased the currently assigned startup config file Refer to...

Страница 148: ...e flash assignment from the memory slot for that file Thus if the switch boots using a flash location that does not have an assigned startup config then the switch creates a new default startup config...

Страница 149: ...e Switch to Its Default Configuration The Clear Reset button combination described in the Installation and Getting Started Guide produces these results That is when you press the Clear Reset button co...

Страница 150: ...file pc unix below copy config src file xmodem pc unix 6 39 copy xmodem config dest file pc unix 6 40 Syntax copy config src file tftp ip addr remote file pc unix This is an addition to the copy tftp...

Страница 151: ...file from a TFTP server to the switch Note This command requires an empty memory slot in the switch If there are no empty memory slots the CLI displays the following message Unable to copy configurati...

Страница 152: ...filename Syntax copy xmodem config dest file pc unix This is an addition to the copyxmodem command options Use this command to download a configuration file from an Xmodem host to the switch For more...

Страница 153: ...s 7 4 CLI Modifying the Interface Access 7 5 Denying Interface Access by Terminating Remote Management Sessions 7 9 System Information 7 10 Menu Viewing and Configuring System Information 7 11 CLI Vie...

Страница 154: ...the Command Line Interface CLI Chapter 5 Using the ProCurve Web Browser Interface Why Configure Interface Access and System Information The inter face access features in the switch operate properly by...

Страница 155: ...switch You can also simply block unauthorized access via the web browser interface or Telnet as described in this section and installing the switch in a locked environment Feature Default Menu CLI We...

Страница 156: ...stem Information Figure 7 1 The Default Interface Access Parameters Available in the Menu Interface 2 Press E for Edit The cursor moves to the System Name field 3 Use the arrow keys v to move to the p...

Страница 157: ...ole serial configuration Figure 7 2 Listing of Show Console Command Reconfigure Inbound Telnet Access In the default configuration inbound Telnet access is enabled Syntax no telnet server To disable i...

Страница 158: ...no web management To disable web browser access ProCurve config no web management To re enable web browser access ProCurve config web management Reconfigure the Console Serial Link Settings You can re...

Страница 159: ...e new console configuration will take effect For example to use one command to configure the switch with the following VT100 operation 19 200 baud No flow control 10 minute inactivity time Critical lo...

Страница 160: ...o execute a series of console commands and then save the configuration and boot the switch For example Figure 7 4 Example of Executing a Series of Console Commands Configure the individual parameters...

Страница 161: ...on on the serial port either through a direct connection or via a modem It does not affect the console on the standby module Syntax kill session number For example if you are using the switch s serial...

Страница 162: ...e before being aged out deleted Aging out occurs when there has been no traffic from the device belonging to that MAC address for the configured interval Time Sync Method Selects the method TimeP or S...

Страница 163: ...For more on this topic refer to Appendix D Daylight Savings Time on ProCurve Switches Time Used in the CLI to specify the time of day the date and other system parameters Menu Viewing and Configuring...

Страница 164: ...and Configuring System Information System Information Commands Used in This Section Listing the Current System Information Thiscommandliststhecurrent system information settings Syntax show system in...

Страница 165: ...d North Data Room as the location Figure 7 8 System Information Listing After Executing the Preceding Commands The menu interface will only display up to 47 characters although you can specify a name...

Страница 166: ...on System Name Blue Switch System Contact Bill_Smith System Location characters of the location are missing It s too long Inactivity Timeout min 0 0 MAC Age Time sec 300 300 Inbound Telnet Enabled Yes...

Страница 167: ...for the age out interval measured in seconds Default 300 seconds For example to configure the age time to seven minutes ProCurve config mac age time 420 Configure the Time Zone and Daylight Time Rule...

Страница 168: ...respectively Syntax time hh mm ss mm dd yy yy For example to set the switch to 9 45 a m on November 17 2002 ProCurve config time 9 45 11 17 02 Not e Executing reloadorboot resets the time and date to...

Страница 169: ...ddressing 8 10 How IP Addressing Affects Switch Operation 8 11 DHCP Bootp Operation 8 12 Network Preparations for Configuring DHCP Bootp 8 14 Loopback Interfaces 8 15 Introduction 8 15 Configuring a L...

Страница 170: ...Configuration IP Configuration Features IP Address and Subnet Mask Configuring the switch with an IP address expands your ability to manage the switch and use its features By default the switch is con...

Страница 171: ...figured on the primary VLAN then the default gateway value provided by the DHCP or Bootp server will be used If the switch has a manually configured default gateway then the switch uses his gateway ev...

Страница 172: ...switch can also learn other settings from a DHCP or Bootp server such as packet Time To Live TTL and Timep or SNMP settings Other VLANs can also use DHCP or BootP to acquire IP addressing However the...

Страница 173: ...2 Switch Configuration 5 IP Configuration Not e s If multiple VLANs are configured a screen showing all VLANs appears instead of the following screen The Menu interface displays the IP address for any...

Страница 174: ...iguration fields 6 Select the IP Address field and enter the IP address for the switch 7 Select the Subnet Mask field and enter the subnet mask for the IP address 8 Press Enter then S for Save CLI Con...

Страница 175: ...provides additional information Figure 8 3 Example of Show IP Listing with Non Default IP Addressing Configured Configure an IP Address and Subnet Mask The following command includes both the IP addr...

Страница 176: ...onfig no vlan 1 ip address 10 28 227 103 24 Configure Multiple IP Addresses on a VLAN Multinetting The fol lowing is supported Up to 2000 IP addresses for the switch Up to 32 IP addresses for the same...

Страница 177: ...ing on the Default VLAN Not e The Internet IP Service screen in the Menu interface figure 8 1 on page 8 5 displays the first IP address for each VLAN You must use the CLI show ip command to display th...

Страница 178: ...avoid loss of Telnet access to off subnet management stations you should use the ip route command to configure a static default route before enabling routing For more information refer to the chapter...

Страница 179: ...c IP address configuration and DHCP support for automatic Timep server IP address configuration Multiple Spanning Tree Protocol Port settings and port trunking Switch meshing Console based status and...

Страница 180: ...sk for the switch The switch also receives an IP Gateway address if the server has been config ured to provide one In the case of Bootp the server must first be configuredwithanentrythathastheswitch s...

Страница 181: ...server Bootp Operation When a Bootp server receives a request it searches its Bootp database for a record entry that matches the MAC address in the Bootp request from the switch If a match is found th...

Страница 182: ...are in place A DHCP server is accessible from the switch 8212switch is a user defined symbolic name to help you find the correct section of the bootptab file If you have multiple switches that will be...

Страница 183: ...Loopback Interfaces This section describes how to configure and use user defined loopback inter faces on the switch Introduction By default each switch has an internal loopback interface lo0 with the...

Страница 184: ...er ping the switch using the router ID even if other interfaces are operational For more information about how to configure a loopback IP address to participate in an OSPF broadcast area refer to the...

Страница 185: ...ample if you configure a VLAN with IP address 172 16 100 8 24 you cannot configure a loopback interface with IP address 172 16 100 8 In the same way if you configure a loopback interface lo1 with IP a...

Страница 186: ...d Output Not e The default loopback interface lo0 with IP address 127 0 0 1 is not displayed in the show ip command output because it is permanently configured on the switch To display the default loo...

Страница 187: ...one user defined loopback interface lo2 Figure 8 8 Example of show ip route Command Output ProCurve show ip route IP Route Entries IP Routing Enabled Default TTL 64 ARP Age 20 Destination Gateway VLA...

Страница 188: ...ddress when the switch downloads the file and reboots The switch adopts all other configuration parameters in the configuration file into the startup config file If the switch s current IP addressing...

Страница 189: ...ir manually assigned IP addressing and switch 4 will be configured to acquire its IP addressing from a DHCP server Entering ippreserve inthelastlineofaconfiguration file implements IP Preserve when th...

Страница 190: ...Curve module 1 type J8702A module 2 type J8705A trunk A11 A12 Trk1 Trunk ip default gateway 10 10 10 115 snmp server community public Unrestricted vlan 1 name DEFAULT_VLAN untagged A1 A10 A13 A24 B1 B...

Страница 191: ...t of the downloaded configuration file determines the IP addresses and subnet masks for other VLANs ProCurve show run Running configuration J8715A Configuration Editor Created on release K 12 07 hostn...

Страница 192: ...8 24 Configuring IP Addressing IP Preserve Retaining VLAN 1 IP Addressing Across Configuration File Downloads 3500 5400 6200 8200 MCG Jan08 K_13_01 book Page 24 Monday January 28 2008 10 04 AM...

Страница 193: ...n 9 8 Configuring Enabling or Disabling the SNTP Mode 9 10 TimeP Viewing Selecting and Configuring 9 16 Menu Viewing and Configuring TimeP 9 17 CLI Viewing and Configuring TimeP 9 18 Viewing the Curre...

Страница 194: ...d TimeP Time Synchronization You can either manually assign the switch to use a TimeP server or use DHCP to assign the TimeP server In either case the switch can get its time synchro nization updates...

Страница 195: ...choices are SNTP Broadcast or Unicast TimeP DHCP or Manual 3 Configure the remaining parameters for the time protocol you selected The switch retains the parameter settings for both time protocols ev...

Страница 196: ...time synchronization method timep page 9 6 page 9 10 ff disable time synchronization timep page 9 6 page 9 14 enable the SNTP mode Broadcast Unicast or Disabled disabled broadcast n a page 9 6 page 9...

Страница 197: ...iginal server it the switch accepts a broadcast time update from the next server it detects Poll Interval seconds In Unicast Mode Specifies how often the switch polls the designated SNTP server for a...

Страница 198: ...owing i Press to move the cursor to the Server Address field ii Enter the IP address of the SNTP server you want the switch to use for time synchronization CONSOLE MANAGER MODE Switch Configuration Sy...

Страница 199: ...the updated list For more on this topic refer to SNTP Unicast Time Polling with Multiple SNTP Servers on page 9 25 iv Press to move the cursor to the Poll Interval field then go to step 6 Figure 9 3...

Страница 200: ...od then enabled SNTP in broadcast mode with the default poll interval show sntp lists the following SNTP Command Page show sntp 9 8 no timesync 9 10 and ff 9 14 sntp broadcast 9 11 sntp unicast 9 11 s...

Страница 201: ...ess Protocol Version 1 2001 db8 215 60ff fe79 8980 7 2 10 255 5 24 3 3 fe80 123 vlan10 3 ProCurve config show sntp SNTP Configuration Time Sync Mode Timep SNTP Mode Unicast Poll Interval sec 720 719 P...

Страница 202: ...and page 9 11 Syntax sntp server ip addr Required only for unicast mode page 9 11 Syntax sntp server priority 1 3 Specifies the order in which the configured servers are polled for getting the time V...

Страница 203: ...erify the configuration The commands and output would appear as follows Figure 9 7 Example of Enabling SNTP Operation in Broadcast Mode Enabling SNTP in Unicast Mode Like broadcast mode configuring SN...

Страница 204: ...s the order in which the configured SNTP servers are polled for getting the time Value is between 1 and 3 Syntax no sntp server ip addr Deletes the specified SNTP server Not e Deleting an SNTP server...

Страница 205: ...c Mode Sntp SNTP Mode Unicast Poll Interval sec 720 720 Priority SNTP Server Address Protocol Version 1 2001 db8 215 60ff fe79 8980 7 2 10 255 5 24 3 3 fe80 123 vlan10 3 In this example the Poll Inter...

Страница 206: ...mand For example suppose SNTP is running as the switch s time synchronization protocol with Broadcast as the SNTP mode and the factory default polling interval You would halt time synchronization with...

Страница 207: ...28 227 141 and a server version of 3 the default no sntp changes the SNTP configuration as shown below and disables time synchronization on the switch Figure 9 11 Example of Disabling Time Synchroniza...

Страница 208: ...the Menu interface Time Sync Method parameter or the CLI timesync command DHCP When Timep is selected as the time synchronization method the switch attempts to acquire a Timep server IP address via D...

Страница 209: ...ing Use the Space bar to select the DHCP mode then press v to move the cursor to the Poll Interval field and go to step 6 Use the Space bar to select the Manual mode i Press to move the cursor to the...

Страница 210: ...you want for a TimeP Poll Interval Press Enter to return to the Actions line then S for Save to enter the new time protocol configuration in both the startup config and running config files CLI Viewin...

Страница 211: ...hough it is not currently in use Figure 9 14 Example of TimeP Configuration When TimeP Is Not the Selected Time Synchronization Method Syntax show timep This command lists both the time synchronizatio...

Страница 212: ...terface Time Sync Method parameter Syntax timesync timep Selects TimeP as the time protocol Syntax ip timep dhcp manual Enables the selected TimeP mode Syntax no ip timep Disables the TimeP mode Synta...

Страница 213: ...or DHCP mode 4 View the TimeP configuration The commands and output would appear as follows Figure 9 16 Example of Enabling TimeP Operation in DHCP Mode Syntax timesync timep Selects TimeP as the time...

Страница 214: ...new server IP address For example to select TimeP and configure it for manual operation using a TimeP server address of 10 28 227 141 and the default poll interval 720 minutes assuming the TimeP poll...

Страница 215: ...running as the switch s time synchronization protocol with DHCP as the TimeP mode and the factory default polling interval You would halt time synchronization with this command ProCurve config no tim...

Страница 216: ...wn below and disables time synchronization Figure 9 19 Example of Disabling Time Synchronization by Disabling the TimeP Mode Parameter Even though the Time Sync Mode is set to Timep time synchronizati...

Страница 217: ...address list again after the configured Poll Interval time has expired Displaying All SNTP Server Addresses Configured on the Switch The System Information screen in the menu interface displays only o...

Страница 218: ...use the CLI If there are multiple addresses and you delete one of them the switch re orders the address priority For example to delete the primary address in the above example and automatically conve...

Страница 219: ...X 10 15 Web Viewing Port Status and Configuring Port Parameters 10 18 Using Friendly Optional Port Names 10 18 Configuring and Operating Rules for Friendly Port Names 10 18 Configuring Friendly Port N...

Страница 220: ...other unexpected behavior on the link check the port configuration on both devices for a speed and or duplex mode mismatch To check the mode setting for a port on the switch use either the Port Status...

Страница 221: ...he menu interface MDI Sets the port to connect with a PC using a crossover cable Manual mode applies only to copper port switches using twisted pair copper Ethernet cables MDIX Sets the port to connec...

Страница 222: ...rossover MDI Configures the port to connect to a switch hub or other MDI X device with a straight through cable MDIX Configures the port to connect to a PC or other MDI device with a straight through...

Страница 223: ...To View Port Configuration The menu interface dis plays the configuration for ports and if configured any trunk groups From the Main Menu select 1 Status and Counters 4 Port Status Figure 10 1 Exampl...

Страница 224: ...r the first port 3 Refer to the online help provided with this screen for further information on configuration options for these features 4 When you have finished making changes to the above parameter...

Страница 225: ...fig page 10 8 show interfaces port utilization page 10 9 show tech transceivers page 10 9 interface page 10 11 disable enable page 10 11 speed duplex page 10 11 flow control page 10 12 broadcast limit...

Страница 226: ...00T No Yes Down Auto 10 100 Auto off 0 B2 100 1000T No Yes Down 1000FDx Auto off 0 B3 100 1000T No Yes Down 1000FDx Auto off 0 B4 100 1000T No Yes Down 1000FDx Auto off 0 B5 100 1000T No Yes Down 1000...

Страница 227: ...k status and the port rate average over a 5 minute period Port rates are shown in bits per second bps for ports up to 1 Gigabit for 10 Gigabit ports port rates are shown in kilobits per second Kbps Vi...

Страница 228: ...ine 23 Figure 10 6 no transceiver type product number or part information is displayed In the Serial Number field non operational is displayed instead of a serial num ber The following error messages...

Страница 229: ...e available Only these speeds are allowed with this setting For example to configure port C5 for auto 10 100 enter this command ProCurve config int c5 speed duplex auto 10 100 To configure ports C1 th...

Страница 230: ...mode must be set to Auto the default To disable flow control on some ports while leaving it enabled on other ports just disable it on the individual ports you want to exclude For example suppose that...

Страница 231: ...n the switch you would use these commands Figure 10 8 Example of Configuring Flow Control for a Series of Ports Figure 10 9 Example Continued from Figure 10 8 Enables per port flow control for ports A...

Страница 232: ...ontrol Syntax broadcast limit 0 99 Enables or disables broadcast limiting for outbound broadcasts on a selected port on the switch The value selected is the percentage of traffic allowed for example b...

Страница 233: ...s If you connect a copper port using a straight through cable on a switch to a port on another switch or hub that uses MDI X ports the switch port automatically operates as an MDI port If you connect...

Страница 234: ...rossover Cable Straight Through Cable Manual MDI X Straight Through Cable Crossover Cable Auto MDI X The Default Either Crossover or Straight Through Cable Syntax interface port list mdix mode auto md...

Страница 235: ...he case of ports configured for Auto auto mdix the MDI mode appears as either MDIor MDIX depending upon which option the port has negotiated with the device on the other end of the link In the case of...

Страница 236: ...ptional Port Names This feature enables you to assign alphanumeric port names of your choosing to augment automatically assigned numeric port names This means you can configure meaningful port names t...

Страница 237: ...t allowed and if used cause an invalidinput error The switch interprets a blank space as a name terminator In a port listing not assigned indicates that the port does not have a name assignment other...

Страница 238: ...isting of port numbers with their corresponding friendly port names and also quickly shows you which ports do not have friendly name assignments show name data comes from the running config file showi...

Страница 239: ...for All Ports on the Switch Figure 10 16 Example of Friendly Port Name Data for Specific Ports on the Switch Including Friendly Port Names in Per Port Statistics Listings A friendly port name configu...

Страница 240: ...running config file the Name line in the above command output appears as Name not assigned To Search the Configuration for Ports with Friendly Port Names This option tells you which friendly port nam...

Страница 241: ...s the friendly port name for port A1 in the startup config file The name entered for port A2 is not saved becauseitwasexecutedafter write memory In this case show config lists only port A1 Executing w...

Страница 242: ...as text files that can be uploaded to the switch without the modules having been installed yet Additionally you can pre configure the modules with the CLI module command The same module command used i...

Страница 243: ...n UDLD is enabled on the trunk ports on each ProCurve switch the switches detect the failed link block the ports connected to the failed link and use the remaining ports in the trunk group to forward...

Страница 244: ...be unblocked by disabling UDLD on the port Configuring UDLD When configuring UDLD keep the following considerations in mind UDLD is configured on a per port basis and must be enabled at both ends of...

Страница 245: ...u can specify from 10 100 in 100 ms increments where 10 is 1 second 11 is 1 1 seconds and so on Default 50 5 seconds Syntax link keepalive retries num Determines the maximum number of retries to send...

Страница 246: ...a value from 3 10 For example to change the maximum number of attempts to 4 enter the following command at the global configuration level ProCurve config link keepalive retries 4 Configuring UDLD for...

Страница 247: ...ink keepalive Syntax show link keepalive statistics Displays detailed statistics for the UDLD enabled ports on the switch Syntax clear link keepalive statistics Clears UDLD statistics This command cle...

Страница 248: ...ighbor Port 5 Udld Packets Received 1000 State Transitions 2 Port Blocking no Link vlan 1 Port 2 Current State up Neighbor MAC Addr 000102 030405 Udld Packets Sent 500 Neighbor Port 6 Udld Packets Rec...

Страница 249: ...1 and 22 but the user tries to configure UDLD on port 7 to send tagged packets in VLAN 4 the configuration will be accepted The UDLD control packets will be sent tagged in VLAN 4 which may result in t...

Страница 250: ...10 32 Port Status and Configuration Uni Directional Link Detection UDLD 3500 5400 6200 8200 MCG Jan08 K_13_01 book Page 32 Monday January 28 2008 10 04 AM...

Страница 251: ...Level 11 14 Disabling or Re Enabling PoE Port Operation 11 15 Enabling Support for Pre Standard Devices 11 15 Configuring PoE Redundancy 11 16 Changing the Threshold for Generating a Power Notice 11 1...

Страница 252: ...onfigurations 11 32 Assigning Priority Policies to PoE Traffic 11 33 Calculating the Maximum Load for a PoE Module 11 34 When a Power Supply Fails 11 35 PoE Operating Notes 11 36 PoE Event Log Message...

Страница 253: ...4 mini GBIC PoE module J8705A The switch must have at least one of the following power supplies installed ProCurve J8712A Power Supply providing 273 watts of PoE power ProCurve J8713A Power Supply pro...

Страница 254: ...modated PD Powered Device This is an IEEE 802 3af compliant device that receives its power through a direct connection to a Gig T PoE port in a PoE device ExamplesofPDsincludeVoice over IP VoIP teleph...

Страница 255: ...or SNMP and Event Log reporting of PoE consumption on either all PoE ports on the switch or on all PoE ports in one or more PoE modules Specify the port priority you want to use for provisioning PoE p...

Страница 256: ...uide which is available on the ProCurve Networking web site at www procurve com Click on technical support then Product manuals all The latest version of any ProCurve product guide is always on the Pr...

Страница 257: ...in case a PoE module becomes oversubscribed and must drop power for some lower priority ports to support the demand on other higher priority ports Configure one of the following A global power thresh...

Страница 258: ...m port Y and delivered to port X In this case the PD on port Y loses power and the PD on port X receives power If the new PD connects to a port X having a lower priority than all other PoE ports curre...

Страница 259: ...PD from a PoE port causes the module to stop providing PoE power to that port and makes the power available to any other PoE ports that have PDs connected and waiting for power If the PD demand for po...

Страница 260: ...Power Available PoE Power Available for the PoE J8702A Module One power supply J8712A Power Supply 273 watts J8713A Power Supply 900 watts Depending on the power demand from the PDs lower priority por...

Страница 261: ...l ProCurve config interface c3 c17 power over ethernet critical The Critical priority class always receives power If there is not enough power to provision PDs on all of the ports configured for this...

Страница 262: ...rnet low There are 48 PDs attached to all ports of modules A and C 24 ports each module There is only enough PoE power for 32 ports 8 5 watts x 32 ports 273 watts C22 C24 Low In this example the CLI c...

Страница 263: ...hest priority of the ports in that module if all ports are in the same priority class which is the case for this example Since a minimum 17 5 watts of power is allocated per PoE module port A1 will al...

Страница 264: ...est numbered port at that level will be provisioned first starting with module A then B C and so on PoE priorities are invoked only when all active PoE ports cannot be provisioned supplied with PoE po...

Страница 265: ...isabled on port list The no form of the command disables PoE operation on port list Default All PoE ports on the module are initially enabled for PoE operation at Low priority If you configure a highe...

Страница 266: ...r held in reserve for redundancy The no option means that all available power can be allocated to PDs Default No PoE redundancy enforced n 1 One of the power supplies is held in reserve for redundancy...

Страница 267: ...ules installed in the switch For example suppose slots A B and C each have a PoE module installed In this case executing the following command sets the global notification threshold to 70 of available...

Страница 268: ...on page 11 37 Default Global PoE Power Threshold 80 By using the slot slot id range option you can specify different notification thresholds for different PoE modules installed in the switch For exam...

Страница 269: ...r disables port s for allocating PoE power based on the link partner s capabilities via LLDP By default PoE information detected through LLDP is ignored Default Disabled ProCurve config show power ove...

Страница 270: ...lue command ProCurve config int A6 poe allocate by value or in interface context ProCurve eth A6 poe allocate by value Syntax no int port list poe allocate by usage class value Allows you to manually...

Страница 271: ...t Power Status for port A6 Power Enable Yes LLDP Detect enabled Priority low Configured Type AllocateBy value Value 15 Detection Status Delivering Power Class 0 Over Current Cnt 0 MPS Absent Cnt 0 Pow...

Страница 272: ...in the switch s MIB Manage ment Information Base as described in the following steps 1 Use the walkmibpethPsePortType slot command to determine the MIB based port number for the port to which you want...

Страница 273: ...b pethPsePortType 1 5 D Wireless 1 pethPsePortType 1 5 Wireless 1 5400 config show power over ethernet brief Status and Counters Port Power Status PoE Power LLDP Power Alloc PoE Configured Detection P...

Страница 274: ...power available in the event of a single power supply failure This is the amount of power the switch can maintain without dropping any PDs Total Redundancy Power Indicates the amount of PoE power tha...

Страница 275: ...ve config show power over ethernet Status and Counters System Power Status Pre standard Detect On Power Redundancy none Chassis power over ethernet Total Provided Power 273 W Total Failover Power 0 W...

Страница 276: ...ge class value PoE Value The maximum amount of PoE power allocated for that port expressed in watts Default 17W Configured Type If configured shows the user specified identifier for the port If not co...

Страница 277: ...nable Detect Priority By Val Type Status Class A1 Yes enabled low usage 5 Phone 1 Delivering 0 A2 Yes disabled low usage 17 Searching 1 A3 Yes disabled low usage 17 Searching 0 A4 Yes disabled low usa...

Страница 278: ...on this topic refer to the power command description under Configuring PoE Operation on page 11 14 Allocate by How PoE is allocated usage class value Detection Status Searching The port is available...

Страница 279: ...the field is empty Refer to Configuring Optional PoE Port Identifiers on page 11 22 Value The maximum amount of PoE power allocated for that port expressed in watts Default 17W Power Class Shows the p...

Страница 280: ...Detect enabled Priority low Configured Type AllocateBy value Value 17 Detection Status Delivering Power Class 0 Over Current Cnt 0 MPS Absent Cnt 0 Power Denied Cnt 0 Short Cnt 0 Voltage 492 dV Curren...

Страница 281: ...ure 11 10 Displaying Information about the Power Supplies Syntax show chassis power supply Displays the power information for each power supply in the chassis ProCurve config show chassis power supply...

Страница 282: ...first two topics If your PoE installation comes close to or is likely to exceed the system s ability to supply power to all devices that may request it then you should also read the third topic If it...

Страница 283: ...Security Guide for your switch The ProCurve Networking web site offersthelatestversionofallProCurveproductpublications Referto Getting Documentation From the Web on page 1 6 Assigning Priority Policie...

Страница 284: ...delivers to a specific PoE module there may or may not always be enough power available to connect and support PoE operation on all 24 Gig T ports in a PoE module PoE power is available if it is eith...

Страница 285: ...s installed supplying 900 watts of PoE power each total 1800 watts then 900 watts of PoE power will be available to continue supplying PoE power to ports in priority order if one power supply fails If...

Страница 286: ...d PoE devices as evenly as possible across modules To cycle the power on a PD receiving power from a PoE port on the switch disable then re enable the power to that port For example to cycle the power...

Страница 287: ...low the threshold specified by the last execution of the power threshold command affecting that module This message occurs if after the last reboot the PoE demand on the module exceeded the power thre...

Страница 288: ...onthe indicated port and the port does not have sufficient PoE priority to take power from another active PoE port Port port id PD Invalid Signature indication Theswitchhasdetectedanon 802 3af compli...

Страница 289: ...runks 12 11 Using the CLI To Configure a Static or Dynamic Trunk Group 12 14 Web Viewing Existing Port Trunk Groups 12 17 Trunk Group Operation Using LACP 12 18 Default Port Operation 12 21 LACP Notes...

Страница 290: ...e consecutive For example Figure 12 1 Conceptual Example of Port Trunking With full duplex operation in a eight port trunk group trunking enables the following bandwidth capabilities Feature Default M...

Страница 291: ...media type in a port trunk group Similarly for proper trunk operation all links in the same trunk group must have the same speed duplex and flow control Port Security Restriction Portsecuritydoesnotop...

Страница 292: ...s The 10 gigabit ports available for some switch models allow only the Auto setting Fault Tolerance If a link in a port trunk fails the switch redistributes traffic originally destined for that link t...

Страница 293: ...to change them to LACP passive Static Trunk The switch uses the links you configure with the Port Trunk Settings screen in the menu interface or the trunk command inthe CLI to create a static port tru...

Страница 294: ...nk group You want an LACP trunk group to operate in a VLAN other than the default VLAN and GVRP is disabled Refer to VLANs and Dynamic LACP on page 12 23 You want to use a monitor port on the switch t...

Страница 295: ...Flow control Flow Ctrl LACP is a full duplex protocol Refer to Trunk Group Operation Using LACP on page 12 18 Trunk Configuration All ports in the same trunk group must be the same trunk type LACP or...

Страница 296: ...e IGMP for a static trunk in the same way that you would configure IGMP on a non trunked port Note that the switch lists the trunk by name such as Trk1 and does not list the individual ports in the tr...

Страница 297: ...dure uses the Port Trunk Settings screen to configure a static port trunk group on the switch 1 Follow the procedures in the Important note above 2 From the Main Menu Select 2 Switch Configuration 2 P...

Страница 298: ...Advanced Traffic Management Guide for your switch To return a port to a non trunk status keep pressing the Space bar until a blank appears in the highlighted Group value for that port Figure 12 5 Exam...

Страница 299: ...Port Trunks You can list the trunk type and group for all ports on the switch or for selected ports You can also list LACP only status information for LACP configured ports Listing Static Trunk Type a...

Страница 300: ...includes a port list and thus shows trunk group information only for specific ports that have membership in a static trunk In figure 12 7 the command does not include a port list so the switch lists a...

Страница 301: ...or a trunk by including more than eight ports in a dynamic LACP trunk configuration When eight ports trunk links are up the remaining link s will be held in standby status If a trunked link that is Up...

Страница 302: ...the ports until the trunk is configured Refer to Enabling or Disabling Ports and Configuring Port Mode on page 10 11 The table on page 12 5 describes the maximum number of trunk groups you can configu...

Страница 303: ...ve ports C4 and C5 from an existing trunk group ProCurve config no trunk c4 c5 Enabling a Dynamic LACP Trunk Group In the default port configura tion all ports on the switch are set to disabled To ena...

Страница 304: ...figures port list as LACP active If the ports at the other end of the links on port list are configured as LACP passive then this command enables a dynamic LACP trunk group on port list Switch A withp...

Страница 305: ...wing ProCurve config no interface c6 lacp ProCurve config interface c6 lacp passive Note that in the above example if the port on the other end of the link is configured for active LACP or static LACP...

Страница 306: ...rates with Auto 10 Auto 100 andAuto 1000 ifnegotiation selectsFDx and 10FDx 100FDx and 1000FDx settings LACP trunk status commands include Thus to display a listing of dynamic LACP trunk ports you mus...

Страница 307: ...t Group name The ports on both ends of each link have compatible mode settings speed and duplex The port on one end of each link must be configured for LACP Active and the port on the other end of the...

Страница 308: ...of the following trunking protocols Active LACP Passive LACP Trunk This option uses LACP for the port Type parameter and TrkX for the port Group parameter where X is an automatically assigned value in...

Страница 309: ...as Port Number The port is configured for LACP but is not a member of a port trunk Port Status Up The port has an active LACP link and is not blocked or in Standby mode Down The port is enabled but an...

Страница 310: ...ACP is not allowed on ports configured for port security If you configure port security on a port on which LACP active or passive is configured the switch removes the LACP configuration displays a not...

Страница 311: ...hat port which means you must manually configure both ends of the trunk Dynamic LACP Trunks You can configure a port for LACP active or LACP passive but on a dynamic LACP trunk you cannot configure th...

Страница 312: ...omes active again the replace ment port goes back to blocked Port Status is Blocked It can take a few seconds for the switch to discover the current status of the ports Figure 12 11 Blocked Ports with...

Страница 313: ...ex FDx requirement for LACP trunking 10 gigabit ports operate only at FDx A port configured as LACP passive and not assigned to a port trunk can be configured to half duplex HDx However in any of the...

Страница 314: ...fic is handled by the device at the other end of the trunked links Similarly the switch handles incoming traffic from the trunked links as if it were from a trunked source When a trunk group is config...

Страница 315: ...rs That is the switch sends traffic from the same sourceaddresstothesamedestinationaddressthroughthesametrunkedlink and may also send traffic from the same source address to a different desti nation a...

Страница 316: ...he IP source address and IP destination address otherwise the MAC addresses are used The result of that process undergoes a mapping that determines which link the traffic goes through If you have only...

Страница 317: ...can vary widely it is possible for one link in a trunk group to be fully utilized while other links in the same trunk have unused bandwidth capacity even if the assignments were evenly distributed acr...

Страница 318: ...12 30 Port Trunking Outbound Traffic Distribution Across Trunked Links 3500 5400 6200 8200 MCG Jan08 K_13_01 book Page 30 Monday January 28 2008 10 04 AM...

Страница 319: ...terface 13 14 Displaying the Current ICMP Rate Limit Configuration 13 14 Operating Notes for ICMP Rate Limiting 13 15 ICMP Rate Limiting Trap and Event Log Messages 13 17 Guaranteed Minimum Bandwidth...

Страница 320: ...Jumbo Traffic on a VLAN 13 33 Configuring a Maximum Frame Size 13 33 Configuring IP MTU 13 34 SNMP Implementation 13 34 Displaying the Maximum Frame Size 13 35 Operating Notes for Maximum Frame Size...

Страница 321: ...ify bandwidth usage in terms of kilobits per second kbps Guaranteed Minimum Bandwidth GMB Provides a method for ensuring that each of a port s outbound queues has a specified minimum consideration for...

Страница 322: ...iting also can be applied by a RADIUS server during an authentication client session For further details refer to the chapter titled RADIUS Authen tication and Accounting in the Access Security Guide...

Страница 323: ...either inbound or outbound traffic Specifying the traffic rate as either a percentage of bandwidth or in terms of bits per second Syntax no int port list rate limit all in out percent 0 100 kbps 0 100...

Страница 324: ...100 199 Kbps is also implemented as a limit of 100 Kbps a limit of 200 299 Kbps is implemented as a limit of 200 Kbps and so on Percentage limits are based on link speed For example if a 100 Mbps port...

Страница 325: ...d do not appear in the startup config file ProCurve eth A5 show rate limit all a1 a6 All Traffic Rate Limit Maximum Port Inbound Limit Mode Radius Override Outbound Limit Mode A1 Disabled Disabled No...

Страница 326: ...adding it to a trunk suspends ProCurve config show config Startup configuration J8697A Configuration Editor Created on release K 12 XX hostname ProCurve Switch 8212zl module 1 type J8705A snmp server...

Страница 327: ...pressure to hold high priority inbound traffic from the upstream device or application to a rate that is lower than the configured rate limit In this case the inbound traffic flow does not reach the...

Страница 328: ...tes per second that 100 Mbps can support for minimum sized packets Suppose port X is configured with a rate limit of 50 4 761 904 bytes If a throughput testing application is the only application usin...

Страница 329: ...allow one to five per cent of available inbound bandwidth at 10 Mbps or 100 Mbps speeds or 100 10 000 kbps 1Gbps or 10 Gbps speeds to be used for ICMP traffic This feature should not be used to remov...

Страница 330: ...limit thresholds are applicable to other network environments On edge interfaces where ICMP traffic should be minimal a threshold of 1 of available bandwidth should be sufficient for most application...

Страница 331: ...low values for example less than 45 Kbps This is to allow metering to function well at higher media speeds such as 10 Gbps Syntax no int port list rate limit icmp percent 0 100 kbps 0 10000000 Configu...

Страница 332: ...f the port s bandwidth The ICMP traffic rate limit on port X is configured at 2 of the port s bandwidth If at a given moment Inbound ICMP traffic on port X is using 1 of the port s bandwidth and Inbou...

Страница 333: ...te limiting is available on all types of ports other than trunk ports or mesh ports and at all port speeds configurable for the switch Rate limiting is not permitted on mesh ports Either type of rate...

Страница 334: ...with flow control In cases where both types of rate limiting rate limit all and rate limit icmp are configured on the same interface thissituationismorelikelyto occur Inanothertypeofsituation an outbo...

Страница 335: ...MP Rate Limiting Trap and Event Log Messages If the switch detects a volume of inbound ICMP traffic on a port that exceeds the ICMP rate limit configured for that port it generates one SNMP trap and o...

Страница 336: ...s external slot number identity To match the port s external slot number to the internal port number use the walkmib ifDescr command as shown in the following figure Figure 13 5 Matching Internal Port...

Страница 337: ...thereisinsufficientbandwidth allocated to a particular outbound priority queue for a given port If additional unused bandwidth is not available the port delays or drops the excess traffic GMB Operatio...

Страница 338: ...it is neces sary only to specify the minimum bandwidth you want to allocate to the lower priority queues In this case the high priority traffic automatically receives all unassigned bandwidth without...

Страница 339: ...B settings for all outbound queues on a given port cannot exceed 100 Impacts of QoS Queue Configuration on GMB Operation The section on Configuring Guaranteed Minimum Bandwidth for Out bound Traffic a...

Страница 340: ...ch as links to routers other switches or to the network core Syntax no int port list bandwidth min output Configures the default minimum bandwidth allocation for the outbound priority queue for each p...

Страница 341: ...the unallocated bandwidth is apportioned to oversubscribed queues in descending order of priority For example if you configure a minimum of 10 for queues 1 7 and 0 for queue 8 then the unallocated ba...

Страница 342: ...eue 7 becomes oversubscribed and queue8isnotalreadyusingalloftheunallocatedbandwidth then queue 7 can use the unallocated bandwidth Also any unused bandwidth allocated to queues 6 to queue 1 is availa...

Страница 343: ...ndwidth output port list Without port list this command lists the GMB configuration for all ports on the switch With port list this command lists the GMB configuration for the specified ports This com...

Страница 344: ...andwidth min and show bandwidth output to operate only on the number of queues currently configured In addition when the qos queue config command is executed any previously configured bandwidth min ou...

Страница 345: ...0 Mbps only frames that do not exceed 1522 bytes are allowed inbound on that port Terminology Jumbo Frame An IP frame exceeding 1522 bytes in size The maximum Jumbo frame size is 9220 bytes This size...

Страница 346: ...rt Adds and Moves If you add a port to a VLAN that is already configured for jumbo traffic the switch enables that port to receive jumbo traffic If you remove a port from a jumbo enabled VLAN the swit...

Страница 347: ...ating at least at gigabit speed Check the Mode field in the output for the show interfaces brief port list command 3 Use the jumbo command to enable jumbo frames on one or more VLANs statically config...

Страница 348: ...umn to indicate which VLANs are configured to support jumbo traffic Entering only one port in port list results in a list of all VLANs to which that port belongs Entering multiple ports in port list r...

Страница 349: ...Jumbo Status for a VLAN Syntax show vlans vid This command shows port membership and jumbo configuration for the specified vid Indicates which static VLANs are configured to enable jumbo frames Lists...

Страница 350: ...o one jumbo VLAN can receive jumbo frames through any other VLAN statically configured on the switch regardless of whether the other VLAN is enabled for jumbo frames The no form of the command disable...

Страница 351: ...ropri etary MIB object hpSwitchMaxFrameSize OBJECT TYPE This is the value of the global max frame size supported by the switch The default value is set to 9216 bytes Jumbo IP MTU The IP MTU for Jumbos...

Страница 352: ...of software that supports setting the maximum frame size from a version that did not the max frame size value is set automatically to 9216 bytes Configuring a Jumbo maximum frame size on a VLAN allows...

Страница 353: ...more jumbo VLANs with a membership comprised of only the ports you want to receive jumbo traffic Because a port belonging to one jumbo enabled VLAN can receive jumbo frames through any VLAN to which...

Страница 354: ...opped by the downstream device Jumbo Traffic in a Switch Mesh Domain Note that if a switch belongs to a meshed domain but does not have any VLANs configured to support jumbo traffic then the meshed po...

Страница 355: ...und jumbo frames To determine the actual operating speed of one or more ports view the Mode field in the output for the following command show interfaces brief port list A non jumbo port is generating...

Страница 356: ...13 38 Port Traffic Controls Jumbo Frames 3500 5400 6200 8200 MCG Jan08 K_13_01 book Page 38 Monday January 28 2008 10 04 AM...

Страница 357: ...LI Viewing and Configuring SNMP Community Names 14 15 SNMP Notifications 14 17 Supported Notifications 14 17 General Steps for Configuring SNMP Notifications 14 18 SNMPv1 and SNMPv2c Traps 14 19 Confi...

Страница 358: ...fication Support 14 51 Configuring Per Port Transmit and Receive Modes 14 52 Configuring Basic LLDP Per Port Advertisement Content 14 53 Configuring Support for Port Speed and Duplex Advertisements 14...

Страница 359: ...ically using DHCP or Bootp If multiple VLANs are configured each VLAN interface should have its own IP address For DHCP use with multiple VLANs refer to the section titled The Primary VLAN in the Stat...

Страница 360: ...o to the ProCurve Networking web site at www procurve com Click on software updates then MIBs Configuring for SNMP version 1 and 2c Access to the Switch SNMP access requires an IP address and subnet m...

Страница 361: ...DHCP Bootp to configure the switch ensure that the DHCP Bootp process provides the IP address See DHCP Bootp Operation on page 8 12 Once an IP address has been configured the main steps for configuri...

Страница 362: ...etwork management applications such as auto discovery traffic monitoring SNMP trap generation and threshold setting from operating in the switch Syntax no snmpv3 enable Enable and disable the switch f...

Страница 363: ...d to clone The initial user record can be downgraded and provided with fewer features but not upgraded by adding new features For this reason it is recommended that when you enable SNMPv3 you also cre...

Страница 364: ...existing security group Adding Users To configure an SNMPv3 user you must first add the user name to the list of known users with the snmpv3 user command Figure 14 2 Adding SNMPv3 Users and Displayin...

Страница 365: ...tion you can set either MD5 or SHA authentication The authentication password auth_pass must be 6 32 characters in length and is mandatory when you configure authentication Default None priv des aes p...

Страница 366: ...applications Syntax no snmpv3 group This command assigns or removes a user to a security group for access rights to the switch To delete an entry all of the following three parameters must be included...

Страница 367: ...SNMP commuities are supported by the switch to allow management applications that use version 2c or version 1 to access the switch The communities are mapped to Group Access Levels that are used for v...

Страница 368: ...to specify the index_name parameter index index_name This is an index number or title for the mapping The values of 1 5 are reserved and can not be mapped name community_name This is the community nam...

Страница 369: ...ome network management functions such as traffic monitoring SNMP trap generation and threshold setting If network management security is a concern and you are using the above software versions ProCurv...

Страница 370: ...Community Name field and use the Space bar to select the appropriate value in each of the other fields Use the Tab key to move from one field to the next 4 Press Enter then S for Save Add and Edit opt...

Страница 371: ...ther community named blue team Figure 14 7 Example of the SNMP Community Listing with Two Communities To list the data for only one community such as the public community use the above command with th...

Страница 372: ...perator MIB view If you do not specify restricted or unrestricted the switch automatically assigns the community to restricted read only access The no form uses only the community name variable and de...

Страница 373: ...up linkUp Port security web MAC or 802 1X authentication failure Invalid password entered in a login attempt through a direct serial Telnet or SSH connection Inability to establish a connection with t...

Страница 374: ...procedures SNMPv1 and SNMPv2c Traps on page 14 19 Configuring an SNMP Trap Receiver on page 14 19 Enabling SNMPv2c Informs on page 14 21 If you want to use SNMPv3 notifications including traps you mus...

Страница 375: ...ic community name these traps are not sent Thresholds A switch automatically sends all messages created when a system threshold is reached to the network management station that configured the thresho...

Страница 376: ...ype of event log message that you specify applies only to event log messages not to threshold traps For each configured event level the switch continues to send threshold traps to all network manageme...

Страница 377: ...for SNMPv2c you can use the snmp server host inform command to send inform requests when certain events occur When an SNMP Manager receives an inform request it can send an SNMP response back to the...

Страница 378: ...ow snmp server SNMP Communities Community Name MIB View Write Access public Manager Unrestricted Trap Receivers Link Change Traps Enabled on Ports All All Address Community Events Sent Notify Type Ret...

Страница 379: ...mand see SNMPv3 Users on page 14 7 Each SNMPv3 user configuration is entered in the User Table 3 Assign SNMPv3 users to security groups according to their level of access privilege by entering the snm...

Страница 380: ...s to be sent to the IP address of the SNMPv3 management station You can enter more than one tag_name value Each tag_name value must be already associated with the name of an SNMPv3 notification config...

Страница 381: ...snmpv3 targetaddress command in Step 5 to a specified SNMPv3 user from the user user_name value configured with the snmpv3 user command in Step 2 If you enter the snmpv3 params user command you must a...

Страница 382: ...You can manage the default configuration of the switch to disable and re enable notifications to be sent for the following types of security events SNMP authentication failure Port security web MAC or...

Страница 383: ...port security auth server fail dhcp snooping arp protect Enables or disables sending one of the following types of security notification to configured trap receivers snmp auth sends a trap for a faile...

Страница 384: ...Category Current Trap Configuration SNMP Authentication extended Password change enabled Login failures enabled Port Security enabled Authorization Server Contact enabled ARP Protection enabled DHCP...

Страница 385: ...SNMP request was received as the source IP address in the IP header of SNMP traps and replies enter the following command ProCurve config snmp server response source dst ip of request Syntax no snmp s...

Страница 386: ...f the SNMP response PDU can be changed Only the source IP address field in the IP header and the SNMPv1 Agent Address field of the SNMP trap PDU can be changed To verify the configuration of the inter...

Страница 387: ...r Unrestricted Trap Receivers Link Change Traps Enabled on Ports All All Excluded MIBs Snmp Response Pdu Source IP Information Selection Policy dstIpOfRequest Trap Pdu Source IP Information Selection...

Страница 388: ...d blue team Manager Unrestricted red team Manager Unrestricted Trap Receivers Link Change Traps Enabled on Ports All All Trap Category Current Trap Configuration SNMP Authentication extended Password...

Страница 389: ...leases sFlow was configured on the switch via SNMP using a single sFlow instance Beginning with software release K 11 34 sFlow can also be configured via the CLI for up to three distinct sFlow instanc...

Страница 390: ...bles flow sampling for that instance The receiver instance number is 1 2 or 3 and the sampling rate is the allowable non zero skipcount for the specified port or ports To disable flow sampling for the...

Страница 391: ...t has been configured Datagrams Sent shows the number of datagrams sent by the switch agent to the management station since the switch agent was last enabled Timeout displays thenumber of seconds rema...

Страница 392: ...a specific receiver instance are assigned dynamically and so the instance numbers may not always match The key thing to note is whether sampling or polling is enabled on a port and the sampling rates...

Страница 393: ...age 14 45 Enable or disable LLDP on the switch Enabled page 14 41 Change the transmit interval refresh interval for LLDP packets 30 seconds page 14 48 Change the holdtime multiplier for LLDP Packets h...

Страница 394: ...capability and some configuration information In VoIP deployments using LLDP MED on the switches covered in this guide additional support unique to VoIP applications is also available Refer to LLDP M...

Страница 395: ...s based telephone system having a common interface with the public switched telephone system and having multiple telephone lines common control units multiple telephone sets and control hardware and s...

Страница 396: ...ocol and does not include any acknowledgement mechanism An LLDP enabled port receiving LLDP packets inbound from neighbor devices stores the packet data in a Neighbor database MIB LLDP MED This capabi...

Страница 397: ...h active port enabled for outbound LLDP transmissions and receives LLDP advertisements on each active port enabled to receive LLDP traffic page 14 52 Per Port configuration options include four modes...

Страница 398: ...Port Type3 6 N A Always Enabled Uses Local meaning assigned locally by LLDP Port Id6 N A Always Enabled Uses port number of the physical port In the switches covered in this guide this is an internal...

Страница 399: ...play data collected on adjacent LLDP devices as well as the local data the switch is transmitting to adjacent LLDP devices page 14 45 Using an SNMP application that is designed to query the Neighbors...

Страница 400: ...ID 1 and there is an IP address configured for the defaultVLAN thentheportadvertisesthisIPaddress Inthe defaultoperation the IP address that LLDP uses can be an address acquired by DHCP or Bootp You c...

Страница 401: ...on on operation and configuration unique to LLDP MED refer to LLDP MED Media Endpoint Discovery on page 14 56 Viewing the Current Configuration Displaying the Global LLDP Port Admin and SNMP Notificat...

Страница 402: ...eral LLDP Configuration Displays the LLDP global configuration LLDP port status and SNMP notification status For information on port admin status refer to Configuring Per Port Transmit and Receive Mod...

Страница 403: ...configuration for all ports in port list including which optional TLVs and any non default IP address that are included in the port s outbound advertisements For information on the notification settin...

Страница 404: ...nts received from other devices The switch preserves the current LLDP configuration when LLDP is disabled After LLDP is disabled the information in the LLDP neighbors database remains until it times o...

Страница 405: ...ould result in a Time to Live of 30 seconds ProCurve config lldp holdtime multiplier 2 Changing the Delay Interval Between Advertisements Generated by Value or Status Changes to the LLDP MIB The switc...

Страница 406: ...and SNMP notification are configured All of this can unnecessarily increase network traffic Extending the reinitialization Syntax setmib lldpTxDelay 0 i 1 8192 Uses setmib to change the minimum time d...

Страница 407: ...les SNMP notification on ports 1 5 ProCurve config lldp enable notification 1 5 Syntax setmib lldpReinitDelay 0 i 1 10 Uses setmib to change the minimum time reinitialization delay interval an LLDP po...

Страница 408: ...e generated in the specified interval only the first trap will be sent The remaining traps will be suppressed A network management application can periodically check the switch MIB to detect any misse...

Страница 409: ...tbound LLDP advertisements for specific ports Syntax no lldp config port list ipAddrEnable ip address Replaces the default IP address for the port with an IP address you specify This can be any IP add...

Страница 410: ...actual content port description TLV system name TLV system description TLV system capabilities TLV system capabilities Supported TLV subelement system capabilities Enabled TLV subelement port speed a...

Страница 411: ...ts are supported on the switches covered in this guide to inform an LLDP endpoint and the switch port of each other s port speed and duplex configuration and capabilities Configuration mismatches betw...

Страница 412: ...to both LLDP and LLDP MED operation LLDP MED benefits include plug and play provisioning for MED capable VoIP endpoint devices simplified vendor independent management enabling different IP telephony...

Страница 413: ...LLDP MED on the switches coveredinthis guide interoperates with directly connected IP telephony endpoint clients having these features and services able to autonegotiate speed and duplex configuration...

Страница 414: ...infrastructure devices such as switch to switch or switch to router links LLDP MED Endpoint Device Classes LLDP MED endpoint devices are by definition located at the network edge and communicate usin...

Страница 415: ...s covered in this guide offer two configurable TLVs supporting MED specific capabilities medTlvEnable for per port enabling or disabling of LLDP MED opera tion medPortLocation for configuring per port...

Страница 416: ...al on which the activity was detected For more in internal port numbers refer to Determining the Switch Port Number Included in Topology Change Notification Traps on page 14 78 the LLDP MED class of t...

Страница 417: ...ort may use the data contained in the MED TLVs from the switch to configure itself However the lldp refresh interval setting default 30 seconds for transmitting advertisements can cause an unacceptabl...

Страница 418: ...switch can be tagged or untagged However if the LLDP MED endpoint expects a tagged mem bership when the switch port is configured for untagged or the reverse then a configuration mismatch results Typ...

Страница 419: ...bles or disables advertisement of the following TLVs on the specified ports device capability TLV configured network policy TLV configured location data TLV Refer to Configuring Location Data for LLDP...

Страница 420: ...raffic Also this TLV cannot be enabled unless the capability TLV is already enabled For more information refer to Network Policy Advertisements on page 14 62 location_id This TLV enables the switch po...

Страница 421: ...ed on the MED capable end point power value indicates the total power in watts that a switch port PSE can deliver at a particular time or the total power in watts that the MED endpoint PD requires to...

Страница 422: ...new medPortLocation entry of any type on a port replaces any previously configured entry on that port civic addr COUNTRY STR WHAT CA TYPE CA VALUE CA TYPE CA VALUE CA TYPE CA VALUE This command enable...

Страница 423: ...and organize the location data components in an understandable format for response personnel to interpret A civic addr command requires a minimum of one type value pair but typically includes multiple...

Страница 424: ...e if a type value pair of 6 Atlantic to specify Atlantic as a street name is configured on port A5 and later another type value pair of 6 Pacific is configured on the same port then Pacific replaces A...

Страница 425: ...unit or apartment 26 city subdivision 4 floor 27 street 6 room number 28 street suffix 18 The code assignments in this table are examples from a work in progress the internet draft titled Dynamic Host...

Страница 426: ...data Figure 14 20 Example of a Civic Address Configuration Displaying Advertisement Data Command Page show lldp info local device below walkmib lldpXdot3LocPortOperMauType show lldp info remote device...

Страница 427: ...mmand displays the global switch information and the per port information currently available for populating outbound LLDP advertisements With the port list option this command displays only the follo...

Страница 428: ...by using an SNMP application You can also use the switch CLI to display thisinformation if necessary The following two commands provide methods for displaying speed and duplex information for switch...

Страница 429: ...which they were discovered Multiple devices listed for a single port indicates that such devices are connected to the switch through a hub Discovering the same device on multiple ports indicates that...

Страница 430: ...ered Devices Figure 14 24 Example of an LLLDP MED Listing of an Advertisement Received From an LLDP MED VoIP Telephone Source Indicates the policy configured on the telephone A configuration mismatch...

Страница 431: ...LLDP neighbors detected since the last switch reboot Disconnecting then reconnecting a neighbor increments this counter Neighbor Entries Deleted Count Shows the number of neighbor deletions from the M...

Страница 432: ...er to Neighbor Maximum on page 14 77 This can also be an indication of advertisement formatting problems in the neighbor device Frames Invalid Shows the total number of invalid LLDP advertisements rec...

Страница 433: ...ch can support multiple neighbors connected through a hub on a given port but if the switch neighbor maximum is reached advertisements from additional neighbors on the same or other ports will not be...

Страница 434: ...Neighbor Database After the Neighbor Is Disconnected After disconnecting a neighbor LLDP device from the switch the neighbor can continue to appear in the switch s neighbor database for an extended p...

Страница 435: ...Neighbor Data With both LLDP and read only CDP enabled on a switch port the port can read both LLDP and CDP advertisements and stores the data from both types of advertisements in its neighbor databa...

Страница 436: ...bility TLV However LLDP differentiates between what a device is capable of supporting and what it is actually supporting and separates the two types of information into subelements of the System Capab...

Страница 437: ...bled1 n a Store inbound CDP data No forwarding of inbound CDP packets CDP Disabled n a NostorageofCDPdatafrom neighbor devices Floods inbound CDP packets from connected devices to outbound ports LLDP...

Страница 438: ...e Switch s Current CDP Configuration CDP is shown as enabled disabled both globally on the switch and on a per port basis The following example shows the default CDP configuration Figure 14 28 Example...

Страница 439: ...e for any CDP packets it receives from other neighboring CDP devices Syntax show cdp neighbors Lists the neighboring CDP devices the switch detects with a subset of the information collected from the...

Страница 440: ...mpty CDP Neighbors table show cdp displays Global CDP information Enable CDP Yes No Enabling or Disabling CDP Operation on Individual Ports In the factory default configuration the switch has all port...

Страница 441: ...cur 15 13 Consequences of Switchover 15 13 Resetting the Management Module 15 14 Hotswapping Management Modules 15 15 Hotswapping Out the Active Management Module 15 15 When the Standby Module is not...

Страница 442: ...5 29 Boot Command 15 29 Setting the Default Flash for Boot 15 31 Reload Command 15 32 Additional Commands Affected by Redundant Management 15 34 Using the Web Browser for Redundant Management 15 36 Id...

Страница 443: ...less downtime when updat ing software versions Not e The fabric modules are also redundant and can be enabled or disabled See Enabling and Disabling Fabric Modules on page 15 12 Terminology Redundant...

Страница 444: ...e finishes booting and then brings up the interface modules and ports The standby module boots to a certain point syncs basic files such as the config and security files and only finishes booting if t...

Страница 445: ...us of both the management and fabric redundant modules using this command An example of the output for the show redundancy command is seen in Figure 15 1 New Redundant Management Commands Page redunda...

Страница 446: ...Standby K 12 XX Primary 1 ProCurve J9093A F2 Fabric Module 8200zl Enabled 2 ProCurve J9093A F2 Fabric Module 8200zl Enabled Syntax no redundancy management module Allows enabling or disabling of redu...

Страница 447: ...t down a management module that is not functioning correctly without physically removing the module However removing the management module is the recommended method ProCurve config redundancy manageme...

Страница 448: ...command is shown in Figure 15 4 ProCurve config no redundancy management module The other management module will no longer be used for system redundancy except in the case of a hardware failure of the...

Страница 449: ...ting Primary Software Image Standby Console Syntax redundancy active management standby management module1 management module2 The specified module becomes the active management module at the next syst...

Страница 450: ...nfiguration files haven t been synchronized if redundancy has been disabled An example of making the offline management module become the standby management module when redundancy is disabled is shown...

Страница 451: ...ndby On the next system boot the standby will become active Redundancy and Synchronization have been disabled so it will not have current configurations ProCurve Switch 8200zl config boot The other ma...

Страница 452: ...of Disabling a Fabric Module Syntax redundancy fabric module 1 2 enable disable Allows enabling or disabling of fabric modules You cannot have both fabric modules disabled at the same time Default Bo...

Страница 453: ...d There is a hardware failure on the active management module In all of these cases the standby management module takes control and performs the actual switchover The reason for the switchover is ente...

Страница 454: ...nagement module is notified immediately It then takes over and becomes the active management module If the MM Reset button is pressed on the standby management module that module reboots but no other...

Страница 455: ...e hotswapped out press the MM Shut down button It is located between the Module Operation and Component Status LEDs See Figure 15 9 Figure 15 9 The MM Shutdown Button 2 The Dwn LED to the right of the...

Страница 456: ...anagement module However these conditions must be met to determine if the hotswapped module can become a standby management module The hotswapped module must pass selftest Redundancy is not administra...

Страница 457: ...formation about testing new software versions After installing the new software to the active management module wait a few minutes and then verify that the standby module has been synchronized with th...

Страница 458: ...e unless redundancy has been disabled If the standby management module is rebooted it will be running a different software version than the active management module You can direct the standby module t...

Страница 459: ...oftware version See Software Version Mismatch Between Active and Hotswapped Module on page 15 16 for more information Additionally if a switchover occurs or if you reboot to make the standby module be...

Страница 460: ...ttings Mgmt Redundancy Enabled Statistics Failovers 0 Last Failover Slot Module Description Status SW Version Boot Image 1 ProCurve J9092A Management Module 8200zl Active K 12 30 Primary 2 ProCurve J9...

Страница 461: ...written by the software version in the active management module Both management modules should now be operating on the same software version Turning Off Redundant Management Disabling Redundancy with...

Страница 462: ...one management module in the switch and then you insert a second management module the second module will never go into standby mode You must re enable redundant management using this command ProCurv...

Страница 463: ...es Command on an 8200zl Series Switch ProCurve config show modules Status and Counters Module Information Chassis 8212zl J9091A Serial Number LP711BX00Z Slot Module Description Serial Number Status 1...

Страница 464: ...ings Mgmt Redundancy enabled Statistics Failovers 0 Last Failover Slot Module Description Status SW Version Boot Image 1 ProCurve J9092A Management Module 8200zl Standby K 12 XX Primary 2 ProCurve J90...

Страница 465: ...redundancy is disabled the output of the show version command changes as shown in Figure 15 17 Figure 15 17 Example of show version Command when Redundancy is Disabled ProCurve config show version Man...

Страница 466: ...ProCurve Switch 8200zl config show log Keys W Warning I Information M Major D Debug Event Log listing Events Since Boot M 01 26 14 17 34 07 sys System reboot due to Power Failure I 01 26 14 17 34 07...

Страница 467: ...Settings Mgmt Redundancy Enabled Statistics Failovers 1 Last Failover Mon Sep 26 09 50 40 2005 Slot Module Description Status SW Version Boot Image 1 ProCurve J9092A Management Module 8200zl Active K...

Страница 468: ...s only shows the running version of software on the standby management module Figure 15 21 Example of Show Version Command for Standby Module Standby Console show version Image stamp sw code build btm...

Страница 469: ...mode for example it is in failed mode or offline mode switchover to the standby module does not occur The system is rebooted This message displays The other management module is not in standby mode an...

Страница 470: ...nt in the switch the system is rebooted Boot standby Bootsthestandbymanagementmodule Theswitchdoesnot switchover If the standby module is not present this message displays The other management module...

Страница 471: ...15 24 shows an example of the output when the command is used to set the boot default to secondary flash ProCurve config boot set default flash secondary This command changes the location of the defa...

Страница 472: ...command is a warm reboot it skips the Power on Self Test routine ProCurve config show flash Image Size Bytes Date Version Build Primary Image 7463821 03 05 07 K 12 XX 351 Secondary Image 7463821 03 05...

Страница 473: ...versions of this command do not display a prompt to save configuration file changes the changes are lost on the scheduled reload ProCurve config reload This command will cause a switchover to the oth...

Страница 474: ...hen no parameter is specified with the copy crash data or copy crash log command files from all modules management and interface are concatenated See Crash Files on page 15 42 Note If redundancy is di...

Страница 475: ...e standby module log Log messages from a formerly active management module are available on the current active management module after a switchover password set or clear Affects only the active manage...

Страница 476: ...his guide Online Help is available for the web browser interface You can use it by clicking on the question mark button in the upper right corner of any of the web browser interface screens Identity P...

Страница 477: ...nagement module The SystemUp Time since the last reboot Figure 15 27 Overview Page Showing the SystemUp Time for Both Management Modules Redundancy Status Page The Redundancy Status tab is visible onl...

Страница 478: ...representation of the switch Select the Configuration tab and then the Device View button The information displayed includes Fabric modules Interface modules System Support module LEDs and the status...

Страница 479: ...dundancy Switch 8212zl Using the Web Browser for Redundant Management Figure 15 29 Device View Showing Two Management Modules 3500 5400 6200 8200 MCG Jan08 K_13_01 book Page 39 Monday January 28 2008...

Страница 480: ...uide for your switch for more information about LEDs Figure 15 30 The Actv LED on the Management Module Standby Led Behavior To be completed Table 15 2 Actv Active LED Behavior for Management Modules...

Страница 481: ...Selftest I 01 26 14 17 36 19 00068 chassis Fabric 1 Inserted I 01 26 14 17 36 19 00068 chassis Fabric 2 Inserted I 01 26 14 17 36 19 00068 chassis Slot D Inserted I 01 26 14 17 36 19 00690 udpf DHCP r...

Страница 482: ...If no parameter is specified files from all modules management and interface are concatenated slot id retrieves the crash log from the module in the specified slot mm retrieves the crash logs from bot...

Страница 483: ...ost recent first Mgmt Module 1 in Active Mode went down 11 07 05 14 48 36 Operator warm reload from CONSOLE session Mgmt Module 1 in Active Mode went down 11 07 05 11 43 10 Operator cold reboot from C...

Страница 484: ...decision process works as follows 1 If there is only one management module that is the active management module 2 If one module is already booted and operational a newly inserted module or the other...

Страница 485: ...nly one module was active on last boot Only one module was on standby last boot Module in lowest slot becomes active Switch fails to boot Module passing selftest becomes active Module 1 becomes active...

Страница 486: ...anagement module is the active management module RMON_SYSTEM_MGMT_MOD_ACTIVE 9 Mgmt Module 1 or 2 in Standby Mode info The specified management module is in standby mode RMON_SYSTEM_MGMT_MOD_STANDBY 1...

Страница 487: ...eothermoduleand it has gone offline RMON_SYSTEM_MGMT_INCOMPAT_OS 19 Other management module is not in standby shutdown request ignored warn A shutdown request is ignored because the standby module is...

Страница 488: ...le s flash image to the standby management module RMON_SYSTEM_SYNC_BEGIN 25 Initial active to standby sync complete info Indicates the end of the initial synchronization of theactivemanagementmodule s...

Страница 489: ...NIX Workstation A 15 Menu Xmodem Download to Primary Flash A 16 CLI Xmodem Download from a PC or UNIX Workstation to Primary or Secondary Flash A 17 Using USB to Transfer Files to and from the Switch...

Страница 490: ...ile from a Serially Connected PC or UNIX Workstation A 30 USB Uploading an ACL Command File from a USB Device A 31 Copying Diagnostic Data to a Remote Host USB Device PC or UNIX Workstation A 32 Copyi...

Страница 491: ...Switch Software ProCurve periodically provides switch software updates through the ProCurve Networking web site For more information refer to the support and warranty booklet shipped with the switch...

Страница 492: ...ad a new image to primary flash Refer to Restoring a Flash Image on page C 80 Using TFTP To Download Switch Software from a Server This procedure assumes that A software version for the switch has bee...

Страница 493: ...E for Edit 3 Ensure that the Method field is set to TFTP the default 4 In the TFTP Server field type in the IP address of the TFTP server in which the software file has been stored 5 In the Remote Fi...

Страница 494: ...ftware the new image is always stored in primary flash Also using the Reboot Switch command in the Main Menu always reboots the switch from primary flash Rebooting the switch from the CLI gives you mo...

Страница 495: ...itch s IP configuration parameters are incorrect For a UNIX TFTP server the file permissions for the software file do not allow the file to be copied Another console session through either a direct co...

Страница 496: ...mory and the boot commands refer to Using Primary and Secondary Flash Image Options on page 6 14 Not e If you use auto tftp to download a new image in a redundant management system the active manageme...

Страница 497: ...nditconnectstoastandaloneTFTPserveroranotherProCurveswitchacting as a TFTP server to obtain the software image file s Using SCP and SFTP allows you to maintain your switches with greater security You...

Страница 498: ...on the switch 2 Execute ip ssh filetransfer to tell the switch that you want to enable secure file transfer 3 Use a third party client application for SCP and SFTP commands The SCP SFTP Process To use...

Страница 499: ...face or an SNMP application Auto TFTP is disabled by default and must be configured through the CLI ProCurve config ip ssh filetransfer Tftp and auto tftp have been disabled ProCurve config sho run Ru...

Страница 500: ...consistent value message An SNMP management application cannot be used to enable or disable auto TFTP ToenableSFTP by usinganSNMPmanagementapplication youmustfirst disable TFTP and if configured auto...

Страница 501: ...file transfer ProCurve config no ip ssh filetransfer Syntax no tftp enable This command disables all TFTP operation on the switch except for the auto TFTP feature To re enable TFTP operation use the...

Страница 502: ...refer to the documentation provided with the utility you select before performing this process SCP SFTP Operating Notes When an SFTP client connects the switch provides a file system display ing all o...

Страница 503: ...is no longer necessary Using Xmodem to Download Switch Software From a PC or UNIX Workstation This procedure assumes that The switch is connected via the Console RS 232 port to a PC operating as a ter...

Страница 504: ...path and name in the Filename field c In the Protocol field select Xmodem d Click on the Send button The download will then commence It can take several minutes depend ing on the baud rate set in the...

Страница 505: ...me in the Filename field c In the Protocol field select Xmodem d Click on the Send button The download can take several minutes depending on the baud rate used in the transfer 3 When the download fini...

Страница 506: ...ns only the first partition is supported Devices with secure partitions are not supported If they already exist on the device sub directories are supported When specifying a filename you must enter ei...

Страница 507: ...ch finishes copying the software file from the USB device it displays this progress message Validating and Writing System Software to the Filesystem 3 When the copy finishes you must reboot the switch...

Страница 508: ...select 7 Download OS screen 2 Ensure that the Method parameter is set to TFTP the default 3 In the TFTP Server field enter the IP address of the remote switch contain ing the software file you want to...

Страница 509: ...ons for this CLI feature include Copy from primary flash in the source to either primary or secondary in the destination Copy from either primary or secondary flash in the source to either primary or...

Страница 510: ...sh in Destination Using PCM to Update Switch Software ProCurve Manager Plus includes a software update utility for updating on ProCurve switch products For further information refer to the Getting Sta...

Страница 511: ...opied Xmodem Copying a Software Image from the Switch to a Serially Connected PC or UNIX Workstation To use this method the switch must be connected via the serial port to a PC or UNIX workstation For...

Страница 512: ...or replace an ACL in the switch configuration Not e For greater security you can perform all TFTP operations using SFTP as described in the section on Using Secure Copy and SFTP on page A 9 Syntax cop...

Страница 513: ...ory on drive d in a remote host having an IP address of 10 28 227 105 ProCurve copy tftp startup config 10 28 227 105 d configs sw8200 Syntax copy startup config running config tftp ip addr remote fil...

Страница 514: ...erminal emulator commands to begin the file transfer Xmodem Copying a Configuration File from a Serially Connected PC or UNIX Workstation To use this method the switch must be connected via the serial...

Страница 515: ...itch on page 6 19 Syntax copy xmodem startup config pc unix copy xmodem config filename pc unix Copies a configuration file from a serially connected PC or UNIX workstation to a designated configurati...

Страница 516: ...me of the file to copy For example to copy a configuration file from a USB device to the switch 1 Insert a USB device into the switch s USB port 2 Execute the following command where procurve config i...

Страница 517: ...isting ACL 2 Copied the file to a TFTP server at 18 38 124 16 Syntax copy tftp command file ip addr filename txt unix pc where ip addr The IP address of a TFTP server available to the switch filename...

Страница 518: ...n the file it bypasses the illegal command displays a notice as shown in figure A 10 and continues to implement the remaining ACL commands in the file Figure A 10 Example of Using the Copy Command to...

Страница 519: ...g ACL Refer to Creating an ACL Offline in the Access Control Lists ACLs chapter in the latest Access Security Guide for your switch Adds to an existing ACL Syntax copy usb command file filename txt un...

Страница 520: ...station You can use the CLI to copy the following types of switch data to a text file in a destination device Command Output Sends the output of a switch CLI command as a file on the destination devic...

Страница 521: ...and tftp ip address filepath filename copy command output cli command usb filename copy command output cli command xmodem These commands direct the displayed output of a CLI command to a remote host a...

Страница 522: ...mulator Syntax copy crash data slot id master tftp ip address filename copy crash data slot id master usb filename copy crash data slot id master xmodem where slot id a h and retrieves the crash log o...

Страница 523: ...module in the specified slot mm retrieves the crash data from both management modules and concatenates them Syntax copy crash log slot id master tftp ip address filepath and filename copy crash log sl...

Страница 524: ...ter and start the Xmodem command sequence in your terminal emulator Syntax copy crash log slot id mm tftp ip address filename Copies both the active and standby management modules crash logs to a user...

Страница 525: ...T 13 01 or greater The network management application ProCurve Manager Plus PCM PCM is required to create a valid AutoRun file and view the results after the file has been executed on the switch A non...

Страница 526: ...switch to apply any configuration updates 7 Optional Transfer the result file and report file to a PCM enabled computer for report checking See Troubleshooting Autorun Opera tions on page A 39 Securit...

Страница 527: ...for details The status files will not include any records of post commands that may have been executed after the USB flash drive was removed from the switch Color State Meaning Green Slow Blinking Swi...

Страница 528: ...tion to install a valid key pair for signing the result files that are generated during autorun operations The key pair can be generated on the switch using the crypto key generate autorun rsa command...

Страница 529: ...ertificate file and or the other key files the files must be in PEM format Autorun and Configuring Passwords When an operator or manager password is configured on a switch autorun will be disabled aut...

Страница 530: ...autorun command displays autorun configuration status information as shown in the following example ProCurve config show autorun Autorun configuration status Enabled Yes Secure mode Disabled Encryptio...

Страница 531: ...13 Web Access B 13 Viewing Port and Trunk Group Statistics and Flow Control Status B 14 Menu Access to Port and Trunk Statistics B 15 CLI Access To Port and Trunk Group Statistics B 16 Web Browser Ac...

Страница 532: ...eference to Local Mirroring Set Up B 40 Quick Reference to Remote Mirroring Set Up B 41 1 Determine the Mirroring Session Identity and Destination B 44 2 Configure the Remote Mirroring Session on Dest...

Страница 533: ...CL for Mirroring Criteria B 69 Remote Mirroring Destination Using a Port Interface and Directional Mirroring Criteria B 71 Maximum Supported Frame Size B 73 Enabling Jumbo Frames To Increase the Mirro...

Страница 534: ...vents Using the Event Log for Troubleshooting Switch Problems on page C 27 Alert Log Lists network occurrences detected by the switch in the Status Overview screen of the web browser interface page 5...

Страница 535: ...ription for each slot in which a module is installed B 11 Port Status Menu CLI Web Displays the operational status of each port B 13 Port and Trunk Statistics and Flow Control Status Menu CLI Web Summ...

Страница 536: ...nd Counters menu by select ing 1 Status and Counters Figure B 1 The Status and Counters Menu Each of the above menu items accesses the read only screens described on the following pages Refer to the o...

Страница 537: ...sole Main Menu select 1 Status and Counters 1 General System Information Figure B 2 Example of General Switch Information This screen dynamically indicates how individual switch resources are being us...

Страница 538: ...m information and operational parameters for the switch information Displays global system information and operational parameters for the switch power supply Shows chassis power supply and settings te...

Страница 539: ...ounters General System Information System Name ProCurve Switch 2900yl 24G System Contact System Location MAC Age Time sec 300 Time Zone 0 Daylight Time Rule None Software revision T 13 XX Base MAC Add...

Страница 540: ...both the statically configured VLANs and any dynamic VLANs existing on the switch as a result of GVRP operation Also the switches covered in this guide use a multiple forwarding database When using mu...

Страница 541: ...which slots have modules installed and which type s of modules are installed Menu Displaying Port Status From the Main Menu select 1 Status and Counters 3 Module Information Figure B 6 Example of Mod...

Страница 542: ...oCurve J9092A Management Module 8200zl 111111111111 Active 2 ProCurve J9092A Management Module 8200zl 222222222222 Standby 1 ProCurve J9093A F2 Fabric Module 8200zl 1234SSN Enabled 2 ProCurve J9093A F...

Страница 543: ...e port status data Menu Displaying Port Status From the Main Menu select 1 Status and Counters 4 Port Status Figure B 8 Example of Port Status on the Menu Interface CLI Access Syntax show interfaces b...

Страница 544: ...can also reset the counters to zero for the current session This is useful for troubleshooting Refer to the Note On Reset below N o t e o n R e s e t The Reset action resets the counter display to zer...

Страница 545: ...view details about the traffic on a particular port use the v key to highlight that port number then select Show Details For example selecting port A2 displays a screen similar to figure B 10 below F...

Страница 546: ...ters for a specific port click anywhere in the row for that port then click on Refresh Not e To reset the port counters to zero you must reboot the switch Syntax show interfaces This command provides...

Страница 547: ...per VLAN listing includes The MAC addresses that the switch has learned from network devices attached to the switch The port on which each MAC address was learned 1 From the Main Menu select 1 Status...

Страница 548: ...press S forSearch todisplaythefollowing prompt Enter MAC address _ 2 Type the MAC address you want to locate and press Enter The address and port number are highlighted if found If the switch does no...

Страница 549: ...for MAC addresses then press Enter to list the MAC addresses detected on that port Determining Whether a Specific Device Is Connected to the Selected Port Proceeding from step 2 above 1 Press S for S...

Страница 550: ...the learned MAC address on ports A1 through A4 and port A6 ProCurve show mac address a1 a4 a6 To List All Learned MAC Addresses on a VLAN with Their Port Numbers This command lists the MAC addresses a...

Страница 551: ...idge Figure B 14 Output from show spanning tree Command Syntax show spanning tree This command displays the switch s global and regional spanning tree status plus the per port spanning tree operation...

Страница 552: ...e of IGMP Group Data Show Command Output show ip igmp GlobalcommandlistingIGMPstatusforallVLANsconfigured in the switch VLAN ID VID and name Active group addresses per VLAN Number of report and query...

Страница 553: ...the above VLANs Listing the VLAN ID VID and Status for ALL VLANs in the Switch Figure B 16 Example of VLAN Listing for the Entire Switch Show Command Output show vlan Lists Maximum number of VLANs to...

Страница 554: ...c Ports Figure B 17 Example of VLAN Listing for Specific Ports Listing Individual VLAN Status Figure B 18 Example of Port Listing for an Individual VLAN Because ports A1 and A2 are not members of VLAN...

Страница 555: ...indicating the network utili zation on each of the switch ports symbolic port status indicators and the Alert Log which informs you of any problems that may have occurred on the switch For more infor...

Страница 556: ...4 byte IPv4 header to mirrored frames For more on these topics including the jumbo and non jumbo frame size limits refer to Maximum Supported Frame Size on page B 73 Intelligent Mirroring supports des...

Страница 557: ...ress used as mirroring criteria to select packets in inbound and or outbound traffic on specified inter faces Terminology Destination For a given local mirroring session on a switch this is the exit p...

Страница 558: ...tch A switch configured to mirroring inbound and or outbound traffic to a destination on the same local switch or to a destination on a remote switch This is the switch on which mirrored traffic origi...

Страница 559: ...roring traffic to that destination In the case of remote mirroring which uses IPv4 encapsulation if the intended exit switch is not already configured as the destination for that session its performan...

Страница 560: ...port or static trunk list mesh VLAN or MAC address A mirroring source and a mirroring destination comprise a given mirroring session For any session the destination must be a single exit port It cann...

Страница 561: ...l Monitor Traffic Direction CLI Config Menu and Web I F Config1 SNMP Config VLAN all traffic inbound only out bound only or both directions inbound and outbound combined inbound only out bound only or...

Страница 562: ...smustbeProCurveswitchesthatsupportthemirroringfunctions described in this chapter However because remote mirroring on your ProCurve switch uses IPv4 encapsulation of mirrored traffic to remote desti n...

Страница 563: ...ce Limits The Menu and Web interfaces can be used to quickly configure or reconfigure local mirroring on session 1 and allow one of the following two mirroring source options any combination of source...

Страница 564: ...ort Figure B 20 The Default Network Mirroring Configuration Screen 2 In the Actions menu press E for Edit 3 If mirroring is currently disabled for session 1 the default then enable it by pressing the...

Страница 565: ...bar to select the interfaces to mirror Ports Use for mirroring ports static trunks or the mesh VLAN Use for mirroring a VLAN 7 Do one of the following If you are mirroring ports static trunks or the m...

Страница 566: ...mirrored Use the down arrow key to move from one interface to the next in the Action column If the mesh or any trunks are configured they will appear at the end of the port listing 10 When you finish...

Страница 567: ...ip src udp port dst ip port B 44 Configuring a Local Destination on a Session Source Switch mirror 1 4 name name str port port B 46 Configuring a Remote Destination on a Session Source Switch mirror...

Страница 568: ...subnet IP address on the destination switch random UDP port number for the session 7933 65535 exit port on destination switch Must belong to the same VLAN as the port through which the remotely mirror...

Страница 569: ...umeric name exitport Thiscanbeanyportonthe switchexceptamirroringsource port 2 Use mirror 1 4 name name str port port to configure the session 3 Determine the traffic to be filtered by any of the foll...

Страница 570: ...B 54 The name str option applies only if the specified mirroring session has already been configured with the name name str option in the mirror command The no form of the command removes the port tr...

Страница 571: ...and destination are on different switches For each mirroring source switch option The mirror command identifies the destination for the mirroring session The interface and vlan commands identify the i...

Страница 572: ...or Trunk Mirroring on a Source Switch Directional Criteria Selects Traffic To Mirror Page B 50 Inbound ACL Criteria Selects Traffic To Mirror Page B 54 The name str option applies only if the specifie...

Страница 573: ...matically configures or removes mirroring for inbound and outbound traffic from the specified VLAN or port s to the destination configured for session 1 To Configure or Remove MAC based Mirroring on a...

Страница 574: ...numbers in the range of 1 to 65535 UDP port numbers below 7933 are reserved for various IP applications Using them for mirroring can result in disrupting other IP functions and can also result in non...

Страница 575: ...ndpoint support for the configured session on the remote destination switch Caution Mirroring endpoint support for a given session should not be removed if there are any remote source switches current...

Страница 576: ...rroring Session Identity and Destination on page B 44 port Exit port for mirrored traffic from the specified session This is the port to which a traffic analyzer or IDS should be connected Syntax mirr...

Страница 577: ...ction to configure the source switch for that same session port port Exit port for mirrored traffic from the specified session This is the port to which a traffic analyzer or IDS should be connected S...

Страница 578: ...are reserved for various IP applications Using them for mirroring can result in disrupting other IP functions and can also result in non mirrored traffic received on the destination switch being sent...

Страница 579: ...ic type inbound only MAC address source and or destination Mirroring Source Limits For a given mirroring session you can configure any one of the following mirroring source options multiple ports trun...

Страница 580: ...specifies the port trunk and or mesh source s to use the direction of traffic to mirror and the session identifier The no form of the command removes a mirroring source assigned to the session but doe...

Страница 581: ...ts on configuring mirroring sources to a given session refer to Mirroring Source Limits on page B 49 1 4 Assigns a numeric session identifier to associate with the traffic selected for mirroring by th...

Страница 582: ...removes a mirroring source assigned to the session but does not remove the session itself This enables you to repurpose a session by removing an unwanted mirroring source and adding another in its pl...

Страница 583: ...ket matching a deny statement including the explicit deny at the end of every ACL will not be mirrored Any log keywords in ACL deny statements are ignored by the mirroring function If both a mirrored...

Страница 584: ...o permit or deny the IP traffic Syntax no interface port trunk mesh monitoripaccess group acl name in mirror 1 4 name str 1 4 name str 1 4 name str 1 4 name str This command assigns a mirroring source...

Страница 585: ...he session must have been previously configured Refer to 3 Configure the Mirroring Session on the Source Switch on page B 46 Depending on how many sessions are already configured on the switch you can...

Страница 586: ...epurpose a a session by removing an unwanted mirroring source and adding another in its place vlan vid Configures the VLAN on which inbound traffic is filtered and mirrored by the specified ACL monito...

Страница 587: ...inued from Previous Page mirror 1 4 name str Assigns the traffic defined by the interface to a session by number or if configured by name The session must have been previously configured Refer to 3 Co...

Страница 588: ...ror 1 4 name str 1 4 name str 1 4 name str 1 4 name str Use this command to configure a source and or destination MAC address as criteria for selecting traffic in one or more mirroring sessions on the...

Страница 589: ...C address to a previously configured mirroring session The session is identified by a number or if configured a name Depending on how many sessions are configured on the switch you can use the same co...

Страница 590: ...a source MAC address and only once as a destination MAC address to filter mirrored traffic For example after you enter the following commands monitor mac 111111 222222 src mirror 1 monitor mac 111111...

Страница 591: ...gured Only the destination has been configured the mirroring source is not configured not defined Mirroring is not configured for this session Type Indicates whether the mirroring session is local por...

Страница 592: ...iven mirroring session identifies the exit port on the destination switch Syntax show monitor ProCurve show monitor Network Monitoring Sessions Status Type Sources ACL 1 active port 1 yes 2 active mac...

Страница 593: ...LAN or subnet on which the traffic source exists For a given mirroring session this value should be the same on the source and destination switches UDP port The unique UDP port number identifying a gi...

Страница 594: ...e should be the same on the source and destination switches UDP port The unique UDP port number identifying a given mirroring session For a given mirroring session this value should be the same on the...

Страница 595: ...selected interface indicates whether mirrored traffic is entering the switch in leaving the switch out or both Syntax show monitor 1 4 name name str ProCurve config mirror 2 name test 10 remote ip 10...

Страница 596: ...traffic on port B1 Send the mirrored traffic to exit port B3 For the above configuration show monitor 1 produces the following output Figure B 28 Example of Output for a Local Mirroring Session ProCur...

Страница 597: ...rroring Configuration ProCurve config show run Running configuration J8697A Configuration Editor Created on release K 12 XX max vlans 300 ip access list extended 100 10 permit icmp 0 0 0 0 255 255 255...

Страница 598: ...e configured In this case the command sequence is 1 Configure the local mirroring session 2 Assign a mirroring source to the session Figure B 31 Example of a Local Mirroring Topology Figure B 32 Examp...

Страница 599: ...nation interface on switch D Use a randomly selected UDP port number of 9300 For information on selecting UDP port numbers to use for remote mirroring refer to the syntax description on page B 45 You...

Страница 600: ...Please configure destination switch first Do you want to continue y n y Switch A config access list 100 permit tcp any host 10 10 30 153 eq telnet Switch A config vlan 10 monitor ip access group 100...

Страница 601: ...UDP port number will be needed Note that the port on which the mirrored traffic for this example enters switch D port A20 must be in the same VLAN as the configured exit port for Traffic Analyzer 2 wh...

Страница 602: ...Refer to the Note on page B 71 If you need information on selecting UDP port numbers to use for remote mirroring refer to the syntax description on page B 45 Figure B 38 Example of Configuring Remote...

Страница 603: ...r of dropped frames by enabling jumbo frames on all intermediate switches and routers The maximum transmission unit MTU on the switches covered by this manual is 9220 bytes for frames having an 802 1Q...

Страница 604: ...n untagged mirrored frames leaving the source switch cannot exceed 9216 bytes Frame Type Configuration Maximum Frame Size VLAN Tag FrameMirrored to Local Port Frame Mirrored to Remote Port Data Data I...

Страница 605: ...a mirrored port the mirrored copy retains the tagged or untagged state the original frame carried when it entered into or exited from the switch The tagged or untagged VLAN membership of ports in the...

Страница 606: ...plicate mirrored frames in configurations where the port connecting the switch to the network path for mirroring to a destination is also a port whose inbound or outbound traffic is being mirrored For...

Страница 607: ...IP address must be identical to their counterparts in the mirror endpoint command configured on the destination switch The configured exit port must not be a member of a trunk or mesh If the destinati...

Страница 608: ...off Locate a device by using the blue Locate LED on the front panel blink 1 1440 Blinks the chassis Locate LED for a selected number of minutes default is 30 minutes on 1 1440 Turns the chassis Locat...

Страница 609: ...1X Related Problems C 15 QoS Related Problems C 18 Radius Related Problems C 18 Spanning Tree Protocol MSTP and Fast Uplink Problems C 19 SSH Related Problems C 20 TACACS Related Problems C 22 TimeP S...

Страница 610: ...1 Logging Command C 52 Configuring a Syslog Server C 53 Configuring the Severity Level for Event Log Messages Sent to a Syslog Server C 56 Configuring the System Module Used to Select the Event Log Me...

Страница 611: ...itch Configuration and Operation Details C 73 CLI Administrative and Troubleshooting Commands C 75 Traceroute Command C 76 Restoring the Factory Default Configuration C 79 CLI Resetting to the Factory...

Страница 612: ...ts and other potential hardware related problems refer to the Installation Guide you received with the switch Not e ProCurve periodically places switch software updates on the ProCurve Networking web...

Страница 613: ...nce to the relevantIEEE802 3specification RefertotheInstallation Guideshipped with the switch for correct cable types and connector pin outs Use ProCurve Manager to help isolate problems and recommend...

Страница 614: ...the DHCP Bootp server configuration to verify correct IP addressing If you are using DHCP to acquire the IP address for the switch the IP address lease time may have expired so that the IP address ha...

Страница 615: ...ation screen of the menu interface 2 Switch Configuration 1 System Information The switch may not have the correct IP address subnet mask or gateway Verify by connecting a console to the switch s Cons...

Страница 616: ...y be due to redundant links between nodes If you are configuring a port trunk finish configuring the ports in the trunk before connecting the related cables Otherwise you may inad vertently create a n...

Страница 617: ...work Iftheswitchdoes not receive a reply to its DHCP Bootp requests it continues to periodically sendrequestpackets butwith decreasing frequency Thus ifa DHCP or Bootp server is not available or acces...

Страница 618: ...ies assigned ACLs only at the point where traffic enters or leaves the switch on a VLAN Ensure that you have correctly applied your ACLs in and or out to the appropriate VLAN s The switch does not all...

Страница 619: ...ch does not allow any routed access from a specific host group of hosts or subnet The implicit deny any function that the switch automatically applies as the last entry in any ACL may be blocking all...

Страница 620: ...t includes a gateway address can block traffic attempting to use the gateway as a next hop Remote Gateway Case For example configuring ACL 101 below and applying it outbound on VLAN 1 in Figure C 4 in...

Страница 621: ...the switch as a gateway for traffic you want routedbetweensubnets usethesegeneralstepstoavoidblockingthegateway for authorized applications 1 Configure gateway security first for routing with specific...

Страница 622: ...address is configured Using the Switch Console Interface From the Main Menu check the Management Address Information screen by clicking on 1 Status and Counters 2 Switch Management Address Information...

Страница 623: ...ify that the switch is using the correct encryption key RADIUS secret key for each server Verify that the switch has the correct IP address for each RADIUS server Ensure that the radius server timeout...

Страница 624: ...s listing shows multiple ports with the same authenticator MAC address The link to the authenticator may have been moved from one port to another without the supplicant statistics having been cleared...

Страница 625: ...as port security or any 802 1X configura tion on the RADIUS server are not blocking the link The authorized MAC address on a port that is configured for both 802 1X and port security either changes or...

Страница 626: ...IUS server Verify that the switch is using the correct encryption key for the desig nated server Verify that the switch has the correct IP address for the RADIUS server Ensure that the radius server t...

Страница 627: ...when there are physical loops redundant links in the topology Where this exists you should enable MSTP on all bridging devices in the topology in order for the loop to be detected STP Blocks a Link i...

Страница 628: ...nd has become the root device due to a failure in the original root device SSH Related Problems Switch access refused to a client Even though you have placed the client s public key in a text file and...

Страница 629: ...ges Download failed overlength key in key file Download failed too many keys in key file Download failed one or more keys is not a valid RSA public key The public key file you are trying to download h...

Страница 630: ...nfiguration to flash then pressing the Reset button or cycling the power reboots the switch with the boot up configuration Disconnect the switch from network access to any TACACS servers and then log...

Страница 631: ...ccount The time quota for the account has been exhausted The time credit for the account has expired The access attempt is outside of the time frame allowed for the account The allowed number of concu...

Страница 632: ...as the traffic from the monitored ports the traffic output from the monitor port is untagged If the monitor port is not a member of the same VLAN as the traffic from the monitored ports traffic from t...

Страница 633: ...other switch If the other device sends traffic over multiple VLANs its MAC address will consistently appear in multiple VLANs on the switch port to which it is linked Note that attempting to create re...

Страница 634: ...otects the switch from possible overheating ProCurve recommends that you replace a failed fan tray assembly within one minute of removing it Server 8212zl Switch Multiple Forwarding Database Switch wi...

Страница 635: ...witch is interrupted or if you enter the boot system command The contents of the Event Log are not erased if you Reboot the switch by choosing the Reboot Switch option from the menu interface Enter th...

Страница 636: ...curitythatallowsLANaccessonlyonportson which a single 802 1X capable client supplicant has entered valid RADIUS user credentials Access Security Guide acl Access Control Lists ACLs Filter layer 3 IP t...

Страница 637: ...Getting Started Guide cos Class of Service CoS Provides priority handling of packets traversingtheswitch basedontheIEEE802 1pprioritycarried by each packet CoS messages also include Quality of Service...

Страница 638: ...rol access to switch Advanced Traffic Management Guide igmp Internet Group Management Protocol Reduces unnecessary bandwidth usage for multicast traffic transmitted from multimedia applications on a p...

Страница 639: ...rotect Loop protection Detects the formation of loops when an unmanaged device on the network drops spanning tree packets andprovidesprotectionbytransmittingloopprotocol packets out ports on which loo...

Страница 640: ...rface VLAN boundaries Multicast and Routing Guide ports Port status and port configuration features including mode speed and duplex flow control broadcast limit jumbo packets and security settings Por...

Страница 641: ...16 of switches in thesameIPsubnet broadcastdomain resultinginareduced number of IP addresses and simplified management of small workgroups for scaling your network to handle increased bandwidth demand...

Страница 642: ...cation A port based VLAN creates a layer 2 broadcast domain comprised of member ports that bridge IPv4 traffic among themselves A protocol based VLAN creates a layer 3 broadcast domain for traffic of...

Страница 643: ...02 52 CONSOLE MANAGER MODE M 10 25 07 16 30 02 sys Operator cold reboot from CONSOLE session I 10 25 07 17 42 51 00061 system I 10 25 07 17 42 51 00063 system System went down 10 25 07 16 30 02 I 10 2...

Страница 644: ...ces the display by one page next page P Rolls back the display by one page previous page v Advances display by one event down one line Rolls back display by one event up one line E Advances to the end...

Страница 645: ...record how many times it detects duplicates of a particular event since the last system reboot When the first instance of a particular event or condition generates a message the switch initiates a log...

Страница 646: ...witch to support PIM operation but do not configure an IP address If PIM attempted to use VLAN 100 the switch would generate the first instance of the following Event Log message and counter Figure C...

Страница 647: ...s similar to the following Figure C 3 Example of Log Messages Generated by Unrelated Events of the Same Type W 10 01 06 09 00 33 PIM No IP address configured on VID 100 1 W 10 01 06 09 28 42 PIM No IP...

Страница 648: ...og once for each log throttle period for the event being described and the Duplicate Message Counter would increment as shown in table C 4 The same operation would apply for messages sent to any confi...

Страница 649: ...owing event types ACL deny matches Dynamic ARP protection events DHCP snooping events Events recorded in the switch s Event Log IP routing events LLDP events Use the logging command to select a subset...

Страница 650: ...options acl SendsACLSyslogloggingtoconfigureddebugdestinations Whenthereisamatch with a deny statement directs the resulting message to the configured debug destination s event Sends standard Event L...

Страница 651: ...eries 3400cl switches Series 2800 switches Series 2600 switches and the Switch 6108 software release H 07 30 or greater For the latest feature information on ProCurve switches visit the ProCurve Netwo...

Страница 652: ...configure in Step 3 to all IP addresses 2 To use a CLI session on a destination device for debug messaging a Set up a serial Telnet or SSH connection to access the switch s CLI b Enter the debug desti...

Страница 653: ...alue and save the settings to the startup configuration for example by entering the write memory command the debug settings are saved after a system reboot power cycle or reboot and re activated on th...

Страница 654: ...Logging Destination None Enabled debug types None are enabled ProCurve config logging 10 28 38 164 ProCurve config write memory ProCurve config show debug Debug Logging Destination Logging 10 28 38 1...

Страница 655: ...ent by entering the no debug event command There is no effect on the normal logging of messages in the switch s Event Log Example The next example shows how to configure Debug logging of ACL and IP OS...

Страница 656: ...64 164 Facility user Severity debug System module all pass Session Enabled debug types acl log ip ospf packet ConfigureaSyslogserverIPaddress No other Syslog servers are configuredontheswitch Theserv...

Страница 657: ...bug destinations Syntax no debug debug type acl When a match occurs on an ACL deny Access Control Entry with log configured the switch sends an ACL message to configured debug destinations For more in...

Страница 658: ...f adj event flood lsa generation packet retransmission spf For the configured debug destination s ospf adj event flood lsa generation packet retransmission spf Enables the specified IP OSPF message ty...

Страница 659: ...bug level For more informa tion refer to Operating Notes for Debug and Syslog on page C 58 session Enables transmission of event notification messages to the CLI session that most recently executed th...

Страница 660: ...hese debug and logging settings are automatically re activated after a switch reboot or power recycle The debug settings and destinations configured in your previous troubleshooting session will then...

Страница 661: ...cally enabled to be sent to the server To reconfigure this setting use the following commands Use debug command to specify additional debug message types see Debug Messages on page C 49 Use the loggin...

Страница 662: ...o removing all configured Syslog destinations with the no loggingcommand or a specified Syslog server destination with the no logging syslog ip address command does not delete the Syslog server IP add...

Страница 663: ...es kern Kernel messages mail Mail system daemon System daemons auth Security Authorization messages syslog Messages generated internally by Syslog lpr Line Printer subsystem news Netnews subsystem uuc...

Страница 664: ...er Messages of the selected and higher severity willbe sent To configure a Syslog server see Configuring a Syslog Server on page C 53 Syntax no logging severity major error l warning info debug Config...

Страница 665: ...dules to be sent If you re enter the command with a different system module name the currently configured value is replaced with the new one Syntax no logging system module system module Configures th...

Страница 666: ...pplication is configured to accept the debug severity level The default configuration for some Syslog applications ignores the debug severity level Debug Option Effect of a Reboot or Reset logging deb...

Страница 667: ...f the attached end node does not have an Auto mode setting then you must manually configure the switch port to the same setting as the end node port Refer to Chapter 10 Port Status and Configuration F...

Страница 668: ...tch and another device on the same or another IP network that can respond to IP packets ICMP Echo Requests To use the ping or traceroute command with host names or fully qualified domain names refer t...

Страница 669: ...s the network address of the target or destination device to which you want to test a connection with the switch An IP address is in the X X X X format where X is a decimal number between 0 and 255 A...

Страница 670: ...r Link Tests Ping Tests You can issue single or multiple ping tests with varying repeti tions and timeout periods The defaults and ranges are Repetitions 1 1 999 Timeout 5 seconds 1 256 seconds Syntax...

Страница 671: ...9 Timeout 5 seconds 1 256 seconds Syntax link mac address repetitions 1 999 timeout 1 256 vlan vlan id Figure C 15 Example of Link Tests Basic Link Test Link Test with Repetitions Link Test with Repet...

Страница 672: ...equence of labels in a domain name identifying a specific host host name and the domain in which it exists For example if a device with an IP address of 10 10 10 101 has a host name of device53 and re...

Страница 673: ...se the switch is configured with the domain suffix mygroup procurve net and the IP address for an accessible DNS server If an operator wants to use the switch to ping a target host in this domain by u...

Страница 674: ...group net Assuming this second domain is accessible to the DNS server already configured on the switch a traceroute command using the target s fully qualified DNS name should succeed Figure C 17 Examp...

Страница 675: ...name Syntax no ip dns server address priority 1 3 ip addr Configures the access priority and IP address of a DNS server accessible to the switch These settings specify the relative priority of the DN...

Страница 676: ...name of the desired target For an example refer to Figure C 16 on page C 65 In either of the following two instances you must manually provide the domain identification by using a fully qualified DNS...

Страница 677: ...68 Entity Identity DNS Server IP Address 10 28 229 10 Domain Name and Domain Suffix for Hosts in the Domain pubs outdoors com Host Name Assigned to 10 28 229 219 by the DNS Server docservr Fully Quali...

Страница 678: ...he switch configuration currently includes a non default non null DNS entry it will also appear in the show run command output Figure C 22 Example of Viewing the Current DNS Configuration ProCurve pin...

Страница 679: ...another address you must first use the no form of the command to remove the current address from the target priority The DNS server s and domain configured on the switch must be accessible to the swi...

Страница 680: ...oduce this result Unknown host host name The host name did not resolve to an IP address Some reasons for this occurring include The host name was not found The named domain was not found The domain su...

Страница 681: ...running configuration through the web browser interface 1 Click on the Diagnostics tab 2 Click on Configuration Report 3 Use the right side scroll bar to scroll through the configuration listing Listi...

Страница 682: ...o a file and then use either Microsoft Word or Notepad to display the data In this case Microsoft Word provides the data in an easier to read format To Copy show tech output to a Text File This exampl...

Страница 683: ...erminal screen 5 To access the file open it in Microsoft Word Notepad or a similar text editor CLI Administrative and Troubleshooting Commands These commands provide information or perform actions tha...

Страница 684: ...n the route plus the time in microseconds for the traceroute packet reply to the switch for each hop To halt an ongoing traceroute search press the Ctrl C keys minttl 1 255 For the current instance of...

Страница 685: ...he IP addresses for all hops it detects up to the maxttl limit For any instance of traceroute if you want a maxttl value other than the default you must specify that value Default 30 timeout 1 120 For...

Страница 686: ...for all probes beyond the last detected hop For example with a maximum hop count of 7 maxttl 7 where the route becomes blocked or otherwise fails the output appears similar to this Figure C 27 Example...

Страница 687: ...uration to a TFTP server before resetting the switch to its factory default configuration You can also save your configuration via Xmodem to a directly connected PC CLI Resetting to the Factory Defaul...

Страница 688: ...the following A terminal emulator program with Xmodem capability such as the Hyper Terminal program included in Windows PC software A copy of a good OS image file for the switch Not e The following p...

Страница 689: ...k on OK In the next window click on OK again vi Select Call Connect vii Press Enter one or more times to display the prompt 5 Start the Console Download utility by typing do at the prompt and pressing...

Страница 690: ...em Download in Progress 8 When the download completes the switch reboots from primary flash using the OS image you downloaded in the preceding steps plus the most recent startup config file 3500 5400...

Страница 691: ...termining MAC Addresses D 3 Menu Viewing the Switch s MAC Addresses D 4 CLI Viewing the Port and VLAN MAC Addresses D 5 Viewing the MAC Addresses of Connected Devices D 7 3500 5400 6200 8200 MCG Jan08...

Страница 692: ...address For internal switch operations One MAC address per port Refer to CLI Viewing the Port and VLAN MAC Addresses on page D 5 MAC addresses are assigned at the factory The switch automatically impl...

Страница 693: ...h Not e The switch s base MAC address is used for the default VLAN VID 1 that is always available on the switch This is true for dynamic VLANs as well the base MAC address is the same across all VLANs...

Страница 694: ...screen On the switches covered in this guide the VID VLAN identification number for the default VLAN is always 1 and cannot be changed To View the MAC Address and IP Address assignments for VLANs Con...

Страница 695: ...itch ProCurve walkmib ifPhysAddress The above command is not case sensitive For example a ProCurve 8212zl switch with the following module configura tion shows MAC address assignments similar to those...

Страница 696: ...ifPhysAddress 65 00 12 79 88 b1 bf ifPhysAddress 66 00 12 79 88 b1 be ifPhysAddress 67 00 12 79 88 b1 bd ifPhysAddress 68 00 12 79 88 b1 bc ifPhysAddress 69 00 12 79 88 b1 bb ifPhysAddress 70 00 12 79...

Страница 697: ...cted port list Lists the MAC addresses of the devices the switch has detected on the specified port s mac addr Lists the port on which the switch detects the specified MAC address Returns the followin...

Страница 698: ...D 8 MAC Address Management Viewing the MAC Addresses of Connected Devices 3500 5400 6200 8200 MCG Jan08 K_13_01 book Page 8 Monday January 28 2008 10 04 AM...

Страница 699: ...iewing Information on Resource Usage E 2 Policy Enforcement Engine E 2 Displaying Current Resource Usage E 3 When Insufficient Resources Are Available E 5 3500 5400 6200 8200 MCG Jan08 K_13_01 book Pa...

Страница 700: ...igure Resource usage in the Policy Enforce ment engine is based on how these features are configured on the switch Resource usage by dynamic port ACLs and virus throttling is determined as follows Dyn...

Страница 701: ...erved for less important features Not e A 1 1 mapping of internal rules to configured policies in the switch does not necessarily exist As a result displaying current resource usage is the most reliab...

Страница 702: ...t Mirror endpoints DHCP Protection Resource usage includes resources actually in use or reserved for future use by the listed feature Internal dedicated purpose resources such as port bandwidth limits...

Страница 703: ...current resources are fully subscribed Currently engaged resources must be released before any of the following actions are supported Configuration of new entries for QoS ACLs virus throttling ICMP r...

Страница 704: ...E 6 Monitoring Resources When Insufficient Resources Are Available 3500 5400 6200 8200 MCG Jan08 K_13_01 book Page 6 Monday January 28 2008 10 04 AM...

Страница 705: ...Southern Hemisphere Western Europe The pre defined settings follow these rules Alaska Begin DST at 2am on the second Sunday in March End DST at 2am on the first Sunday in November Canada and Continen...

Страница 706: ...ay on or after March 23rd End DST at 2am the first Sunday on or after October 23rd A sixth option named User defined allows you to customize the DST config uration by entering the beginning month and...

Страница 707: ...changes at 2am on that day If the configured day is not a Sunday the time changes at 2am on the first Sunday after the configured day This is true for both the Beginning day and the Ending day With t...

Страница 708: ...F 4 Daylight Savings Time on ProCurve Switches 3500 5400 6200 8200 MCG Jan08 K_13_01 book Page 4 Monday January 28 2008 10 04 AM...

Страница 709: ...ss 512 IP addresses per system 2048 IP 2048 IPv6 IP addresses per VLAN 32 static routes 256 supported routes 10 000 including ARP IPv4 host hardware table 72K 8K internal 64K external IPv4 BMP hardwar...

Страница 710: ...G 2 Scalability IP Address VLAN and Routing Maximum Values 3500 5400 6200 8200 MCG Jan08 K_13_01 book Page 2 Monday January 28 2008 10 04 AM...

Страница 711: ...the entries 5 20 allocation class 11 20 allocation value 11 20 ARP arp age default 8 7 maximums G 1 ARP protection SNMP notification 14 17 14 26 asterisk meaning in show config 6 30 meaning in tracer...

Страница 712: ...14 15 viewing and configuring with the menu 14 13 config files SCP SFTP transfer 6 40 configuration Bootp 8 13 comparing startup to running 6 6 console 7 3 copying A 24 factory default 6 9 8 2 impacts...

Страница 713: ...arting a session 3 4 statistics clear counters 3 12 status and counters access 3 7 status and counters menu B 6 troubleshooting access problems C 6 context level global config 4 5 8 10 manager level 4...

Страница 714: ...xv printed in box publications xxv release notes xxv Domain Name Server See DNS download software 15 17 A 20 software using TFTP A 4 switch to switch A 20 TFTP A 5 troubleshooting A 6 Xmodem A 15 See...

Страница 715: ...ion 13 22 described 13 19 displaying current configuration 13 25 impacts of QoS queue configuration 13 21 operation 13 19 outbound queue priority 13 20 starving queues 13 21 H Help for CLI 1 7 4 11 fo...

Страница 716: ...8 20 rules operating 8 20 summary of effect 8 23 IP routing debug messages C 42 IPX broadcast traffic 10 4 10 14 network number B 10 J jumbo frames configuration 13 29 excessive inbound 13 35 flow co...

Страница 717: ...es 14 37 general operation 14 40 global counters 14 75 holdtime multiplier 14 49 hub packet forwarding 14 40 IEEE P802 1AB D9 14 43 inconsistent value 14 50 information options 14 42 invalid frames 14...

Страница 718: ...fits 8 15 configuration 8 16 default 8 15 8 18 displaying configuration 8 18 in OSPF area 8 16 multiple interfaces supported 8 15 lost password 5 10 M MAC address 8 13 B 7 D 2 displaying detected devi...

Страница 719: ...it port host connection B 28 exit port local mirroring B 28 B 39 exit port oversubscribe B 31 exit port remote mirroring B 28 B 42 exit port VLAN rule B 27 B 28 B 30 B 38 B 44 B 77 exit switch B 28 fr...

Страница 720: ...odule CLI command 10 24 configuring when not inserted 10 24 pre configuring 10 24 monitoring links between ports 10 25 status and counters screens B 5 monitoring traffic See mirroring MPS defined 11 4...

Страница 721: ...11 26 PD defined 11 4 port identifiers 11 22 port number priority 11 11 port number priority defined 11 4 power supplies 11 3 power provisioning 11 5 prioritizing power 11 10 priority class 11 4 11 1...

Страница 722: ...P operation 12 7 traffic distribution 12 7 Trk1 12 7 trunk non protocol option 12 6 trunk option described 12 26 types 12 6 UDLD configuration 10 26 VLAN 12 8 VLAN operation 12 7 web browser access 12...

Страница 723: ...ot command 15 29 boot history 15 42 causes of switchover 15 13 disabling 15 6 15 21 downloading software 15 17 enabling 15 6 event log messages 15 46 hotswapping module 15 15 how active module determi...

Страница 724: ...during factory default reset C 80 serial number B 7 setmib 11 22 setmib delay interval 14 49 setmib reinit delay 14 51 setup screen 1 8 severity level event log C 27 selecting Event Log messages for d...

Страница 725: ...9 4 disabling 9 12 enabling and disabling 9 10 event log messages 9 26 manual config priority 8 12 menu interface operation 9 26 operating modes 9 2 poll interval See TimeP priority 9 14 selecting 9...

Страница 726: ...57 System Name parameter 7 11 T TACACS SSH exclusion A 14 Telnet connecting to switch 3 4 enable disable 7 4 outbound 7 6 terminate session kill command 7 9 troubleshooting access C 7 temperature show...

Страница 727: ...C 59 DNS See DNS fast uplink C 19 ping and link tests C 60 resource usage E 2 restoring factory default configuration C 79 spanning tree C 19 SSH C 20 switch software download A 6 switch won t reboot...

Страница 728: ...8 5 10 users SNMPv3 See SNMPv3 utilization port 5 17 10 9 V version OS A 21 version switch software A 6 A 16 view duplex 10 7 port speed 10 7 transceiver status 10 9 virtual interface See loopback in...

Страница 729: ...lost 5 10 password setting 5 9 port status 5 19 port utilization 5 17 port utilization and status displays 5 17 screen elements 5 16 security 5 2 5 8 standalone 5 4 status bar 5 22 status indicators...

Страница 730: ...20 Index 3500 5400 6200 8200 MCG Jan08 K_13_01 book Page 20 Monday January 28 2008 10 04 AM...

Страница 731: ......

Страница 732: ...Copyright 2005 2008 Hewlett Packard Development Company L P January 2008 Manual Part Number 5992 3059...

Отзывы:

Нет отзывов

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды