Go to page of
Similar user manuals
-
Switch
HP (Hewlett-Packard) 2520
544 pages 7.93 mb -
Switch
HP (Hewlett-Packard) ST-C5USBVA-300
21 pages 0.41 mb -
Switch
HP (Hewlett-Packard) 8200zl
195 pages 0.84 mb -
Switch
HP (Hewlett-Packard) 2512
6 pages 0.1 mb -
Switch
HP (Hewlett-Packard) P4459A
72 pages 1.08 mb -
Switch
HP (Hewlett-Packard) 9304M
710 pages 24.06 mb -
Switch
HP (Hewlett-Packard) ESA10000
40 pages 0.19 mb -
Switch
HP (Hewlett-Packard) U.11. (2510-48)
294 pages 1.87 mb
A good user manual
The rules should oblige the seller to give the purchaser an operating instrucion of HP (Hewlett-Packard) 6600, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.
What is an instruction?
The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of HP (Hewlett-Packard) 6600 one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.
Unfortunately, only a few customers devote their time to read an instruction of HP (Hewlett-Packard) 6600. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.
What should a perfect user manual contain?
First and foremost, an user manual of HP (Hewlett-Packard) 6600 should contain:
- informations concerning technical data of HP (Hewlett-Packard) 6600
- name of the manufacturer and a year of construction of the HP (Hewlett-Packard) 6600 item
- rules of operation, control and maintenance of the HP (Hewlett-Packard) 6600 item
- safety signs and mark certificates which confirm compatibility with appropriate standards
Why don't we read the manuals?
Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of HP (Hewlett-Packard) 6600 alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of HP (Hewlett-Packard) 6600, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the HP (Hewlett-Packard) service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of HP (Hewlett-Packard) 6600.
Why one should read the manuals?
It is mostly in the manuals where we will find the details concerning construction and possibility of the HP (Hewlett-Packard) 6600 item, and its use of respective accessory, as well as information concerning all the functions and facilities.
After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.
Table of contents for the manual
-
Page 1
HP Pr oC ur v e S wit ch So ft w ar e Management and Conf igur ation Guide 350 0 swi tc he s 3 500yl s wit ches 5400z l s witches 6 200y l sw itch es 66 00 s w itc hes 8 2 00zl sw itches Sof t ware ve rsio n K. 1 4.3 4 Septemb er 2009[...]
-
Page 2
[...]
-
Page 3
HP ProCurve 3500 Switches 3500yl Switches 5400zl Switches 6200yl Switch 6600 Switches 8200zl Switches September 2009 K.14.34 Management and Configuration Guide[...]
-
Page 4
© Copyright 2005–2009 Hewlett-P ackard Development Company, L.P . The infor mation contained herein is subjec t to change with- out notice. All Ri ghts Reserved. This document contains proprie tary information, which is protected by copyright. No pa rt of this document may be photocopied, reproduced, or translated into another language without t[...]
-
Page 5
Contents Product Documentation About Your Switch Manual Set . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxv Printed Publications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxv Electronic Publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxv Software Feature Ind[...]
-
Page 6
2 Selecting a M anagement Interface Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1 Advantages of Using ProCurve Manager Custom Login Banners for the Cons ole and Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .[...]
-
Page 7
4 Using the Command Line Interface (CLI) Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2 Accessing the CLI . . . . . . . . . . . . . . . . . . . . . . . . . .[...]
-
Page 8
6 Entering a User Name and Password . . . . . . . . . . . . . . . . . . . . . . 5-11 Using a User Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-11 If You Lose the Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-11 Online Help for the Web Browser Interface . . . . . . . . . . . . . . . [...]
-
Page 9
Rebooting the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-19 Viewing the Startup-Co nfig File Status with Multiple Using the Clear + Reset Butt on Combinati on To Reset the Xmodem: Copying a Configur ation File to a Serially Xmodem: Copying a Config uration from a Serially Operating Notes about Booting . .[...]
-
Page 10
7 Interface Access and System Information Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2 Interface Access: Console/Serial Link, Web, and Inbound Telnet . 7-3[...]
-
Page 11
Configuring a Single Source IP Address . . . . . . . . . . . . . . . . . . . . . . . 8-25 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-25 Specifying the S ource IP Addre ss . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-25 The Source IP Selection Policy . . . . . . . . .[...]
-
Page 12
10 Viewing the Current TimeP Co nfiguration . . . . . . . . . . . . . . . . . . 9-29 Configuring (Enablin g or Disabling) the TimeP Mode . . . . . . . . 9-30 SNTP Unicast Time Pollin g with Multiple SNTP Se rvers . . . . . . . . 9-35 Displaying All SNTP Server Addresses Configured on the Switch . . 9-35 Adding and Deleting SN TP Server Addresse s .[...]
-
Page 13
Transceivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-31 Modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-31 Clearing the Modul e Configurati on . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-31 Operating Notes . . . . . . . . . . . . . . .[...]
-
Page 14
12 Displaying the Switch’s Global PoE Power Status . . . . . . . . . . . . . 11-19 Displaying PoE Status on All Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-21 Displaying the PoE Status on Specific Port s . . . . . . . . . . . . . . . . . . . 11-23 Planning and Impleme n ti ng a PoE Configuration . . . . . . . . . . . . . . 11-2[...]
-
Page 15
Forwarding Traffic with Dis t ribu ted Trunking and Spanning Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-32 Forwarding Broadcast, Multicast, and Forwarding Broadcast, Mult icast, and Unknown Traffic Forwarding Unicast Traffic Upstream . . . . . . . . . . . . . . . . . . . . 12-32 Unknown Traffic U[...]
-
Page 16
14 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-22 GMB Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-22 Impacts of QoS Queue Configuratio n on GMB Operat ion . . . . 13- 24 Configuring Guaranteed Minimum Bandwidt h for Outbound Traffic[...]
-
Page 17
Menu: Viewing and Co nfiguring no n-SNMP version 3 Communities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-13 CLI: Viewing an d Configuring SNMP Communi ty Names . . . . 14-15 SNMP Notifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-17 Supported Notifications . [...]
-
Page 18
15 Configuring Support f or Port Speed and Duplex Advertisements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-56 LLDP-MED (Media-Endp oint-Discovery) . . . . . . . . . . . . . . . . . . . . . 14-57 LLDP-MED To pology Ch ange Notification . . . . . . . . . . . . . . . . . 14-60 LLDP-MED Fast Start Control . . . [...]
-
Page 19
When the Standby Mod ule is not Availabl e . . . . . . . . . . . . . . . . 15-16 Software V ersion Mismatch Between Active Potential Softwa re Version Mismatches Hotswapping In a Management Module . . . . . . . . . . . . . . . . . . . . . . . 15-16 and Hotswapped Module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-16 Dow[...]
-
Page 20
Active (Actv) LED Behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-40 Standby Led Behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-40 Logging Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-41 Log File . . . . . . . . . . . . . . . . [...]
-
Page 21
Using USB to Downl oad Switch Software . . . . . . . . . . . . . . . . . A-23 Switch-to-Switch Download . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-24 Menu: Switch-t o-Switch Download to Primary F lash . . . . . . . . A-25 CLI: Switch-To-Switc h Downloads . . . . . . . . . . . . . . . . . . . . . . . A-26 Xmodem: Copying a Sof[...]
-
Page 22
Using USB Autorun . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-47 How It Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-47 Security Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-48 Troubleshooting Autorun Operations . . . .[...]
-
Page 23
CLI Access for MAC Address Views and S earches . . . . . . . . . . B-22 Spanning Tree Protocol (MSTP) Inf ormati on . . . . . . . . . . . . . . . . . . B-23 CLI Access to MSTP Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-23 Internet Group Management Prot ocol (IGM P) Status . . . . . . . . . . . B-24 VLAN Information . . . .[...]
-
Page 24
Selecting Inbound Traffic Using an ACL (D eprecated) . . . . . . . . . . B-62 Selecting Inbound Traffic Using Advanced Viewing the Mirroring Config urations in the Running Effect of Downstream VL AN Tagging on Untagged, Selecting Inbo und/Outbound Traff i c Using a M AC Address . . . . . B-63 Classifier-Based Mirroring . . . . . . . . . . . . . . .[...]
-
Page 25
IGMP-Related Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-14 LACP-Related Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-14 Mesh-Related Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-15 Port-Based Access Control (802.1X)-Relate d Problems [...]
-
Page 26
Adding a Priority Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-58 Configuring the Severit y Level for Event Log Configuring the System Module Used to Select the Event Log Messages Sent to a Syslog Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-59 Messages Sent to a Syslog Server . . . . . . . . . . .[...]
-
Page 27
Event Log Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-95 Locator LED (Locating a Switch) . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-96 D MAC Address Management Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . D-1 Overview . [...]
-
Page 28
Show Savepower Comman ds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . I-6 J Network Out-of-Band Manag ement (OOBM) for the 6600 Switch Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . J-1 Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [...]
-
Page 29
Product Documentation About Y our Switch Manual Set Note For the latest version of all ProCur ve switch documentation, including Release Notes covering re cently added features, please visit the ProCurve Networking W eb site at www .procurve.com/ma nuals . Printed Publications The two public ations listed below are p rinted and shipped with yo ur s[...]
-
Page 30
Software Feature Index For the software manual set supporting your 3500/350 0yl/5400zl/6200yl/6600/ 8200zl switch model, this feature inde x indicates which manual to consu lt for information on a gi ven software feature. Note This Index does not cover IPv6 capable software features. Fo r information on IPv6 protocol operations and features (such a[...]
-
Page 31
Intelligent Edge Software Features Manual Management and Configuration Advanced T raffic Management Multicast and Routing Access Security Guide 802.1X Multiple Authent icated Clients Per Port Access Control Lists (ACLs) X X AAA Authentication Authorized IP Managers Authorized Manager List (Web, T elnet, TFTP) Auto MDIX Configuration X X X X BOOTP C[...]
-
Page 32
Intelligent Edge Software Features Manual Management and Configuration Advanced T raffic Management Multicast and Routing Access Security Guide Factory Default Settings Flow Control (802.3x) File Management File T ransfers X X X X Friendly Port Names Guaranteed Minimum Bandwidth (GMB) GVRP Identity-Driven Management (IDM) X X X X IGMP Interface Acc[...]
-
Page 33
Intelligent Edge Software Features Manual Management and Configuration Advanced T raffic Management Multicast and Routing Access Security Guide Multiple Configuration Files Network Management Applications (SNMP) X X Out-of-Band Management (OOBM) OpenView Device Management Passwords and Password Clear Protection ProCurve Manager (PCM) X X X X Ping P[...]
-
Page 34
Intelligent Edge Software Features Manual Management and Configuration Advanced T raffic Management Multicast and Routing Access Security Guide sFlow SFTP SNMPv3 Software Downloads (SCP/SFTP , TFPT , Xmodem) X X X X Source-Port Filters Spanning T ree (STP , RSTP , MSTP) SSHv2 (Secure Shell) Encryption SSL (Secure Socket Layer) X X X X Stacking (350[...]
-
Page 35
Intelligent Edge Software Features Manual Management and Configuration Advanced T raffic Management Multicast and Routing Access Security Guide W eb-based Authentication W eb UI X X xxxi[...]
-
Page 36
xxxii[...]
-
Page 37
1 Getting Started Contents Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Command Syntax Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [...]
-
Page 38
Getting Started Introduction Introduction This guide is intended for use with the fo llowing ProCurve switches: ■ 8200zl switches ■ 6600 switches ■ 5400zl switches ■ 3500, 3500yl and 6200yl switches It describes how to use the co mmand lin e interface (CLI), Menu interface, and web browser to conf igure, manage, monitor , and troubleshoot s[...]
-
Page 39
Getting Started Conventions Syntax: aaa port-access authe nticator < port-list > Command Prompts In the default co nfiguration, your switch displays a C LI prompt similar to the following example: ProCurve 8212zl# T o sim plify recognition, this guide uses ProCurve to repre sent command prompts for all sw itch models. For example: ProCurve# ([...]
-
Page 40
Getting Started Sources for More Information Sources for More Information For information about switch operation and features no t covered in this guide, consult the fo llowing sources: ■ Feature Index—For information on wh ich manual to consult for a given software feature, ref er to the “Softw are Feature Ind ex” on page xi v. Note For th[...]
-
Page 41
Getting Started Sources for More Information • file transfers, switch monitoring, t roubleshooting, and MAC address management ■ Advanced T raffic Management Guide —Use this guide for inform ation on topics such as: • VLANs: Static port-b ased and protocol VLANs, and dynamic GVRP VLANs • spanning-T ree: 802 .1D (STP), 802. 1w (RSTP), and [...]
-
Page 42
Getting Started Sources for More Information Getting Documentation From the W eb T o obtain the latest versions of documentation and release notes for your switch, go to the ProCurve Ne tworking manuals web page at www .hp.c om/go/ procurve/manuals. Online Help Menu Interface If you need informatio n on specific parame ters in the menu in terface, [...]
-
Page 43
Getting Started Sources for More Information Command Line Interface If you need information on a specific command i n the CLI, type t he command name fo llowed by help . For example: Figure 1-3. Example of CLI Help W eb Browser Interface If you need information on specific features in the HP ProCurve W eb Browser Interface (hereafter referred to as[...]
-
Page 44
1 Getting Started Need Only a Quick Start? Need Only a Quick Start? IP Addressing If you just want to give th e switch an IP address so that it can communicate on your network, or if you are not us in g VLANs, ProCur ve recommends that you use the Switch Setup sc reen to quickly configure IP addressing. T o do so, do one of the following: ■ Enter[...]
-
Page 45
2 Selecting a Management Interface Contents Selecting a Management Interface Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2 Advantages of Using ProCurve Manager Custom Login Banners for the Cons ole and Understanding Management I nterfaces . . . . . . . . . . . . . . .[...]
-
Page 46
Selecting a Management Interface Overview Overview This chapter describes the foll owing: ■ Management interfaces for the sw itches covered in this guide ■ Advantages of using each interface Understanding Management Interfaces Management interfaces enable you to re configure the switch and to monitor switch status and performance. The sw itch o[...]
-
Page 47
Selecting a Management Interface Advantages of Using the Menu Interface T o use ProCurve Manager or ProCurve Manage r Plus, refer to the Getting Started Guide and th e Administrator’ s Guide , which are available electron- ically with the software for these appl ications. For more informati on, visit the ProCurve Networking web s ite at www .proc[...]
-
Page 48
Selecting a Management Interface Advantages of Using the CLI ■ Enables T elnet (i n-band) access to the menu functionalit y . ■ Allows faster navi gation , avoiding delays that occur with slower display of graphical objects over a web browser interface. ■ Provides more security ; configuratio n information and passwords are not seen on the ne[...]
-
Page 49
Selecting a Management Interface Advantages of Using t he Web Browser Interface ■ T o perform specific procedur es (such as confi guring IP addressin g or VLANs), use the Contents listing at th e front of the m anual to locate the informat ion you need . ■ For monitoring and analyzing switch operation , refer to Appendix B. ■ For information [...]
-
Page 50
Selecting a Management Interface Advantages of Using t he Web Browser Interface ■ More visual cues , using colors, status bars , device icons, and other graphical objects instead of relyin g solely on alphanumeric values ■ Display of accep table ranges of values av ailable in configur ation list boxes 2-6[...]
-
Page 51
Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus Advantages of Using ProCurve Manager or ProCurve Manager Plus Y ou can operate ProCurve Manager and ProCurve Manager Plus (PCM and PCM+) from a PC on t he network to mo nitor traffic, manage your hubs and switches, and proactively recommend ne twork chang[...]
-
Page 52
Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus PCM and PCM+ enable greater control, uptime, and performance in your network: ■ Features and benefits of ProCur ve Manager: • Network Status Summary: Upon boo t-up, a network status screen displays high-level information on ne twork devices, end nodes[...]
-
Page 53
Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus • Device Software Updates: This feature automaticall y obtains new device software images from ProC urve and updates devices, al lowing users to do wnload the latest vers ion or choose the desired version. Updates can be scheduled easily across large gr[...]
-
Page 54
Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus clears the banner windo w and prompts the u ser for a passwor d (if configured) . Following entry of the correct userna me /password information (or if no username/p assword is req uired), th e swit ch then displays either the Registra- tion page or the s[...]
-
Page 55
Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus Example of Configuring and Displaying a Banner Suppose a system operator wan ted to configure the following banner message on her comp any’ s switches: This is a private system maintained by the Allied Widget Corporation. Unauthorized use of this system[...]
-
Page 56
Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus Shows the current bann er configur ation. Figure 2-7. The Current Banner Appears in the Switch’ s Ru nning-Config File The next time someone logs onto t he switch’ s management CLI, the follow ing appears: The login scre en displays the configured ba [...]
-
Page 57
Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus If someone uses a W eb browser to log in to the switch interface, the following message appears: Figure 2-9. Example of Web Browser Interface Result of th e Login Banner Configuration Operating Notes ■ The default banner appears only when the switch is [...]
-
Page 58
Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus 2-14[...]
-
Page 59
3 Using the Menu Interface Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2 Starting and Ending a Me nu Session . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3 How To Start a Menu Interface Session . . . . . . . . . . . . . . . . . . . . . . . . . 3-4 How To En[...]
-
Page 60
Using the Menu Interface Overview Overview This chapter describes the follow ing features: ■ Overview of the Menu Interfa ce (page 3-2) ■ Starting and ending a Menu session (page 3-3) ■ The Main Menu (page 3-7) ■ Screen structure and naviga tion (page 3-9) ■ Rebooting the switch (page 3-12) The menu interface operates thro ugh the switch [...]
-
Page 61
Using the Menu Interface Starting and Ending a Menu Session Note If the switch has neither a Manag er nor an Operator password, anyone having access to the console interface can ope rate the console with full manager privileges. Also, if you co nfigure only an Operator password, entering the Operator password en ables full manager privileges. For m[...]
-
Page 62
Using the Menu Interface Starting and Ending a Menu Session How T o Start a Menu Interface Session In its factory default configuration, th e switch console starts with the CLI prompt. T o use the menu interface with Manager privileges, go to the Manager level prompt and ent er the menu command. 1. Use one of these methods to connect to the switch:[...]
-
Page 63
Using the Menu Interface Starting and Ending a Menu Session Figure 3-1. Example of the Main Menu with Mana ger Privileges For a description of Main Menu fe atures, see “Main Menu Feat ures” on page 3-7. Note T o configure the switc h to start with th e menu interface inst ead of the CLI, go to the Manager lev el prompt in the CLI, enter the set[...]
-
Page 64
Using the Menu Interface Starting and Ending a Menu Session Asterisk indicates a configuration change that requires a reboot to activate. Figure 3-2. Example Indicatio n of a Configuration Change Requiring a Reboot 1. In the current session, if you have not made conf iguration changes that require a switch reboot to activate, return to t he Main Me[...]
-
Page 65
Using the Menu Interface Main Menu Features Main Menu Features Figure 3-3. The Main Menu View with Manager Privileges The Main Menu gives you access to these Menu interface features: ■ Status and Counters: Provides access to di splay screens showing switch informat ion, port status and counters, and port and VLA N address tables. (Refer to Append[...]
-
Page 66
Using the Menu Interface Main Menu Features ■ Command Line (CLI): Selects the Command Line Interface at the same level (Manager or Operator) that you are accessing in the Menu interface . (Refer to Chapter 4, “Using th e Command Line Interface (CLI)”.) ■ Reboot Switch: Performs a “warm” reboot of the switch, which clears most temporary [...]
-
Page 67
Using the Menu Interface Screen Structure and Navigation Screen Structure and Navigation Menu interface screens incl ude these three e lements: ■ Parameter fields and/or read -onl y information such as statisti cs ■ Navigati on and configur ation actions, such as Save, Edi t, and Cancel ■ Help line to describe navigati on options, in dividual[...]
-
Page 68
Using the Menu Interface Screen Structure and Navigation T able 3-1. How T o Navig ate in the Menu Interface T ask: Actions: Execute an action from the “Actions –>” list at the bottom of the screen: Use either of the following methods: • Use the arrow keys ( [<] , or [>] ) to highlight th e action you want to execute, then press [E[...]
-
Page 69
Using the Menu Interface Screen Structure and Navigation T o get Help on i ndividual parameter de scriptions. In most screens there is a Help option in the Actions line. Whenever any of the items in the Actions line is highlig hted, press [H] , and a sep arate help screen is displayed. For example: Pressing [H] or highlighting H elp and pressing [E[...]
-
Page 70
Using the Menu Interface Rebooting the Switch Rebooting the Switch Rebooting the switch fr om the menu interface ■ T erminates all current sessions and performs a reset of the operating system ■ Activates any menu interface configuration changes that req uire a reboot ■ Resets statistical counters to zero (Note that statistical counters can b[...]
-
Page 71
Using the Menu Interface Rebooting the Switch Rebooting T o Activate Configuration Changes. Configuration changes for most parameters in th e menu interface become ef fective as soon as you save them. However , you must reboot the switch in orde r to implement a change in the Maximum VLANs to support parameter . (T o access this parameter , go to t[...]
-
Page 72
Using the Menu Interface Menu Features List Menu Features List Status and Counters • General System Information • Switch Management Add ress Information • Port Status • Port Counters • Address T able • Port Address T able Switch Configurat ion • System Info rmation • Port/T runk Se ttings • Network M onitoring Port • IP Configur[...]
-
Page 73
Using the Menu Interface Where To Go From Here Where T o Go From Here This chapter provides a n overview of the menu interface a nd how to use it. The followi ng table indicates where t o turn for det ailed informatio n on how to use the individual features av ailable through the menu interface. Option: Tu r n t o : T o use the Run Setup option Ref[...]
-
Page 74
Using the Menu Interface Where To Go From Here 3-16[...]
-
Page 75
4 Using the Command Line Interface (CLI) Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2 Accessing the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2 Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . .[...]
-
Page 76
Using the Command Line Interface (CLI) Overview Overview The CLI is a text-based command interf ace for configuring an d monitoring the switch. The CLI gives you access to the switch’ s full set of commands while providing the same password protection that is used in t he web browser interface and the menu interface. Accessing the CLI Like the me[...]
-
Page 77
Using the Command Line Interface (CLI) Using the CLI When you use the CLI to make a config uration change, the switch writes the change to the Run ning-Config file in volati le memory . This allo ws you to test your configurat ion changes before ma ki ng them permanent. T o make changes permanent, you must use t he write memory command to save them[...]
-
Page 78
Using the Command Line Interface (CLI) Using the CLI Caution ProCurve strongly recom mends that you confi gure a Manager passwo rd. If a Manager password is not configured, th en the Manager level is not passw ord- protected, and anyone having in-ban d or out-of-band access to the switch may be able to reach the Manag er level and compromise switch[...]
-
Page 79
Using the Command Line Interface (CLI) Using the CLI Manager Privileges Manager privileges give you three additi onal levels of acce ss: Manager , Global Configuration, and Cont ext Configuration. A “ # ” character delimits any Man- ager prompt. For example: ProCurve #_ Example of the Manager prompt. ■ Manager level : Provides all Operat or l[...]
-
Page 80
Using the Command Line Interface (CLI) Using the CLI T able 4-1. Privilege Level Hierarch y Privilege Level Example of Prompt and Permitted Operations Operator Privilege Operator Level ProCurve> show < command > setup ping < argument > link-test < argument > enable menu logout exit View status and con figuration information. Pe[...]
-
Page 81
Using the Command Line Interface (CLI) Using the CLI How T o Move Between Levels Change in Levels Example of Prompt, Command, and Result Operator level to Manager level Manager level to Global configuration level Global configuration level to a Context configuration level Context configuration level to another Context configuration level Move from [...]
-
Page 82
Using the Command Line Interface (CLI) Using the CLI For example, if you use the menu interf ace to configure an IP address of “ X ” for VLAN 1 and later use the CLI to co nfigure a different IP address of “ Y ” for VLAN 1, then “ Y ” replaces “ X ” as the IP address for VLAN 1 in the runni ng- config file. If you subsequently exe c[...]
-
Page 83
Using the Command Line Interface (CLI) Using the CLI T y ping ? at the Manager level produces this listing: When - - MORE - - appears, use the Spa ce bar or [Return] to list additional co mmands. Figure 4-4.Example of the Manager-Level Command Listing When - - MORE - - appears, there are more comma nds in the listing. T o list the next screenfull o[...]
-
Page 84
Using the Command Line Interface (CLI) Using the CLI As mentioned above, if you type part of a command word and press [T ab] , the CLI completes the current wo rd (if you have typed enou gh of the word for the CLI to distingui sh it from other possibilities), including hyphen ated exten- sions. For ex ample: ProCurve (config)# port- [T ab] ProCurve[...]
-
Page 85
Using the Command Line Interface (CLI) Using the CLI Displaying CLI “Help” CLI Help provides two types of context-sensitive info rmation: ■ Command list with a brief summary of each command’ s purpose ■ Detailed informati on on how to use individual command s Displaying Command-List Help. Syntax: help Displays a listing of comm and Help s[...]
-
Page 86
Using the Command Line Interface (CLI) Using the CLI Figure 4-7.Example of How T o Display Help for a Specific Command Note that trying to list the help for an individual command from a privilege level that does no t includ e that command results in an error message. For example, trying to li st the help for the interface command while at the globa[...]
-
Page 87
Using the Command Line Interface (CLI) Using the CLI Configuration Comma nds and the Context Configuration Modes Y ou can execute any configuration comma nd in the global configuration mode or in selected context modes. However , using a c ontext mode enables you to execute context-specific commands fast er , with shorter command strings. The switc[...]
-
Page 88
Using the Command Line Interface (CLI) Using the CLI In the port context, the first block of commands in the “?” listing show the context-specif ic commands that will affect only ports C3-C6. The remaining commands in the listing are Manager , Operator , and context commands. Figure 4-8. Co ntext-Specific Commands Affec ting Port Context 4-14[...]
-
Page 89
Using the Command Line Interface (CLI) Using the CLI VLAN Context . Includes VLAN-specific command s that apply only to the selected VL AN, plus Manager an d Operator commands. The promp t for this mode includes the VLAN ID of the sel ected VLAN. For example, if you had already configur ed a VLAN with an ID of 100 in the switch: ProCurve(config)# v[...]
-
Page 90
Using the Command Line Interface (CLI) CLI Control and Editing CLI Control and Editing Executing a Prior Command—Redo The redo command executes a prior command i n the history list . Syntax: re do [number | command-str] Re-executes a command from history. Executes the last command by default. number : The position of the command to execute in the[...]
-
Page 91
Using the Command Line Interface (CLI) CLI Control and Editing Syntax: re peat [cmdlist] [count] [delay] Repeats execution of a previo us command. Repeats the last command by default until a key is pressed. cmdlist: If a number or range of numbers is specified, the command repeats the n th most recent commands (where “n” is the position in the [...]
-
Page 92
Using the Command Line Interface (CLI) CLI Control and Editing Using a Command Alias Y ou can create a simple comma nd alias to use in place of a command name and its options. Choose an alias n ame that is not an existing CLI command already . Existing CLI commands are se arched before looking for an alias command; an alias that is identical to an [...]
-
Page 93
Using the Command Line Interface (CLI) CLI Control and Editing ProCurve(config)# show int cust om 1-4 port name:4 type vlan intrusion sp eed enabled mdi Status and Counters - Custom P ort Status Intrusion Port Name Type VLAN Aler t Speed Enabled MDI-mode ---- ---------- ---------- -- --- --------- ------- ------- -------- 1 Acco 100/1000T 1 No 1000[...]
-
Page 94
Using the Command Line Interface (CLI) CLI Control and Editing ProCurve(config)# show alias Name Command -------------------- ------------ ------------------ sc show config sic show int custom 1-4 port name:4 type vlan intrusion speed enabled mdi Figure 4-13. Example of Alias Comm ands and Their Configurations CLI Shortcut Keystrokes Keystrokes Fun[...]
-
Page 95
5 Using the ProCurve W eb Browser Interface Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2 Starting a Web Browser Using ProCurve Manager (PCM) or Security: Creating Usernames and Passwords General Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .[...]
-
Page 96
Using the ProCurve Web Browser Interface Contents Status Indicators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-22 Setting Faul t Detection Po licy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-23 5-2[...]
-
Page 97
Using the ProCurve Web Browser Interface Overview Overview The ProCurve web browser interface buil t into the switch lets you easily access the switch f rom a browser -based PC on your network. This lets you do the followin g: ■ Optimize your network upt ime by using the Alert Lo g and other diagnost ic tools ■ Make config uration ch anges to t[...]
-
Page 98
Using the ProCurve Web Browser Interface General Features General Features The web browser interface includes these features: Switch Identity and Status: • General system da ta • Software version • Redundant Management Modul e software versio n • IP address • Status Overview • Port utilizat ion • Port counters • P o r t s t a t u s [...]
-
Page 99
Using the ProCurve Web Browser Interface Starting a Web Browser Interface Session with the Switch Starting a W eb Browser Interface Session with the Switch Y ou can star t a web browser session in the following ways: ■ Using a standalone web b rowser on a network con n ection from a PC or UNIX workstation: • Directly connected to your network ?[...]
-
Page 100
Using the ProCurve Web Browser Interface Starting a Web Browser Interface Session with the Switch Using ProCurve Ma nager (PCM) or ProCurve Manager Plus (PCM+) ProCurve Manager and ProCurve Manager Pl us are designed for i nstallation on a network management w orkstation. For this reason, the system require- ments are different from the system requ[...]
-
Page 101
Using the ProCurve Web Browser Interface Starting a Web Browser Interface Session with the Switch First time install alert Figure 5-1. Exa mple of Status Overview Screen 5-7[...]
-
Page 102
Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session T asks for Y our First ProCurve W eb Browser Interface Session The first time you a ccess the web browse r interface, there ar e three tasks you should perform: ■ Review the “First Time Install” window ■ Set Manager and Op erator passwords ?[...]
-
Page 103
Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session This window is the la unching point fo r the basic configur ation you need to perform to set web browser interf ace pa sswords for maintain ing security and a fault detection policy , which determin es the types of messages that the Alert Log displa[...]
-
Page 104
Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session Figure 5-3.The Device Passwords Windo w T o set the passwords: 1. Acc ess the Device Passwords screen by on e of the following methods: • If the Alert Log includes a “First T ime Install” event entry , double click on this event, then, in the [...]
-
Page 105
Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session Entering a User Name and Password Figure 5-4. Exa mple of the Password Prompt in the Web Browser Interface The manager and operator passw ords are us ed to control access to all switch interfaces. Once set, y ou will be prompt ed to supply the passw[...]
-
Page 106
Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session The Clear button is provided for your convenience, but its presence means that if you are concerned with the security of the switch configuration and operation, you should make sure the swit ch is installed in a secure location, such as a locked wir[...]
-
Page 107
Using the ProCurve Web Browser Interface Support/Mgmt URLs Feature Support/Mgmt URLs Feature The Support/Mgmt URLs window en ables you to change th e W orld W ide W eb Universal Resource Locat or (URL) for two functions: ■ Support URL – A support information site for your switch ■ Management S erver URL – The web sit e for web browser onlin[...]
-
Page 108
Using the ProCurve Web Browser Interface Support/Mgmt URLs Feature Support URL This is the site the switch accesses when you click on the Support tab on the web browser interf ace. The default URL is: www .procurve.com which is the W orld Wide W eb site for ProCurve network ing products. Click on technical su pport on that page to get supp or t in [...]
-
Page 109
Using the ProCurve Web Browser Interface Support/Mgmt URLs Feature In the defaul t configuration, the switch uses the URL for accessing the web browser interface h elp files on the ProCurve W orld Wide W eb site. Figure 5-7. How T o Access Web Browser Interface Online Help Using the PCM Server for Switch W eb Help For ProCurve devices that support [...]
-
Page 110
Using the ProCurve Web Browser Interface Support/Mgmt URLs Feature 3. Add an entry , or edit the existing entry in the Di scovery portion of the global properties (globalpro ps.prp) in PCM to redire ct the switches to the help files on the PCM server . For example: Global { T empDi r=data/temp ... Discovery{ ... ... DeviceHelpUrlRedirect=htt p:// 1[...]
-
Page 111
Using the ProCurve Web Browser Interface Status Reporting Features Status Reporting Features Browser elemen ts covered in this section includ e: ■ The Overv iew window (below) ■ Port utilization and status (page 5-18) ■ The Alert log (page 5-21) ■ The Status bar (page 5-23 ) The Overview W indow The Overvi ew W indow is the home screen for [...]
-
Page 112
Using the ProCurve Web Browser Interface Status Reporting Features Policy Management and Configuration. PCM can perform network-w ide policy management and conf igurat ion of your switch . The Mana gement Server URL field (page 5-14) shows the URL fo r the management station performing that function. For more info rmation, re fer to the documentat [...]
-
Page 113
Using the ProCurve Web Browser Interface Status Reporting Features ■ % Error Pkts Rx : All er ror packets received by the port. (This indic ator is a reddish color on many system s.) Although err ors re ceived on a port are not propagated to the rest of the network, a consistently high number of errors on a specific port ma y indicate a problem o[...]
-
Page 114
Using the ProCurve Web Browser Interface Status Reporting Features Figure 5-11. Display of Nume rical Values for the Bar Port Status Port Status Indicators Legend Figure 5-12. The Port Sta tus Indicators and Legend The Port Status in dicators show a symbol for each port that i ndicates the general status of the port. Th ere are four possible status[...]
-
Page 115
Using the ProCurve Web Browser Interface Status Reporting Features The Alert Log The web browser interface Al ert Log, sh own in th e lower half of the sc reen, shows a list of network occurrences, or alerts , that were detected by the switch. T ypical alerts are Broadcast Storm , indicating an excessive number of broadcasts received on a port, and[...]
-
Page 116
Using the ProCurve Web Browser Interface Status Reporting Features Alert T ypes and Detailed Views As of June, 2007, the web browser in terface generates th e following alert types: • Auto Partition • High co llision or drop rate • Bac kup T ransition • Loss of Link • Excessive broadcasts • Mis-Configured SQE • Excessive CRC/alignment[...]
-
Page 117
Using the ProCurve Web Browser Interface Status Reporting Features Figure 5-14. Example of Alert Log Detail View Status Indicators The status indicators use ic ons to show the severity of alerts in the current display of the Alert Log. This indicator can be one of four shapes and colors, as shown below . T able 5-1. Sta tus Indicator Key Color Swit[...]
-
Page 118
Using the ProCurve Web Browser Interface Status Reporting Features Setting Fault Detection Policy One of the powerful features in the web browser interface is the Fault Detection facility . For your switch, this feature controls the types of alerts reported to the Alert Log based on their level of severity . Set this policy in the Fault De tection [...]
-
Page 119
Using the ProCurve Web Browser Interface Status Reporting Features T o pro vide the most information on network prob lems in the Alert Log, the recommended sensitivity level for Log Network Problems is High Sensitivity . The Fault Detec tion settings are: ■ High Sensitivity . This policy direct s the sw itch to send all alerts to the Alert Log. T[...]
-
Page 120
Using the ProCurve Web Browser Interface Status Reporting Features 5-26[...]
-
Page 121
6 Switch Memory and Configuration Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-3 Using the Menu and Web Browse r Interfaces To Implement Viewing the Startup-Co nfig File Status with Multiple Configuration File Management . . . . . . . . . . . . . . . . . . . . . . . . [...]
-
Page 122
Switch Memory and Configuration Contents Changing or Overriding t h e Reboo t Configuration Policy . . . . . . . . . 6-31 Using the Clear + Reset Butt on Combinati on To Reset the Xmodem: Copying a Configur ation File to a Serially Xmodem: Copying a Config uration from a Serially Managing Startup-Confi g Files in the Switch . . . . . . . . . . . . [...]
-
Page 123
Switch Memory and Configuration Overview Overview This chapter describes: ■ How switch memory manages configur ation cha nges ■ How the CLI impl ements config uration changes ■ How the menu interface and web br owse r interface im plement configu- ration changes ■ How the swit ch provides softwar e options through prim ary/secondary flash i[...]
-
Page 124
Switch Memory and Configuration Configuration File Management ■ Startup-config File: Exists in flash (non-volatile) memory and is used to preserve the most recently-save d configuration as the “permanent” configuration. Booting the swit ch repla ces the current runnin g-config file with a new run- ning-config file that is an e xact copy of th[...]
-
Page 125
Switch Memory and Configuration Configuration File Management The above command disables port 5 in th e running-config fi le, but not in the startup-co nfig file. Port 5 remains disabled onl y until the switch reboots. If you want port 5 to rem ain disabl ed through the next reboot, use write memory to save the current running-config file to the st[...]
-
Page 126
Switch Memory and Configuration Using the CLI To Implement Configuration Changes Using the CLI T o Implement Configuration Changes The CLI offers these capabili ties: ■ Access to the fu ll set of switch co nfiguration fe atures ■ The option of testing configuration changes before making them perma- nent How T o Use the CLI T o V iew the Current[...]
-
Page 127
Switch Memory and Configuration Using the CLI To Implement Configuration Changes 3. Observe the switc h’ s performance wi th the new parameter settings to verify the effect of your changes. 4. When you are satisfied that you have the correct parameter settings, use the write memory command to copy the changes to the startup-config file. Syntax: w[...]
-
Page 128
Switch Memory and Configuration Using the CLI To Implement Configuration Changes How T o Cancel Changes Y ou Have Made to the R unning-Config File. If you use th e CLI to change param eter settings in the runn ing-config file, and then decide that you d on’t want those changes to remain, you can use either of the follow ing meth ods to remove the[...]
-
Page 129
Switch Memory and Configuration Using the CLI To Implement Configuration Changes Note If you us e the CLI t o make a ch ange to the running- config fi le, you should either use the write memory command or select th e save option allowed d uring a reboot (figure 6-6-2, above) to save th e change to the startup-config file. That is, if yo u use the C[...]
-
Page 130
Switch Memory and Configuration Using the Menu a nd Web Browser Inte rfaces To Implement Configuration Changes Using the Menu and W eb Browser Interfaces T o Implement Configuration Changes The menu and web browser inte rfaces offer these advantages: ■ Quick, easy menu or w indow access to a sub set of switch configurati on features ■ Viewing s[...]
-
Page 131
Switch Memory and Configuration Using the Menu and Web Browser Interfaces To Imple m en t Configuration Changes T o save and implement the changes for all parameters in this screen, press the [Enter] key, then press [S] (for S ave ). T o cancel all changes, press the [Enter] key, then press [C] (for C ancel ) Figure 6-4. Example of Pending Configur[...]
-
Page 132
Switch Memory and Configuration Using the Menu a nd Web Browser Inte rfaces To Implement Configuration Changes Optional Reboot Switch Command Figure 6-5. The Reboot Switch Option in th e Main Menu Rebooting T o Activate Configuration Changes. Configuration changes for most parameters become effective as soon as you save them. However , you must reb[...]
-
Page 133
Switch Memory and Configuration Using the Menu and Web Browser Interfaces To Imple m en t Configuration Changes Reminder to reboot the swi tch to act ivate configuration changes. Asterisk indicates a config uration change that requires a re boot in order to take effect. Figure 6-6. Indication of a Configuratio n Change Requiring a Reboot W eb: Impl[...]
-
Page 134
Switch Memory and Configuration Using Primary and Secondary Flash Image Options Using Primary and Secondary Flash Image Options T he sw it ch e s covered in this guide f eature two flash memory locations for storing switch software im age files: ■ Primary Flash: The defaul t storage for a switch software image. ■ Secondary Flash: The additional[...]
-
Page 135
----- ---------- - ------- ------- ------- Switch Memory and Configuration Using Primary and Secondary Flash Image Options For example, if the switch is using a software version of K.12.XX stored in Primary flash, show version produces th e following: ProCurve(config)# show version Image stamp: /su/code/build/info(s01) Dec 01 2006 10:50:26 K.12.XX [...]
-
Page 136
Switch Memory and Configuration Using Primary and Secondary Flash Image Options Figure 6-9. Determining the Software V ersion in Primary and Second ary Flash 1. In this example show version indicates the switch has version K.12.02 in primary flash . 2. After the boot system command, show version indicates that version K.12.01 is in secondary flash.[...]
-
Page 137
Switch Memory and Configuration Using Primary and Secondary Flash Image Options Local Switch Software Replacement and Removal This section describes co mmands for erasing a soft ware v ersion and copying an existing software version betw een primary and secondary flash. Note It is not necessary to erase the conten t of a fla sh location before down[...]
-
Page 138
Switch Memory and Configuration Using Primary and Secondary Flash Image Options For example, to copy the image in secondary flash to primary flash: 1. V erify that there is a valid flash im a ge in the secondary flash location. The following figure indicates that a software image is pre sent in secondary flash. (If you are un sure whether the im ag[...]
-
Page 139
Switch Memory and Configuration Using Primary and Secondary Flash Image Options The prompt shows which flash location will be erased . Figure 6-11. Example of Erase Flash Prompt 3. T ype y at the prompt to co mplete the flash erase. 4. Use sho w flash to verify erasure of the se lected software flash image The “ 0 ” here shows tha t primary fla[...]
-
Page 140
Switch Memory and Configuration Using Primary and Secondary Flash Image Options tures. For example, supp ose you have just downloaded a software upgrade that includes new features that are not supported in the soft ware you used to create the current startup-config file. In this case, the software simply assigns factory-default values to the parame[...]
-
Page 141
Switch Memory and Configuration Using Primary and Secondary Flash Image Options T able 6-2. Comparing the Boot and Rel oad Commands Actions Included In Boot? Included In Reload Note Save all Optional, Optional with reload Config changes saved to configuration changes since the last boot or reload with prompt <cr>, when prompt displays. Not sa[...]
-
Page 142
Switch Memory and Configuration Using Primary and Secondary Flash Image Options Booting from the Default Flash (Primary or Secondary) The boot command boots the switch from the flash image that you are currently boot ed on, or the fl ash image that was set eithe r by the boot set- default command or b y the last execu ted boot system flash <prim[...]
-
Page 143
----- ---------- -------- ------- ------- Switch Memory and Configuration Using Primary and Secondary Flash Image Options ProCurve(config)# show flash Image Size(Bytes) Date Version Build # Primary Image : 7497114 03/29/07 K.12.XX 57 Secondary Image : 7497114 03/29/07 K.12.XX 57 Boot Rom Version: K.12.03 Default Boot : Primary The next boot is from[...]
-
Page 144
Switch Memory and Configuration Using Primary and Secondary Flash Image Options Using the Fastboot feature. The fastboot comman d allows a boot sequence that skips the internal power -on self-tests, resu lting in a faster boot time. When using redundant management a n d fastboot is enabled, it is saved to the standby management mo dule when the con[...]
-
Page 145
Switch Memory and Configuration Using Primary and Secondary Flash Image Options Scheduled Reload. Beginning with software release K.11.34, additi onal parameters have been added to the reload command to allow for a scheduled reboot of the switch via the CLI. Syntax: [no] reload [after <[dd:]hh:]mm> | at <hh :mm[:ss]> [<mm/dd[/[yy]yy][...]
-
Page 146
Switch Memory and Configuration Multiple Configuration Files ProCurve(config)# reload after 04:14:00 Reload scheduled in 4 days , 14 hours, 0 minutes This command will cause a swit chover at the scheduled time to the other management module which may not be running the same software image and configurations. Do y ou want to continue [y/n]? Figure 6[...]
-
Page 147
Switch Memory and Configuration Multiple Configuration Files While you can sti ll use remote stor age for startup-confi g files, you can no w maintain multip le startup-config fil es on the switch and choose whi ch version to use for a reboot policy or an individual reboot. This choice of which conf iguration file to u se for the startup-config at [...]
-
Page 148
Switch Memory and Configuration Multiple Configuration Files Changing the Startu p-Co nfig File. When the switch reboots, the startup- config file supplies the co nfiguration for th e running-config f ile the switch uses to operate. Making changes to the running-config file and then executing a write-mem command (or , in the Menu interface, the S a[...]
-
Page 149
Switch Memory and Configuration Multiple Configuration Files ■ Erase the active startup-config file. Th is generates a new , default startup- config file that a lways results when the switch automa tically reboots after deletion of the currently active startu p-config file. (Refer to “Erasing a Startup-Config File” on page 6-35.) T ransitioni[...]
-
Page 150
Switch Memory and Configuration Multiple Configuration Files Listing and Displaying Startup-Config Files Command Page show config files Below show config < filename > 6 - 3 1 V iewing the Startup-Config File Status with Multiple Configuration Enabled Rebooting th e switch automatically enables the multip le configuration fea - ture. Syntax: s[...]
-
Page 151
Switch Memory and Configuration Multiple Configuration Files Displaying the Content of A Specific Startup-Config File W it h Multiple Configuration ena bled, th e switch can have up to three startup- config files. Because the sh ow config command always displays the content of the currently active startup-config fi le, the command exten sion shown [...]
-
Page 152
Switch Memory and Configuration Multiple Configuration Files Syntax: startup-defau lt [ primary | secondary ] config < filename > Specifies a boot configur ation policy option: [ primary | secondary ] confi g < filename >: Designates the startup-config file to use in a reboot with the software version stored in a specific fl ash locatio[...]
-
Page 153
Switch Memory and Configuration Multiple Configuration Files ProCurve(config)# startup-default pri config minconfig ProCurve(config) # startup-default sec config newconfig. Overriding the Default Re boot Configuration Policy . This co mmand provides a method for manually r ebootin g with a specific startup-config file other than the f ile specified[...]
-
Page 154
Switch Memory and Configuration Multiple Configuration Files Renaming an Existing Startup-Config File Syntax: rename con fig < current-filename > < newname-str > This command changes the name of an existing startup- config file. A file name can include up to 63, alphanumeric characters. Blanks are allowed in a file name enclosed in quot[...]
-
Page 155
Switch Memory and Configuration Multiple Configuration Files For example, suppose bo th primary and secondary flash memo ry contain software release “A” and use a star tup-config file n amed config1 : Figure 6-22. Example of Using One Startup-Config File for Both Primary and Secondary Flash If you wanted t o experiment with co nfiguration chang[...]
-
Page 156
Switch Memory and Configuration Multiple Configuration Files In a redundant management system, this command erases the config or startup config file on both the active and th e standby mana gement modules as long as redundancy has no t been disabled. If the standby management module is not in standb y mode or has failed selftest, the config o r sta[...]
-
Page 157
Switch Memory and Configuration Multiple Configuration Files Figure 6-24 illustrates using erase config < filename > to remove a startup-config file. Figure 6-24. Example of Erasing a Non-Active Startup-Config File W ith the same memory configuration as is sh own in the bottom portion of figure 6-24, executing erase startup-config boots the s[...]
-
Page 158
Switch Memory and Configuration Multiple Configuration Files Pressing Clear + Reset: – R epl aces all startup- config files with a sin g le file named config1 that cont ains the default configuration for the softwar e version in primary flash. – R es ets the Active, Primary , and Secondary assignments as sh own here. Figure 6-25. Example of Cle[...]
-
Page 159
Switch Memory and Configuration Multiple Configuration Files For example, the following command co pies a startup-config f ile named test- 01 from the switch to a (UNIX) TFTP server at IP address 10. 1 0.28.14: ProCurve(config)# copy config test-01 tftp 10.10.28.14 test-01.txt unix TFTP: Copying a Configuration File from a Remote Host Syntax: copy [...]
-
Page 160
Switch Memory and Configuration Multiple Configuration Files Xmodem: Copying a Configuration File to a Serially Connected Host Syntax: copy config < filename > xm odem < pc | unix > This is an addition to the copy < config > xmodem command options. Use this command to upload a configuration file from the switch to an Xmodem host. [...]
-
Page 161
Switch Memory and Configuration Automatic Configuration Update with DHCP Option 66 Automatic Configuration Update with DHCP Option 66 ProCurve switches are initially booted up with the factory-shipped co nfigura- tion file. This feature pr ovides a way to automatically download a different configuration file from a TFTP server us ing DHCP Option 66[...]
-
Page 162
Switch Memory and Configuration Automatic Configuration Update with DHCP Option 66 Possible Scenarios for Upda ting the Configuration File The followin g table shows various network configurations and how Option 66 is handled. Scenario Behavior Single Server serving Multiple VLANs • Each DHCP -enabled VLAN interface initiates DHCPDISCOVER message[...]
-
Page 163
Switch Memory and Configuration Automatic Configuration Update with DHCP Option 66 Global DHCP Parameters : Global parameters are processed only if received on the primary VLAN. Best Offer : The “Best Offer” is the best DHCP or BootP off er sent by the DHCP server in response to the DHCPREQUEST sent by the switch. The criteria for selecting the[...]
-
Page 164
Switch Memory and Configuration Automatic Configuration Update with DHCP Option 66 6-44[...]
-
Page 165
7 Interface Access and System Information Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2 Interface Access: Console/Serial Link, Web, and Inbound Telnet . 7-3 Menu: Modifying the Interface Access . . . . . . . . . . . . . . . . . . . . . . . . . . 7-4 CLI: Modifyin g th[...]
-
Page 166
Interface Access and System Information Overview Overview This chapter describes how to: ■ View and modify the configuration for switc h interface access ■ Use the CLI kill command to terminat e a remote session ■ View an d modify switch system information For help on how to actual ly use the interfaces built into the switch, ref er to: ■ C[...]
-
Page 167
Interface Access and System Information Interface Access: Cons ole/Serial Link, W eb, and Inbound Telnet Interface Access: Console/Serial Link, W eb, and Inbound T elnet Interface Access Features Feature Default Menu CLI We b Inactivity T ime 0 Minutes (disabled) page 7-4 page 7-9 — Inbound T elnet Access Enabled page 7-4 page 7-5 — Outbound T [...]
-
Page 168
Interface Access and System Information Interface Access: Console/Serial Link, Web, and Inbound Telnet Menu: Modifying the Interface Access The menu interface enables you to modify these parameters: ■ Inactivity T imeout ■ Inbound T elnet Enabled ■ W eb Agent Enabled T o Access the Interface Access Parameters: 1. From the Main Menu, Select...[...]
-
Page 169
Interface Access and System Information Interface Access: Cons ole/Serial Link, W eb, and Inbound Telnet CLI: Modifying the Interface Access Interface Access Commands Use d in This Section show console below [no] telnet-server below [no] web-management page 7-8 console page 7-9 Listing the Current Console/Serial Li nk Configuration. This com- mand [...]
-
Page 170
Interface Access and System Information Interface Access: Console/Serial Link, Web, and Inbound Telnet Syntax: [no] telnet-server [listen <oobm | data | both>] Enables or disables inbound T elnet access on a switch. Use the no version of the command to disable inbound T elnet access. The li sten parameter is availabl e only on switches that h[...]
-
Page 171
Interface Access and System Information Interface Access: Cons ole/Serial Link, W eb, and Inbound Telnet Syntax: telnet <ipv4-addr | ipv6-addr | hostname | switc h-num> [oobm] Initiates an outbound telnet session to another network device. The destination can be specified as: • IPv4 address • IPv6 address • H o s t n a m e • Stack num[...]
-
Page 172
------------------------------ ------------------------- ------------------------------ ------------------------- Interface Access and System Information Interface Access: Console/Serial Link, Web, and Inbound Telnet ProCurve(config)# show telnet Telnet Activity ----------------------------- --------------------------- Session : ** 1 Privilege: Man[...]
-
Page 173
Interface Access and System Information Interface Access: Cons ole/Serial Link, W eb, and Inbound Telnet T o di sable web browser access: ProCurve(config)# no web-management T o re-enable w eb browser access: ProCurve(config)# web-management Reconfigure the Console/Seri al Link Settings. Y ou can reconfigure one or more console parameters with one [...]
-
Page 174
Interface Access and System Information Interface Access: Console/Serial Link, Web, and Inbound Telnet The switch implements the Event Log change immediately . The switch implements the other console changes afte r executing write memory and reload . Figure 7-4. Example of Execu ting the Console Command with Multiple Parameters Note When using redu[...]
-
Page 175
Session 2 is an active T elnet sessi on. Interface Access and System Information Denying Interface Access by Termi nating Remote Management Sessions Denying Interface Access by T erminating Remote Management Sessions The switch supports up to five ma nagement sessions. Y ou can use show ip ssh to list the current management sessions, and kill to te[...]
-
Page 176
Interface Access and System Information System Information System Information System Information Feat ures Feature Default Menu CLI Web System Name switch product name page 7-13 page 7-15 page 7-18 System Contact n/a page 7-13 page 7-15 page 7-18 System Location n/a page 7-13 page 7-15 page 7-18 MAC Age T ime 300 seconds page 7-13 page 7-17 — T i[...]
-
Page 177
Interface Access and System Information System Information Ti m e Z o n e : The number of minutes your time z o n e l o c a t i o n i s t o t h e We s t ( + ) or East (-) of Co ordinated Universal T ime (formerly GMT). Th e default 0 means no time zone is configured. For example, the time zone for Berlin, Germany is + 60 (minutes) and the time zone[...]
-
Page 178
Interface Access and System Information System Information 2. Press [E] (for E dit). The cursor moves to the System Name field. 3. Refer to the online help provided with th is screen for further information on configurat ion options for these feat ures. 4. When you have finished making ch anges to the above parameters, press [Enter] , then press [S[...]
-
Page 179
Interface Access and System Information System Information Configure a System Na me, Contact, and Location for the Switch. To help distinguish one switch from another , configur e a plain-language identity for the switch. Syntax: hostnam e < name-string > snmp-server [contact < system-contact >] [locat ion < system-location >] Eac[...]
-
Page 180
Interface Access and System Information System Information MENU ProCurve Switch 5406zl 24-Oct-2006 12:41:47 ===========================- TELNET - MANAG ER MODE =========================== Switch Configuration - System Information System Name : Blue Switch System Contact : Bill_Smith System Location : + character s of the location are missing. It’[...]
-
Page 181
Interface Access and System Information System Information Figure 7-11. System Location and System Con tact in the W eb Brow ser Reconfigure the MAC Age T ime for Learned MAC Addresses. This command corresponds to the MAC Age Inte rval in the menu interface, and is expressed in second s. Syntax: mac-age-time < 10 - 1000000 > (seconds) Allows [...]
-
Page 182
Interface Access and System Information System Information For example, the time zone setting for Berlin, Germany is +6 0 (zone +1, or 6 0 minutes), and th e time zone setting for V a ncouver , Canada is -480 (zo ne -8, or -480 minutes). T o configur e the time zone and daylight tim e rule for V ancouver , Canada: ProCurve (config)# time timezone -[...]
-
Page 183
8 Configuring IP Addressing Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2 IP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2 Just Want a Quick St art with IP Addr essing? . . . . . . . . . . . . . . . . . .[...]
-
Page 184
Configuring IP Addressing Overview Overview Y ou can configure IP addressing throug h all of the switch’ s interfaces. Y o u can also: ■ Easily edit a switch conf iguration fi le to allo w downloading the f ile to multiple switches withou t overwriting each switch’ s unique gate way and VLAN 1 IP addressing. ■ Assign up to 32 IP addresse s [...]
-
Page 185
Configuring IP Addressing IP Configuration IP Address and Subnet Mask. Configuring the switch with an IP address expands your ability to manage the sw itch and use its features. By default, the switch is configured to automatically receive IP addressing on th e default VLAN from a DHCP/Bootp serv er that has been confi gured correct ly with informa[...]
-
Page 186
Configuring IP Addressing IP Configuration Notes Just W ant a Quick Star t with IP Addressing? If you just want to give th e switch an IP address so that it can communicate on your network, or if you are not us in g VLANs, ProCur ve recommends that you use the Switch Setup sc reen to quickly configure IP addressing. T o do so, do one of the followi[...]
-
Page 187
Configuring IP Addressing IP Configuration ■ The IP addressing used in the swit ch should be compatible with your network. That is, th e IP address must be unique and the subnet mask must be appropriate for your IP network . ■ If you change the IP address throug h either T elnet access or the web browser interface, the connection to the switch [...]
-
Page 188
Configuring IP Addressing IP Configuration For descriptio ns of these parameters, see the online Help fo r this screen. Before using the DH CP/ Bootp option, refer to “DHCP/Bootp Operation” on page 8-12. Figure 8-1. Example of t he IP Service Configuration Sc reen without Multiple VLANs Configured 2. Press [E] (for E dit ). 3. If the sw itch ne[...]
-
Page 189
Configuring IP Addressing IP Configuration CLI: Configuring IP Addres s, Gateway , and T ime-T o- Live (TTL) IP Commands Used in This Se ction Page show ip 8-7 ip address < mask-length > 8-8, 8-9 ip address /< mask-bits > 8-8, 8-9 ip default-gateway 8-10 ip ttl 8-11 V iewing the Current IP Configuration. Syntax: show ip This command dis[...]
-
Page 190
Configuring IP Addressing IP Configuration W ith multiple VLANs and some ot her features co nfigured, show ip provides additional informat ion: A Switch with IP Addressi ng and VLANs Configured Figure 8-3. Example of Show IP List ing with Non-Default IP Addressing Config ured Configure an IP Address and Subnet Mask. The following command includes b[...]
-
Page 191
Configuring IP Addressing IP Configuration Configure Multiple IP A ddresse s on a VLAN (Multinetting). The fol- lowing is supported: ■ Up to 2000 IP addresses for the switch ■ Up to 32 IP addresse s for the same VLAN ■ Up to 512 IP VLANs, that is, VL ANs on which you can configure IP addresses ■ Each IP address on a VLAN must be for a separ[...]
-
Page 192
Configuring IP Addressing IP Configuration Figure 8-5. Example of Multinett ing on the Default VLAN Note The Internet (I P) Se rvice screen in the Menu inte rface (figure 8-1 on page 8-6) displays the first IP a ddress for each VLAN. Y ou must use the CLI show ip command to display th e full IP address listing for multinetted VLANs. Removing or Rep[...]
-
Page 193
Configuring IP Addressing IP Configuration Note The switch uses the IP default gate way only while operating as a Layer 2 device. While routing is enabled on the switch, the IP defa ult gateway is not used. Thus, to avoi d loss of T elnet ac cess to off-subnet management st ations, you should use the ip route command to configure a static (default)[...]
-
Page 194
Configuring IP Addressing IP Configuration T able 8-1. Features Available With and Witho ut IP Addressing on the Switch Features Available W ithou t an IP Address Additional Features Availab le with an IP Address and Subnet Mask • Direct-connect access to the CLI and the menu interface. • DHCP or Bootp support for automatic IP address configura[...]
-
Page 195
Configuring IP Addressing IP Configuration The DHCP/Bootp Process. Whenever the IP Config para meter in the switch or in an individual VLA N in the switch is configured to DHCP/Bootp (the default), or when the sw itch is reb ooted with th is configur ation: 1. DHCP/Bootp request s are automatically broadcast on t h e local networ k. (The switch sen[...]
-
Page 196
Configuring IP Addressing IP Configuration Bootp Operation. When a Bootp server receives a request it searches its Bootp database for a record entry that matche s the MAC address in the Bootp request from the switch. If a match is found, the conf iguration data in the associated database record is returned to the switch. For ma ny Unix systems, the[...]
-
Page 197
Configuring IP Addressing IP Configuration lg TFTP server address (source of final configuration file) T144 is the vendor-specific “tag” identif ying the configur ation file to download. vm is a required entry that specifies the Bootp report format. Use rfc1048 for the switches covered in this guide. Note The above Bootp table entry is a sample[...]
-
Page 198
Configuring IP Addressing Loopback Interfaces Loopback Interfaces This section describes how to configur e and use user -defined loopback inter - faces on the switch. Introduction By default, each switch has an internal loopback interface ( lo0 ) with the IP address 127.0.0.1. This IP address is used only for internal traffic transmitted within the[...]
-
Page 199
Configuring IP Addressing Loopback Interfaces For more informat ion about how to configure a loopback IP address to participate in an OSPF broadcast area, refer to the section titled “(Optional) Assigning Loopback Addresses to an Area” in the Multicast and Routing Guide . Configuring a Loop back Interface T o configure a loopback interface, ent[...]
-
Page 200
Configuring IP Addressing Loopback Interfaces For example, i f you configure a VLAN with IP address 172.16.100.8/24, you cannot configure a loopback interface wi th IP address 172.16.100.8. In the same way , if you configure a loopback interfac e ( lo1 ) with IP address 172.16.101.8, you cannot configur e another loopback interface ( lo2 ) with IP [...]
-
Page 201
-------- --------- ---------- ---------- ------- -------- ---------- ---------- --------------- Configuring IP Addressing Loopback Interfaces ProCurve> show ip Internet (IP) Service IP Routing : Enabled Default TTL : 64 ARP Age : 20 VLAN IP Config IP Address Subnet Mask Proxy ARP DEFAULT_VLAN Manual 10.0.8.121 255.255.0.0 No VLAN2 Manual 192.168[...]
-
Page 202
Configuring IP Addressing Loopback Interfaces T o di splay the loopback in terfa ces configured on the switch in a list of IP routing entries displayed a ccording to destination IP a ddress, enter the show ip route command. The following example displays the co nfigu ration of the default loo pback interface ( lo 0 ) and one user -defined loopback [...]
-
Page 203
Configuring IP Addressing IP Preserve: Retaining VLAN-1 IP Addres sing Across Configuration File Downloads IP Preserve: Retaining VLAN-1 IP Addressing Across Configuration File Downloads For the switches co ver ed i n th is g ui de, IP Preserve enables you to copy a configuratio n file to multiple switches whi le retaining the individual IP address[...]
-
Page 204
Configuring IP Addressing IP Preserve: Retaining VLAN-1 IP Addres sing Across Configuration File Downloads Enabling IP Preserve T o set up IP Pres erve, enter the ip pres erve statement at the end of a configu- ration file. (Not e that you d o not ex ecute IP Preserve by entering a command from the CLI). Entering “ip p reserve” in the last l in[...]
-
Page 205
Configuring IP Addressing IP Preserve: Retaining VLAN-1 IP Addres sing Across Configuration File Downloads ProCurve(config)# show run Running configuration: ; J8715A Configuration Edit or; Created on release #K.12.07 hostname "ProCurve" module 1 type J8702A module 2 type J8705A trunk A11-A12 Trk1 Trunk Using figure 8-10, above, switches 1[...]
-
Page 206
Configuring IP Addressing IP Preserve: Retaining VLAN-1 IP Addres sing Across Configuration File Downloads ProCurve# show run Running configuration: ; J8715A Configuration Edit or; Created on release #K.12.07 hostname "ProCurve" module 1 type J8702A module 2 type J8705A trunk A11-A12 Trk1 Trunk Because swi tch 4 (figure 8-10) ip default-g[...]
-
Page 207
Configuring IP Addressing Configuring a Single Source IP Address Configuring a Single Source IP Address Overview This feature applies to the fo llowing sof tware applications: • T ACACS • RADIUS • System Logging applications The above IP-based softw are applicatio ns use a client-server communicati on model, that is, the client’ s source IP[...]
-
Page 208
Configuring IP Addressing Configuring a Single Source IP Address . Syntax : [no] ip source-interfa ce <radius | tacacs | logging | all> <loo pback < id > | vlan < vlan-id > address < ip-addre ss >> Determines the source IP add ress used by the specified software application when tran smitting IP packets. The all parame[...]
-
Page 209
Configuring IP Addressing Configuring a Single Source IP Address ■ Configured IP Address—th e specific IP address that is us ed as the source IP address. This address is configured on one of the switch’ s IP interfaces, either a VLAN interface or a Loopback interfac e. ■ Configured IP Interface— the IP address from th e specific IP interf[...]
-
Page 210
Configuring IP Addressing Configuring a Single Source IP Address ProCurve(config)# ip source-int erface radius address 10.10.10.2 ProCurve(config)# show ip sourc e-interface radius Source-IP Configuration Inform ation Protocol | Admin Selection Po licy IP Interface IP Address -------- + ------------------ ----- -------------- -------------- - Radiu[...]
-
Page 211
Configuring IP Addressing Configuring a Single Source IP Address Displaying the Source IP Interface Information There are sev eral show commands that can be us ed to display information about the source IP interface status. Syntax : show ip source-interface st atus [radius | tacacs | syslog] Displays the operational status information for the sourc[...]
-
Page 212
Configuring IP Addressing Configuring a Single Source IP Address The show ip source-interface d etail command displays detailed information about the configur ed policies, source IP address, and i nterface state for each protocol. Syntax : show ip source-interface det ail [radius | tacacs | syslog] Displays detailed operational status information f[...]
-
Page 213
Configuring IP Addressing Configuring a Single Source IP Address ProCurve(config)# show radius Status and Counters - General R ADIUS Information Deadtime(min) : 0 Timeout(secs) : 5 Retransmit Attempts : 3 Global Encryption Key : Dynamic Authorization UDP Por t : 3799 Source IP Selection : Configu red IP address Source IP Selection for the specifie [...]
-
Page 214
Configuring IP Addressing Configuring a Single Source IP Address Error Messages The followi ng error messages may appe ar when configuring source IP selec- tion if the int erface does not exist, is not confi gured for IP , or is down. Error Message Description W arning: Specified IP address is not config ured on any inter - The IP address specified[...]
-
Page 215
9 T ime Protocols Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2 TimeP Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2 SNTP Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2 Selecti[...]
-
Page 216
Time Protocols Contents Viewing the Current TimeP Co nfiguration . . . . . . . . . . . . . . . . . . 9-28 Configuring (Enablin g or Disabling) the TimeP Mode . . . . . . . . 9-29 SNTP Unicast Time Pollin g with Multiple SNTP Se rvers . . . . . . . . 9-34 Displaying All SNTP Server Addresses Configured on the Switch . . 9-34 Adding and Deleting SN T[...]
-
Page 217
Time Protocols Overview Overview This chapter describes: ■ SNTP T ime P rotocol Operation ■ T imep Ti me Protocol Operation Using time synchron ization ensures a uni form time among interoperating devices. This helps you to manage a nd troubleshoot switch operation by attaching meaningful time data to event and error messages. The switch offers[...]
-
Page 218
Time Protocols Selecting a Time Synchronization Protocol or Turning Off Time Protocol Operation Note T o use Broadcast mode, the switch and th e SNTP server must be in the same subnet. ■ Unicast Mode: The switch requests a time update from the config- ured SNTP se rver . (Y ou can co nfigure one se rver using the menu interface, or up to three se[...]
-
Page 219
Time Protocols SNTP: Viewing, Selecting, and Configuring Disabling T ime Synchronization Y ou can use either of the following methods to disab le time synchronizat ion without c hanging the Timep or SNTP conf iguration: ■ In the Syste m Information scre en of the Menu inte rface, set the Ti m e Synch Method para meter to None , then press [Enter [...]
-
Page 220
Time Protocols SNTP: Viewing, Selecting, and Configuring T able 9-1. SNTP Parameters SNTP Parameter Operation T ime Sync Method Used to select either SNTP , TIMEP , or None as the time synchronization method. SNTP Mode Disabled T he Default. SNTP does not operate, even if specified by the Menu interface T ime Sync M ethod parameter or the CLI times[...]
-
Page 221
Time Protocols SNTP: Viewing, Selecting, and Configuring ==========================- CO NSOLE - MANAGER MODE -=================== ===== Switch Configuration - Syst em Information System Name : ProCurve System Contact : System Location : Inactivity Timeout (min) [0] : 0 MAC Age Time (sec) [300] : 300 Inbound Telnet Enabled [Yes] : Yes Web Agent Enab[...]
-
Page 222
Time Protocols SNTP: Viewing, Selecting, and Configuring Note: This step replaces any pre v iously configured server IP address. If you will be using b ackup SNTP servers (requires use of the CLI), then refer to “SNTP Unicast Time Polling with Multiple SNTP Servers” on page 9-35. iii. Press [v] to move the cursor to the Server V ersion fi eld. [...]
-
Page 223
Time Protocols SNTP: Viewing, Selecting, and Configuring CLI: V iewing and Configuring SNTP CLI Commands Described in this Section SNTP Command Page show sntp 9 -9 [no] timesync 9-11 and ff., 9-15 sntp broadcast 9-12 sntp unicast 9-12 sntp server 9-12 and ff. Protocol V ersion 9-14 Priority 9-15 poll-interval 9-15 no sntp 9-16 This section describe[...]
-
Page 224
-------- ------------------------ ---------------------- ---------------- Time Protocols SNTP: Viewing, Selecting, and Configuring ProCurve(config)# show sntp SNTP Configuration Time Sync Mode: Sntp SNTP Mode : Unicast Poll Interval (sec) [720] : 719 Priority SNTP Server Address Protocol Version -------- ---------------------- ---------------------[...]
-
Page 225
Time Protocols SNTP: Viewing, Selecting, and Configuring ProCurve(config)# show managem ent Status and Counters - Managem ent Address Information Time Server Address : fe80:: 215:60ff:fe7a:adc0%vlan10 Priority SNTP Server Address Protocol Version -------- ------------------- --------------------------- ------------ --- - 1 2001:db8::215:60ff:fe79:8[...]
-
Page 226
Time Protocols SNTP: Viewing, Selecting, and Configuring Enabling SNTP in Broadcast Mode. Because the switch provides an SNTP polling interval (default: 720 seconds ), you need only these two commands for minimal SNTP broadcast configurati on: Syntax: timesync sntp Selects SNTP as the time synchronizat ion method . Syntax: sntp bro adcast Configure[...]
-
Page 227
Time Protocols SNTP: Viewing, Selecting, and Configuring second or third server , you must u se the CLI. F or more on SNTP operation with multiple serv ers, refer to “SNTP Unicast T ime Polling w ith Multiple SNTP Servers” on page 9-35. Syntax: timesync sntp Selects SNTP as the time synchronizat ion method. sntp unicast Configures the SNTP mode[...]
-
Page 228
Time Protocols SNTP: Viewing, Selecting, and Configuring ProCurve(config)# sntp server 10.28.227.141 Specifies the SNTP server an d accepts the current SNTP server version (default: 3). . ProCurve(config)# show sntp In this example, the Poll Interval and the Protocol SNTP Configuration Ver s io n appea r at their default settings. Time Sync Mode: S[...]
-
Page 229
Time Protocols SNTP: Viewing, Selecting, and Configuring Changing the SNTP Poll Interval. Syntax: sntp poll-interval < 30..720 > Specifies how long the switch waits between time polling intervals. The default is 720 seconds and the range is 30 to 720 seconds. (This parameter is separate from the poll inter - val parameter used for T imep oper[...]
-
Page 230
Time Protocols SNTP: Viewing, Selecting, and Configuring Figure 9-10. Example of SNTP with T i me Synchronization Disabled Disabling the SNTP Mode. If you want t o prevent SNTP from being used even if selected by timesync (or the Menu interface’ s T ime Sync Method param- eter), configure the SN TP mode as disabled. Syntax: no sntp Disables SNTP [...]
-
Page 231
Time Protocols SNTP: Viewing, Selecting, and Configuring This feature provides support for SNTP client authenticatio n on HP ProCurve switches, which addresses security cons iderat ions when deploying S NTP in a network. Requirements The foll owing mus t be conf igured t o en able SNTP client au thentication on the switch. SNTP Client Authenticatio[...]
-
Page 232
Time Protocols SNTP: Viewing, Selecting, and Configuring The followi ng must be performed on the SNTP server: ■ The same authentication key-identi fier , trusted key , authen tication mode and key-value that were conf igured on the SNTP client must also be configured on th e SNTP server . ■ SNTP server authentication must be enabled on the serv[...]
-
Page 233
Time Protocols SNTP: Viewing, Selecting, and Configuring Configuring a T rusted Key T rusted keys are used in SNTP authentication. In unicast mode, a trusted key must be associated with a speci fic NT P/SNTP server . That key is used for authenticating the SNTP packet. In unicast mode, a specific server is co nfigured on the switch so that the SNTP[...]
-
Page 234
Time Protocols SNTP: Viewing, Selecting, and Configuring Associating a Key wi th an SNTP Server After a key is configured, it mu st be associat ed with a specific se rver . Syntax : [no] sntp server priority <1-3> <ip-address | ipv6-address> < version-num > [key-id <1-4,294,967,295>] Configures a key-id to be associated with[...]
-
Page 235
Time Protocols SNTP: Viewing, Selecting, and Configuring Configuring Unicast and Broadcast Mode T o enable authentication, eit her unicast or br oadcast mode must be config- ured. When authentication is enabled, changing the mode from unicast to broadcast or vice versa is not allowe d. Y ou must disable authentication and then change the mode. T o [...]
-
Page 236
Time Protocols SNTP: Viewing, Selecting, and Configuring ProCurve(config)# show sntp SNTP Configuration SNTP Authentication : Enabled Time Sync Mode: Sntp SNTP Mode : Unicast Poll Interval (sec) [720] : 7 20 Priority SNTP Server Address -------- -------------------- ------------------- 1 10.10.10.2 2 fe80::200:24ff:fec8: 4ca8 Protocol Version KeyId[...]
-
Page 237
Time Protocols SNTP: Viewing, Selecting, and Configuring ProCurve(config)# show sntp sta tistics SNTP Statistics Received Packets Sent Packets Dropped Packets : 0 : 3 : 0 SNTP Server Address ----------------------------- ---------- Auth Failed Pkts --------------- - 10.10.10.1 fe80::200:24ff:fec8:4ca8 0 0 Figure 9-16. Example of SNTP Authenti catio[...]
-
Page 238
Time Protocols SNTP: Viewing, Selecting, and Configuring ProCurve(config)# show config Startup configuration: . . . timesync sntp SNTP authenticatio n has been sntp broadcast enabled and a key-id of 55 has been created. sntp 50 sntp authentication sntp server priority 1 10.10.10. 2 3 key-id 55 sntp server priority 2 fe80::200 :24ff:fec8:4ca8 4 key-[...]
-
Page 239
Time Protocols SNTP: Viewing, Selecting, and Configuring If include-cred entials is conf igured, the SNTP authenticat ion configuratio n is saved in the configur ation file. When the show confi g co mmand is entered, all of the inform ation that ha s been configu red for SNTP authenticat ion displays , including the key-values. ProCurve(config)# sh[...]
-
Page 240
Time Protocols TimeP: Viewing, Selecting, and Configuring T imeP: V iewing, Selecting, and Configuring T imeP Feature Default Menu CLI We b view the T imep time synchronization configuration n/a page 9-27 page 9-29 — select T imep as the time synchronization method TIMEP page 9-16 pages 9-31 ff. — disable time synchronization timep page 9-27 pa[...]
-
Page 241
Time Protocols TimeP: Viewing, Selecting, and Configuring Menu: V iewing and Configuring T imeP T o View , Enable, and Modify t he T imeP Protocol: 1. From the Main Menu, sel ect: 2. Switch Configuration ... 1. System Information ==========================- CONSOL E - MANAGER MODE -========================== Switch Configuration - Sy stem Informati[...]
-
Page 242
Time Protocols TimeP: Viewing, Selecting, and Configuring • Use the Space bar to select the Manual mode. i. Press [>] to move the cursor to the Server Address field. ii. Enter the IP address of the Time P server you want the switch to use for time synchronization. Note: This step replaces any previously c onfigured T imeP server IP address. ii[...]
-
Page 243
Time Protocols TimeP: Viewing, Selecting, and Configuring V iewing the Current T imeP Configuration Using different show commands, you can display either the full T imeP config- uration or a combined l isting of all T imeP , SNTP , and VLAN IP addresses configured on the switch. Syntax: show timep This command lists both the time synchronization me[...]
-
Page 244
-------- ------------------------ ---------------------- ---------------- Time Protocols TimeP: Viewing, Selecting, and Configuring ProCurve(config)# show management Status and Counters - Mana gement Address Information Time Server Address : 10.10.28.10 0 Priority SNTP Server Address Protocol V ersion 1 10.10..28.101 3 2 10.255.5.24 3 3 fe80::123%v[...]
-
Page 245
Time Protocols TimeP: Viewing, Selecting, and Configuring Enabling T imeP in DHCP Mode. Bec ause the switch provides a T imeP polling interval (defaul t: 720 minutes) , you need only these t wo commands for a minimal T imeP DHCP conf iguration: Syntax: timesync t imep Selects T imeP as the time synchronization method. Syntax: ip timep d hcp Configu[...]
-
Page 246
Time Protocols TimeP: Viewing, Selecting, and Configuring Enabling T imep in Manual Mode. Like DHCP mode, configuring TimeP for Manual mode enables T i meP . H owever , for manual operation, you must also specify the I P address of the T imeP ser ver . (The switch allows only one TimeP server .) T o enable the TimeP protocol: Syntax: timesync t ime[...]
-
Page 247
Time Protocols TimeP: Viewing, Selecting, and Configuring Figure 9-25. Example of Configu ring T imep for Manual Operation Changing the T imeP Poll Interval. This command lets you specify how long the switch waits between time po lling intervals. The default is 720 minutes and the range is 1 to 9999 minutes. (T his parameter is separate from the po[...]
-
Page 248
Time Protocols TimeP: Viewing, Selecting, and Configuring Figure 9-26. Example of T imeP wi th T i me Synchronization Disabled Disabling the T imeP Mode. Disabling the T imeP mode means to configure it as disabled. (Disabling T imeP prevents the switch from using it as the time synchronization protocol, even if it is the selected T ime Sync Method [...]
-
Page 249
-------- ------------------------ ---------------------- ---------------- Time Protocols SNTP Unicast Time Polling with Multiple SNTP Servers SNTP Unicast T ime Polling with Multiple SNTP Servers When running SNTP unicast time polli ng as the ti me synchronization met hod, the switch requests a time update fro m the server yo u configured with eith[...]
-
Page 250
Time Protocols SNTP Messages in the Event Log Adding and Deleting SNTP Server Addresses Adding Addresses. As mentioned earlier , yo u can configure one S NTP server address using either the Menu interface or the CL I. T o configure a second and third address, you must us e the CLI. T o conf igure the remaining two addresses, you would do the follow[...]
-
Page 251
10 Port Status and Configuration Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-3 Viewing Port Status and Configuring Port Parameters . . . . . . . . . . 10-3 Menu: Port Configuratio n . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-6 CLI: Viewi[...]
-
Page 252
Port Status and Configuration Contents Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-32 Uni-Directional Link Detection (UDLD) . . . . . . . . . . . . . . . . . . . . . . 10-33 Configuring UDLD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-34 Enabling UDLD . . [...]
-
Page 253
Port Status and Configuration Overview Overview Note On Connecting T ransceiv ers to Fixed-Configuratio n Devices This chapter describes how to view th e current port conf iguration and ho w to configure ports t o non-d efault settings, including ■ Enable/Disable ■ Mode (speed and duplex) ■ Flow Control ■ Broadcast Limit ■ Friendly P ort [...]
-
Page 254
Port Status and Configuration Viewing Port Status and Configur ing Port Parameters T able 10-1. Status and Parame ters for Each Port T ype Status or Parameter Description Enabled Ye s (default): The port is ready for a network connection. No: The port will not operate, even if properly connected in a network. Use this setting, for example, if the p[...]
-
Page 255
Port Status and Configuration Viewing Port Status and Configuring Port Parameters Status or Parameter Description — Continued From Previous Page — Gigabit Fiber -Optic Ports (Gigabit-SX, Gigabit-LX, and Gigabit-LH): • 1000FDx: 1000 Mbps (1 Gbps ), Full Duplex only • Auto (default): The port operates at 1000FDx and auto-negotiates flow contr[...]
-
Page 256
Port Status and Configuration Viewing Port Status and Configur ing Port Parameters Menu: Port Configuration From the menu interface, you can view and change the port configuration. Using the Menu T o V iew Port Con figuration. The menu interf ace dis- plays the configuration for ports an d (if con figured) any trunk groups. From the Main Menu, sele[...]
-
Page 257
Port Status and Configuration Viewing Port Status and Configuring Port Parameters Using the Menu T o Configure Ports. Y ou can configure and view the port settings by using the menu. Note The menu interface uses the same scre en for confi guring both individual por ts and port trunk groups. For i nformation on port tr unk groups, refer to Chapter 1[...]
-
Page 258
Port Status and Configuration Viewing Port Status and Configur ing Port Parameters CLI: Vi ewing Port Status and Configuring Port Parameters From the CLI, you can conf igure and view all port pa rameter settings and view all port statu s indicators. Port Status and Conf iguration Commands show interfaces brief page 10-9 show interfaces config page [...]
-
Page 259
Port Status and Configuration Viewing Port Status and Configuring Port Parameters ProCurve(config)# show interfaces brief Status and Counters - Port Status | Intrusion MDI Flow Bcast Port Type | Alert Enabled Status Mode Mode Ctrl Limit ----- --------- + --------- --- ---- ------ ---------- ----- ----- ----- - B1 100/1000T | No Yes Down Auto-10-100[...]
-
Page 260
Port Status and Configuration Viewing Port Status and Configur ing Port Parameters Syntax: show interfaces display Initiates the dynamic update of a command. The output is the same as the equivalent “ show ” command.The information is updated every 3 seconds. Note : Select “Back” to exit the display. For example: ProCurve# show interfaces d[...]
-
Page 261
Port Status and Configuration Viewing Port Status and Configuring Port Parameters Syntax: show interfaces custom [port-list] column-list Select the information that yo u want to display . Parameters include: ■ port name ■ type ■ vlan ■ intrusion ■ enabled ■ status ■ speed ■ mdi ■ flow Columns supported are: Parameter Column Displa[...]
-
Page 262
Port Status and Configuration Viewing Port Status and Configur ing Port Parameters ProCurve(config)# show int custo m 1-4 port name:4 type vlan intrusion spe ed enabled mdi Status and Counters - Custom Po rt Status Intrusion Port Name Type VLAN Alert Speed Enabled MDI-mode ---- ---------- ---------- --- -- --------- ------- ------- -------- 1 Acco [...]
-
Page 263
Port Status and Configuration Viewing Port Status and Configuring Port Parameters Note on Using Pattern Matching with the “Show Interfaces Custom” Command If you have included a pa tt ern matching comma nd to search for a field in the output of the show int custom command and t he show int custom command produces an erro r , the er ror message [...]
-
Page 264
Port Status and Configuration Viewing Port Status and Configur ing Port Parameters Operating Notes: ■ For each port on the switch, the co mmand provides a re al-time display of the rate at which data is received (Rx) and transmitted (Tx) in terms of kilobits per se cond (KBits/s), number of pack ets per second (Pkts/ s), and utilization (Util) ex[...]
-
Page 265
Port Status and Configuration Viewing Port Status and Configuring Port Parameters Operating Notes: ■ The following inform ation is displa yed for each installed transceiver: • Port number on which transceiver is installed. • T ype of transceiver . • Product numb er—Includes revisio n letter , such as A, B, or C. If no revision letter foll[...]
-
Page 266
Port Status and Configuration Viewing Port Status and Configur ing Port Parameters speed-duplex < auto-10 |10-full | 10-half | 100-full | 100-half |auto| auto- 100 | 1000-full >] Specifies the port’ s data transfer speed and mode. Does not use the no fo rm of the command. ( [ Default: auto .) Note that in the ab ove syntax you can sub stitu[...]
-
Page 267
Port Status and Configuration Viewing Port Status and Configuring Port Parameters Enabling or Disab ling the USB Port This feature allows co nfiguration of the USB port with either the CLI or SNMP . T o ena ble/disable the USB port with the CLI: Syntax: usb-port no usb-port Enables the USB port. The no form of the command disables the USB port and [...]
-
Page 268
Port Status and Configuration Viewing Port Status and Configur ing Port Parameters The autorun feature only works when a USB device is inserted and the USB port is enabled. Behavior of Autorun When USB Port is Disabled Software V ersions K.13.XX Operation. When using software version K.13.58, if the USB port is disabled (no usb-port command), the U[...]
-
Page 269
Port Status and Configuration Viewing Port Status and Configuring Port Parameters T o disable flow control on some ports, while leavin g it enabled on other p orts, just disable it on the individual po rts you want to exclude. Syntax: [ no ]interface < port-list > flow-control Enables or disables flow control packets on the port. The “ no ?[...]
-
Page 270
Port Status and Configuration Viewing Port Status and Configur ing Port Parameters Disables per -port flow control on po rts A5 and A6. Figure 10-13. Exa mple Continued from Figure 10-12 Disables per -port flow control on po rts A1 through A4 . Flow co ntrol is now disabled on the switch. Ports formerly co nfigured for flow contro l. Figure 10-14. [...]
-
Page 271
Port Status and Configuration Viewing Port Status and Configuring Port Parameters Syntax: broadcast-limit <0-99> Enables or disables broadcast limiting for outbound broadcasts on a selected port on the switch. Th e value selected is the percentage of traffic allowed, for example, broadcast-limi t 5 allows 5% of the maximum amount of traffic f[...]
-
Page 272
Port Status and Configuration Viewing Port Status and Configur ing Port Parameters Using the above ports: ■ If you connect a copper port using a st raight- through cable on a switch to a port on another switch or hub that uses MDI-X ports, the switch port automatically operates as an MDI port. ■ If you connect a copper port using a straight- th[...]
-
Page 273
Port Status and Configuration Viewing Port Status and Configuring Port Parameters The Auto-MD IX feature s apply o nly to co pper port switches using twisted-pair copper Ethernet cables. Syntax: interface < port-list > mdix-mode < auto-mdix | mdi | mdix > auto-mdix is the automatic, default setting. This configures the port for automati[...]
-
Page 274
Port Status and Configuration Viewing Port Status and Configur ing Port Parameters Per - Port MDI Configurati on Figure 10-15. Example of Displayi ng the Current MDI Configuration Per -Port MDI Operating M ode Figure 10-16. Example of Displaying th e Current MDI Operating Mode W eb: Viewing Port Status and Confi guring Port Parameters In the web br[...]
-
Page 275
Port Status and Configuration Using Friendly (Optional) Port Names Using Friendly (Optional) Port Names Feature Default Menu CLI Web Configure Friendly Port Names Standard Port Numbering n/a page 26 n/a Display Friendly Port Names n/a n/a page 27 n/a This feature enables yo u to assign alphanumeric port nam es of your choosing to augment au tomatic[...]
-
Page 276
Port Status and Configuration Using Friendly (Optional) Port Names ■ T o retain friendly por t names across reboot s, you must save the current running-con figuration to the startup- config file after entering the friendly port names. (In the CLI, use the write memory command.) Configuring Friendly Port Names Syntax: interface < port-list >[...]
-
Page 277
Port Status and Configuration Using Friendly (Optional) Port Names Configuring the Sa me Name for Multiple Ports. Suppose that you wan t to use ports A5 through A8 as a trunked li nk to a server used by a drafting group. In this case you might configure ports A5 through A8 with the name “Draft-Server:T runk”. Figure 10-18. Example of C onfiguri[...]
-
Page 278
Port Status and Configuration Using Friendly (Optional) Port Names T o List All Ports or Selected Ports with Their Friendly Port Names. This command lists names assi gned to a specific port. Syntax: show nam e [ port-list ] Lists the friendly port name with its corresponding port number and port typ e. The show name command without a port list show[...]
-
Page 279
Port Status and Configuration Using Friendly (Optional) Port Names Including Friendly Po rt Names in Per -Port Statistics Listings. A friendly port name configured to a port is automatica lly included when y ou display the port’ s statistics output. Syntax: show inte rface < port-number > Includes the friendly port name wi th the port’ s [...]
-
Page 280
Port Status and Configuration Using Friendly (Optional) Port Names For example, if you co nfigure port A1 with a friendly po rt name: This command seque nce saves the friendly port name for port A1 in the startup- config file. The n ame entered for port A2 is not saved because it was executed after write memory . In this case, show config li sts on[...]
-
Page 281
Port Status and Configuration Using Friendly (Optional) Port Names Configuring T ransceivers and Modules That Haven’t Been Inserted T ransceivers Previously , a port ha d to be valid and v erified for the switch to allow it to be configured. T ransceivers are removable ports and considered invalid when not present in the switch, so they cannot be[...]
-
Page 282
Port Status and Configuration Using Friendly (Optional) Port Names Syntax: [no] module <slot> Allows removal of the module co nfiguration in the configura- tion file after the module has been removed. Enter an integer between 1 and 12 for <slot>. For example: ProCurve(config)# no module 3 Note This does not change how hot-swap wor ks. O[...]
-
Page 283
Port Status and Configuration Uni-Directional Link Detection (UDLD) Uni-Directional Link Detection (UDLD) Uni-directional Lin k Detection (UDLD) monitors a li nk between two ProCurve switches and blocks the ports on both en ds of the link if the link fails at any point between the two devices. This featur e is particularly useful for detecting fail[...]
-
Page 284
Port Status and Configuration Uni-Directional Link Detection (UDLD) connected ports. UDLD-enabled ports; however , will prevent traffic from being sent across a bad link by blocking the ports in the event that either the individual transmitter or receiver for that connection fails. Ports enabl ed for UDLD exch ange heal th-check packets once every [...]
-
Page 285
Port Status and Configuration Uni-Directional Link Detection (UDLD) Syntax: link-keepalive interval < interval > Determines the time interval to send UDLD control packets. The <interval> parameter specifies ho w often the ports send a UDLD packet. Y ou can specify from 10 – 100, in 100 ms increments, where 10 is 1 second, 11 is 1.1 se[...]
-
Page 286
Port Status and Configuration Uni-Directional Link Detection (UDLD) Changing the Keepalive Interval By default, ports en abled for UDLD send a link health-check packe t once every 5 seconds. Y ou can change the i nterval to a value from 10 – 100 deciseconds, where 10 is 1 second, 11 is 1.1 seconds, and so on. For example, to change the packet int[...]
-
Page 287
untagged Port Status and Configuration Uni-Directional Link Detection (UDLD) ■ T o re-assig n a VLAN ID, re-enter the command with the new VLAN ID number . The new command will o verwrite the previous command setting. ■ When configuring UDLD for tagge d ports, you may receive a warning message if there are any inconsistenc ies with the port’ [...]
-
Page 288
Port Status and Configuration Uni-Directional Link Detection (UDLD) T o di splay detailed UDLD info rmation for specific ports, enter the show link- keepalive statistics comma nd. For example: Ports 1 and 2 are UDLD-en abled and show the number of heal th check packe ts sent and received o n each port. ProCurve(config)# show link-keepa live statist[...]
-
Page 289
Port Status and Configuration Uni-Directional Link Detection (UDLD) Configuration W arnings and Event Log Messages W arning Messages. The following tab le shows the warning messages that may be issued and their possible causes, when UDLD is c onfigured for tagged ports. T able 10-3. Warning Messages caused by c onfiguring UDLD for T agged Ports CLI[...]
-
Page 290
Port Status and Configuration Uni-Directional Link Detection (UDLD) 10-40[...]
-
Page 291
11 Power Over Ethernet (PoE/PoE+) Operation Contents Introduction to PoE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2 PoE Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2 PoE Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .[...]
-
Page 292
Power Over Ethernet (PoE/PoE+) Operation Contents PoE Event Log Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-27 “Informational” PoE Event-Log Messages . . . . . . . . . . . . . . . . . 11-27 “Warning” PoE Event-Log Messages . . . . . . . . . . . . . . . . . . . . . . 11-28 11-2[...]
-
Page 293
Power Over Ethernet (PoE/PoE+) Operation Introduction to PoE Introduction to PoE PoE technolo gy allows IP telephon es , wireless LAN access points, an d other appliances to receive power and transf er data over existing ethernet LAN cabling. For more inf ormation about PoE technology , refer to the PoE Plan- ning and Implementation Guide , wh ich [...]
-
Page 294
Power Over Ethernet (PoE/PoE+) Operation Introduction to PoE Te r m Use in this Manual port-number priority Refers to the type of power prioritiza tion wh ere, within a priority class, a PoE module assigns the highest priority to the lowest-numbered port in the module, the second-high est priority to the second lowest-numbered port in the module, a[...]
-
Page 295
Power Over Ethernet (PoE/PoE+) Operation PoE Operation PoE Operation Using the commands described in this chapter , you can: ■ Enable or disable PoE op eration on individual po rts. ■ Monitor PoE stat us and performance per module. ■ Configure a non-de fault power threshold for SNMP and Even t Log reporting of PoE co nsumption on eit her all [...]
-
Page 296
Power Over Ethernet (PoE/PoE+) Operation PoE Operation Note The ports support standard networking link s and PoE links. Y ou can connect either a non-PoE device or a PD to a port enabled for PoE without reconfig- uring the port. PD Support T o be st utilize the allocated PoE powe r , spread your co nnected PoE devices as evenly as possible across m[...]
-
Page 297
Power Over Ethernet (PoE/PoE+) Operation PoE Operation For PoE+, there must be 33 watts avail a ble f or the modul e to begin supplyin g power to a port with a PD connected. A slot in a zl chassis can pr ovide a maximum of 370 wat ts of PoE/PoE+ po wer to a modul e. Disconnecting a PD from a PoE port causes th e module to stop providing PoE power t[...]
-
Page 298
Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation Configuring PoE Operation In the default configuration, PoE suppor t is enabled on the ports in a P o E module installed o n the switch. The default prio rity for all ports is Low and the default power notificat ion threshold is 80 (%). Using the CLI, you can: ■ Disable or re-enab[...]
-
Page 299
Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation Configuring the PoE Po rt Priority Level Syntax: interface < port-list > power -over -e thernet [ critical | high | low ] Reconfigures the PoE priority level on < port-list >. For a given level, ports are prioritized by port number in ascending order . For example, if po[...]
-
Page 300
Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation T able 11-1. Example of PoE Priority Operation on a PoE Module Port Priority Setting Configuration Command 1 and Resulting Operation with PDs connected to Ports C3 Through C24 C3 - C17 Critical In this example, the following CL I command sets ports C3-C17 to Critical : ProCurve(conf[...]
-
Page 301
Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation allocated sta rting with module A, then B, C, and the rema ining modules in order . Any remaining pow er is allo cated in the same manner for the Low priority port s, beginning wi th module A though th e remaining modul es. If there is not enough PoE power for all the PDs connected [...]
-
Page 302
Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation Controlling PoE Allocation The default opti on for PoE allocat ion is usage , which is what a PD attached to the port is allocat ed. Y ou can overri de this value by specifying the amount of power allocated to a port by using the class or value options. Syntax : [no] int <port-li[...]
-
Page 303
Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation Manually Configuring PoE Power Levels Y ou can specify a power level (in watts) allocated for a port by using the value option. This is the maximum amoun t of power that will be delivered. T o configure a port by value, first se t th e PoE allocation by enterin g th e poe- allocate-[...]
-
Page 304
Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation ProCurve(config)# int A7 poe-va lue 4 ProCurve(config)# show power-ov er-ethernet A7 Status and Counters - Port Pow er Status for port A7 Power Enable : Yes LLDP Detect : enabled Priority : low Configured Type : AllocateBy : value Value : 4 W Detection Status : fault Power Class : 2[...]
-
Page 305
Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation Changing the Threshold for Generating a Power Notice Y ou can configure one of t he following threshol ds: ■ A global power th reshold that app lies to all modul es on the switch. This setting acts as a trigger for sending a notice when the PoE power consumption on any P oE module[...]
-
Page 306
Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation Syntax : power-over -ethernet [slot < slot-id-rang e >] threshold < 1 - 99 > This command specifies the PoE usage level (as a percentage of the PoE power available on a module) at which the s w itch generates a power usage notice. This notice appears as an S NMP trap and[...]
-
Page 307
Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation Syntax : power-over -ethernet [slot < slot-id-range >] threshold <1 - 99 > (Continued) T o continue the preceding exampl e, if the PoE power usage on the PoE module in slot B drops below 70%, another SNMP trap is generated and you will see this message in the Event Log: [...]
-
Page 308
Power Over Ethernet (PoE/PoE+) Operation PoE/PoE+ Allocation Using LLDP Information PoE/PoE+ Allocation Using LLDP Information LLDP with PoE When using Po E, enabling poe-lldp-detect allows au tomatic power configura - tion if the link part ner supports PoE. When LLDP is enabled, th e information about the power usage of the PD is avai lable and th[...]
-
Page 309
Power Over Ethernet (PoE/PoE+) Operation Displaying the Switch’s Global PoE Power Status Displaying the Switch’ s Global PoE Power Status Syntax: s how power-over -ethernet [brief | [ethernet] <port -list> |[slot <slot-id-range> | all>]] Displays the switch’ s global PoE power status, including: • T otal Available Power: List[...]
-
Page 310
Power Over Ethernet (PoE/PoE+) Operation Displaying the Switch’s Global PoE Power Status ProCurve(config)# show powe r-over-ethernet Status and Counters - Syst em Power Status Pre-standard Detect : On System Power Status : No redundancy PoE Power Status : No redundancy Chassis power-over-etherne t: Total Available Power : 600 W Total Failover Pow[...]
-
Page 311
Power Over Ethernet (PoE/PoE+) Operation Displaying the Switch’s Global PoE Power Status Displaying PoE Stat us on All Ports Syntax : show power-over -ethernet brief Displays the followin g port power status: • PoE Port: Lists all PoE-capable ports on the switch. • Power Enable: Shows Ye s for ports enabled to support PoE (the default) and No[...]
-
Page 312
Power Over Ethernet (PoE/PoE+) Operation Displaying the Switch’s Global PoE Power Status For example, show power-over -ethernet brief displays this output: ProCurve(config)# show power-ove r-ethernet brief Status and Counters - Port Powe r Status System Power Status : No re dundancy PoE Power Status : No re dundancy Available: 600 W Used: 9 W R e[...]
-
Page 313
Power Over Ethernet (PoE/PoE+) Operation Displaying the Switch’s Global PoE Power Status Displaying the PoE Stat us on Specific Ports Syntax : show power-over -ethernet < port-list > Displays the following PoE status and statistics (since the last reboot) for each port in < port-list >: • Power Enable: Shows Ye s for ports enabled t[...]
-
Page 314
Power Over Ethernet (PoE/PoE+) Operation Displaying the Switch’s Global PoE Power Status • Power Class: Shows the power class of the PD detected on the indicated port. Classes include: 0 : 0.44w to 12.95w 2 : 3.84w to 6.49w 4: For PoE+; 1 : 0.44w to 3.84w 3 : 6.49 w to 12.95w up to 25.5 watts can be drawn by the PD • MPS Absent Cnt: This valu[...]
-
Page 315
Power Over Ethernet (PoE/PoE+) Operation Planning and Imple m e nti ng a PoE Configuration Planning and Implementing a PoE Configuration This section provides an overview of some considerations for planning a PoE application . For additional informat ion on this topic, re fer to the HP ProCurve PoE Planning and Implementation Guide which is availab[...]
-
Page 316
Power Over Ethernet (PoE/PoE+) Operation Planning and Implementing a PoE Configuration For example, if the 5406zl has two 24- port PoE modules (J8702A) installed, and all ports are using 15.4 watts, then the total wattage used is 739.2 wa tts (48 x 15.4). T o supply the nec essary PoE wattage a J8713A power supply is installed in one of th e power [...]
-
Page 317
Power Over Ethernet (PoE/PoE+) Operation Planning and Imple m e nti ng a PoE Configuration T able 11-3. Classifiers for Prioritizing Outbound Pac kets Priority QoS Classifier 1 UDP/TCP Application T ype (port) 2 Device Priority (destinat ion or source IP address) 3 IP T ype of Service (T oS) field (IP packets only) 4 VLAN Priority 5 Incoming source[...]
-
Page 318
Power Over Ethernet (PoE/PoE+) Operation PoE Event Log Messages PoE Event Log Messages PoE operat ion generat es these Event Log messages. Y ou can also configure the switch to send these messages to a configured debug destination (ter minal device or SyslogD server). “Informational” PoE Event-Log Messages Message Meaning I < MM/DD/YY > &[...]
-
Page 319
Power Over Ethernet (PoE/PoE+) Operation PoE Event Log Messages “W arning” PoE Event-Log Messages Message Meaning W < MM / DD / YY > < HH : MM : SS > chassis Message header , with severity , date, system time, and system module type. For more information on Event Log operation, including severity indicators, refer to “Usin g the E[...]
-
Page 320
Power Over Ethernet (PoE/PoE+) Operation PoE Event Log Messages 11-30[...]
-
Page 321
12 Port T runking Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-3 Port Trunk Features an d Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-5 Trunk Configuration Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-6 Menu: Viewing [...]
-
Page 322
Port Trunking Contents Forwarding Broadcast, Mult icast, and Unknown Traffic Downstream (to the Server) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-33 Distributed Trunki ng Restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-35 Trunk Group Operation Usin g the “Trunk” Option . . . . . . . . . . . . 12-36 How t[...]
-
Page 323
Port Trunking Overview Overview This chapter describes creating and modifying port trunk grou ps. This includes non-protocol trunks and L ACP (802.3ad) trun ks. Port Status and Conf iguration Feature s Feature Default Menu CLI W eb viewing port trunks n/a page 12-10 page 12-12 page 12-18 configuring a static trunk none page 12-10 page 12-16 — gro[...]
-
Page 324
Port Trunking Overview Port Connecti ons and Configuratio n: All port trunk links must be poin t- to-point connections between a sw itch and another switch, router , server , or workstation config ured for port tr unking. No intervening, non-trunki ng devices are allowed. It i s important to note that ports on both ends of a port trunk group must h[...]
-
Page 325
Port Trunking Port Trunk Features and Operation Port T runk Features and Operation T he sw it ch es covered in this guide o ff er th es e o pt io n s f or po rt tr un ki n g: ■ LACP: IEEE 802.3ad—page 12-19 ■ T runk: Non- Protocol—page 12-36 Up t o 1 44 t ru nk gr ou p s a re su p po rt ed o n t he sw i tc he s covered in this guide. The ac[...]
-
Page 326
Port Trunking Trunk Configuration Methods T runk Configuration Methods Dynamic LACP T runk : The switch automatically negoti ates trunked li nks between LACP-configured po rts on sepa rate devices, and offers one dynamic trunk option: LACP . T o conf igure the switch to in itiate a dynamic LACP trunk with another device, use the interface command i[...]
-
Page 327
Port Trunking Trunk Configuration Methods T able 12-2. T runk Configuration Protocols Protocol T runking Options LACP Provides dynamic and static LACP trunking options. (802.3ad) • Dynamic LACP — Use the switch-negotiated dy namic LACP trunk when: – The port on the other end of the trunk link is configured for Active or Passive LACP . – Y o[...]
-
Page 328
Port Trunking Trunk Configuration Methods T able 12-3. General Opera ting Rules for Port T runks Media: For proper trunk operation, all ports on both ends of a trunk group must have th e same media type and mode (speed and duplex). (For the switches cover ed in this guide, ProCurve recommends leaving the port Mode setting at Auto or , in networks u[...]
-
Page 329
Port Trunking Trunk Configuration Methods Spanning T ree: 802.1D (STP) and 802.1w (RSTP) Spanning T ree operate as a global setting on the switch (with one instance of Spanning T ree per switch). 802.1s (MSTP) Spanning T r ee operates on a per -instance basis (with multiple instances allowed per switch). For each Spanning T ree instance, you can ad[...]
-
Page 330
Port Trunking Menu: Viewing an d Configuring a Static Trunk Group Menu: V iewing and Configuring a Static T runk Group Important Confi gure port trunki ng before you connect the trunked links to anot her switch, routing switch, or server . Otherwise, a broad cast storm could occur . (If you need to connect the ports b efore configur ing them for tr[...]
-
Page 331
Port Trunking Menu: Viewing an d Configuring a Static Trunk Group • For proper trunk operation, all por ts in a trunk must have the same media type and mode (such as 10/100TX set to 100FDx, or 100FX set to 100FDx). The flow control settings must also be the same for all ports in a given trunk. T o verify thes e settings, refer t o “V ie wing Po[...]
-
Page 332
Port Trunking CLI: Viewing and Configurin g Port Trunk Groups 8. Connect the trunked ports on the switch to the corresponding ports on the opposite device. If you previousl y disabled any of the trunked ports on the switch, enab le them now . (R efer to “V iewing Port Status and Configuring Port Parameters” on page 10-3.) Check the Event Log (?[...]
-
Page 333
Port Trunking CLI: Viewing and Configuring Port Trunk Groups Using a port list specifies, for sw itch ports in a static trunk group, only the ports you want to vi ew . In this case, the command specifies ports A5 through A 7 . H o w e v e r, b e c a u s e p o r t A 6 i s n o t i n a static trunk group, i t does no t appear in the resultin g listing[...]
-
Page 334
Port Trunking CLI: Viewing and Configurin g Port Trunk Groups Listing Static LACP and Dynamic LACP T runk Data. Syntax: show lacp Lists data for only the LACP-configured ports.. In the followin g example, po rts A1 and A2 have been previously con figured for a static LACP tr unk. (For more on the “Active” parameter , see table 12-5 on page 12-2[...]
-
Page 335
Port Trunking CLI: Viewing and Configuring Port Trunk Groups Figure 12-9. Example of a Dynamic LACP T runk with One Standby Link “Up” Links Standby Link Using the CLI T o Configure a Static or Dynamic T runk Group Important Configure port trun king before y ou connect the trunked links between switches. Otherwise, a br oadcast storm could occur[...]
-
Page 336
Port Trunking CLI: Viewing and Configurin g Port Trunk Groups Configuring a Static T runk or Static LACP T runk Group. Syntax: trunk < port-list > < trk1 ... trk144> < trunk | lacp > Configures the specified static trunk type. This example uses port s C4 - C6 to create a non-protocol st atic trunk group with the group n ame of Tr [...]
-
Page 337
Port Trunking CLI: Viewing and Configuring Port Trunk Groups Figure 12-10. Example of Criteria for Automatically Forming a Dyna mic LACP T runk Switch “A” with ports set to LACP passive. Switch “B” with ports set to LACP passive. Dynamic LACP tru nk cannot automat ically form b ecause both ends of the links are LACP passive. (In this case s[...]
-
Page 338
Port Trunking Web: Viewing Existing Port Trunk Groups Caution Unless spanning tree is running on your netw ork, removing a port from a trunk can result i n a loop . T o help preven t a broadcast storm when you remove a port from a trunk whe re spanning tree is not in use, ProCurve recomm ends that you first disabl e the port or disconnect the li nk[...]
-
Page 339
Port Trunking Trunk Group Operation Using LACP T runk Group Operation Using LACP The switch can automat ically configure a dy namic LACP trunk gr oup or you can manually configure a static LACP trunk group. Note LACP requires fu ll-duplex (FDx) l inks of the same medi a type (10/100Base -T , 100FX, etc.) and the same speed, and en forces speed and [...]
-
Page 340
Port Trunking Trunk Group Operation Using LACP T able 12-4. LACP T runk T ypes LACP Port T runk Configuration Operation Dynamic LACP This option automatically establishes an 802.3ad-compliant trunk group, with LACP for the port T ype parameter and Dyn X for the port Group name, where X is an automatically assigned value from 1 to 144, depending on [...]
-
Page 341
Port Trunking Trunk Group Operation Using LACP Static LACP Provides a manually configured, st atic LACP trunk to acco mmodate these conditions: LACP Port T runk Configuration Operation • The port on the other end of the trunk link is configured for a static LACP trunk. • Y ou want to configure non-default spanning tree or IGMP parameters on an [...]
-
Page 342
Port Trunking Trunk Group Operation Using LACP Default Port Operation In the default configuration, LACP is di sabled for al l ports. If LACP i s not configured as Active on at least one end of a link, then the p ort does not t ry to detect a trunk configur ation and operates as a standard, untrunked port. T able 12-5 lists the elements of per -por[...]
-
Page 343
Port Trunking Trunk Group Operation Using LACP LACP Partner Ye s : LACP is enabled on both ends of the link. Status Name Meaning No: LACP is enabled on the switch , but either LACP is not enabled or the link has not been detected on the opposite device. LACP Status Success: LACP is enabled on the port, detects and synchr onizes with a device on the[...]
-
Page 344
Port Trunking Trunk Group Operation Using LACP The switch will not allo w you to configure LACP on a port on which port security is enabled. For example: ProCurve(config)# int a17 lacp passive Error configuring port A17: LACP and port security cannot be run together. ProCurve(config)# T o restore LACP to the port, you must remove port security and [...]
-
Page 345
Port Trunking Trunk Group Operation Using LACP ProCurve(eth-B1-B8)# show lac p LACP PORT LACP TRUNK PORT LACP LACP NUMB ENABLED GROUP STATUS PARTNER STATUS ---- ------- ------- ------- ------- ------- B1 Active Dyn1 Up Yes Success B2 Active Dyn1 Up Yes Success B3 Active Dyn1 Up Yes Success B4 Active Dyn1 Up Yes Success B5 Active Dyn1 Blocked Yes Fa[...]
-
Page 346
Port Trunking Trunk Group Operation Using LACP Spanning T ree and IGMP . If Spanning T ree and/or IG MP is enabled in the switch, a dynamic LACP trunk op erates only with the default settings fo r these features and does not appear in th e port listings for these features. Half-Duplex and/or Dif ferent Port Speeds Not Allowed in LACP T runks. The p[...]
-
Page 347
Port Trunking Distributed Trunking Distributed T runking Overview The IEEE standard 802.3ad requires that all the links in a trunk group originate from the same switch. Di stributed T runking uses a proprietary p rotocol that allows two or more por t trunk links dist ributed across two switch es to create a trunk group. The grou ped links appear to[...]
-
Page 348
12-28 Port Trunking Distributed Trunking Figure 12-13. Example of Distribu ted T runking Confi guration In figure 12-14, three differ ent distributed trunk s with three different servers have one common ISC link. Each trunk only span s two distributed trunki ng switches. The distributed tr unking switch e s are connected at the ISC ports so they ca[...]
-
Page 349
Port Trunking Distributed Trunking Distributed T runk Switch Local InterSwitch-Connect (ISC) Server 1 Server 2 Server 3 T runk Tr u n k T runk Distributed T runk Switch Remote DTD DTD DTD ISC ports DT ports DT ports Figure 12-14.Example of Distrib uted T runking Distributed T runking Inte rconnect Protocol (DTIP) Distributed trun king uses the Dist[...]
-
Page 350
Port Trunking Distributed Trunking Configuring Distributed T runking ISC Port Configuration Y ou must configure the ISC ports before you can configure the tru nks for distributed trunki ng. T o configure an ISC port, enter this command: Syntax: switch-interconnect <port-num | trk1...trkN> no switch-interconnect Configures an InterSwitch-Conne[...]
-
Page 351
Port Trunking Distributed Trunking ProCurve Switch Local(config)# sw itch-interconnect a7 ProCurve Switch Remote(config)# s witch-interconnect a8 ProCurve Switch Local(config)# tr unk a9-a10 trk10 dt-lacp ProCurve Switch Remote(config)# t runk a5-a6 trk10 dt-lacp Figure 12-15.Example of Configuri ng Distributed T runking Displaying Distributed T ru[...]
-
Page 352
Port Trunking Distributed Trunking Maximum DT T runks and Links Supported T able 12-1 shows the maximum number of DT trunks and DT links that are supported. T able 12-1. Maximum DT T runks and Links Descriptio n Max Nu mber Maximum number of groups (DT trun ks) in a DT switch (that is, 60 maximum number of servers supported) Maximum number of switc[...]
-
Page 353
Port Trunking Distributed Trunking Unicast frames are only forwarded by one of the DT switches unless the MAC address is reachable only t hrough the other DT switch, f or example, a host on DT2 sends or receives fr ames direct ly through the DT2 swi tch. Forwarding Broadcast, Multicast, and Unknown T raffic Upstream When the DT 1 switch rec eives b[...]
-
Page 354
Port Trunking Distributed Trunking STP Root D A DT1 DT2 B C Server ISC Port Running MSTP STP Blocked Upstream Unicast T raffic Upstream Bcas t/Mcast/Unknown DA Downstream Unicast T raffic Downstream Bcast/Mcast/Unknown DA I1 I2 I3 I4 Figure 12-17. Example of Distrib uted T runking with STP Forwarding Unicast, Broadcast and Multic ast T raffic 12-34[...]
-
Page 355
Port Trunking Distributed Trunking Distributed T runking Restrictions There are sev eral restricti ons with di stributed trunk ing. ■ The port tru nk links should be co nfigured manually (manual LACP). Dynamic linking acr oss switches is not supported. ■ Only servers are supported as Dist ributed T runking Devices (DTDs). ■ A distributed trun[...]
-
Page 356
Port Trunking Trunk Group Operation Using the “Trunk” Option T runk Group Operation Using the “T runk” Option This method creat es a trunk grou p that operat es independently of specif ic trunking protocol s and does not u se a protocol exch ange with the device on the other end of the trunk. W ith this ch oice, the switch simp ly uses the [...]
-
Page 357
Port Trunking How the Switch Lists Trunk Data How the Switch Lists T runk Data Static T runk Grou p: Appears in the menu interface and t he output from th e CLI show trunk and show interfa ces commands. Dynamic LACP T runk Group: Appears in the output f rom the CLI show lacp command. Interface Option Dynamic LACP T runk Group Static LACP T runk Gro[...]
-
Page 358
Port Trunking Outbound Traffic Distribution Across Trunked Links The load-balancing is done on a per co mmunication basis. Otherwise, traffic is transmitted across the same path as show n in figure 12-18. That is, if Client A attached to Switch 1 sends five packet s of data to Server A attached to Switch 2, the same link is used to send a ll five p[...]
-
Page 359
Port Trunking Outbound Traffic Distribut ion Across Trunked Links T able 12-1. Example of Link Assig nments in a T runk Group (SA/DA Distribution) Source: Destination: Link: Node A Node W 1 Node B Node X 2 Node C Node Y 3 Node D Node Z 1 Node A Node Y 2 Node B Node W 3 Because the am ount of traffi c coming from or going t o various nodes in a netw[...]
-
Page 360
Port Trunking Outbound Traffic Distribution Across Trunked Links 12-40[...]
-
Page 361
13 Port T raffic Controls Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-3 Using Both ICMP Rate-Lim iting and All-Traffic Rate-L imiting Configuring Inbound Rate-Lim iting for Broadcast Configuring Guaranteed Minimum Bandwidt h for Displaying the Current Guar anteed Minim[...]
-
Page 362
Port Traffic Controls Contents Jumbo Frames . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-30 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-30 Operating Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [...]
-
Page 363
Port Traffic Controls Overview Overview Feature Default Me nu CLI We b Rate-Limiting None n/a 13-4 n/a Guaranteed Minimum Per Queue (1-8 order): n/a 13-22 n/a Bandwidth 2%-3%-30%-10%-10% - 10%-15%-20% Jumbo Packets Disabled n/a 13-30 n/a This chapter includes: ■ Rate-Limiting: Enables a port to limit the am ount of bandwidth a user or device may [...]
-
Page 364
Port Traffic Controls Rate-Limiting Rate-Limiting Feature Default Menu CLI We b rate-limit all none n/a page 13-5 n/a show rate-limit all n/a n/a page 13-6 n/a rate-limit icmp none n/a page 13-13 n/a show rate-limit icmp n/a n/a page 13-14 n/a All T raffic Rate-Limiting Rate-limiting for all traf fic operates on a per -port basis to allow only the [...]
-
Page 365
Port Traffic Controls Rate-Limiting Configuring Rate-Limiting Note The mode using b its per second (bps) in releases before K.12.XX has been replaced by the kilobi ts per second (kbps) mo de. Switches that have config- urations with bps values w ill be auto matically converted when you update your software to the new version. However , an ol der co[...]
-
Page 366
Port Traffic Controls Rate-Limiting • Kbps rate-limiting is done in segments of 1% of the lowest corresponding media speed. For example, if the media speed is 100 Kbps, the valu e would be 1 Mbps. A 1-100 Kbps rate-limit is implemented as a limit of 100 Kbps; a limit of 100-199 Kbps is also implemented as a limit of 100 Kbps, a limit of 200-299 K[...]
-
Page 367
Port Traffic Controls Rate-Limiting ProCurve# show rate-limit all a1-a6 All-Traffic Rate Limit Maximu m % | Inbound Radius | Outbound Radius Port | Limit Mode Override | Limit Mode Override ----- + --------- --------- ----------- + --------- --------- ------- ---- A1 | Disabled Disabled No-override | 200 kbps No-override A2 | Disabled Disabled No-o[...]
-
Page 368
Port Traffic Controls Rate-Limiting ProCurve(config)# show confi g Startup configuration: ; J8697A Configuration Edito r; Created on release #K.14.01 hostname "ProCurve Switch 82 12zl" module 1 type J8705A snmp-server community "publi c" Unrestricted vlan 1 name "DEFAULT_VLAN" untagged A1-A24 ip address dhcp-bootp exit[...]
-
Page 369
Port Traffic Controls Rate-Limiting rate-limiting o n the port while it is in the trunk. Atte mpting to configure rate-limiting on a po rt that alread y belongs to a trunk generates the following message: < port-list > : Operation is not allowed for a trunked port. ■ Rate-limiting f or inbound and outbound traffi c are separate features: Th[...]
-
Page 370
Port Traffic Controls Rate-Limiting ■ Optimum rate-limiti ng operation: Optimum rate-li miting occurs with 64-byte packet sizes. T raffic with larger packet sizes can result in performance somewhat below the configured band width. This i s to ensure the strictest possible rate-l im iting of all si zes of packets. Note on T esting Rate-lim iting i[...]
-
Page 371
Port Traffic Controls Rate-Limiting messages to an extent where no other tr affic can get through. (ICMP messages themselves can also be misused as viru s carriers). Such malicious misuses of ICMP can include a high number of ping pac kets that mi mic a valid source I P address and an invalid destination IP address (spoofed pings), and a high numbe[...]
-
Page 372
Port Traffic Controls Rate-Limiting Spoofe d Ping: An ICMP echo request packet intentionally gen erated with a valid source IP address and an inva lid destin ation IP address. Spoofed pings are often created with the intent to oversubscribe network resources with traffic having invalid destinations. Guidelines for Configuring ICMP Rate-Limiting App[...]
-
Page 373
Port Traffic Controls Rate-Limiting Configuring ICMP Rate-Limiting The r ate-limit icmp command controls inbound usage of a port by setting a limit on the bandw idth available for inbound ICMP traffi c. Syntax: [no] int < port- list > rate-limit icmp <percent < 0-100 > | kbps <0-10000000>> Configures inbound ICMP traf fic ra[...]
-
Page 374
Port Traffic Controls Rate-Limiting Using Both ICMP Rate-Limiting and All-T raffic Rate-Limiting on the Same Interface ICMP and all-tra ffic rate-limiting can be confi gured on the same interface. All-traffic rate -limiting applie s to all inbound or outbound traffic (including ICMP traffic), w hile ICMP rate-limitin g applies onl y to inbound ICMP[...]
-
Page 375
Port Traffic Controls Rate-Limiting For example, if you wanted to view the rate-lim iting configuration on th e first six ports in th e module in slot “B”: ProCurve(config)# show rate-li mit icmp b1-b6 Inbound ICMP Rate Limit Maxim um Percentage | Rate Port | Mode Limit ----- + -------- -------- B1 | Disabled Disabled B2 | kbps 100 B3 | % 5 B4 [...]
-
Page 376
Port Traffic Controls Rate-Limiting 0.5 Mbps of inbound traffi c. If an interface experiences an inbound flow of ICMP traffic in excess of its config u red limit, the swit ch gene rates a log message and an SNMP tr ap (if an SNMP trap receiver is conf igured). ■ ICMP rate-limiting i s port-based: ICMP rate-limiting re flects the available perc en[...]
-
Page 377
Note on T esting ICMP Rate-Limiting Port Traffic Controls Rate-Limiting ICMP rate-limiti ng is applied to the a vailable bandwidth on an interface. If the total bandwi dth requested by all ICMP traffic is less than the ava ilable, configured maximum rate, then no ICMP ra te-li mit can be applied. That i s, an interface m ust be receiving m ore inbo[...]
-
Page 378
Port Traffic Controls Rate-Limiting The switch does not send more traps or Event Log messages for excess ICMP traffic on the affect ed port until the system operat or resets the port’ s ICMP trap function . The reset can be done throug h SNMP from a network manage - ment station or t hrough the CLI with the following setmib co mmand. Syntax: setm[...]
-
Page 379
Port Traffic Controls Rate-Limiting T o match the port’ s external slot/numbe r to the internal port number , use the walkmib ifDescr command, as shown in the following figure: ProCurve# walkmib ifDescr ifDescr.1 = A1 ifDescr.2 = A2 ifDescr.3 = A3 . . . ifDescr.23 = A23 ifDescr.24 = A24 ifDescr.27 = B1 ifDescr.28 = B2 ifDescr.29 = B3 . . . ifDesc[...]
-
Page 380
Port Traffic Controls Rate-Limiting Syntax: rate-limit < bcast | mc ast > in percent <0-100> no rate-limit <bcast | mcast> in Enables rate-limiting and set s limits for the specified inbound broadcast or multicast traffic. Only the amount of traffic specified by the percent is forwarded. Default: Disabled For example, if you w ant[...]
-
Page 381
Port Traffic Controls Rate-Limiting ProCurve(eth-3)# rate-limit mcast in percent 20 ProCurve(eth-3)# show rate- limit mcast Multicast-Traffic Rate Lim it Maximum % Port | Inbound Limit Mode Radius Override ----- + ------------- --------- - ------------- - 1 | Disabled Dis abled No-override 2 | Disabled Dis abled No-override 3 | 20 % No-override 4 |[...]
-
Page 382
Port Traffic Controls Guaranteed Minimum Bandwidth (GMB) Guaranteed Minimum Bandwidth (GMB) Feature Default Menu CLI We b bandwidth-min output Per -Queue: 2%-3%-30%-10% 10%-10%-15% -20% n/a page 13-25 n/a show bandwidth output [ port-list ] n/a n/a page 13-28 n/a Introduction Guaranteed Minimum Bandwid th (GMB) pr ovides a method for ensuring th at[...]
-
Page 383
Port Traffic Controls Guaranteed Minimum Bandwidth (GMB) T able 13-1. Per -Port Outbound Priority Queue s 802.1p Priority Settings in T agged VLAN Packets* Outbound Priority Queue for a Given Port 1 (low) 1 2 (low) 2 0 (normal) 3 3 (normal) 4 4 (medium) 5 5 (medium) 6 6 (high) 7 7 (high) 8 *The switch processes outbound traffic from an unt agged po[...]
-
Page 384
Port Traffic Controls Guaranteed Minimum Bandwidth (GMB) Note For a given port, when the de mand on one or more outboun d queues exceeds the minimum b andwidth configured for those queues, the switc h apportions unallocated bandwidth to these queues on a pri ority basis. As a result, speci- fying a minimum bandwidt h for a high-p riority queue but [...]
-
Page 385
Port Traffic Controls Guaranteed Minimum Bandwidth (GMB) Note For more informat ion on queue confi guration and the associated default minimum band width settings, refer to the chapter ti tled “ Quality of Service (QoS): Managing Band width More Effectively ” in the Advanced T raffic Management Guide f or your switch . Configuring Guaranteed Mi[...]
-
Page 386
Port Traffic Controls Guaranteed Minimum Bandwidth (GMB) Syntax: [ no ] int < port-list > band width-min output [ < queue1% > < queue2% > < queue3% > < queue4% > < queue5% > < queue6 %> <queue7%> <queue8%>] For ports in < port-list > , specifies the minimum outbound bandwidth as a percent [...]
-
Page 387
Port Traffic Controls Guaranteed Minimum Bandwidth (GMB) Notes: Configuring 0% for a queue can result in that queue being starved if any higher queue becomes over - subscribed and is then gi ven all unused bandwidth. The switch applies the bandwi dth calculation t o the link speed the port is currently using. For example, if a 10/100 Mbs port negot[...]
-
Page 388
Port Traffic Controls Guaranteed Minimum Bandwidth (GMB) Either of t he following commands conf igures ports A1 through A5 wit h bandwidth sett ings: ProCurve(config)#int a1-a5 bandwidth-min output 2 3 30 10 10 10 15 20 ProCurve(eth-A1-A5)#bandwidth-min output 2 3 30 10 10 10 15 20 Displaying the Current Guaranteed Minimum Bandwidth Configuration T[...]
-
Page 389
Port Traffic Controls Guaranteed Minimum Bandwidth (GMB) This is ho w the precedi ng listin g of the GMB configuratio n would appear in the startu p-config file. The outbound po rt priority queues 1 - 8 for ports A1-A5 are configured wi th the indicate d Guaranteed Minimum Bandwidth percentages. Figure 13-10. Example of GM B Settings Listed in the [...]
-
Page 390
Port Traffic Controls Jumbo Frames Jumbo Frames Feature Default Menu CLI Web display VLAN jumbo status n/a — 13-33 — configure jumbo VLANs Disabled — 13-35 — The Maximum T ransmission Unit (MTU) is the maximum size IP frame the switch can receive for Layer 2 frames in boun d on a port. The switch drops any inbound frames larger than the MTU[...]
-
Page 391
Port Traffic Controls Jumbo Frames MTU ( Maximum T ransmission Unit) : Thi s is the maximum-size IP frame the switch can receive for Layer 2 fr ames inbo und on a port. The switch allows jumbo frames of up to 9220 bytes. Standard MTU: An IP frame of 1522 bytes in si ze. (This size includes 4 bytes for the VLAN ta g.) Operating Rules ■ Required Po[...]
-
Page 392
Port Traffic Controls Jumbo Frames Configuring Jumbo Frame Operation Command Page show vlans 13-33 show vlans ports < port-list > 13-34 show vlans < vid > 13-35 jumbo 13-35 jumbo max-frame-size 13-35 Overview 1. Determine the VLAN memb ership of the ports or trunks through which you want the switch to accept inboun d jumbo traffic. For [...]
-
Page 393
Port Traffic Controls Jumbo Frames V iewing the Current Jumbo Configuration Syntax: show vlans Lists the static VLANs configured on the swit ch and includes a Jumbo column to indicat e whic h VLANs are configured to support inbound jumbo traffic. All ports belonging to a jumbo-enabled VLAN can receive jumbo traffic. (For more information refer to ?[...]
-
Page 394
Port Traffic Controls Jumbo Frames Indicates which stat ic VLANs are configured to enable jumbo fr ames. Figure 13-12. Example of Listing the VLAN Memberships for a Range of Port s Syntax: show vlans < vid > This command shows port membership and jumbo configuration for the specified < vid > . Lists the ports belongi ng to VLAN 100 and [...]
-
Page 395
Port Traffic Controls Jumbo Frames Enabling or Disabling Jumbo T raffic on a VLAN Syntax: vlan < vid > jumbo [ no ] vlan < vid > jumbo Configures the specified VLAN to allow jumbo frames on all ports on the switch that belong to that VLAN. If the VLAN is not already configu red on the switch, vlan < vid > jumbo also creates the VL[...]
-
Page 396
Port Traffic Controls Jumbo Frames Configuring IP MTU Note The following feature is available on th e switches covered in this guide. Jumbos support is r equired. On switches that do not support thi s command, the IP MTU value is derived from the maximum frame size and is not config- urable. Y ou can set the IP MTU globa lly by entering this comman[...]
-
Page 397
Port Traffic Controls Jumbo Frames Displaying the Maximum Frame Size Use the show jumbos command to display the gl obally configured untagged maximum frame size for the switch. ProCurve(config)# show jumbo s Jumbos Global Values Configured : MaxFrameSize : 9216 Ip-MTU : 9198 In Use : MaxFrameSize : 9216 Ip-MTU : 9198 Figure 14. Displaying the Maxi [...]
-
Page 398
Port Traffic Controls Jumbo Frames ■ When the switch applies the default MT U (1522-bytes) to a VLAN, all ports in the VLAN can receive in coming frames of up to 1522 bytes in length. When the switch applies the jumbo MT U (9220 bytes) to a VLAN, all ports in that VL AN can recei ve incomi ng frames of u p to 9220 bytes in len gth. A port receivi[...]
-
Page 399
Port Traffic Controls Jumbo Frames can occur in situations where a non -jumbo VLAN in cludes some ports that do not belong to another , jumb o-enabled VL AN and some port s that do belong to another , jumbo-enabled VL AN. In this case, ports capable of receiving jumbo frames can forward them to the ports in the VLAN that do not have ju mbo capabil [...]
-
Page 400
Port Traffic Controls Jumbo Frames T roubleshooting A VLAN is configured to allow jum bo frames, but one or more ports drops all inbound j umbo frames. The port may not be operating at a min- imum of 10 Mbps on the ProCurve 3500 switches or 1 Gbps on the ot her switches covered in this guide. Regardle ss of a port’ s configuration, if it is actua[...]
-
Page 401
14 Configuring for Network Management Applications Contents Using SNMP Tools To Manage the Switch . . . . . . . . . . . . . . . . . . . . . 14-2 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-2 SNMP Management Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [...]
-
Page 402
Configuring for Network Manageme nt Applications Contents CLI-Configured sFlow wi th Multiple Instan ces . . . . . . . . . . . . . . . . . 14-33 Configuring Support f or Port Speed and Duplex Advertising Device Capability, Network Policy, PoE Status Displaying Swit ch Information Availabl e for Outbound Terminology . . . . . . . . . . . . . . . . .[...]
-
Page 403
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Using SNMP T ools T o Manage the Switch Overview Y ou can manage the switch via SNMP from a network management stat ion running an applicati on such as ProCurve Manager (PCM) or ProCurve Manager Plus (PCM+). For more on PCM and PCM+, visit the ProCurve Networking [...]
-
Page 404
Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch SNMP Management Features SNMP management features on the switch include: ■ SNMP version 1, version 2c, or version 3 over IP ■ Security via configuration of SNMP communities (page 14-11) ■ Security via authentica tion and privacy for SNMP V ersion 3 access ?[...]
-
Page 405
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch If you want to restrict acce ss to one or more specifi c nodes, you can use the switch’ s IP Auth orized Mana ger feature. (R efer to the Access Security Guide for your sw itch.) Caution For ProCurve Manager (PCM) version 1.5 or earlier (or any T opT ools versio[...]
-
Page 406
Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch SNMP V ersion 3 Commands SNMP version 3 (SNMPv3) adds some new commands to the CLI for configuring SNMPv3 functi ons. T o enable SMNPv3 operation on the switch, use the snmpv3 enable command. An ini tial user entry will be generated wit h MD5 authentication and D[...]
-
Page 407
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Enabling SNMPv3 The snmpv3 enable command allows the switch to: ■ Receive SNMPv3 me ssages. ■ Configure initial u sers. ■ Restrict non-version 3 message s to “read only” (optional). Figure 14-1 shows an example of how to use the snmpv3 enable command. No[...]
-
Page 408
Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch 1. Configure users in the User T able with the snmpv3 user command. T o view the list of co nfigured us ers, enter the show snmpv3 user command (see “Adding Users” on page 14-8). 2. Assign use rs to Security Groups ba sed on their security m odel with the snm[...]
-
Page 409
----------- -------------- ---- ------------- Configuring for Network Management Applications Using SNMP Tools To Manage the Switch SNMPv3 User Commands Syntax: [no] snmpv3 user <user_nam e> Adds or deletes a user entry for SNMPv3. Authorization and privacy are opti onal, but to use p rivacy , you must use authorization. When you delete a use[...]
-
Page 410
Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch Assigning Users to Groups. Then you must set the group access level for the user by assigning the user to a group. This is done with the snmpv3 group command. For mo re details on the MI Bs acc ess for a given group refer to “Group Access Levels” on page 14-1[...]
-
Page 411
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Group Access Levels The switch suppor ts eight predefined group access levels. There are four levels for use with version 3 users and four are use d for access by version 2c or version 1 management applications. Group Name Group Access T ype Group Read View Group [...]
-
Page 412
Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch Syntax: [no] snmpv3 community This command maps or removes a mapping of a community name to a group access level. T o remove a mapping you, only n eed to specify the index_name parameter . index <index_name> This is an index number or title for the mapping.[...]
-
Page 413
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch SNMP Community Features Feature Default Menu CLI Web show SNMP communities n/a page page — 14-13 14-15 configure identity information none — page 14-16 configure community names public page page — MIB view for a commun ity name 14-13 14-16 (operator , manage[...]
-
Page 414
Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch Note: This screen gives an overview of the SNMP com munities that are currently configured. All fie lds in this screen are read- only . Figure 14-5. The SNMP Communiti es Screen (Default V alue s) 2. Press [A] (for Add ) to display the following screen: Add and E[...]
-
Page 415
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch CLI: V iewing and Configuring SNMP Community Names Community Name Commands Page show snmp-server [< community-string >] 1 4-15 [no] snmp-server 14-16 [community < community-str >] 14-16 [host < community-str > < ip-addr >] 14-19 [<none |[...]
-
Page 416
Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch Configuring Community Na mes and V alues. The snmp-server command enables you to add SNMP communities wi th either default or spec ific access attributes, and to delete specific communitie s. Syntax: [no] snmp-server commu nity < community-name > Configures[...]
-
Page 417
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch SNMP Notifications T he sw it ch e s covered in this guide s up po rt : ■ SNMP version 1 or SNMP version 2c traps ■ SNMPv2c informs ■ SNMPv3 notific ation process, including traps This section describes how to config ure a switch to send network security and[...]
-
Page 418
Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch ■ Advance T raffic Management Guide: • Loop protectio n • Spanning T ree (STP , RSTP , MSTP) ■ Access Security Guide: • MAC lockdown • MAC lockout • Uni-Directiona l Link Detection (UDLD) • Virus throttling ■ Multicast and Routing Gui de: • O [...]
-
Page 419
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch SNMPv1 and SNMPv2c T raps T he sw it ch e s covered in this guide s up po rt t he fo ll ow i ng fu nc t io na li ty fr om earlier SNMP versions (SNMPv1 and SNMPv2c): ■ T rap receivers: A trap receiver is a management st ation to which th e switch sends SNMP trap[...]
-
Page 420
Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch Syntax: snmp-server host < ipv4-addr | ipv6-addr > < community name > Configures a destination ne twork management station to receive SNMPv1/v2c traps, and (optionally) event log messages sent as traps from the switch, using the specified community na[...]
-
Page 421
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch For example, to configur e a trap receiver in a co mmunity named "red-team" with an IP address of 10.28.227.130 to receive only "c ritical" event log messages, you can enter the following comma nd: ProCurve(config)# snmp-server host 10.28.227.1[...]
-
Page 422
Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch Note The retries and timeout values are not used to s end trap req uests. T o verify the configuration of SNMPv2c informs, enter the show snmp-server command: ProCurve Switch 5406zl(config) # show snmp-server SNMP Communities Community Name MIB View Write Access [...]
-
Page 423
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Configuring SNMPv3 Notifications The SNMPv3 not ification pro c ess al lows messages th at are passed via SNMP between the switch and a network mana gement station to b e authenticated and encrypted. T o configure SNMPv3 notifi cations, foll ow these steps: 1. Ena[...]
-
Page 424
Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch 5. Configure the target address of the SNMPv3 management stati on to which SNMPv3 informs and trap s are sent by enteri ng the snmpv3 targetaddress command. Syntax: [no] snmpv3 targetaddress < ipv4-addr | ipv6-addr> < name > Configures the IPv4 or IPv[...]
-
Page 425
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Syntax: [no] snmpv3 targetaddress < ipv4-addr | ipv6-addr> < name > —Continued— [timeout < value > ] (Optional) T ime (in millisecond increments) allowed to receive a response from the target before notification packets are retransmitted . Ra[...]
-
Page 426
Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch An example of how to configure SNMPv3 notification i s shown here: The tag _name value in snmpv3 notify command matche s the tag _name val ue in the snmp v3 targetaddress command. Params _name value in the snmpv3 targetaddress command matche s the p arams _name v[...]
-
Page 427
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch T o ena ble or disable notific ation/traps for network security failures and other security events, enter the snmp-server enable traps command. Syntax: [no] snmp-server enable traps [snmp-auth | p assword-change-mgr | login- failure-mgr | port-sec urity | auth-ser[...]
-
Page 428
Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch ProCurve(config)# show snmp-serv er traps Trap Receivers Link-Change Traps Enabled on P orts [All] : A1-A24 Link-change trap setting Traps Category Current Status ------------------------------ ---------------------- --- - SNMP Authentication : Extended Password [...]
-
Page 429
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Configuring the Source IP Addr ess for SNMP Notifications The switch uses a n interface I P address as the source IP address in IP headers when sending SNMP notificatio ns (traps and informs) or responses to SNMP requests. For multi-nette d interfaces, the source [...]
-
Page 430
Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch T o configure the switc h to use a specif ied source IP address in generated tr ap PDUs, enter the snmp-server trap-sou rce command. Syntax: [no] snmp-server trap-sou rce [< ipv4-addr > | loopback<0-7>] Specifies the source IP address to be used for a[...]
-
Page 431
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch ProCurve(config)# show snmp -server SNMP Communities Community Name MIB View Write Access ---------------- -------- ----------- - public Manager Unrestricted Trap Receivers Link-Change Traps Enabled on Ports [All] : All ... Excluded MIBs Snmp Response Pdu Source-I[...]
-
Page 432
Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch In the follow in g example, the show snmp-server command output shows that the switch has been configured to send SNMP traps and notifi cations to management stations that belong to th e “public”, “red- team ”, and “blue-team” communities. ProCurve(co[...]
-
Page 433
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Configuring Listening Mode For switches that have a se parate out-of-band management port, yo u can specify whether a configured SNMP serv er listens for SNMP queries over the out-of-ban d management interf ace, the data in terface, or both. By default , the switc[...]
-
Page 434
Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch Advanced Management: RMON The switch supports RMON (Rem ote Monitoring) on all connected network segments. This allows for tro ubleshooting an d optimizing yo ur network. The followi ng RMON groups are supported: ■ Ethernet Statistics (except the numbers of pac[...]
-
Page 435
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Configuring sFlow The following sFlow commands allow y ou to configure sFlow insta nces via the CLI. Syntax: [no] sflow < receiver-instance > destination < ip-address > [ udp-port-num ] Enables an sFlow receiver/dest ination. The receiver -instance num[...]
-
Page 436
Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch The show sflo w agent command displays read-only switch agent information. The version informat ion shows the sFlow version, MIB su pport and software versions; the agent address is typically the ip address of the first vlan config- ured on the switch. ProCurve# [...]
-
Page 437
Configuring for Network Management Applications Using SNMP Tools To Manage the Switch The sh ow sflow < instance > sampling-polling [port-list] command displays infor - mation about sFlow sampling and pollin g on the switch. Y ou can specify a li st or range of ports for which to view sampling information. ProCurve# show sflow 2 sampling-poll[...]
-
Page 438
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) LLDP (Link-Layer Discovery Protocol) T o standardize device discovery on al l ProCurve switches, L LDP will be implemente d while offering limited read -only support for CDP as documented in this manual. For the latest informatio n on your switch model, consult th[...]
-
Page 439
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) LLDP-MED (LLDP Media Endpoint Discovery): Provides an extension to LLDP and is designed to support V oIP deployme nts. Note LLDP-MED is an extension for LLDP , an d the switch requires that LLDP be enabled as a prerequisite to LLDP-MED operation. An SNMP utility ca[...]
-
Page 440
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) LLDP Neighbor: An LLDP device that is either directly c onnected to another LLDP device or co nn ected to that device by anot her , non-LLDP Layer 2 device (such as a hub) Note that an 802.1D-co mpliant switch does not forward LLDP data packets even if it is not L[...]
-
Page 441
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) TL V (T ype-Length-V alue): A data unit that includes a data type field, a data unit length fiel d (in bytes), and a f ield containing the actual data the unit is designed to carry (as an alphanumeric string, a bitmap, or a subgr oup of information ). Some TL Vs in[...]
-
Page 442
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Configuration Options Enable or Disable LLDP on the Switch. In the default configuratio n, LLDP is glob ally enabled on the sw itch. T o prevent transmission or receipt of LLDP traffic, you can disable LLDP operat ion (page 14-42) Enable or Disable LLDP-MED. In th[...]
-
Page 443
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) SNMP Notification. Y ou can enable the switch to send a notification to any configured SNMP trap receiver(s) wh en the swi tch detects a remote LLDP data change on an LLDP-e nabled port (page 14-52). Per -Port (Outbound) Data Options. The following table lists the [...]
-
Page 444
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Data T ype Configuration Options Default Description 1 The Packet T ime-to-Live value is included in LLDP data pack ets. (Refer to “Changing the T ime-to-Live for T ransmitted Advertisements” on page 14-50.) 2 Subelement of the Chassis ID TLV . 3 Subelement of[...]
-
Page 445
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) ■ RFC 2737 (Entity MIB) ■ RFC 2863 (Interfaces MIB) ■ ANSI/TIA-1057/D6 (LLDP-MED; refer to “LLDP-MED (Media-Endpoint- Discovery)” on page 1 4-57.) LLDP Operating Rul es (For additional information sp ecific to LLDP-MED operation, refer to “LLDP- MED (Me[...]
-
Page 446
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Spanning-T ree Blocking. Spanning tree does no t prevent LLDP packet transmission or receipt on STP-bl ocked links. 802.1X Blocking. Po rts blocked by 802.1X operation do not allo w transmission or recei pt of LLDP packet s. Configuring LLDP Operation In the defau[...]
-
Page 447
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Displays the LLDP global configuration, LLDP port status, and SNMP notification status. For inf ormation on port adm in status, refer to “Configuring Per -Port T ransmit and Receive Modes” on page 14-53. For exampl e, show lldp config produces the following dis[...]
-
Page 448
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Displaying Port Configuratio n Details. This command displays the port- specific configurat ion, including. Syntax show lldp config < port-list > Displays the LLDP port-specific configuration for all ports in < port-list > , including which o ptional T[...]
-
Page 449
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) ■ Add entries to its neighbors ta ble based on data read from incoming LLDP advertisements. Syntax [ no ] lldp run Enables or disables LLDP operation on the swi tch. The no form of the command, regardless of individual LLDP p o rt configurations, preven ts the sw[...]
-
Page 450
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Changing the T ime-to-Live for T ransmitted Advertisements. The T ime-t o-Live value (in seconds) for all LLDP advertisements transm itted from a switch is controlled by the switch that generate s the advertisement, and determines how long an LLDP neighbor retains[...]
-
Page 451
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Syntax setmib lldpTxDelay .0 -i < 1 - 8192 > Uses setmib to change the minimum ti me (delay-interval) any LLDP port will delay advertising successive LLDP advertis ements due to a chang e in LLDP MIB content. (Default: 2; Range: 1 - 8192) Note: The LLDP refre[...]
-
Page 452
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) delay interval delays the port’ s ability to reinitialize and generate LLDP traffic following an LLDP disable/enable cycle. Syntax setmib lldpReinitDelay.0 -i < 1 - 1 0 > Uses setmib to change the minimum time (reinitializa tion delay interval) an LLDP por[...]
-
Page 453
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Changing the Minimum Interval for Succe ssive Data Change Notifications for the Same Ne ighbor . If LLDP trap notificati on is enabled on a port, a rapid succession of changes in LLDP inf ormation receiv ed in adverti sements from on e or more neighbors can generat[...]
-
Page 454
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Configuring Basic LLDP Per - Port Advertisement Content In the defa ult LLDP conf iguration, outbound ad vertisemen ts from each port on the switch includ e both mandatory and optional data. Mandator y Data. An active LLDP port on the switch always includes the ma[...]
-
Page 455
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) For example, if port 3 belongs to a subn etted VLAN that includes an IP address of 10.10.10.100 and you wanted port 3 to use this secondary address in LLDP advertisements, you would need to exec ute th e fo llowing command: ProCurve(config)# lldp config 3 ipAddrEna[...]
-
Page 456
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) system_cap For outbound advertisements, this TL V includes a bitmask of supported syst em capabilities (device functions). Also includes in formation on whether the capabilities are enabled. (Default: Enabled) For example, if you want ed to exclude the system name[...]
-
Page 457
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Syntax: [ no ] lldp config < port -list > dot3TlvEnable macphy_co nfig For outbound advertisements, this TL V includes the (local) switch port’ s current speed and duplex settings, the range of speed and duplex set tings the port supports, and the method re[...]
-
Page 458
IP Network Infrastructure (IEEE 802 LA N) IP Network Infrastructure (IEEE 802 LA N) IP Network Infrastructure (IEEE 802 LA N) Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) ■ Power over Ethernet (PoE) status and troubleshooting support via SNMP ■ support for I P telephony network troubleshooting of call qu[...]
-
Page 459
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) ■ able to use th e following network po licy elements configured on the client port • v o i c e V L A N I D • 802.1p (Layer 2) QoS • Diffserv codepoint (DSCP) (Layer 3) QoS ■ discover and advertise device locat ion da ta learned from the switch ■ suppor[...]
-
Page 460
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) ■ Class 3 (Communication Devices): These devices are typically IP phones or end-user devices t h at ot herwise support IP media and of fer all Class 1 and Class 2 features, plus location id en tification and emergency 911 capability , Layer 2 s witch support, an[...]
-
Page 461
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Syntax: lldp top-change-notify < port -list > T opology chang e notification, when enabled on a n LLDP port, causes the switch to send an SNMP trap if it detects LLDP- MED endpoint c onnection or disconnectio n activity on the port, or an age-ou t of the LLDP[...]
-
Page 462
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) LLDP-MED Fast Start Control Syntax: lldp fast-start-count < 1 - 10 > An LLDP-MED device connecting to a switch port may use the data contained in the ME D TL Vs from the switch to configure itself. However , the lldp refresh-interval setting (default: 30 sec[...]
-
Page 463
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Note LLDP-MED oper ation requires the macphy _config TL V subelemen t—enabled by default—that is optional for IEEE 802.1AB LLDP operation. Refer to the dot3TlvEnable macphy_ config command on page 14-57. Network Policy Advertisements. Network policy advertiseme[...]
-
Page 464
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Notes A codepoint must have an 802.1p priority before you can configure it for use in prioritizi ng packets by VLAN-ID. If a codepoi nt you want to use shows No Override in the Prio rity column of the DSCP po licy table (display with show qos- dscp map , then use [...]
-
Page 465
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) network-policy This TL V enables the switch port to advertise its configured network policies (voice VLAN, Layer 2 QoS, Layer 3 QoS), and allows LLDP-MED endpoint devices to auto-configure the voice networ k policy advertised by the switch. This also en ables the u[...]
-
Page 466
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) PoE Advertisements. These advertisements in form an LLDP-MED endpoint of th e power (PoE ) configuration o n switch ports. Si milar advertisements from an LLDP-MED endpoint i nform the switch of the endpoint’ s power needs and provide information t hat can be us[...]
-
Page 467
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) ■ ELIN (Emergency Location Identification Number): an emergency number typically assigned to ML TS (Multiline T elephone System Opera- tors) in North America ■ coordinate-based loca tion: attitude, longitude, and altitud e informa- tion (Requires confi guration[...]
-
Page 468
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) — Continued — T ype/V alue Pairs ( CA-TYPE and CA-V ALUE ): This is a series of data pairs, each co mposed of a location data “type” specifier and the co rresponding location data for that type. That is, the first value in a pair is expected to be the civi[...]
-
Page 469
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Note: A switch port allow s one instance of any given CA- TYPE . For example, if a type/value pair of 6 Atlantic (to specify “Atlantic” as a street name) is configured on port A5 and later another type/ value pair of 6 Pacific is configured on the same port, th[...]
-
Page 470
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) T able 14-4. Some Location Codes Used in CA-TYPE Fields* Location Element Code Location Elemen t Co de national subdivision 1 regional subdivision 2 city or township 3 city subdivision 4 street 6 street suffix 18 street number 19 additional location data 22 unit o[...]
-
Page 471
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Figure 14-20 shows the commands for co nfiguring and displ aying the above data. Figure 14-20. Example of a Civic Address Conf iguration Displaying Advertisement Data Command Page show lldp info local-device below walkmib lldpXdot3LocPortOperMauT ype show lldp info[...]
-
Page 472
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Displaying Switch Informat ion A vailable for Outbound Advertisements These commands display the current switch informati on that will be used to populate outbo und LLDP advertisements. Syntax show lldp info local-device [ port-list ] W ithout the [ port-list ] op[...]
-
Page 473
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) The Management Addr ess field displays only the LLDP-configurabl e IP addresses on th e switch. (Only manu ally-configure d IP addresses are LLDP-config u rabl e.) If the switch has only a n IP address from a DHCP or Bootp server , then the Management Addr ess fiel[...]
-
Page 474
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) information on d isplaying the currently configu red port speed and duplex o n an LLDP-MED endpoint, refer to “Dis playing the Current Port Speed and Duplex Configurat ion on a Sw itch Port” on page 14-73. Syntax: show interfaces brief < port-list > Incl[...]
-
Page 475
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Figure 14-23. Example of a Gl obal Listing of Discovered Devices Indicates the polic y configured on the telephone. A configurati on mismatch occurs if the supp orting port is configured diffe rently . Figure 14-24. Example of an LLLD P-MED Listing of an Advertisem[...]
-
Page 476
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Displaying LLDP Statistics LLDP statistics are availabl e on both a global and a per - p ort levels. Rebooting the switch resets the LLDP statisti cs co unters to zero. Disa bling the transmit and/or receive capability on a port “free z es” the related port co[...]
-
Page 477
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) — Continued — Per -Port LLDP Counters: NumFra mesRecvd: Shows the total number of valid, inbound LLDP advertisements received from any neighbor(s) on < port- list > . Where multiple neighbors are connected to a port through a hub, this value is the tota l[...]
-
Page 478
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Counters showing frames sent on a po rt but no frames received on that port indicates an a ctive link with a device that either has LLDP disable d on the link or is not LLDP- aware. Figure 14-25. Example of a Gl obal LLDP Statistics Display Figure 14-26. Example o[...]
-
Page 479
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) LLDP Packet Forwarding: An 802.1D-compliant sw itch does not forward LLDP packets, regardless of whether LL DP is global ly enabled or disabled on the switch. One IP Address Advertiseme nt Per -Port: LLDP advertises only one IP address per -port, even if multiple I[...]
-
Page 480
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Figure 14-27. Matching In ternal Port Numbers t o External Slot/Port Numbers ProCurve# walkmib ifDescr ifDescr.1 = A1 ifDescr.2 = A2 ifDescr.3 = A3 . . . ifDescr.23 = A23 ifDescr.24 = A24 ifDescr.27 = B1 ifDescr.28 = B2 ifDescr.29 = B3 . . . ifDescr.48 = B22 ifDes[...]
-
Page 481
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) ■ If the switch receives bot h LLD P and CDP advertis ements on the same port from the same neigh bor the switch st ores this informati on as two separate entries if the advertisements have differences chassis ID and port ID information. ■ If the chassis and po[...]
-
Page 482
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Protocol State Packet Generation Inbound Data Management Inbound Packet Forwarding CDP Enabled 1 n/a Store inboun d CDP data. No forwarding of inbound CDP packets. CDP Disabled n/a No stor age of CDP data from Floods inbound CDP packets neighbor devices. from conn[...]
-
Page 483
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Command Page show cdp 14-83 show cdp neighbors [< port-list > detail] 14-84 [detail < port-list >] [no] cdp run 14-85 [no] cdp enable < port-list > 14-85 Note For details on how to use a n SNMP utility to retrieve information from t he switch’ s[...]
-
Page 484
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) V iewing the Switch’ s Current CDP N eighbors T able. D evices are listed by the port on which they were detected. Syntax: show cdp neighbors Lists the neighboring CDP de vices the switch detects, with a subset of the info rmation collected from the device’ s [...]
-
Page 485
Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Disabling CDP Operation. Disabling CDP operation clears the switch’ s CDP Neighbors table and causes the swi tch to drop i nbound CDP packet s from other devices wi thout entering the dat a in the CDP Neighbors table. Syntax: [no] cdp run Enables or disables CDP [...]
-
Page 486
Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) 14-86[...]
-
Page 487
15 Redundancy (Switches 8200zl) Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-2 Software V ersion Mismatch Between Active Potential Softwa re Version Mismatches Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-2[...]
-
Page 488
Redundancy (Swit ches 8200zl) Contents Disabling Redund ancy with Two Mo dules Pr esent . . . . . . . . . . . . . 15-20 Disabling Redundancy With Only One M odule Present . . . . . . . . . . 15-21 Displaying Management Information . . . . . . . . . . . . . . . . . . . . . . . . . 15-22 Active Management Module Commands . . . . . . . . . . . . . . .[...]
-
Page 489
Redundancy (Switches 8200zl) Overview Overview Redundancy prov ides the ability to keep yo ur switch operating by using d ual management modules, one active module and one standby module. In the event of a failure, the currently active management module will switchover to the standby management module, which then becomes the active management modul[...]
-
Page 490
Redundancy (Swit ches 8200zl) Overview Secondary Image. The so ftware version stored in secondary flash on each management module. Selftest. A test performed at boot to ensure th e management module is functioning correctly . If the module fails selftest, it does not go into active or standby mode . If both modules fail selftest, the switch does no[...]
-
Page 491
Redundancy (Switches 8200zl) Using Redundant Manage ment Using Redundant Management There are ne w CLI command s for redundant ma nagement as we ll as modifications to existing commands. (S ee “Existing CLI Commands Affected by Redundant Manage ment” on page 15-29) New Redundant Manag ement Commands Page redundancy management-module below redun[...]
-
Page 492
-------- ---------- ---- -------------------- -------------------- -------- ---------- ---------- Redundancy (Swit ches 8200zl) Using Redundant Management ProCurve(config)# show re dundancy Settings Mgmt Redundancy : enabled Statistics Failovers : 0 Last Failover : Slot Module Description Status SW Version Boot Image 1 ProCurve J9092A Mana gement M[...]
-
Page 493
---- ------------------------- --------------- -------- ----------- ---- ----- Redundancy (Switches 8200zl) Using Redundant Manage ment ProCurve(config)# redundancy m anagement-module All configuration files and so ftware images on the off-line management module will be overwritten wit h the data from the current active management module. Do you wa[...]
-
Page 494
---- ---------------------- ------------------ -------- ----------- - -------- Redundancy (Swit ches 8200zl) Using Redundant Management ProCurve(config)# no redund ancy management-module The other management module will no longer be used for system redundancy except in the ca se of a hardware failure of the active ma nagement module. Do you want to[...]
-
Page 495
Redundancy (Switches 8200zl) Using Redundant Manage ment ProCurve(config)# redundancy s witchover This management module will no w reboot from primary image and will beco me the standby module! You will n eed to use the other management module's console interface. Do you want to continue [y/n]? y ROM information: Build directory: /sw/rom/bu il[...]
-
Page 496
Redundancy (Swit ches 8200zl) Using Redundant Management If the specified management module is not there or is in failed m ode, this message displays: The <specified module> is not present or is in failed state. Figure 15-5 shows an example of setting ma nagement module 2 to be the active management module. ProCurve(config)# redundancy acti v[...]
-
Page 497
---- --------------------------------- ------- -------- ----------- --------- ---- --------------------------------- ------- -------- ---------- ---------- Redundancy (Switches 8200zl) Using Redundant Manage ment ProCurve(config)# show redunda ncy Settings ------- - Mgmt Redundancy : Disabled Redundancy disable d Statistics --------- - Failovers : [...]
-
Page 498
---- ---------------------- ------------------ -------- ---------- -- -------- Redundancy (Swit ches 8200zl) Using Redundant Management Enabling and Disab ling Fabric Modules The fabric modules can be enabled or di sabled even if they are not present in the switch. Y ou cannot disabl e both fabr ic modules at the same time; one must be enab led. Us[...]
-
Page 499
Redundancy (Switches 8200zl) Management Module Switchover Management Module Switchover Events that Ca use a Switchover There are a number of events that can cause the activ e management module to switchover to the standby management module when redundancy is enabled: ■ The active management module crashes ■ The standby management modu le does n[...]
-
Page 500
Redundancy (Swit ches 8200zl) Management Module Switchover ■ Learned routes (from r outing protocols) ■ MAC addresses ■ IGMP , LACP , GVRP , LLDP , CDP , 802.1X, STP , VRRP , PIM learned data ■ W eb auth and MAC auth connections ■ IDM data ■ AAA accounting data ■ T elnet connec tion to the switch ■ SNMP sample rates Resetting the Ma[...]
-
Page 501
Redundancy (Switches 8200zl) Hotswapping Management Modules Hotswapping Management Modules Hotswapping Out the Ac tive Management Module Y ou can hotswap out the active man agement module and have switch operations take n over by the standby management m odule by following the correct shutdown p rocedure on the active module using th e MM Shutdown [...]
-
Page 502
Redundancy (Swit ches 8200zl) Hotswapping Management Modules When the Standby Module is not A vailable If you have disabled redundancy with the no redunda ncy management-module command, or the standby m odule failed selfte st, the Dw n LED will not turn green to indicat e it is OK to hot swap out the active management module. Note If you remove the[...]
-
Page 503
Redundancy (Switches 8200zl) Downloading a New Software Version Downloading a New Software V ersion File Synchronization after Downloading After downloading a new software version to either the primary or secondary flash of the active management module, the software version is immediately copied to the corresponding flash (pri mary or sec ondary) o[...]
-
Page 504
Redundancy (Swit ches 8200zl) Downloading a New Software Version (you can veri fy this usin g the show redundancy command), you can now switch over to the management module runn ing the newer software with this command: ProCurve# redundancy switchover This causes a switchove r to the ma nagement module that received the new software versio n, which[...]
-
Page 505
Redundancy (Switches 8200zl) Downloading a New Software Version Caution If you have boot ed one module out of primary flash and one module o ut of secondary flash, and the secondary fl as h is running a prior software version because the latest version was never c opied over from the primary flash, you will have an software version mismatch. The co[...]
-
Page 506
---- ---------------------------- ------------ -------- ---------- -------- -- Redundancy (Swit ches 8200zl) Downloading a New Software Version ProCurve(config)# show version Management Module 1: Active Image stamp: /sw/code/build/bt m(t2g) Mar 15 2007 12:28:32 K.12.30 64 Boot Image: Primary Management Module 2: Standby Image stamp: /sw/code/build/[...]
-
Page 507
Redundancy (Switches 8200zl) Downloading a Software Version Serially if the Management Module is Corrupted Downloading a Software V ersion Serially if the Management Module is Corrupted If the software version on a managem ent module becomes corrupted, you may need to do a serial download to restore the affected modul e. The non- corrupted manageme[...]
-
Page 508
---- ------------------------- --------------- -------- ---------- ----- ----- Redundancy (Swit ches 8200zl) Turning Off Redundant Manage ment Note Even if redundancy has been disabled, the specified management mod ule will become the active management module at the next system boot if you use the redundancy active -management command. Y ou are war[...]
-
Page 509
Redundancy (Switches 8200zl) Displaying Management Information The currently active module remains acti ve on boot (assumin g no selftest failure) unless you make the newly inse rted mana gement module active using this command: ProCurve(config)# redundancy active-management standby The standby management module becomes the acti ve manage ment modu[...]
-
Page 510
---- ---------------------- ------------------ -------- ---------- -- -------- Redundancy (Swit ches 8200zl) Displaying Management Information ProCurve(config)# show modu les details Status and Counters - Modu le Information Chassis: 8212zl J8715A Slot Module Description Serial Number: SG560TN124 Serial Number Status ----- -------------------------[...]
-
Page 511
Redundancy (Switches 8200zl) Displaying Management Information Show Flash The show flash command displays which software version is in each flash image. The Default B oot field displays which flash image wi ll be used for the next boot . ProCurve(config)# show flash Will boot from primary fl ash Image Size(Bytes) Date Version Build # ----- --------[...]
-
Page 512
-- Redundancy (Swit ches 8200zl) Displaying Management Information ProCurve(config)# show version Management Module 1: Redundancy and Synchronization has been disabled: enable with the ‘redundancy ’ command. Management Module 2: Active Image stamp: /sw/code/build/btm(t2g) Mar 5 2007 13:20:59 K.12.XX 351 Boot Image: Primary Figure 15-17. Exampl [...]
-
Page 513
-------- ---------- ---- -------------------- -------------------- -------- ---------- ---------- Redundancy (Switches 8200zl) Displaying Management Information Standby Management Module Commands The standby management modul e, by desi gn, has very little co nsole capability . Y ou can use three commands— show flash , show version , a nd show red[...]
-
Page 514
----- ---------- - ------- ------- ------- Redundancy (Swit ches 8200zl) Displaying Management Information Standby Console> show flash Image Size(Bytes) Date Version Build # Primary Image : 7493854 03/21/07 K.12.XX 1617 Secondary Image : 7463821 03/05/07 K.12.XX 351 Boot Rom Version: K.12.03 Default Boot : Primary Will boot from primary flash on[...]
-
Page 515
Redundancy (Switches 8200zl) Existing CLI Commands Affe cted by Redundant Management Existing CLI Commands Affected by Redundant Management Several existing c ommands have change s related to redundant management. Boot Command In redundant management systems, the boot or boot active command causes a switchover to the standb y management module as l[...]
-
Page 516
Redundancy (Swit ches 8200zl) Existing CLI Commands Aff ected by Redundant Management Command Action Boot active Boots the act ive management module. The switch starts to boot from the default flash image. Y ou can select which image to boot from during the boot process itself. See Figure 15-22. The switch will switchover to the standby management [...]
-
Page 517
Redundancy (Switches 8200zl) Existing CLI Commands Affe cted by Redundant Management ProCurve(config)# boot se t-default flash secondary This command changes the location of the default boot. This command will change the default flash image to boot from secondary. Hereafter, ‘reload’ and ‘boot’ comma nds will boot from secondary. Do you wan[...]
-
Page 518
----- ---------- -------- ------- ------- Redundancy (Swit ches 8200zl) Existing CLI Commands Aff ected by Redundant Management ProCurve(config)# show flash Image Size(Bytes) Date Version Build # ----- ---------- -------- ------- ------- Primary Image : 7463821 03/05/07 K.12.XX 351 Secondary Image : 7463821 03/05/07 K.12.XX 351 Boot Rom Version: K.[...]
-
Page 519
-------- ---------- ---- -------------------- -------------------- -------- ---------- ---------- Redundancy (Switches 8200zl) Existing CLI Commands Affe cted by Redundant Management Command Action reload <cr> Boots (warm reboot) the active management module. Switchover to the standby management module occurs if redundancy is enabled. If redu[...]
-
Page 520
Redundancy (Swit ches 8200zl) Existing CLI Commands Aff ected by Redundant Management Additional Commands Affected by Redundant Management The other exis ting command s op erate with redundant management as shown below . Command Action auto-tftp If a new image is downloaded using auto-tftp , the active management module downloads the new software v[...]
-
Page 521
Redundancy (Switches 8200zl) Existing CLI Commands Affe cted by Redundant Management Command Action fastboot When fastboot is enabled, this in formation is saved to the standby management module when the config files are sync’d. The fastb oot value is used during the next boot on both modules. front-panel-security This command and its options onl[...]
-
Page 522
Redundancy (Swit ches 8200zl) Using the Web Browser for Redundant Managemen t Using the W eb Browser for Redundant Management The web browser interface can be used to di splay information about the active and standby management modules. T o learn more about using the web browser interface on your switc h, see the chapter “ Using the ProCurve W eb[...]
-
Page 523
Redundancy (Switches 8200zl) Using the Web Browser for Redundant Managemen t Overview Page T o view sta tus information about the management modules select the Status tab, and then the Overview button. The fol lowing information is shown: ■ Which module i s the active module and whic h is the standby module ■ V ersion of soft ware running on ea[...]
-
Page 524
Redundancy (Swit ches 8200zl) Using the Web Browser for Redundant Managemen t Figure 15-28.Redundancy St atus Page Showing Information ab out the Active and Standby Modules Device V iew Page The Device V iew page displays a gr aphical representa tion of the switch. Select the Conf iguration tab and then th e Device V iew butto n. The informatio n d[...]
-
Page 525
Redundancy (Switches 8200zl) Using the Web Browser for Redundant Managemen t Figure 15-29. Device View Showing T wo Management Mo dules 15-39[...]
-
Page 526
Redundancy (Swit ches 8200zl) Management Module LED Behavior Management Module LED Behavior Active (Actv) LED Behavior The Actv (Ac tive) LED shows the LED beha vior for various states on the active and standby management modu les. See T able 15-2 for the available states and what they indicate. Re fer to the Install ation and Getting Started Guid [...]
-
Page 527
Redundancy (Switches 8200zl) Logging Messages Logging Messages Log File The log file displays messages about the activities and status of the management modules. Enter this command to display the messages: Syntax: show logging Displays log events. For more informat ion on command o p tio n s avail able with t he show logging command, see “CLI : D[...]
-
Page 528
Redundancy (Swit ches 8200zl) Logging Messages Crash Files Crash logs for all modules are always available on the active mana gement module. The copy crash-log and copy crash-data commands can be used to copy the informa tion to a file of your choice. Syntax: copy crash-log [< slot-id > | mm] tf tp < ip-address > < filename > Copi[...]
-
Page 529
Redundancy (Switches 8200zl) Logging Messages ProCurve Switch 8200zl$ s how boot-history Mgmt Module 1 -- Saved Cr ash Information (most recent first): ========================= ==================================== Mgmt Module 1 in Active M ode went down: 11/07/05 14:48:36 Operator warm reload from CONSOLE session. Mgmt Module 1 in Active M ode wen[...]
-
Page 530
Redundancy (Swit ches 8200zl) Notes on How the Active Module is Determined Notes on How the Active Module is Determined Both management modules run selftest routines to determine which module becomes the active management module and which becomes the standby management module. The module that was la st active in the chassis is given precedence and [...]
-
Page 531
Redundancy (Switches 8200zl) Notes on How the Active Module is Determined Diagram of Decision Process B ot h m anage m ent m odul es s t art t o boot Both modul e s fail se lf t est On e modul e fail s se lf t est Bot h modu les wer e booted In this chass is Modul e 1 booted mos t r ec entl y Modul e 2 booted mos t r ec entl y On ly one mo du le w [...]
-
Page 532
Redundancy (Swit ches 8200zl) Event Log Messages Event Log Messages # System Message Severity Description 1 Mgmt module [1 or 2] went down without saving crash information info The specified management module went down without saving the crash information. RMON_BOOT_NO_CRASH_RECORD 2 Mgmt module [1 or 2] went down info The specified management modu[...]
-
Page 533
Redundancy (Switches 8200zl) Event Log Messages # System Message Severity Description 15 Mgmt Module [1 or 2] - Running different version of SW info The specified management module is running a different version of software from the other management module. RMON_SYSTEM_MGMT_OS_DIFF 16 Mgmt Module [1 or 2] - Failover occurred warn Switchover occurre[...]
-
Page 534
Redundancy (Swit ches 8200zl) Event Log Messages # System Message Severity Description 24 Initial active to standby sync started i nfo Indicates the beginning of the initial synchronization of the active management module’ s flash image to the standby management module. RMON_SYSTEM_SYNC_BEGIN 25 Initial active to standby sync complete info I ndi [...]
-
Page 535
A File T ransfers Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-3 Downloading Switch Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-3 General Softwa re Download Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-4 Using TFTP To Dow[...]
-
Page 536
File Transfers Contents TFTP: Copying a Software Image to a Remote Host . . . . . . . . . A-27 Xmodem: Copying a Software Im age from the Switch to a Serially Connected PC or UNIX Workstat ion . . . . . . . . . . . . . . . A-27 USB: Copying a Software Image to a USB Device . . . . . . . . . . . A-28 Transferring Switch Configurations . . . . . . . [...]
-
Page 537
File Transfers Contents Operating Notes and Restrictions . . . . . . . . . . . . . . . . . . . . . . . . A-50 Autorun and Configur ing Passwords . . . . . . . . . . . . . . . . . . . . . . A-50 Viewing Autorun Conf iguration Information . . . . . . . . . . . . . . . . . . . A-51 A-3[...]
-
Page 538
File Transfers Overview Overview The switches co vered in this guide su pport several methods for transferring files to and from a physic ally connected device, or via the network, including TFTP , Xmodem, and US B. This appendix expl ains how to dow nload new switch software, upload or downlo ad switch conf iguration fi les and software images, an[...]
-
Page 539
File Transfers Downloading Switch Software General Software Download Rules ■ Switch software that y ou download via the menu interface always goes to primary flash. ■ After a software download, you must reboot the switch to implement t he new software. Unti l a reboot occurs, the switch cont inues to run on the software it was usin g before the[...]
-
Page 540
File Transfers Downloading Switch Software Menu: TFTP Download from a Server to Primary Flash Note that the menu interface ac cesses only the primary flash. 1. In the console Main Menu, select Do wnload OS to display the screen in figure A-1. (The term “OS”, or “ope rating system” refers to the switch software): Figure A-1. Example of a Dow[...]
-
Page 541
File Transfers Downloading Switch Software A “progress” bar indicates the progre ss of the download. When the entire software file has been received, all activ ity on the sw itch halts and you will see V alidating and wr iting system softw are to FLASH... 7. After the pri mary flash memory has been updated with t he new software, you must reboo[...]
-
Page 542
File Transfers Downloading Switch Software T o find more information on the cause of a do wnload fail ure, examine the messages in the switch’ s Event Log by executing the show l og tftp command from the CLI. Also: ■ For more on the Event Log, see “Usi ng the Even t Log for T roublesh ooting Switch Problems” on page C-27. ■ For descriptio[...]
-
Page 543
File Transfers Downloading Switch Software For example, to download a switch so ftware file named k0800.s wi from a TFTP server with the IP address of 10.28.227.103 to primary fl ash: 1. Execute co py as shown b elow: Dynamic counter co ntinually displa ys the number of bytes transferred. This message means that the image you want to upload will re[...]
-
Page 544
File Transfers Downloading Switch Software Enabling TFTP TFTP is enabled by default on the swit ch. If TFTP operation has been disabled, you can re-enable it by spec ifying TFTP client or server functionality with the tftp < client | server > command at the global configuration level. Syntax: [no] tftp <clien t | server [listen <oobm|da[...]
-
Page 545
File Transfers Downloading Switch Software Using Auto-TFTP The auto-tftp command allows yo u to configure the switch to download software automatically from a TFTP server . How It W orks. At switch startup, the au to-TFTP feature automatically downloads a specified s oftware image to the switch from a specified TFTP server , then reboots the switch[...]
-
Page 546
File Transfers Downloading Switch Software Using Secure Copy and SFTP For some situ ations you may want t o use a secu re method t o issue command s or copy files to the switch. By open ing a secure, encrypted SSH session and enabling ip ssh file transfer , you can then use a third-party software applica tion to take advantage of Secure Copy (SCP )[...]
-
Page 547
File Transfers Downloading Switch Software Protocol major versions differ: 2 vs. 1 Connection closed Protocol major versions differ: 1 vs. 2 Connection closed Received disconnect from < ip-addr > : /usr/local/ libexec/sftp-server: command not supported Connection closed SCP (secure copy) is an im plementation of the BSD rcp (Berkeley UNIX rem[...]
-
Page 548
File Transfers Downloading Switch Software Disable TFTP and Auto-TFTP for Enhanced Security Using the ip ssh filetransfer command to enable Secure FTP (S FTP) automat- ically disables TFTP and auto-TFTP (i f either or both are enabled). ProCurve(config)# ip ssh filetransfer Enabling SFTP automati cally disables TFTP and auto-tftp and displays this [...]
-
Page 549
File Transfers Downloading Switch Software Enables/Disables TFTP . Note: If SFTP is enabled, this field will be set to No . Y ou cannot use this field to enable TFTP if SFTP is enabled. Attempting to do so produces an Inconsistent value message in the banner below the Actions line. Figure A-6. Using the Menu Interface T o Disable TFTP ■ While SFT[...]
-
Page 550
File Transfers Downloading Switch Software Note As a matter of policy , admini strators should not enable the SSHv1-only or the SSHv1-or -v2 advertisement modes. SSHv1 is supported on only some legacy switches (such as the ProC urve Series 2500 switches). T o confirm that SSH is enabled type in the command ProCurve(config)# show ip ssh Once you hav[...]
-
Page 551
File Transfers Downloading Switch Software ■ When an SFTP client conn ects, the switch provides a file syste m display- ing all of its available files and f olders. No file or directory creation is permitted by th e user . Files may only be uploaded or downloaded, accord- ing to the perm issions mask. All of the necessary files the switch will ne[...]
-
Page 552
File Transfers Downloading Switch Software | authorized_keys ---oper_keys authorized_keys ---core ( this directory i s not available on the 8212zl ) | mm1.cor management module or management function | im_a.cor interface module ( chassis switches on ly ) | im_b.cor interface module ( chassis switches on ly ) | im_1.cor interface module ( chassis [...]
-
Page 553
File Transfers Downloading Switch Software ssh: read error Bad file number, session aborted I 01/ 01/90 00:06:11 00636 ssh: sftp session from ::ffff:10.0.12.35 W 01/01/90 00:06:26 00641 ssh: sftp read error Bad file number, session aborted I 01/ 01/90 00:09:54 00637 ssh: scp session from ::ffff:10.0.12.35 W 01/01/90 ssh: scp read error Bad file num[...]
-
Page 554
File Transfers Downloading Switch Software Using Xmodem to Download Switch Software From a PC or UNIX W orkstation This procedure assumes tha t: ■ The switch is connected via the Consol e RS-232 port to a PC ope rating as a terminal. (Refer to the Installation and Getting Start ed Guide you received with the switch for information on connect ing [...]
-
Page 555
File Transfers Downloading Switch Software 6. After the pri mary flash memory has been updated with t he new software, you must reboot the switch to impl ement the newly downloaded software. Return to the Main Menu and press [6] (for Reboot Switch ). Y ou will then see the following prompt: Continue reboot of system? : No Press the space bar once t[...]
-
Page 556
File Transfers Downloading Switch Software c. In the Protocol field, select Xmodem . d. Click on the [Send] button. The download ca n take several minutes , depending on the baud rate used in the transfer . 3. When the download finishe s, you mu st r eboot the switch t o implemen t the newly downloaded soft ware. T o do so, use one of th e followi [...]
-
Page 557
File Transfers Downloading Switch Software ■ T o view the contents of a USB flash drive, use the dir command. This will list all files and d irectories at the root. T o view the contents of a directory , you must spe cify the subdirect ory name (that is, dir <s ubdirectory >) . ■ The USB port supports conne ction to a single USB device. U[...]
-
Page 558
File Transfers Downloading Switch Software For example, to copy a switch software file na med k0800.swi from a USB device to primary flash: 1. Execute co py as shown b elow: This message means that the image you want to upload will replace the image currently in p rimary flash . Figure A-7. Example of the Command to Copy Switch Softw are from USB 2[...]
-
Page 559
File Transfers Downloading Switch Software Menu: Switch-to-Switch Down load to Primary Flash Using the menu in terface, you can download a switch software file fro m either the primary or secondary flash of one sw itch to the primary flash of another switch of the same series. 1. From the switch console Main Menu in the switch to re ceive the down-[...]
-
Page 560
File Transfers Downloading Switch Software CLI: Switch-T o-Switch Downloads Where two switches in your network belong to the same series, you can download a software i mage betw een them by initiat ing a copy tftp command from the destinat ion switch. The options for this CLI feat ure include: ■ Copy from primary flash in the source to either pri[...]
-
Page 561
File Transfers Downloading Switch Software Syntax: copy tftp flash < ip-addr > < /os/primary > | < /os/secondary > [ primary | secondary ] [oobm] This command (executed in the destination swit ch) give s you the most options for downloading between switches. If you do not specify either a primary or secondary flash location for th[...]
-
Page 562
File Transfers Copying Software Images Copying Software Images Using the CLI commands described in this sectio n, you can copy software images from the switch to another device using tftp, xmodem, or usb. Note For details on how swit ch memory opera tes, incl uding prim ary and secondary flash, refer to Chapter 6, “Swi tch Me mory and Configurati[...]
-
Page 563
File Transfers Transferring Switch Configurations For example, to copy the primary flas h image to a serially connected PC: 1. Execute the following command: Procurve# copy xmodem flash Press ‘Enter’ and start XMODEM on your host... 2. After you see the above prompt, press [Enter] . 3. Execute the terminal emulator comm ands to begin the file t[...]
-
Page 564
File Transfers Transferring Switch Configurations Using the CLI commands described in this sectio n, you can copy switch configurations to and from a switch, or copy a software image to configure or replace an ACL in the switch configuration. Note For greater security , you can perform all TFTP operations using SFTP as described in the section on U[...]
-
Page 565
File Transfers Transferring Switch Configurations TFTP: Copying a Configuration File from a Remote Host Syntax: copy tftp < startup -config | running-config > < ip-address > < remote-file > [ pc | unix ] [oobm] copy tftp config < filenam e > < ip-address > < remote-file > [ pc | unix ] [oobm] This command can cop[...]
-
Page 566
File Transfers Transferring Switch Configurations Syntax: copy tftp show-tech <ipv4 or ipv6 ad dress> <filename> [oobm] Copy a customized command file to the switch. For switches that have a separ ate out-of-band management port, the oobm parameter specifies that the transfer will be through the out-of-band ma nageme nt interface. If th[...]
-
Page 567
File Transfers Transferring Switch Configurations Xmodem: Copying a Configuration File to a Serially Connected PC or UNIX W orkstation T o u se this method, the swit ch must be connected via the serial port to a PC or UNIX workstation. Y ou will need to: ■ Determine a filename to use. ■ Know the directory path you w ill us e to store the config[...]
-
Page 568
File Transfers Transferring Switch Configurations Syntax: copy xmodem startup-config < pc | unix > copy xmodem config < filena me > < pc | unix > Copies a configuration file fr om a serially connected PC or UNIX workstation to a designat ed configuration file on the switch. For more on multiple configuration files, refer to “Mul[...]
-
Page 569
File Transfers Transferring Switch Configurations USB: Copying a Configuration File to a USB Device T o use this method, a USB flash memory device must be connected to the switch’ s USB port. Syntax: copy startup-con fig usb < filename> copy running-config usb < filename > Uses the USB port to copy a desi gnated configuration file fro[...]
-
Page 570
File Transfers Transferring ACL Command Files T ransferring ACL Command Files This section describes ho w to upload and execute a command file to the switch for configuring or replacing an Access Control List ( ACL) in the switch configuration. Such file s should contain only ACE (Access Control Entry) commands. For more on this general topic, incl[...]
-
Page 571
File Transfers Transferring ACL Comman d Files For example, suppose you: 1. Created an ACL command file named vlan10_in.txt to update an ex isting ACL. 2. Copied the file to a TFTP server at 18 .38.124.16. Using a PC work station, you then execu te the following from th e CLI to upload the file to the switch and implem ent the ACL commands it conta[...]
-
Page 572
File Transfers Transferring ACL Command Files Xmodem: Uploading an ACL Command File from a Serially Connected PC or UNIX W orkstation Syntax: copy xmodem command-file < unix | pc > Uses Xmodem to copy and executes an ACL command from a PC or Unix workstation. De pending on the ACL commands used, this action does one of the following in the ru[...]
-
Page 573
File Transfers Copying Diagnostic Data to a Remote Host , USB Device, PC or UNIX Workstation Using a PC work station, you then execu te the following from th e CLI to upload the file to the switch and implem ent the ACL commands it contains: ProCurve(config)# copy usb command-file vlan10_in.txt pc The switch displ ays this message: Running configur[...]
-
Page 574
File Transfers Copying Diagnostic Data to a Remote Host , USB Device , PC or UNIX Workstation Copying Command Output to a Destination Device Syntax : copy comma nd-output < “ cli-command ” > tftp < ip-addre ss > < filepath- filename > [oobm] copy command-output < “ cli-comm and ” > usb < filename > copy command[...]
-
Page 575
File Transfers Copying Diagnostic Data to a Remote Host , USB Device, PC or UNIX Workstation Copying Event Log Output to a Destination Device Syntax : copy e vent-log tftp < ip-address > < filepath_filename > [oo bm] copy event-log usb < filenam e > copy event-log xm odem < filename > These commands copy the Event Lo g conte[...]
-
Page 576
File Transfers Copying Diagnostic Data to a Remote Host , USB Device , PC or UNIX Workstation Syntax : copy c rash-data [< slot-id | master>] tftp < ip-address> <filename > [oobm] copy crash-data [< slot-id | mm>] usb <filename > copy crash-data [< slot-id | mm>] xmod em where: slot-id = a - h , and retrieves the[...]
-
Page 577
File Transfers Copying Diagnostic Data to a Remote Host , USB Device, PC or UNIX Workstation slot-id: retrieves the crash data from th e module in the specified slot. mm: retrieves the crash data from both management modules and concatenates them. oobm : For switches that have a separate out-of-band management port, specifies that the transfer will[...]
-
Page 578
File Transfers Copying Diagnostic Data to a Remote Host , USB Device , PC or UNIX Workstation At this p oint, press [Enter] and start the Xmodem command sequence in your terminal emulator . Figure A-16. Example of sending a Crash Log for Slot C to a File on an Attached PC Copying Crash Logs with Redundant Manageme nt. When you are usi ng redundant [...]
-
Page 579
File Transfers Enabling or Disabling the USB Port Enabling or Disabling the USB Port This feature allows co nfiguration of the USB port with either the CLI or SNMP . T o ena ble/disable the USB port with the CLI: Syntax: usb-port no usb-port Enables the USB port. The no form of the command disables the USB port and any access to the device. T o dis[...]
-
Page 580
File Transfers Enabling or Disabling the USB Port The autorun feature only works when a USB device is inserted and the USB port is enabled. Behavior of Autorun When USB Port is Disabled Software V ersions K.13.XX Operation When using software version K.13.58, if the USB port is disabled (no usb-port command), the USB autorun function does not work [...]
-
Page 581
File Transfers Using USB Autorun Using USB Autorun USB autorun helps ease the configurat ion of ProCurve switches by providing a way to auto-execute CLI commands from a USB flash dri ve. Using this solution, you can create a command file (a lso known as an AutoRun file), writ e it to a USB storage device, and then ex ecute the file simply by insert[...]
-
Page 582
File Transfers Using USB Autorun d. determine if the fi le will be ‘run once’ (moved to a ‘processed’ direc- tory on execution ) or ‘run many’ (kept in the root dire ctory of the flash drive from where it can be executed again). 2. Deploy the AutoRun file to a USB fl ash drive. 3. (If required) Enable the autorun feature on the sw itch [...]
-
Page 583
File Transfers Using USB Autorun T roubleshooting Autorun Operations Y ou can verify autorun operations by checking the following items: USB Auxiliary Port LEDs. The following t able shows LED indication s on the Auxiliary Port that allow you to iden tify the different USB operation states. Color State Meaning Green Green n/a Amber Slow Blinking So[...]
-
Page 584
File Transfers Using USB Autorun Event Log or Syslog. For details on how to use the switch’ s event log or syslog for help in isola ting autorun-re lated problems, see “Using the Event Log for T roubleshootin g Switch Problems” on page C-27. Configuring Autorun on the Switch T o enable/dis able the autorun feature on the switch, the following[...]
-
Page 585
File Transfers Using USB Autorun Operating Notes and Restrictions ■ Autorun is en abled by default, un til passwords are set on the device. ■ Secure-mode and encr yption-key are disabl ed by default. ■ T o enable secure mode both an encr yption key and trusted certificate must be set. ■ If secure-mode is en abled, the following conditions a[...]
-
Page 586
File Transfers Using USB Autorun V iewing Autorun Configuration Information The show autorun command displays aut orun configurat ion status inf ormation as shown in the following e xample. ProCurve(config)# show autorun Autorun configuration status Enabled : Yes Secure-mode : Disabled Encryption-key : A-52[...]
-
Page 587
B Monitoring and Analyzing Switch Operation Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-3 Status and Counters Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-4 Menu Access To Stat us and Counters . . . . . . . . . . . . . . . . . . . . . .[...]
-
Page 588
Monitoring and Analyzi ng Switch Operation Contents Web Browser Interface Status Information . . . . . . . . . . . . . . . . . . . . B-26 Traffic Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-27 Mirroring Terminol ogy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-29[...]
-
Page 589
Monitoring and Analyzing Switch Operation Contents Viewing a Classifier-Based Mirroring Configuration . . . . . . . . . B-72 Viewing the Mirroring Config urations in the Running Effect of Downstream VL AN Tagging on Untagged, Classifier-Based Mirroring Re strictions . . . . . . . . . . . . . . . . . . . B-72 Applying Multiple Mirroring Sessi ons to[...]
-
Page 590
Monitoring and Analyzi ng Switch Operation Overview Overview T he sw it ch e s covered in this guide h av e s ev e ra l b ui lt - in to ol s fo r m on it o ri ng , analyzing, and troubleshootin g switch and network operation: ■ Status: Includes options for displaying general swi tch informat ion, man- agement address data, port st atus, port and [...]
-
Page 591
Monitoring and Analyzing Switch Operation Status and Counters Data Status and Counters Data This section describes the status and counters screens available through the switch console interface and/or the web browser interface. Note Y ou can access a ll console screens from the web browser interface via T elnet to the console. T elnet access to the[...]
-
Page 592
Monitoring and Analyzi ng Switch Operation Status and Counters Data Menu Access T o St atus and Counters Beginning at the Main Menu, display th e Status a nd Counters menu by select- ing: 1. Status and Counters Figure B-1. The Status and Counters Menu Each of the above menu items accesses the read-only scr eens desc ribed on the followin g pages. R[...]
-
Page 593
Monitoring and Analyzing Switch Operation Status and Counters Data General System Information Menu Access From the console Main Menu, select: 1. Status and Counters 1. General System Information Figure B-2. Example of General Switch Informatio n This screen dynamically indicates how individual switch resources are being used. Refer to the online He[...]
-
Page 594
Monitoring and Analyzi ng Switch Operation Status and Counters Data CLI Access to System Information The show system command displays general sy stem informat ion abou t the switch. Syntax: show system [chassislocate| informat ion | power -supply | temperature | fans] Displays global system in formation and operational parameters for the switch. ch[...]
-
Page 595
Monitoring and Analyzing Switch Operation Status and Counters Data ProCurve(config)# show system fans Fan Information Num | State | Failures -------+-------------+-------- -- Sys-1 | Fan OK | 0 0 / 1 Fans in Failure State 0 / 1 Fans have been in Failur e State Figure B-4. Example of System Fan Status ProCurve(config)# show syst em Status and Counte[...]
-
Page 596
Monitoring and Analyzi ng Switch Operation Status and Counters Data Syntax: [no] task-monitor cpu Allows the collection of pro cessor utilization data. Only manager logins can execute th is command. The settings are not persistent, that is, there are no changes to the configura- tion. Default: Disabled ProCurve(config)# task-moni tor cpu ProCurve(c[...]
-
Page 597
Monitoring and Analyzing Switch Operation Status and Counters Data Figure B-7. Example of Management Address Information with VLANs Conf igured This screen displays a ddresses that are importan t for manage ment of the switch. If multiple VLANs are not configured, this screen displays a single IP address for the entire switch. Refe r to the online [...]
-
Page 598
Monitoring and Analyzi ng Switch Operation Status and Counters Data Module Information Use this feature to dete rmine whic h slots have modules installed and whic h type(s) of m odules are installed . Menu: Displaying Port Status From the Main Menu, select: 1. Status and Counters … 3. Module Information Figure B-8. Example of Module I nformation [...]
-
Page 599
Monitoring and Analyzing Switch Operation Status and Counters Data CLI Access The CLI show modules command will di splay additi onal component i nforma- tion for the foll owing: ■ System Support Modules (SSM)—ident ification, inclu ding serial number ■ Mini-GBICS—a list of in stalled mini-GBICs displaying the type, “J” number , and seri[...]
-
Page 600
Monitoring and Analyzi ng Switch Operation Status and Counters Data ProCurve(config)# show modu les details Status and Counters - Modu le Information Chassis: 8212zl J8715A Slot Module Description Serial Number: SG560TN124 Serial Number Status ----- --------------------------- ------------- MM1 ProCurve J9092A Management Module 8200zl SSM ProCurve [...]
-
Page 601
Monitoring and Analyzing Switch Operation Status and Counters Data Figure B-11. Example of Port Statu s on the Menu Interface CLI Access Syntax: show interfaces brief W eb Access 1. Click on the Stat us tab. 2. Click on [Port Status] . V iewing Port and T runk Gr oup Statistics and Flow Control Status Feature Default Menu CLI Web viewing port and t[...]
-
Page 602
Monitoring and Analyzi ng Switch Operation Status and Counters Data These feat ures enab le you to d etermine the traffic patte rns fo r each port since the last reboot or reset of the switch. Y ou can display: ■ A general report of traf fic on all LAN ports and trunk grou ps in the switch , along with the per -port flow cont rol status (On or Of[...]
-
Page 603
Monitoring and Analyzing Switch Operation Status and Counters Data Menu Access to Port and T runk Statistics T o access this screen from the Main Menu, sele ct: 1. Status and Counters … 4. Port Counte rs Figure B-12. Example of Port Count ers on the Menu Interface T o view details about the traffi c on a particular port, use the [v] key to highli[...]
-
Page 604
Monitoring and Analyzi ng Switch Operation Status and Counters Data CLI Access T o Port and T runk Group Statistics T o Display the Port Counter Summary Report. Syntax: show interfaces This command provides an overvie w of port activity for al l ports on the switch. T o Display a Deta iled T raf fic Summary for Specific Ports. . Syntax: show interf[...]
-
Page 605
Monitoring and Analyzing Switch Operation Status and Counters Data Note The clearing of statistics cannot be uncleared. W eb Browser Access T o V iew Po rt and T runk Group Statistics 1. Click on the Stat us tab. 2. Click on [Por t Counters] . 3. T o refresh the counters for a specifi c port, click anywhere in the row for that port, then click on [[...]
-
Page 606
Monitoring and Analyzi ng Switch Operation Status and Counters Data 1. From the Main Menu, select: 1. Status and Counters 5. VLAN Address T able 2. The switch then prompts you to select a VLAN. 3. Use the Space ba r to select the VLAN you want, then press [Enter] . The switch then displays the MAC address table for that VLAN: Figure B-14. Example o[...]
-
Page 607
Monitoring and Analyzing Switch Operation Status and Counters Data 2. T ype the MAC add ress you want to locate and press [Enter] . The address and port nu mber are highlighted if fou nd. If the switch does not fi nd the MAC address on the currently select ed VLAN, it leaves the MAC address listing empty . Located MAC Address an d Corresponding Por[...]
-
Page 608
Monitoring and Analyzi ng Switch Operation Status and Counters Data Determining Wh ether a Specific Devi ce Is Connected to the Selected Port. Proceeding from step 2, above: 1. Press [S] (for S earch ), to display the followin g prompt: Enter MAC address: _ 2. T ype the MAC add ress you want to locate and press [Enter] . The address is highlighted [...]
-
Page 609
Monitoring and Analyzing Switch Operation Status and Counters Data Spanning T ree Protocol (MSTP) Information CLI Access to MSTP Data This option lists the MSTP co nfiguration, root data, and per -port data (cost, priority , state, and designated bridge). Syntax: show spanning-tree This command displays the sw itch’ s global and regional spanning[...]
-
Page 610
Monitoring and Analyzi ng Switch Operation Status and Counters Data Internet Group Management Protocol (IGMP) Status The switch uses the CLI to display th e following IGMP st atus on a per -VLAN basis: Show Command Output show ip igmp Global command listing IG MP status for a ll VLANs configured in the switch: • VLAN ID (VID) and name • Active [...]
-
Page 611
Monitoring and Analyzing Switch Operation Status and Counters Data VLAN Information The switch uses the CLI to disp lay the following VLAN status: Show Command Output show vlan Lists: • Maximum number of VLANs to support • Existing VLANs • Status (static or dynamic) • Primary VLAN show vlan < vlan-id > For the specified VLAN, lists: ?[...]
-
Page 612
Monitoring and Analyzi ng Switch Operation Status and Counters Data Listing the VLAN ID (VID) and Status for Specific Ports. Because ports A1 and A2 are not members of VLAN- 44, it does not appear in this listing. Figure B-20. Example of VLAN Listing fo r Specific Ports Listing Individual VLAN Status. Figure B-21. Example of Port Listing for a n In[...]
-
Page 613
Monitoring and Analyzing Switch Operation Status and Counters Data W eb Browser Interface Status Information The “home” screen for the web browse r interface is the Status Overvie w screen, as shown below . As the title imp lies, it provides an overview of the status of the swit ch, includin g summary grap hs indicatin g the network uti li- zat[...]
-
Page 614
Monitoring and Analyzi ng Switch Operation Traffic Mirroring T raffic Mirroring Mirror Features Feature De fault Menu CLI Mirror CLI Quick Reference n/a n/a B-45, B-47 Configure Mirror Source disabled page B-39 page B-49 Configure Mirror Destination at Source disabled page B-39 page B-52 Configure Remote Mirrorin g at Destination disabled n/a page [...]
-
Page 615
Configuration Notes Deprecation of ACL-based T raffic Selection Monitoring and Analyzing Switch Operation Traffic Mirroring Mirroring sources and sessions. T raffic mirrorin g supports th e configur a- tion of port an d VLAN interfaces as mirroring sources in up to four mirroring sessions on a switch. Each session can have one or more sources (port[...]
-
Page 616
Monitoring and Analyzi ng Switch Operation Traffic Mirroring The following commands have been deprecated: ■ interface < port / tru nk / mesh > monitor ip access-group < ac l-name > in mirror < 1 - 4 | name-s tr > ■ vlan < vid-# > monitor i p access-group < acl-name > in mirror < 1 - 4 | name-s tr > After you [...]
-
Page 617
Monitoring and Analyzing Switch Operation Traffic Mirroring Switch A Local mirroring session : Source Switch: Switch A Monitored interface: Port A2 Exit port: A15 Destination/Host: T raffic analyzer 1 Network Switch B T raffic Analyzer 2 A15 T raffic Analyzer 1 A1 A2 B7 Remote mirroring session : Source Switch: Switch A Monitored interface: Port A1[...]
-
Page 618
Monitoring and Analyzi ng Switch Operation Traffic Mirroring Caution An exit port should be co nnected only to a network analyzer , IDS, or other network edge device that has no co nnection to other netw ork resources. Connecting a mirroring exit port to a network can result in serious network performance problems, and i s strongly discouraged by P[...]
-
Page 619
Monitoring and Analyzing Switch Operation Traffic Mirroring Mirrored T raffic Destinations Local Destinations A local mirroring traffic destination is a port on the same switch as the source of the traffic being mirrore d. Remote Destinations A remote mirroring traffic de stination is a ProCurve switch configured to operate as the exit switch for m[...]
-
Page 620
Monitoring and Analyzi ng Switch Operation Traffic Mirroring Criteria for Selecting Mirrored T raffic On the monitore d sources listed a bove, you can co nfigure th e following criteria to select the traffic you want to mirror: ■ Direction of traffic movement (enter ing or leaving the switch, or both) ■ T ype of IPv4 or IPv6 traf fic enteri ng [...]
-
Page 621
Monitoring and Analyzing Switch Operation Traffic Mirroring ■ Y ou can reduce the risk of oversu bscribing a single exit port by: • Di recting traffic from different se ssion sources to mult iple exit p orts • Configuring an exit port wit h a higher bandwidth than the mo nitored source port ■ Y ou can segregate traffic by ty pe, direction, [...]
-
Page 622
Monitoring and Analyzi ng Switch Operation Traffic Mirroring Configuration Notes Using the CLI, you can configure a ll mirroring opti ons on a switch. Using the Menu or W eb interface, you can configure only sessi on 1 and only local mirroring in session 1 for traffic in both directions on sp ecified inter - faces. (If session 1 has been already co[...]
-
Page 623
Monitoring and Analyzing Switch Operation Traffic Mirroring • Dire cting traffic from different se ssion sources to mult iple exit p orts • Configuring an exit port wit h a higher bandwidth than the mo nitored source port Migration to Release K.12.xx On a switch that is r unning a so ftware release earlier than K.12. xx with one or more mirrori[...]
-
Page 624
Monitoring and Analyzi ng Switch Operation Traffic Mirroring Figures B-24 and B-25 show how ACL-based selecti on criter ia in a mirroring session are converted to a classifier -based pol icy and class configuration when you install release K.14.01 or greate r on a switch. ProCurve(config)# show run Running configuration: . . . ip access-list extend[...]
-
Page 625
Monitoring and Analyzing Switch Operation Traffic Mirroring Using the Menu or W eb Inte rface T o Configure Local Mirroring Menu and W eb Interface Limits The Menu and W eb interfaces can be used to quickly configur e or reconfigure local mirroring on session 1, and allow one of the following two m irroring source options: ■ any combination of so[...]
-
Page 626
Monitoring and Analyzi ng Switch Operation Traffic Mirroring Configuration Steps Not e s If mirroring has already been enabled on the sw itch, the Menu screens will appear differently than shown in this section. 1. From the Main Menu, Selec t: 2. Switch Configuration ... 3. Network Monitoring Port Enable mirroring by setting this parameter to “Y [...]
-
Page 627
Monitoring and Analyzing Switch Operation Traffic Mirroring Move the cursor to the Mo nitoring Port para meter , then use the Spac e bar to select the loca l exit port. Figure B-27. How T o Select a Local Exit Port 5. Use the Space bar to select the port to use for send ing mirrored traffi c to a locally connected traffic analyzer or IDS. (The sele[...]
-
Page 628
Monitoring and Analyzi ng Switch Operation Traffic Mirroring 8. Use the down arrow key to move the cursor to the Action column for the individual port in terfaces and positi on the cursor at a port, trunk, or mesh you want to mirror . Use the down a rrow key to se lect the interfac e(s) whose traffic you want to mirror to th e local exit port. 9. P[...]
-
Page 629
Monitoring and Analyzing Switch Operation Traffic Mirroring CLI: Configuring Local and Remote Mirroring Command Page Quick Reference Local Mirroring Commands Remote Mirroring Commands B-45 B-47 Configuring a Remote Mirroring Destination On the remote switch: mirror endpoint ip < src-ip > < src-udp-port > < dst-ip > < exit-port [...]
-
Page 630
Monitoring and Analyzi ng Switch Operation Traffic Mirroring ■ “Local Mirroring Overview” on pa ge B-44 ■ “Remote Mirroring Overview” on page B- 46 (The remote switch must be a ProCurve switch of fering the full mirroring capab ilities described in this chapter .) For a detailed descr iption of each step in a mi rroring configur ation, [...]
-
Page 631
Monitoring and Analyzing Switch Operation Traffic Mirroring 3. Determine the traffic to be selected for mirroring by any of the followin g methods and the appr opriate config uration level (VLAN, port, mesh, trunk, switch): a. Direction: inbound, outbound, or bot h b. Classifier -based mirroring policy: inbound only fo r IPv4 or IPv6 traffic c. MAC[...]
-
Page 632
Monitoring and Analyzi ng Switch Operation Traffic Mirroring Configure a Mirroring Polic y to Select Inbound T raff ic (Page B-66) class < ipv4 | ipv6 > < classname > [no] [ seq-number ] < m atch | ignore > < ip-protocol > < source-addre ss > < destination-address > [ precedence precedence-value ] [ tos tos-value[...]
-
Page 633
Monitoring and Analyzing Switch Operation Traffic Mirroring 2. On the remot e destination (endpo int) switch, enter the mirror endpoint command with the i nformation from step 1 to configure a mirroring session for a specific exit port. 3. Determine the sessio n (1 - 4) and (opti onal) alphanumeric name to use on the source switch. 4. Determine the[...]
-
Page 634
Monitoring and Analyzi ng Switch Operation Traffic Mirroring Configure the Mirroring De stination on a Remote Switch ( Page B-50): IP Address and UDP Port on Source Switch IP Address and Exit Port on Remote Swi tch mirror endpoint ip < src-ip-addr > < src-udp-port > < dst-ip-ad dr > port < exit-port > Enter this command on a[...]
-
Page 635
Monitoring and Analyzing Switch Operation Traffic Mirroring Configure a Mirroring Polic y to Select Inbound T raff ic (Page B-66) class < ipv4 | ipv6 > < classname > [no] [ seq-number ] < m atch | ignore > < ip-protocol > < source-addre ss > < destination-address > [ precedence precedence-value ] [ tos tos-value [...]
-
Page 636
Monitoring and Analyzi ng Switch Operation Traffic Mirroring ■ The IP address of the VLAN or subn et on which the mirrored traffic enters or leaves the source switch ■ The unique UDP port number to u se fo r the session on the source switch (The recommended port range is from 7933 to 65535.) Caution Although the swit ch supports t he use of UDP[...]
-
Page 637
Monitoring and Analyzing Switch Operation Traffic Mirroring Caution When configuring a remote mirroring session, always configure the destina- tion switch first. Conf iguring the source switch first can result in a large volume of mirrored, IPv4-encapsul ated traffic arriving at the destination without an exit path, which can slo w switch performan[...]
-
Page 638
Monitoring and Analyzi ng Switch Operation Traffic Mirroring Syntax: mirror endpoint ip < src-ip > < src-udp-port > < dst-ip > < exit-port-# > no mirror endpoint ip < src-ip > < src-udp-port > < dst-ip > — Continued — < src-udp-port >: This parameter must exactly match the <src- udp-port > v[...]
-
Page 639
Monitoring and Analyzing Switch Operation Traffic Mirroring Configuring a Source Switch in a Local Mirrori ng Session. For a local mirroring session, enter the mirror port command on the source switch to configure an exit port on the same sw itch. T o create the mirroring sessi on, use the information gathered i n “1. Determine the Mirro ring Ses[...]
-
Page 640
Monitoring and Analyzi ng Switch Operation Traffic Mirroring as described i n “2. Configure a Mirroring Destinatio n on a Remote Switch” on page B-50, before using the mirror remote ip command in this section to configure the mirroring source for the same session. Syntax: [no] mirror < 1 - 4 > [name < name-str >] remote ip < src-[...]
-
Page 641
Monitoring and Analyzing Switch Operation Traffic Mirroring Syntax: [no] mirror < 1 - 4 > [name < name-str >] remote ip < src-ip > < src-udp-port > < dst -ip > < src-udp-port >: This parameter associates the remote session with a UDP port numb er . When multiple sessions have the same source IP address < src-i[...]
-
Page 642
Monitoring and Analyzi ng Switch Operation Traffic Mirroring ■ Interface type • Port, trunk, and/ or mesh • V L A N • Switch (global configuration level) ■ T raffic direction and selection criteria • All inbound and/or outbound traffic on a port or VLAN interface • Only inbound I P traffic sel ected wit h an ACL (deprecated in softwar[...]
-
Page 643
Monitoring and Analyzing Switch Operation Traffic Mirroring Selecting All Inbound/Out bound T raffic to Mirror Use the commands in this section to configur e all inbound and/or outboun d traffic on specified VLAN, port, or tr unk interfaces for a local or remote mirroring session. For an ex ample of a mirroring config uration that sele cts all inbo[...]
-
Page 644
Monitoring and Analyzi ng Switch Operation Traffic Mirroring monitor all < in | out | bot h >: For the interface specified by < port/trun k/mesh > , selects traffic to mirror based on whether the traffic is entering or leavin g the switch on the interface. in : Mirrors entering traffic. out : Mirrors exiting traffic . both : Mirrors tra[...]
-
Page 645
Monitoring and Analyzing Switch Operation Traffic Mirroring Untagged Mirrored Packets Although a VLAN ta g is added (by de fault) to the mirro red copy of untagged outbound packets to indicate the source VLAN of the packet, it is sometimes desirable to have mirrored pack ets look exactly like the original packet. The no-tag-added paramete r gives y[...]
-
Page 646
Monitoring and Analyzi ng Switch Operation Traffic Mirroring of the mirror’ed copy; ‘disabled’ does put the VLAN tag in the mirror’ed copy. Only one logical port is allowed. This object is persistent and when written the entity SHOULD save the change to non-volatile storage.” DEFVAL { 2 } ::= { hpicfBridgeMirrorSessionEntry 2 } Operating [...]
-
Page 647
Monitoring and Analyzing Switch Operation Traffic Mirroring VLAN Interface with T raffic Di rection as the Selection Criteria Use the following command to select all tra ffic on a VLAN interface for mirroring according t o traffic direction (inbound and/or outbound): Syntax: vlan < vid-# > monitor all < in | out | both > mirror < 1 -[...]
-
Page 648
Monitoring and Analyzi ng Switch Operation Traffic Mirroring Deprecation of ACL-based T raffic Selection < 1 - 4 > : Configures the selected VLAN traffic to be mirrored in the specified session number . [ name < name-str >] : Optional; config ures the selected port traffic to be mirrored in the specified session name. The string can be [...]
-
Page 649
Monitoring and Analyzing Switch Operation Traffic Mirroring Selecting Inbound/Outbou nd T raffic Using a MAC Address Use the monitor mac mirror command at the glob al configuratio n level to appl y a source and/or destination MAC address as the selection criteria used in a local or remote mirroring session. While classifi er -based mirrorin g allow[...]
-
Page 650
Monitoring and Analyzi ng Switch Operation Traffic Mirroring T o configure a MAC address to filter mirrored traffic on an interface, enter the monitor mac mirror comma nd at the global configuration level. Syntax: [no] monitor mac < mac-addr > <src | dest | both> mirror < 1 - 4 | name -str > [< 1 - 4 | name-str >] [< 1 - [...]
-
Page 651
Monitoring and Analyzing Switch Operation Traffic Mirroring Depending on how many session s are configured on the switch, you can use the same command to configure a MAC address as mirroring criteria in up to four sessions. T o identify a session, you can ent er either its name or number; for example: mirror 1 2 3 traffsrc4 Refer to “Mirroring-So[...]
-
Page 652
Monitoring and Analyzi ng Switch Operation Traffic Mirroring The following commands are not supported: monitor mac 111111-222222 src mirror 3 monitor mac 111111-222222 dest mirror 4 In addition, if you enter the monitor mac 111111-222222 both mirror 1 com- mand, you cannot use the MAC address 111111-222222 in an y other monitor mac mirror configura[...]
-
Page 653
Monitoring and Analyzing Switch Operation Traffic Mirroring Deprecation of ACL-based T raffic Selection In software release K.14.01 or greater , advanced classifier -based polic ies replace ACL-based tra ffic selection in mirroring configurat ions. Like ACL-based traffic-se lection criter ia, classifier -based service policies apply only to inbound[...]
-
Page 654
Monitoring and Analyzi ng Switch Operation Traffic Mirroring 2. Create an IPv4 or IPv6 traffic class using the class comman d to select the packets that you want to mirror in a session on a preconfi gured local or remote destination device. Context: Global configuration Syntax: [no] class < ipv4 | ipv6 > < classname > Defines the name o[...]
-
Page 655
Monitoring and Analyzing Switch Operation Traffic Mirroring Context: Class co nfiguration Syntax: [no] [ seq-number ] < match | ignore > < ip-protocol > < source-address > < destination-address > [ ip -dscp codepoint ] [ precedence pre cedence-value ] [ tos tos-value ] [ vlan vlan-id ] For detailed information ab out how to [...]
-
Page 656
Monitoring and Analyzi ng Switch Operation Traffic Mirroring • [ seq-number ] — The (optional) seq-number parameter sequentially orders the mirro ring actions that you enter in a policy configur ation. Actions are executed on matching packets in numerical order . Default: Mirroring action statem ents are numbered in increments of 10, starting a[...]
-
Page 657
Monitoring and Analyzing Switch Operation Traffic Mirroring T o ma nage packets that do not match the match or ignore criteria in any class in the policy , and therefore h ave no mirroring acti ons performed on them, you can enter an optional defaul t class. The default class is placed at the end of a policy configuration a nd specifies the mirrori[...]
-
Page 658
Monitoring and Analyzi ng Switch Operation Traffic Mirroring For this reason, ProCur ve strongly recommends th at you first confi gure the exit switch in a remote mirror ing session, as described in “2. Configure a Mirroring Destination on a Remote Switch” on page B-50 and “3. Configure a Mirroring Session on the Source Swit ch” on page B-5[...]
-
Page 659
Monitoring and Analyzing Switch Operation Traffic Mirroring For more informati on about how to apply a mirror ing policy to an interface , refer to the “Applying a Service Policy to an Interface” section in the “Classi- fier -Ba sed Softwar e Configurati on” chapter in the Advanced T raffic Manage- ment Guide . V iewing a Classifier -Based [...]
-
Page 660
Monitoring and Analyzi ng Switch Operation Traffic Mirroring ■ If a mirrori ng session is config ured wi th a classifier -based mirroring policy on a port or VLAN interface, no othe r traffic-selection criteria (MAC-based or all inbou nd and/or outbound traffi c) can be added to the sessi on. Switch-B(config)# mirror endpoint 10.10.40.4 9200 10.1[...]
-
Page 661
Monitoring and Analyzing Switch Operation Traffic Mirroring Applying Multiple Mirroring Sessions to an Interface Y ou can apply a mirroring pol icy to an inte rface that is already configured with another traffic -selection method (MAC- based or all inbound an d/or outbound traffic) for a different mirroring session. The classifie r -based pol icy [...]
-
Page 662
Monitoring and Analyzi ng Switch Operation Traffic Mirroring Displaying a Mirroring Configuration Displaying All Mirroring Sessi ons Configured on the Switch Use the show monitor command to display in form ation on the currently con- figured status, traffi c-selection criteria , and number of monitored interfaces in each mirroring session on a swit[...]
-
Page 663
Monitoring and Analyzing Switch Operation Traffic Mirroring Syntax: show monitor T ype: Indicates whether the mirroring session is local ( port ), remote ( IPv4 ), or MAC-based ( mac ) for local or remote sessions. Sources: Indicates how many moni tored source interfaces are configured for each mirroring session. Policy: Indicates whether the sourc[...]
-
Page 664
Monitoring and Analyzi ng Switch Operation Traffic Mirroring Displaying the Remote Endpoi nts Configured on the Switch Syntax: show monitor endpoint This command displays the remote mirroring endpoints configured on the switch. Informat ion on local sessi ons configured on the switch is not displayed. (T o view the configuration of a local session,[...]
-
Page 665
Monitoring and Analyzing Switch Operation Traffic Mirroring Displaying the Mirroring Config uration for a Specific Session Syntax: show monitor < 1 - 4 | name < name-str > Use this command to display deta iled configuration information for a specified local or remote mi rroring session on a source switch. Session: Displays the number of th[...]
-
Page 666
Monitoring and Analyzi ng Switch Operation Traffic Mirroring Syntax: show monitor < 1 - 4 | name < name-str > Direction: For the selected interface, indicates whether mirrored traffic is entering the switch ( in ), leaving the switch ( out ), or both . Displaying a R emote Mirroring Session. After you configure session 2 for remote mirrori[...]
-
Page 667
Monitoring and Analyzing Switch Operation Traffic Mirroring ProCurve_8200(config)# show monitor 3 Network Monitoring Session: 3 Session Name: Policy: no policy relationship exists Mirror Destination: A1 (Port) Monitoring Sources Direction ------------------ -------- - MAC: 112233-445566 Source The MAC address used to sel ect packets in a local mirr[...]
-
Page 668
Monitoring and Analyzi ng Switch Operation Traffic Mirroring Displaying Information o n a Cla ssifier -Based Mirroring Session. In the following example, a classi fier -based mirroring policy ( mirrorAd minT raffic ) mirrors selected inb ound IPv4 packets on VL AN 5 to the destination devi ce configured for mi rroring session 3. ProCurve(config)# m[...]
-
Page 669
Monitoring and Analyzing Switch Operation Traffic Mirroring Use the following show commands to display information about: ■ A classifier -based mirrori ng configuration ( show class and show pol icy ) ■ Statistics on one or more m irroring policies ( show statistics policy ) ■ Hardware resources used by all mirro ring polici es currently conf[...]
-
Page 670
Monitoring and Analyzi ng Switch Operation Traffic Mirroring Syntax: show statistics policy [ mirror -policy-name ] [ interface < port-list > | vlan < vlan-id > ] in Displays statistics for the specified mirroring policies configured on one or more port or VLAN interfaces. ProCurve# show statistics pol icy MirrorAdminTraffic vlan 30 in [...]
-
Page 671
Monitoring and Analyzing Switch Operation Traffic Mirroring ProCurve# show policy resource s Resource usage in Policy Enfo rcement Engine | Rules | Rules Used Ports | Available | ACL | QoS | IDM Includes th e hardware resources used by classifier- based local and remote mir roring policies that ar e currently applied to inte rfaces on the switch. |[...]
-
Page 672
Monitoring and Analyzi ng Switch Operation Traffic Mirroring V iewing the Mirroring Configurations in the Running Configuration File Using the show run command, you can view the current mirroring config ura- tions on t he switch. In the show run command ou tput, inf ormation ab out mirroring sources in co nfigured sessions begi ns with the mirror k[...]
-
Page 673
Monitoring and Analyzing Switch Operation Traffic Mirroring Mirroring Configuration Examples Example: Local Mirroring Us ing T raffic-Direction Criteria An administrator wants to mirror the inbound traffic from workstation “X” on port A5 and workst ation “Y” on port B1 7 to a traff ic analyzer connected to por t C24. In this case, the admin[...]
-
Page 674
Monitoring and Analyzi ng Switch Operation Traffic Mirroring Example: Remote Mirroring Us ing a Classifier -Based Policy In the network shown i n Figure B-50, an administrator has connected a traffic analyzer to port A15 (i n VLAN 30) on sw itch C to mon itor the TCP traffic to the server at 10.10.30.153 from workstations connected to switches A an[...]
-
Page 675
Monitoring and Analyzing Switch Operation Traffic Mirroring 2. On source s witch A, configure an association between the remote mirror - ing endpoint on switch C and a m irroring session on switch A (as described in “3. Configure a Mirrorin g Session on the Source Switch ” on page B-52). 3. On sw itch A, configur e a classifier -based mirroring[...]
-
Page 676
Monitoring and Analyzi ng Switch Operation Traffic Mirroring b. Configure a classifier -based mirrori ng po licy to select in bound TCP traffic destined to the server a t 10.10.30.153, and apply the policy to a VLAN interface for VLAN 20. Because the remote session has mirroring sources on diff erent switches, you can use the same session number (1[...]
-
Page 677
Monitoring and Analyzing Switch Operation Traffic Mirroring A15 VLAN 30 10.10.30.2 VLAN 40 10.10.40.1 Switch C VLAN 10 10.10.10.119 Tr a f f i c Analyzer 1 Switch A VLAN 20 10.10.20.145 10.10.30.153 Switch B Server C12 T raffic Analyzer 2 B10 10.20.40.7 A20 Network Figure B-54. Sample T opology for Remote Mirro ring from a Port Interface T o con fi[...]
-
Page 678
Monitoring and Analyzi ng Switch Operation Traffic Mirroring Switch-A(config)# mirror 2 remote ip 10.10.10.119 9400 10.10.40.1 Caution: Please configure destination switch first. Do you want to continue [y/n]? y Switch-A(config)# interface c12 monitor all in mirror 2 IP address of source swi tch and UDP port numbe r used in session 2 IP address o f[...]
-
Page 679
Monitoring and Analyzing Switch Operation Traffic Mirroring Enabling Jumbo Frames T o Increase the Mirroring Path MTU On 1 Gbps and 10 Gbps ports in the mi rroring path, you can redu ce the number of dropped frames by en abling jumbo fr ames on all intermed iate switches and routers. (The maxi mum transmission un it—MTU—on the sw itches covered[...]
-
Page 680
Monitoring and Analyzi ng Switch Operation Traffic Mirroring Effect of Downstream VLAN T agging on Untagged, Mirrored T raffic In a remote mirroring applicati on, if mi rrored traffic leaves the switch without 802.1Q VLAN tagging, but is forwarded th rough a downstream device that adds 802.1Q VLAN tags, the MTU for untagged mirrored frames leaving [...]
-
Page 681
Monitoring and Analyzing Switch Operation Traffic Mirroring Operating Notes for T raffic Mirroring ■ Mirrorin g Dropped T ra f fi c: When an interface is configured to mirror traffic to a local or remote de stinat ion, packets are mirrored regardless of whether the traffi c is dropped while on the interface. For example, if an ACL is configured o[...]
-
Page 682
Monitoring and Analyzi ng Switch Operation Traffic Mirroring ■ Intercepted or Injected T raffic: The mirroring feature does not protect against either mirrored traffic being in tercepte d or traffic being injected into a mirrored stream by an intermediate host. ■ Inbound Mirrored IPv4-Encapsula ted Frames are Not Mirrored: The switch does no t [...]
-
Page 683
Monitoring and Analyzing Switch Operation Traffic Mirroring T roubleshooting T raffic Mirroring If mirrored tr affic does not reach th e conf igured remote destina tion (end- point) switch or remote exit port , check the following configurations: • In a remote mirroring session, the mirro r remote ip command parame- ters configured on the source [...]
-
Page 684
Monitoring and Analyzi ng Switch Operation Traffic Mirroring B-98[...]
-
Page 685
C T r oubleshooting Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-4 Troublesho oting Approa ches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-5 Browser or Telnet Access Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . C-6 Unusual Net[...]
-
Page 686
Troubleshooting Contents Using Log Throttling to Reduce Duplicate Event Log and SNMP Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-37 Configuring the Severit y Level for Event Log Configuring the System Module Used to Select the Event Log Log Throttle Periods . . . . . . . . . . . . . . . . . . . . . . . . . . . .[...]
-
Page 687
Troubleshooting Contents Customizing show tech Comma nd Output . . . . . . . . . . . . . . . . . C-74 CLI: Viewing M ore Information on Switch Operation . . . . . . . . . . . C-78 Pattern Matching When Using t he Show Command . . . . . . . . . C-79 CLI: Useful Commands for Troublesh ootin g Sessions . . . . . . . . . . . C-82 Restoring the Factory-[...]
-
Page 688
Troubleshooting Overview Overview This appendix addresses performance- relat ed network problems that can be caused by topology , switch configur ation, and t he effects of other devi ces or their config urations on sw itch operation. (For swit ch-speci fic inform ation on hardware problems indicated by LED behavior , cabling requi rements, and oth[...]
-
Page 689
Troubleshooting Troubleshooting Approaches T roubleshooting Approaches Use these approaches to diagnose switch problems: ■ Check the ProCurve Networking web site f or software up dates that may have solved your problem: www.procurve.com ■ Check the switch LEDs for indicati ons of proper switch operation: • Each sw itch port has a Link LED th [...]
-
Page 690
Troubleshooting Browser or Telnet Access Problems Browser or T elnet Access Problems Cannot access the we b browser interface: ■ Access may be disabled by the Web Agent Enabled parameter in the switch console. Check the se tting on this parame ter by selecting: 2. Switch Configuration … 1. System Information ■ The switch may not have the corr[...]
-
Page 691
Troubleshooting Browser or Telnet Access Problems Cannot T elnet into the switch con sole from a station on the network: ■ Off subnet management stations can lo se T elnet access if you enable routing wit hout first co nfiguring a static (default) route. That is, the switch uses the IP default gateway only w hile operating as a Layer 2 device. W [...]
-
Page 692
Troubleshooting Unusual Network Activity Unusual Network Activity Network activity that fails to meet ac cepted norms may indicate a hardware problem with one or more of the netw ork components, possibl y including the switch. Such problems can also be caused by a network loop or simply to o much traffic for t he network as it is currently de signe[...]
-
Page 693
Troubleshooting Unusual Network Activity This can also happen, for example, if the server is first conf igured to issue IP addresses with an un limited duration, th en is subsequently co nfigured to issue IP addresses that will expire aft er a limited duration. One solu tion is to configure “reservations” in the DHCP server for speci fic IP add[...]
-
Page 694
Troubleshooting Unusual Network Activity S Indicates that routin g is enabled; a requir e- ment for ACL oper ation. (There is a n exception. Refer to the Note , below .) Figure C-1. Indica tion that Routing Is Enabled Note If an ACL assigned to a VLAN includes an ACE referencing an IP address on the switch itself as a pack et source or destination,[...]
-
Page 695
Troubleshooting Unusual Network Activity Error (Invalid input) when entering an IP address. When using the “host” opti on in the co mmand syntax, ensure that you are not including a mask in either dotted decimal or CIDR format . Using the “host” option implie s a specific host device and therefore do es not permit any ma sk entry . Correct.[...]
-
Page 696
Troubleshooting Unusual Network Activity common mistake is to either not e xplicitly permit the sw itch’ s IP address as a DA or to use a wildca rd ACL mask in a deny statement that happens to incl ude the switch’ s IP address. For an exam ple of this problem, refer to the sectio n titled “General ACL Operating Notes” in the “Access Contr[...]
-
Page 697
Troubleshooting Unusual Network Activity 30 Net IP: 30.29.16.1 (Deflt. Gateway) Router X 10 Net IP: 10.0.8.1 8212zl 10 Net -- VLAN 1 IP: 10.08.1 5 (Deflt. G’W ay = 10.0.8.1) Switch 1 20 Net -- VLAN 2 IP: 20.0.8.21 (Deflt. G’way = 20.0.8.1) 20 Net VLAN 2 IP: 20.0.8.1 (Deflt. G’way f o r 2 0 . 0 . 8 . 1 ) 30.29.16.91 Switch 2 10 Net -- VLAN 1 I[...]
-
Page 698
Troubleshooting Unusual Network Activity Caution IGMP-Related Problems IP Multicast (IGMP) T raffic That Is Directed By IGMP Does Not Reach IGMP Hosts or a Multicast Router Connected to a Port. IGMP must be enabled on the switch an d the aff ected port must be configured for “Auto” or “Forward” operation. IP Multicast T raf fic Floods Out A[...]
-
Page 699
Troubleshooting Unusual Network Activity Mesh-Related Problems T raffi c on a dynamic VLAN does not get through the switch mesh . GVRP enables dyna mic VLANs. Ensure that al l switches in the mesh have GVRP enabled . Port-Based Access Control (802.1X)-Related Problems Note T o list the 802.1X port-access Event Lo g messages stored on the switch, us[...]
-
Page 700
Troubleshooting Unusual Network Activity VLAN as untagged on the port to support the cl ient access, as specified in the response from the RADIUS server . Refe r to “How 802.1X Au thentication Affects VLAN Oper ation” in the Access Security Guide for your switch. The switch appears to be properly configured as a supplicant, but cannot gain acce[...]
-
Page 701
Troubleshooting Unusual Network Activity RADIUS server fails to respond to a request for service, even though the server’ s IP address is correct ly co nfigured in the switch. Use show radius to verify that the encryption key (RAD IUS secret key) the switch is using is correct for the server being co ntacted. If the switch ha s only a global key [...]
-
Page 702
Troubleshooting Unusual Network Activity QoS-Related Problems Loss of communication when using VLAN- tagged traffi c. If you cannot communicate with a device in a tagged VLAN environment, ensure that the device either supports VLAN tagged traffi c or is connected to a VLAN port that is configured as Untagged . Radius-Related Problems The switch doe[...]
-
Page 703
Troubleshooting Unusual Network Activity Global RADIUS Encryption Ke y Unique RADIUS Encr yption Key for the RADIUS server at 10.33.18.119 Figure C-7. Exampl es of Global and Unique Encryption Keys Spanning-T ree Protocol (MSTP) and Fast-Uplink Problems Caution If you enable MSTP , it is recommende d that you leave th e remainder of the MSTP param [...]
-
Page 704
Troubleshooting Unusual Network Activity Fast-Uplink T roubleshoo ting. Some of the problems th at can result fr om incorrect usage of Fast-Uplink MSTP in clude temporary loops and generation of duplicate packets. Problem sources can include: ■ Fast-Uplink is config ured on a switch that is the MSTP root device. ■ Either the Hello T ime or the [...]
-
Page 705
Troubleshooting Unusual Network Activity Switch does not detect a client’ s public key that does appear in the switch’ s public key file ( sh ow ip client-public-key ). The client’ s public key entry in the public key fi le may be pr eceded by an other entry that does not terminate wi th a new line (CR). In this case, the switch in terprets t[...]
-
Page 706
Troubleshooting Unusual Network Activity T ACACS-Related Problems Event Log. When troubleshooting T ACACS+ op eration, check the switch’ s Event Log for i ndications of prob lem areas. All Users Are Locked Out of Access to the Switch. If the switch is func- tioning properly , but no username/password pairs resul t in console or T elnet access to [...]
-
Page 707
Troubleshooting Unusual Network Activity ■ The encryption key configured in the server does not match the encryption key configured in the switch (by using the tacac s-server key command). V erify the key in the server and compare it to the key configured in the switch. (Use show tacacs-server to list th e global k ey . Use show config or show co[...]
-
Page 708
Troubleshooting Unusual Network Activity T imeP , SNTP , or Gateway Problems The Switch Cannot Find the T ime Se rver or the Con figured Gateway . T imeP , SNTP , and Gateway access are through the primary VLAN, which in the default configuration is the DE F AUL T_VLAN. If the primary VLAN has been moved to another VLAN, it may be disabled or does [...]
-
Page 709
Troubleshooting Unusual Network Activity Switch “Y” Switch “X” Link supporting VLAN_1 and VLAN_2 Port X-3 Port Y - 7 VLAN Port Assignment VLAN Port Assignment Po rt VLA N_ 1 VL AN _2 Po rt VLA N_ 1 VL AN _2 X-3 Untagged T agged Y -7 Untagged T agged Figure C-8. Exampl e of Correct VLAN Port Assignments on a Link 1. If VLAN_1 (VID=1) is conf[...]
-
Page 710
Troubleshooting Unusual Network Activity Server 8212zl Switch (Multiple Forwarding Database) Switch with Single Forwarding Database MAC Address “A”; VLAN 1 MAC Address “A”; VLAN 2 Problem: This switch detec ts continual move s of MAC address “A” between ports. VLAN 1 VLAN 2 Figure C-9. Exampl e of Duplicate MAC Address Fan Failure When [...]
-
Page 711
Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems Using the Event Log for T roubleshooting Switch Problems The Event Log records oper ating event s in single- or doubl e-line entries and serves as a tool to isolat e and troubl eshoot problems. Starting in software release K.13. xx , the maximum number of entries supported in [...]
-
Page 712
Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems I (information) provides information on normal switch operation. D (debug) is reserved for ProCurve internal diagnostic informa tion. Date is the date in the format mm/dd/yy when an entry is recorded i n the log. Ti m e i s the time in the format hh:mm:ss whe n an entry is rec[...]
-
Page 713
Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems cdp Cisco Discovery Protocol: Supports reading CDP packets received from neighbor devices, enabling a switch to learn about adjacent CDP devices. ProCurve switches do not support the transmission of CDP packets to neighbor devices. Management and Configuration Guide chassis Ha[...]
-
Page 714
Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems dma D irect Access Memo ry (DMA): T ransmits and receives packets between the CPU and the switch. Not used for logging messages in software release K.13. xx . — fault Fault Detection facility, including response policy and the sensitivity level at which a network problem sho[...]
-
Page 715
Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems kms Key Management Syst em: Configures and maintains security information (keys) for all rout ing protocols, including a timing mechanism for activating and deactivating an individual protocol. Access Security Guide lacp LACP trunks: The switch can eit her automatically establ[...]
-
Page 716
Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems mld Multicast Listener Discovery (M LD): IPv6 protocol used by a router to discover the presence of multicast listeners. MLD can also optimize IPv6 multicast traffic flow with th e snooping feature. Multicast and Routing Guide mtm Multicast T raffic Manager (MTM): Controls and[...]
-
Page 717
Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems snmp Simple Network Management Protocol: Allows you to manage the switch from a network management station, including support for security features, ev ent reporting, flow sampling, and standard MIBs. Management and Configuration Guide sntp Simple Network T ime Pr otocol: Sync[...]
-
Page 718
Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems telnet Session established on t he switch from a remote device through the T elnet virtual terminal protocol. Management and Configuration Guide tftp T rivial File T ransfe r Protocol: Supports the download of files to the switch from a TFTP network server . Management and Con[...]
-
Page 719
Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems Menu: Displaying and Navi gating in the Event Log T o displa y the Event Log fr om the Main Menu, select Event Log . Figure C-11 shows a sample ev ent log display . ProCurve Switch 5406zl 25-Oct-2007 18:02:52 ==========================-CONSO LE - MANAGER MODE -================[...]
-
Page 720
Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems Key Action [^] Rolls back display by one event (up one line). [E] Advances to the end of the log. [H] Displays Help for the Event Log. CLI: Displaying the Event Log T o displa y messages record ed in the event log fr om the CLI, enter the show logging command. Keyword searches[...]
-
Page 721
Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems T o redispl ay all hidden entries, includi ng Event Log entries recorded prior to the last reboot , enter the sh ow logging -a command. Syntax: clear logging Removes all entries from the event log display output. CLI: T urning Event Numbering On Syntax: [no] log-numbers T urns[...]
-
Page 722
Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems Log Throttle Periods The length of the log thrott le period di ffers according to an e vent’ s severity level: Severity Level Log Throttle Period I (Information) 6000 Seconds W (W arning) 600 Seconds D (Debug) 6 0 Seconds M (Major) 6 Se conds Example of Log Throttling For ex[...]
-
Page 723
Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems If PIM oper ation caused th e same event to occur six more times during t he initial log throt tle period, there would be no furt her entries in the Event Log. However , if the event occurr ed again after the log throttl e period expired, the switch would rep eat the message ([...]
-
Page 724
Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems Example of Event Counter Operation Suppose the switch detects the following after a re boot: ■ Three duplicate instances of the PIM “Send error” during the firs t log throttle period for this event ■ Five more instan ces of th e same Send error during the second log th[...]
-
Page 725
Troubleshooting Debug/Syslog Operation Debug/Syslog Operation While the Event Log records switch-l evel progress, status, and warning messages on the swi tch, the Debu g/System Log ging ( Syslog ) feature provides a way to record Event Log and debu g messages on a remote device. For example, you can send messages about routing misconfigurations and[...]
-
Page 726
Troubleshooting Debug/Syslog Operation A Debug/Syslog destination device can be a Syslog server and/or a console session. Y ou can configure debug and logging messages to b e sent to: ■ Up to six Syslog servers ■ A CLI session through a direct RS-232 co nsole connection, or a T elnet or SSH session Debug/Syslog Conf iguration Commands Event —[...]
-
Page 727
Troubleshooting Debug/Syslog Operation event Sends standard Event Log messages to configured debug destinations. (The same messages are also sent to the switch’ s Event Log, re gardless of whether you enable this option.) ip forwarding: Sends IPv4 forwarding messages to the debug destination(s). ospf: Sends OSPF event logging to the debug destina[...]
-
Page 728
Troubleshooting Debug/Syslog Operation ■ Series 3500yl switches ■ Series 3400cl switches ■ Series 2900 switches ■ Series 2800 switches ■ Series 2610 switches ■ Series 2600 switches an d the Switch 6108 (softw are rel ease H.07.30 or greater) For the latest feature info rmation on ProCurve switches, v isit the ProCurve Networking web sit[...]
-
Page 729
Troubleshooting Debug/Syslog Operation 2. T o use a CLI session on a destination device fo r debug messaging: a. Set up a serial , T elnet, or SSH co nnection to access the switch’ s CLI. b. Enter the deb ug destination session command at the manager level. 3. Enable the types of debug messages to be sent t o configured Sysl og servers and/or the[...]
-
Page 730
Troubleshooting Debug/Syslog Operation saved after a system reboot (power cycle or reboot) and re-activated on the switch. As a result, after switch startu p, one of the follo w i ng situations may occur: ■ Only a partial set of Event Log messages may be sent to configured debug destinations. ■ Messages may be sent to a previously configured Sy[...]
-
Page 731
Troubleshooting Debug/Syslog Operation messages sent to the Syslog server , speci fy a set of messages by entering the logging severity and logging system-module commands. ProCurve(config)# show debug Debug Logging Destination: None Enabled debug types: None are enabled ProCurve(config)# logging 10. 28.38.164 ProCurve(config)# write memor y ProCurv[...]
-
Page 732
Troubleshooting Debug/Syslog Operation Example. The next example shows ho w to configure: ■ Debug logging of ACL and IP- OSPF p acket messages on a Syslog server at 18.38.64.164 (with user as the default logging facility). ■ Display of these messages in the CLI session of your terminal device’ s management access to the switch. ■ Blocking E[...]
-
Page 733
Troubleshooting Debug/Syslog Operation ProCurve# config ProCurve(config)# logging 10. 38.64.164 ProCurve(config)# show debug Debug Logging Destination: Logging -- 10.38.64.164 Facility=user Severity=debug System module=all-pass Enabled debug types: event ProCurve(config)# no debug ev ent ProCurve(config)# debug acl ProCurve(config)# debug ip os pf [...]
-
Page 734
Troubleshooting Debug/Syslog Operation Debug Command At the manager level, use the debug command to perform two main functions: ■ Specifies the types of event messages to be sent to an ex ternal destination. ■ Specifies the de stinations to whic h selected message types are sent. By default, no debug destination is enabled a nd only Event Log m[...]
-
Page 735
Troubleshooting Debug/Syslog Operation Syntax: [no] debug < debu g-type > (Continued) event Event Log messages are automati cally enabled to be sent to debug destinations in these conditions: • If no Syslog server address is configured and you enter the logging < syslog-ip-addr > command to configure a destination address. • If at l[...]
-
Page 736
Troubleshooting Debug/Syslog Operation ipv6 [dhcpv6-client [events | packet ]] [forwarding | nd | packet] When no debug options are included, displays debug messages for all IPv6 debug options. dhcpv6-client [events | packet]: D isplays DHCPv6 client event and packet data. [forwarding]: Displays IPv6 forwarding messages. [nd]: Displays debug messag[...]
-
Page 737
Troubleshooting Debug/Syslog Operation session Enables transmission of event notification messages to the CLI session that most recently executed this command. The session can be on any one terminal emulation device with serial, Telnet, or SSH access to the CLI at the Manager level prompt ( ProCurve#_ ). If more than one terminal device has a conso[...]
-
Page 738
Troubleshooting Debug/Syslog Operation Logging Command At the global configuration level, the lo gging command allows you to enable debug logging on specified Syslog server s and select a subset of Event Log messages to send for debuggi ng purposes according to: ■ Severity level ■ System modul e By specifying both a severity level and system mo[...]
-
Page 739
Troubleshooting Debug/Syslog Operation Configuring a Syslog Server Syslog is a client-server logging tool th at allows a client switch to send event notification messages to a networked de vice operati ng with Syslog server software. Messages sent to a Syslog server can be stored to a file for later debugging analysis. T o use the Syslog feature, y[...]
-
Page 740
Troubleshooting Debug/Syslog Operation Syntax: [no] logging < syslo g-ip-addr > Enables or disables Syslog messaging to the specified IP address. You can configure up to six addresses. If you configure an address when none are already configured, this command enables destinatio n logging (Syslog) and the Event debug type. Therefore, at a mini[...]
-
Page 741
Troubleshooting Debug/Syslog Operation Syntax: [no] logging facility < fac i lity-name > The logging facility specifies th e destination subsystem used in a configured Syslog server . (All configured Syslog servers must use the same subsystem.) ProCurve recommends the default (user) subsystem unless your application specifically requires anot[...]
-
Page 742
Troubleshooting Debug/Syslog Operation The CLI comm and is: Syntax: logging <ip-addr> control-descr <text_string >] no logging <ip-addr> [control-descr] An optional user -frien dly description that can be associated with a server IP address. If no description is entered, this is blank. If <text_string> contains white space, [...]
-
Page 743
Troubleshooting Debug/Syslog Operation ProCurve(config)# logging priority-descr severe-pr i Figure C-20. Example of the Lo gging Command with a Priority Description Note A notification i s sent to the SNMP agent if there are any changes to the sy slog parameters eith er through the CLI or with SNMP . Configuring the Severity Level for Event Log Mes[...]
-
Page 744
Troubleshooting Debug/Syslog Operation Configuring the System Module Us ed to Select the Event Log Messages Sent to a Syslog Server Event Log messages contain the name of the system module that reported the event. Using the logging system-module command, you can select a set of Event Log messages according to the originating system module and send [...]
-
Page 745
Troubleshooting Debug/Syslog Operation Debug Option Effect of a Reboot or Reset ACL (debug type) Disabled. All (debug type) Disabled. event (debug type) If a Syslog server IP address is configured in the star tup- config file, the sending of Event Log messages is reset to enabled , regardless of the last active setting. If no Syslog server is confi[...]
-
Page 746
Troubleshooting Diagnostic Tools Diagnostic T ools Diagnostic Features Feature Default Menu CLI Web Port Auto negotiation n/a — — — Ping test n/a — page C-65 page C-64 Link test n/a — page C-65 page C-64 T raceroute operation n/a — page C-67 n/a View switch configuration files n/a — page C-71 page C-71 View switch (sho w tech) n/a —[...]
-
Page 747
Troubleshooting Diagnostic Tools Port Auto-Negotiation When a link LED does not light (indicat ing loss of link between two devices), the most common r e ason is a failure of port auto-n egotiation between the connecting ports. If a lin k LED fails to light wh en you conn ect the swit ch to a port on another devi ce, do the following: 1. Ensure tha[...]
-
Page 748
Troubleshooting Diagnostic Tools W eb: Executing Ping or Link T ests Figure C-21. Link and Pi ng T est Screen on the Web Browser Interface 4. For a Ping test, enter the IP address of the target device. For a Link test, enter the MAC addr ess of the target device. 3. Select Ping T est (the default) or Link T est 5. Select the numb er of tries (packe[...]
-
Page 749
Troubleshooting Diagnostic Tools Number of Packets to Send is th e number of times you want the switch to attempt to test a c onnection. T imeout in Seconds is th e number of seconds to allow per attempt to test a connection before determining that the current atte mpt has failed. T o halt a Link or Ping test before it con cludes, click on t he Sto[...]
-
Page 750
Troubleshooting Diagnostic Tools source <ip-addr | ho stname > Source IP address or hostname . The source IP address must be owned by the router . If a VLAN is specified, the IP address associated with the specified VLAN is used. data-size <0-65471> Size of packet sent. Default: 0 (zero) data-fill <0-1024> The data pattern in th e[...]
-
Page 751
Troubleshooting Diagnostic Tools Basic Link T est Link T est with Repetitions Link T est with Repetitions and T imeout Link T est Over a Specific VLAN Link T est Over a Specific VLAN; T est Fail Figure C-23. Example of Link T ests T raceroute Command The traceroute command enables you to trace th e route from the switch to a host address. This comm[...]
-
Page 752
Troubleshooting Diagnostic Tools <ip-address | hostname> The IP address or hostname of the device to which to send the traceroute. [minttl < 1-255 >] For the current instance of traceroute , changes the minimum number of hops allowed for each probe packet sent along the route. If minttl is greater than the actual number of hops, then th[...]
-
Page 753
Troubleshooting Diagnostic Tools Intermediate router hops with the time taken for the switch to receive acknowledgement of each probe reach ing each router . Destination IP Address Figure C-24. Example of a Completed T racero ute Enquiry Continuing fr om the previous examp le (Figure C-24, above), execut ing traceroute with an insu fficient maxttl [...]
-
Page 754
Troubleshooting Diagnostic Tools If A Network Condition Preven ts T raceroute from Reaching the Destination. Common reasons for T rac eroute fa iling to reach a destination include: ■ T im eouts (indicated by one asterisk per probe, per hop; refer to Figure C-25, above.) ■ Unreachable hosts ■ Unreachable networks ■ Interference from firewal[...]
-
Page 755
Troubleshooting Viewing Switch Configuration and Operation V iewing Switch Configuration and Operation In some troubleshoot ing s cenarios, you may need to view the switch config- uration to diagnose a problem. The co mplete switch config uration is co n- tained in a file that you can browse fr om either the web browse r interface or the CLI using [...]
-
Page 756
Troubleshooting Viewing Switch Configur ation a nd Operation CLI: Vi ewing a Summary of Switch Operational Data Syntax: show tech By default, the show tech command displays a single output of switch operat- ing and running -configuration data from several internal switch sources, including: ■ Image stamp (software version data) ■ Running config[...]
-
Page 757
Troubleshooting Viewing Switch Configuration and Operation Figure C-27 shows sample ou tput from the show tech command. ProCurve# show tech show system Status and Counters - General System Information System Name System Contact System Location : 5400_1 : : MAC Age Time (sec) : 300 Time Zone : 0 Daylight Time Rule : None Software revision ROM Versio[...]
-
Page 758
Troubleshooting Viewing Switch Configur ation a nd Operation For example, if your te rminal emulator is the Hyperterminal application available with Microsoft® Windows® software, you can copy the show t ech output to a file and th en use eit her Microsoft W ord or Notepad t o display the data. (In this case, Microsof t W ord pr ovides the data in[...]
-
Page 759
Troubleshooting Viewing Switch Configuration and Operation 5. Click on T ransfer | Capture T ext | Stop in HyperT e rminal to stop copyin g data and save the text file. If you do not stop HyperT erminal from copying command out put into the text file, additi onal unwanted data can be copi ed from the HyperT erminal screen. 6. T o access the file, o[...]
-
Page 760
Troubleshooting Viewing Switch Configur ation a nd Operation . Syntax: copy < source > show- tech crash- log [ slot-id | master]: Includes the crash logs from all management and interface modules in show tech command output. T o limit the amount of crash-l og data displayed, specify an installed module or management modules, where: slot-id : [...]
-
Page 761
Troubleshooting Viewing Switch Configuration and Operation . Syntax: copy < source > show- tech usb config < startup-config < filename > | command-file < acl- filename. txt > Copies the contents of a co nfiguration file or ACL command file from a USB flash drive to show tec h command output, where: startup-config < file name[...]
-
Page 762
Troubleshooting Viewing Switch Configur ation a nd Operation CLI: Vi ewing More Informat ion on Switch Operation Use the following commands to displa y additional information on switch operation for trou bleshooting purposes. Syntax: show boot-history Displays the crash informatio n saved for each management module on the switch (see “Displaying [...]
-
Page 763
Troubleshooting Viewing Switch Configuration and Operation Pattern Matching When Using the Show Command The pattern matching op tion with the show command provides the ability to do searches for specific text. Selected portions of the outp ut are displayed depending on the parameters chose n. Syntax: show < command option > | <include | ex[...]
-
Page 764
Troubleshooting Viewing Switch Configur ation a nd Operation ProCurve(config)# show run | exclude ipv6 Running configuration: ; J8697A Configuration Edito r; Created on release #K.14.06 hostname "ProCurve Switch 54 06zl" module 1 type J8702A module 2 type J8705A snmp-server community "notpu blic" Unrestricted vlan 1 name "D[...]
-
Page 765
Troubleshooting Viewing Switch Configuration and Operation ProCurve(config)# show run | be gin ipv6 ipv6 enable no untagged B21-B24 Displays the running config begin ning at the first line exit that contains “ipv6”. vlan 20 name "VLAN20" untagged B21-B24 ipv6 enable no ip address exit policy qos "michael" exit ipv6 access-li[...]
-
Page 766
Troubleshooting Viewing Switch Configur ation a nd Operation CLI: Useful Commands for T roubleshooting Sessions Use the following commands in a troubleshooti ng session to more accurately display the information yo u need to diagnose a problem. For more informati on on other the se CLI practices, refer t o chapter 4, “Using the Command Line Inter[...]
-
Page 767
Troubleshooting Restoring the Factory-Default Configuration Restoring the Factory-Default Configuration As part of your troubleshooting pr ocess, it may become necessary to return the switch configuration to the factor y default settings. This process momen- tarily interrupts t he switch operation, clears any passw ords, clears the console Event Lo[...]
-
Page 768
Troubleshooting Restoring a Flash Image 2. Co ntinue to press the Clear butt on while releasing the Re set button. 3. When the Self T est LED begins to flas h, release the Cle ar button. The switch will then complete it s self test and begin operating with the configuration restored to th e factory default settings. Restoring a Flash Image The swit[...]
-
Page 769
Troubleshooting Restoring a Flash Image Enter h or ? for help. => 4. Since the OS file is large, you can increase the speed of the download by changing the switch console and termin al emulator baud rates to a high speed. For example: a. Change the switch baud rate to 115,200 Bps. => sp 115200 b. Change the terminal emulator baud rate to matc[...]
-
Page 770
Troubleshooting Restoring a Flash Image Figure C-34. Example of Xmodem Download in Progress 8. When the download compl etes, the swit ch reboots from pri mary flash using the OS image you dow nloaded in the preceding steps, plus th e most recent startup-config file. C-86[...]
-
Page 771
Troubleshooting DNS Resolver DNS Resolver The Domain Name System (D N S) resolver is designed for use in local network domains where it enables us e of a host name or fully qualified domain name with DNS-com patible switch CLI com man ds. (At software release K.13.01, the DNS-compatible commands include ping and traceroute .) Beginning wi th softwa[...]
-
Page 772
Troubleshooting DNS Resolver Basic Operation ■ When the switch is configured wit h onl y the IP address of a DNS server available to the switch, then a DNS-compatible command, executed with a fully qualified doma in name, can reac h a device found in any domain accessible through the configured DNS server . ■ When the switch is config ured with[...]
-
Page 773
Troubleshooting DNS Resolver Note that if the target host is in a domain other than the domain configured on the switch, then: ■ The host’ s domain must be reachabl e from the switch . This requires that the DNS server for the switch must be able to communicate with the DNS serv er(s) in the path to the dom ain in which the target h ost operate[...]
-
Page 774
Troubleshooting DNS Resolver c. The domain name for an accessible domain in which there are hosts you want to reach with a DNS-c ompatible command. (This is the domain s uffix in the f ully qualif ied domain name for a given host operating in the select ed domain. Refer to “T erminology” on page C- 87.) Note that if a domain suffix is not confi[...]
-
Page 775
Troubleshooting DNS Resolver Syntax: [no] ip dns domain-name < domain-name-suffix > This optional DNS command configures the dom ain suffix that is automatically appended to the host name entered with a DNS-compatible command. When the domain suffix and the IP address for a DNS server that can access that domain are both configured on the swi[...]
-
Page 776
Troubleshooting DNS Resolver Configuring switch “A” with the domai n name and the IP address of a DNS server for the domain enables the switch to use host names assigned to IP addresses in the do main to perform ping and traceroute act ions on the devices in the domain. T o summarize: Entity: Ide ntity: DNS Server IP Address 10.28.229.10 Domain[...]
-
Page 777
Troubleshooting DNS Resolver As mentioned under “Basic Operation” on page C-88, if the DNS entry config- ured in the switch does not include the domain suffi x for the desired ta rget, then you must use the target host’ s fully qualified dom ain name with DNS- compatible commands. For example, using the docume nt server in Fi gure C- 37 as a [...]
-
Page 778
Troubleshooting DNS Resolver Operating Notes ■ Configuring anot her IP address for a priority that has already been assigned to an IP address is not a llowed. T o re place one IP address a t a given priority level w ith another ad dress having the same priority , you must first use the no form of the command to remove the unwanted address. Also, [...]
-
Page 779
Troubleshooting DNS Resolver Event Log Messages Message Meaning DNS server address not configure d The switch does not ha ve an IP address configured for the DNS server . DNS server not responding The DNS serve r failed to respond or is unreachable. An incorrect server IP address can produce this re sult. Unknown host < ho st-name > The ho st[...]
-
Page 780
Troubleshooting Locator LED (Locating a Switch) Locator LED (Locating a Switch) T o locate where a pa rticular switch is physically installed, use the chassislo- cate command to activate the blue Locator LED on the switch’ s front panel. Syntax: chassislocate [b link | on | off] Locates a switch by using the blue Locate LED on t he front panel. b[...]
-
Page 781
D MAC Address Management Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . D-2 Determining MAC Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . D-3 Menu: Viewing th e Switch’s MAC Addresses . . . . . . . . . . . . . . . . . . . . D-4 CLI: Viewing [...]
-
Page 782
MAC Address Management Overview Overview The switch assigns MAC addresses in these areas: ■ For management functions, one Base MAC address is assigned to the de f au lt VL AN ( VI D = 1 ). (A ll VL AN s on th e s w it ch es covered in this guide use the same MAC address. ) ■ For internal switch operations: One M AC address per port (Refer to ?[...]
-
Page 783
MAC Address Management Determining MAC Addresses Determining MAC Addresses MAC Address Viewing Methods Feature Default Menu CLI Web view switch’ s base ( default vlan) MAC address and the addressing for any added VLANs n/a D-4 D-5 — view port MAC addresses (hexadecimal format) n/a — D-5 — ■ Use the menu interface to view the switch’ s b[...]
-
Page 784
MAC Address Management Determining MAC Addresses Menu: V iewing the Switch’ s MAC Addresses The Management Address Information screen lists the MAC addresses for: ■ Base switch (d efault VLAN; V ID = 1) ■ Any additional V LANs conf igured on the switch. Also, the Base MAC address appears on a label on the back of the switch. Note The Base MAC[...]
-
Page 785
MAC Address Management Determining MAC Addresses CLI: Vi ewing the Port and VLAN MAC Addresses The MAC address assigned to each switch port is used inte rnally by such features as Flow Control and the spanning-tree protocol. Using the walkmib command to determi ne the MAC address assignment s for individu al ports can sometimes be useful when di ag[...]
-
Page 786
MAC Address Management Determining MAC Addresses ProCurve# walkmib ifphysa ddress ifPhysAddress.1 = 00 12 7 9 88 b1 ff ifPhysAddress.2 = 00 12 7 9 88 b1 fe ifPhysAddress.3 = 00 12 7 9 88 b1 fd ifPhysAddress.4 = 00 12 7 9 88 b1 fc ifPhysAddress.49 = 00 12 79 88 b1 cf ifPhysAddress.461 and 488 Physical addr esses for non-default VLANs confi gured on [...]
-
Page 787
MAC Address Management Viewing the MAC Addresses of Connected Devices V iewing the MAC Addresses of Connected Devices Syntax: show mac-address [ | mac-addr | Lists the MAC addresses of the device s the switch has detected, along with the number of the specific port on wh ich each MAC address was detected. [ port-list ] Lists the MAC addresses of th[...]
-
Page 788
MAC Address Management Viewing the MAC Addresses of Connected Devices D-8[...]
-
Page 789
E Monitoring Resources Contents Viewing Information on Resource Usage . . . . . . . . . . . . . . . . . . . . . . . E-2 Policy Enforcement Engine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . E-2 Displaying Current Resource Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . E-4 When Insufficie nt Resources Are Availab[...]
-
Page 790
Monitoring Resources Viewing Information on Resource Usage V iewing Information on Resource Usage The switch allows you to view info rmation about the curren t usage and availability of resources in the Polic y Enforcement engine, includ ing the following software features: ■ Access control lists (ACL) ■ Quality-of-service (QoS), including devi[...]
-
Page 791
Monitoring Resources Viewing Information on Resource Usage ■ When the following features are co nfigured globally or per -VLAN, resource usage is applied across a ll por t grou ps or all slots with install ed modules: • ACLs • QoS configuration s that use the following commands: – QoS device priority (IP Addre ss) through the CLI using the [...]
-
Page 792
Monitoring Resources Viewing Information on Resource Usage Displaying Current Resource Usage T o display c urrent resource usage in the switch, enter the show <qos | access- list | policy> resources command. The show resources command output allows you to view cu rrent resource usage and, if necessary , pri oritize and reconfigur e software f[...]
-
Page 793
Monitoring Resources Viewing Information on Resource Usage ProCurve# show qos resources Resource usage in Policy Enfo rcement Engine | Rules | Rules Used Ports | Available | ACL | QoS | IDM | VT | Mirror | Other | ------+-------------+------- +-------+-------+-------+--------+------- | 1-24 | 3014 | 15 | 11 | 0 | 1 | 0 | 3 | 25-48 | 3005 | 15 | 10 [...]
-
Page 794
Monitoring Resources Viewing Information on Resource Usage Usage Notes ■ A 1:1 mapping of int ernal rules to conf igured polic ies in the switc h does for show resources Output not necessarily exist. As a result, disp laying current resource usa ge is the most reliable method for keeping tr ack of available resources. Also, because some internal [...]
-
Page 795
Monitoring Resources When Insufficient Resources Are Available When Insufficient Resources Are A vailable The switch has ample r esources for configur ing features and supporting: ■ RADIUS-authen ticated clients (with or without the op tional IDM applica - tion) ■ Viru s throttling and b locking on indi vidual clients. Note Virus throttling doe[...]
-
Page 796
Monitoring Resources When Insufficient Resource s Are Available E-8[...]
-
Page 797
F Daylight Savings T ime on ProCurve Switches This information applies to the fo llowing ProCurve switches: •2 1 2 M • Series 2500 • Series 5300xl •2 2 4 M • Series 2510 • Series 5400zl • 1600M • Series 2600 • Switch 6108 • 2400M • Series 2610 • Switch 6200yl • 2424M • Series 2800 • Series 6400cl • 4000M • Switch 2[...]
-
Page 798
Daylight Savings Time on ProCurve Switches Middle Europe and Portugal : • Begin DST at 2am the first Su nday on or after March 25th. • End DST at 2am the first Sund ay on or after September 24th. Southern Hemisphere: • Begin DST at 2am the first Sund ay on or after Oc tober 25th. • End DST at 2am the first Sunday on or after March 1st. W es[...]
-
Page 799
Daylight Savings Time on ProCurve Switches Before configuring a “User defined” Daylight Time Rule, it is important to understand how t he switch treats the entries. The swi tch knows which dates are Sundays, and uses an algorithm to determine on which date to change the system clock, given the configured “Beginning day” and “Ending day”[...]
-
Page 800
Daylight Savings Time on ProCurve Switches F-4[...]
-
Page 801
G Scalability: IP Addre ss, VLAN, and Routing Maximum V alues The following table lists the swi tch scal ability values for the areas of VLANs, ACLs, hardware, ARP , and routing. Subject Maximum IPv4 ACLs total named (extended or standard) up to 2048 (minus any IPv4 numeric standard or extended ACL assignments and any RADIUS-assigned ACLs) 1 total [...]
-
Page 802
Scalability: IP Address, VL AN, and Routing Maximum Values ARP Subject Maximum ARP entries 10 ,000 packets held for ARP resolution 25 Routing Protocol RIP interfaces 128 OSPF passive interfaces OSPF active interfaces 512 (minus OSPF active interfaces) 128 OSPF areas 16 ECMP next hops 4 G-2[...]
-
Page 803
H Switch Licensing Switch softw are licensing enables adva nced features in certain ProCurve switches. The following table shows th e software licenses available for the switches covered by this manual. License T ype Premium (includes OSPF , PIM – sparse mode, PIM – dense mode, VRRP , QinQ) Switch Family License Product 3500 and 3500yl J8993A 5[...]
-
Page 804
Switch Licensing The procedure for installing a l ice nsed feature into a switch is: 1. Locate the registration ID. When you purchase a software license, you receive a folded license registration ca rd. The registration ID is located on the insi de of the card, in th e upper le ft corner . 2. Get the switch’ s hardware ID. Establish a console con[...]
-
Page 805
I Power -Saving Features Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . I-2 Configuring th e Power-S aving Options . . . . . . . . . . . . . . . . . . . . . . . . . I-3 Configuring the Savepower module Option . . . . . . . . . . . . . . . . . . I-3 Configuring the Savepower LE[...]
-
Page 806
Power-Saving Features Overview There are sev eral power -saving feature s that can be configure d for the indi- cated switches and modules. The power -saving features inclu de the ability to: ■ T urn slot power on or off ■ T urn LED power on or off using a timer ■ Slot auto low power mode The module s support th e power -saving features a s i[...]
-
Page 807
Power-Saving Features Configuring the Power -Saving Options The savepower command provides configurable power -saving options. Syntax: [no] savepower <module [slot-list | all] | led [slot-id] | port-low-pwr [slot-id]> Configures power -saving features. module [slot-id]: T urns power -saving options on or off for all modules or a specified mod[...]
-
Page 808
Power-Saving Features Y ou can verify the status of the savepow er command by using the show modu les command or by checking the log messa ges (for 8200zl and 5400zl switche s). Note If a savepow er module < slot-list > or savepower all command is immediately followed by a no savepower module < slot-list > or no savepower al l command, [...]
-
Page 809
Power-Saving Features duration <[HH:]MM> : The amount of time the LEDs remain turned off. Option al. If the duration value is zero, when the timer starts the LEDs are turned off indefinitely un til the timer is canceled or the command is overridden with another command. Default: 0 (zero) recur : Optional. If specified, th e LEDs are turned of[...]
-
Page 810
Power-Saving Features Configuring the Savepower port-low-pwr Option The port-low-pwr option puts the slots into auto low p ower mode if they are not linked. I f a particular slot i s specifi ed, only that slot goes into auto low power mode . Specifying all puts all the slots into auto low power mod e. The ports i n low power mode peri odically moni[...]
-
Page 811
Power-Saving Features ProCurve(config)# show savepow er module Module Save Power Information Slot | Status ---- + -------- A | Disabled B | Disabled C | Enabled D | Disabled E | Disabled Figure I-4. Example of Outpu t for show savepower module Command Show Savepower Port-low-pwr . T o displa y the status of the power - down feature for the slots, u[...]
-
Page 812
Power-Saving Features ProCurve(config)# show savepower led Led Save Power Information Alarm Start Time : 06/01/0 9 12:01:07 Alarm Duration (HH:MM) : 12:00 Recurrent Status : Enabled Led Save Power Information Slot | Status ---- + -------- A | Enabled B | Enabled C | Enabled D | Enabled E | Enabled Figure I-6. Example of Outpu t for show savepower l[...]
-
Page 813
J Network Out-of-Band Management (OOBM) for the 6600 Switch Contents Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . J-2 Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . J-4 OOBM and Switch Applications . . . . . . . . . .[...]
-
Page 814
Network Out-of-Band Management (OOBM) for the 6600 Switch Concepts Concepts Management communications with a managed switch can be: ■ in band—through the networked data ports of the switch ■ out of band—through a dedi cated ma nagement port (or ports) separate from the data ports Out-of-band ports have typically been serial console ports us[...]
-
Page 815
Network Out-of-Band Management (OOBM) for the 6600 Switch Concepts improved sw itch securi ty: a prope rly configured switch can limit management access to the managemen t port only , pr eventing malicious atte mpts to gain access via the data ports. Network OOBM typically occurs on a management network that connects multiple sw itches. It has th e[...]
-
Page 816
Network Out-of-Band Management (OOBM) for the 6600 Switch Concepts Example In a typical data center installation, top-of-rack switches connect servers to the data netwo rk, while the management po rts of those swit ches connect to a physically and logically separate mana gement n e two rk. This allows netw ork administrators to manage the switches [...]
-
Page 817
Network Out-of-Band Management (OOBM) for the 6600 Switch Concepts OOBM and Switch Applications The table below shows the switch appl ications that are supported on the OOBM interf ace as well as on the data inte rfaces. In this list , some applications are client-only , some are server -only , and some are both. Application Inbound OOBM (server) O[...]
-
Page 818
Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks Ta s k s OOBM Configuration OOBM Context OOBM configurat ion commands can be issued f rom the global config uration context ( config ) or from a specific OOBM configuratio n context ( oobm ). T o enter the OOBM configuration contex t from the gene ral configuration context, use the oob[...]
-
Page 819
Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks OOBM Enable/disable T o ena ble or disable network OOBM, use the enable or disable command. Network OOBM is enabled by default. Syntax: From the OOBM context: enable disable From the general configuration context: oobm enable oobm disable Enables or disables networked out-of-band-manag[...]
-
Page 820
Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks OOBM Port Enable/disable The OOBM interf ace command enables or disables the OOBM interface (the OOBM port, as opposed to the O OBM function). Syntax: From the OOBM context: interface [enable | disable] From the general configuration context: oobm interface [enable | disable] Enables o[...]
-
Page 821
Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks OOBM Port Speed Control The OOBM port operates at 10 Mbps or 100 Mbps, half or full duplex . These can be set explicitly or they can be aut omatically negot iated using the au to setting.Set the port speed using the inter face command. Syntax: From the OOBM context: interface speed-dup[...]
-
Page 822
Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks OOBM IPv4 Address Configuration Configuring an IPv4 address for the OO BM interface is similar to VLAN IP address configuratio n, but it is a ccomplish ed within the OOBM context. Syntax: From the OOBM context: [no] ip address [dhcp -bootp | ip-address/mask-length ] From the general co[...]
-
Page 823
Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks OOBM Show Commands The show commands for OOBM are similar to the analogous commands for the data plane. Note that you must always include the oobm parameter to see the informati on for the OOBM interfac e, regardless of the context. For instance, even from the OOBM context the show ip [...]
-
Page 824
Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks Show OOBM IP Configuration Use show oobm ip to see the IP configuration of the OO BM interface. Syntax: show oobm ip Summarizes the IP configuration of the OOBM interface. This command displays the status of IPv4 (enabled/disabled), the IPv4 default gateway , and the IPv4 address confi[...]
-
Page 825
Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks Application Server Commands Application server s (as described in OOBM and Server Applications in the Concepts section above) have a dded a listen keyword with oobm|data|both options to specify which i nterface(s) is(are) active. Default value is both for all servers. For example: T el[...]
-
Page 826
----------------------------- Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks The show servers command shows the listen mode of the servers. ProCurve# show servers Server listen mode Server Listen mode Telnet | both Ssh | both Tftp | both Web-management | both Snmp | both Application Client Commands CLI commands for client applicati[...]
-
Page 827
Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks Ping: ping [...] [source < ip-address | vlan-id | oobm>] Management and Confi guration Guide , page C-65 T raceroute: tracerou te [...] [source <ip-address | vlan-id | oobm>] Management and Confi guration Guide, page C-67 Example This example shows setup and use of network [...]
-
Page 828
Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks The CLI commands that follow w ould acco mplish those tasks. (The first time through the process yo u might easily make the omissi on shown near the end of the example.) Switch 41# config Switch 41(config)# vlan 1 Switch 41(vlan-1)# ip address 10.1.129.7/20 Switch 41(vlan-1)# end Switc[...]
-
Page 829
Index Symbols => prompt …C - 8 4 Numerics 802.1X effect, LLDP … 14-79 LLDP blocked … 14-46 802.1X access control authentication fa ilure, SNMP notification … 14-26 SNMP notification of authentication failure … 14-26 A access manager … 14-13 operator … 14-13 out-of-band … 2-3 access control list See ACL. ACL debug messages … C-4[...]
-
Page 830
disabled … A-11 download to a redundant management system … A-9 downloading software images … A-11 B bandwidth displaying port utilization … 10-13 displaying utilizati on … 5-18 guaranteed minimum See guaranteed minimum bandwidth. banner configuring … 2-11 default … 2-9 non-default … 2-10 operation … 2-9 redundant management … 2[...]
-
Page 831
copy tftp oobm … A-31 config files oobm … 6-38 config files, SCP/SFTP transfer …6 - 4 0 configuration Bootp … 8-14 clearing module … 10-31 comparing startu p to running … 6-6 console … 7-3 copying … A-29 DHCP Option 66 … 6-41 DHCP, Best Offer … 6-43 factory default … 6-9, 8-2 file update with Option 66 … 6-41 file updating w[...]
-
Page 832
features … 2-3 Help … 3-9, 3-11 inactivity-timer … 7-9 Main Menu interface … 3-7 meaning of asterisk … 3-10, 3- 13 measuring network activity … C-8 navigation … 3-9, 3-10 operation … 3-10 starting a session … 3-4 statistics, clear counters … 3-12 status and counters access … 3-7 status and counters menu … B-6 troubleshooting[...]
-
Page 833
PoE … 11-8 PoE allocation, usage …1 1 - 1 2 PoE power threshoold, 80 … 11-17 PoE pre-std- detect, enable d … 11-8 PoE prioirty, low … 11-10 PoE value, 17W … 11-21 port speed, auto … 10-16 security … A-48 SNTP … 9-5 sntp poll interval, 720 seconds …9 - 1 1 Support/Mgmnt URL wind ow … 5-13 system information features … 7-12 sy[...]
-
Page 834
See MAC address. Dyn1 See LACP. dynamic ARP protection resource usage … E-2 E edge ports … 13-4 Emergency Location Id Number … 14-39, 14-67 erase config file … 6-39 event log clearing entries … C-36 compared to debug/Syslog operation … C-41 console menu … 3-7 debugging by severity level … C-42, C-54 debugging by system module … C-[...]
-
Page 835
starving queues … 13-24 H Help for CLI … 1-7, 4-11 for menu interface … 1-6, 3-9, 3-11 for web browser interface … 1-7, 5-14 online, inoperable … 5-14 hop, router …8 - 1 1 hotswapping mgmt module … 15-15 HP Auto-MDIX feature … 10-21 web browser interface … 2-5 I ICMP resources … E-4 ICMP rate-limiting all-traffic See rate-limiti[...]
-
Page 836
single source … 8-25 source IP address … 8-26 source IP with debug debug source IP address …8 - 3 1 source IP with radius … 8-31 source IP with tacacs … 8-31 source-interface option … 8-2 6 IP Preserve DHCP server … 8-21 overview … 8-21 rules, operating … 8-21 summary of effect … 8-24 IP routing debug messages … C-42 IPv6 debu[...]
-
Page 837
802.1X blocking … 14-46 802.1X effect … 14-79 active port … 14-39 adjacent device … 14-39 advertisement … 14-39 advertisement content … 14-54 advertisement data … 14-71 advertisement, mandatory data … 14-54 advertisement, optional data … 14-55 advertisements, delay interval … 14-50 CDP neighbor data … 14-80 chassis ID … 14-5[...]
-
Page 838
trap receiver, data change notice … 14-52 TTL … 14-42, 14-44 txonly … 14-53 VLAN, untagged … 14-79 walkmib … 14-44 with PoE … 11-18 LLDP-MED displaying speed … 14-73 ELIN … 14-67 enable or disable … 14-42 endpoint support … 14-58 fast start control … 14-62 location data … 14-66 medTlvenable … 14-64 Neighbors MIB … 14-74 [...]
-
Page 839
ACL criteria (deprecated) … B-29, B-35, B-37, B-56, B-62 ACLs converted to classifi er-based policies in K.14.xx and later … B-30, B-62 ACLs replaced by classifier-based criteria … B-29, B-67 ARP request … B-96 booting pre-K.12.xx OS … B-37 caution configure destination first … B-33, B-44, B-53, B-71 endpoint removal … B-51 exit port [...]
-
Page 840
rate … B-36 remote session configuration steps … B-46 defined … B-32 disabling … B-48 exit port … B-31 first release supported … B-28 quick reference … B-47 supported switches … B-33 restrictions classifier-based … B -67, B-72, B-73 local sessions … B-28 remote sessions … B-28 source switch … B-56 session 1, legacy configura[...]
-
Page 841
oobm address config … J-10 client commands … J-14 command … J-6 copy command output … A-40 copy config to remote host … A-30 copy crash-data … A-42, A-43 copy crash-log … A-43, A-44 copy event-log tftp … A-41 copy show-tech … A-32 copy tftp command-file … A-36 copy tftp config … A-31 copy tftp flash … A-26 default gateway co[...]
-
Page 842
absent cnt … 11-24 defined … 11-3 needed power for PoE+ … 11-7 other fault … 11-23 over current cnt … 11-23 oversubscribed … 11-3 overview of status … 11-21 PD support … 11-6 PD, defined … 11-3 poe-lldp-detect command … 1 1-18 port-number priority … 11-7 port-number priority, defined … 11-4 power denied cnt … 11-23 power, [...]
-
Page 843
menu access to static trunk … 12-10 mirroring … B-28 monitor port restrictions … 12-9 nonconsecutive ports … 12-3 port security restriction … 12-9 removing port from static trunk … 12-16 requirements … 12-8 SA/DA … 12-37 spanning tree protoc ol … 12-9 static trunk … 12-8 static trunk, overview … 12-6 static/dynamic limit … 1[...]
-
Page 844
how measured … 13-9 ICMP See ICMP rate-limiting. intended use … 13-4 mcast command … 13-19 multicast traffic … 13-19 note on testing … 13-10, 13-17 operating notes … 13-8 optimum packet size … 13-10, 13-16 per-port only … 13-4 purpose … 13-4 traffic filters … 13-9 reboot actions causing … 6-4 faster boot time … 6-24 from sec[...]
-
Page 845
viewing … 6-6 See also configuratio n. S savepower command … I-3 led option … I -4 port-low-pwr … I-6 show led … I-7 show module … I-6 show port-low-pwr … I-7 scalability …G - 1 scheduled reboot …6 - 2 5 SCP/SFTP enabling … A-13 session limit … A-17, A-19 transfer of config files … 6-40 troubleshooting … A-18 secure copy S[...]
-
Page 846
configuring trap receivers … 14-19 configusing trap receivers … 14-19 DHCP snooping events … 14-17 different versions … 14-17 enabling informs … 14-21 enabling network security traps … 14-27 enabling SNMPv3 … 14-23 fixed traps … 14-19 invalid password in login … 14-17 IP … 14-3 link-change traps … 14-17, 14-28 manager password[...]
-
Page 847
startup-config viewing … 6-6 See also configuratio n. statistics …3 - 7 clearing … B-18 SNTP … 9-22 statistics, clear counters …6 - 1 1 status and counters access from console … 3-7 status overview screen …5 - 7 subnet …8 - 9 VLAN, mirroring exit port … B-34, B-46, B-48, B-49, B-90, B-97 subnet mask … 8-5, 8-6 See also IP mask s[...]
-
Page 848
terminal type …7 - 3 terminate remote session …7 - 1 1 TFTP auto-TFTP … A-11 auto-TFTP feature … A-11 auto-TFTP, disa ble … A-11, A-14 copy command output … A-40 copy crash data … A-41 copy crash log … A-43 copy event log output … A-41 copying a configuration file … A-31 copying software image … A-28 disable … A-14 disabled [...]
-
Page 849
See also notification. snmp-authentication … 14-27 threshold … 14-19 troubleshooting ACL … C-9 approaches … C-5 browsing the configuration file … C-71 configuring debug destinations … C-42 console access problems … C-6 diagnosing unusual networ k activity … C-8 diagnostics tools … C-62 displaying switch operation … C-72, C-75 DN[...]
-
Page 850
copy crash log … A-43 copy event log output … A-41 copy software image to a USB device … A-29 devices with secure partitions not supported … A-22 flash drives must be formatted … A-22 supported capabilities … A-22 uploading an ACL command file … A-38 using to copy switch software … A-22 viewing flash drive contents … A-22, A-23 us[...]
-
Page 851
features … 2-5 copying a software image … A-28 first-time install … 5-8 download to primar y or secondary flash … A-21 first-time tasks … 5-8 uploading an ACL command file … A-38 Java applets, enabling … 5-5 using to download switch software … A-20 main screen … 5-17 online help … 5-14 online help locatio n specifying … 5-14 o[...]
-
Page 852
24 – Index[...]
-
Page 853
[...]
-
Page 854
Pr oC ur v e 5400zl S w itc hes Inst allati on and Gettin g Startd Guide T echnology for bet ter business outcom es T o learn mo re , vi sit w w w .hp .com/go/pr ocurv e/ © Cop yri ght 2009 Hew lett-P ack ard De velopme nt Co mpan y , L .P . T he infor mation contained her ein is su bject to change w ithout notice. The onl y warr anties f or HP pr[...]