HP (Hewlett-Packard) 6600 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854

Go to page of

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of HP (Hewlett-Packard) 6600, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of HP (Hewlett-Packard) 6600 one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of HP (Hewlett-Packard) 6600. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of HP (Hewlett-Packard) 6600 should contain:
- informations concerning technical data of HP (Hewlett-Packard) 6600
- name of the manufacturer and a year of construction of the HP (Hewlett-Packard) 6600 item
- rules of operation, control and maintenance of the HP (Hewlett-Packard) 6600 item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of HP (Hewlett-Packard) 6600 alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of HP (Hewlett-Packard) 6600, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the HP (Hewlett-Packard) service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of HP (Hewlett-Packard) 6600.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the HP (Hewlett-Packard) 6600 item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    HP Pr oC ur v e S wit ch So ft w ar e Management and Conf igur ation Guide 350 0 swi tc he s 3 500yl s wit ches 5400z l s witches 6 200y l sw itch es 66 00 s w itc hes 8 2 00zl sw itches Sof t ware ve rsio n K. 1 4.3 4 Septemb er 2009[...]

  • Page 2

    [...]

  • Page 3

    HP ProCurve 3500 Switches 3500yl Switches 5400zl Switches 6200yl Switch 6600 Switches 8200zl Switches September 2009 K.14.34 Management and Configuration Guide[...]

  • Page 4

    © Copyright 2005–2009 Hewlett-P ackard Development Company, L.P . The infor mation contained herein is subjec t to change with- out notice. All Ri ghts Reserved. This document contains proprie tary information, which is protected by copyright. No pa rt of this document may be photocopied, reproduced, or translated into another language without t[...]

  • Page 5

    Contents Product Documentation About Your Switch Manual Set . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxv Printed Publications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxv Electronic Publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxv Software Feature Ind[...]

  • Page 6

    2 Selecting a M anagement Interface Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1 Advantages of Using ProCurve Manager Custom Login Banners for the Cons ole and Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .[...]

  • Page 7

    4 Using the Command Line Interface (CLI) Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2 Accessing the CLI . . . . . . . . . . . . . . . . . . . . . . . . . .[...]

  • Page 8

    6 Entering a User Name and Password . . . . . . . . . . . . . . . . . . . . . . 5-11 Using a User Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-11 If You Lose the Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-11 Online Help for the Web Browser Interface . . . . . . . . . . . . . . . [...]

  • Page 9

    Rebooting the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-19 Viewing the Startup-Co nfig File Status with Multiple Using the Clear + Reset Butt on Combinati on To Reset the Xmodem: Copying a Configur ation File to a Serially Xmodem: Copying a Config uration from a Serially Operating Notes about Booting . .[...]

  • Page 10

    7 Interface Access and System Information Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2 Interface Access: Console/Serial Link, Web, and Inbound Telnet . 7-3[...]

  • Page 11

    Configuring a Single Source IP Address . . . . . . . . . . . . . . . . . . . . . . . 8-25 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-25 Specifying the S ource IP Addre ss . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-25 The Source IP Selection Policy . . . . . . . . .[...]

  • Page 12

    10 Viewing the Current TimeP Co nfiguration . . . . . . . . . . . . . . . . . . 9-29 Configuring (Enablin g or Disabling) the TimeP Mode . . . . . . . . 9-30 SNTP Unicast Time Pollin g with Multiple SNTP Se rvers . . . . . . . . 9-35 Displaying All SNTP Server Addresses Configured on the Switch . . 9-35 Adding and Deleting SN TP Server Addresse s .[...]

  • Page 13

    Transceivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-31 Modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-31 Clearing the Modul e Configurati on . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-31 Operating Notes . . . . . . . . . . . . . . .[...]

  • Page 14

    12 Displaying the Switch’s Global PoE Power Status . . . . . . . . . . . . . 11-19 Displaying PoE Status on All Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-21 Displaying the PoE Status on Specific Port s . . . . . . . . . . . . . . . . . . . 11-23 Planning and Impleme n ti ng a PoE Configuration . . . . . . . . . . . . . . 11-2[...]

  • Page 15

    Forwarding Traffic with Dis t ribu ted Trunking and Spanning Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-32 Forwarding Broadcast, Multicast, and Forwarding Broadcast, Mult icast, and Unknown Traffic Forwarding Unicast Traffic Upstream . . . . . . . . . . . . . . . . . . . . 12-32 Unknown Traffic U[...]

  • Page 16

    14 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-22 GMB Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-22 Impacts of QoS Queue Configuratio n on GMB Operat ion . . . . 13- 24 Configuring Guaranteed Minimum Bandwidt h for Outbound Traffic[...]

  • Page 17

    Menu: Viewing and Co nfiguring no n-SNMP version 3 Communities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-13 CLI: Viewing an d Configuring SNMP Communi ty Names . . . . 14-15 SNMP Notifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-17 Supported Notifications . [...]

  • Page 18

    15 Configuring Support f or Port Speed and Duplex Advertisements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-56 LLDP-MED (Media-Endp oint-Discovery) . . . . . . . . . . . . . . . . . . . . . 14-57 LLDP-MED To pology Ch ange Notification . . . . . . . . . . . . . . . . . 14-60 LLDP-MED Fast Start Control . . . [...]

  • Page 19

    When the Standby Mod ule is not Availabl e . . . . . . . . . . . . . . . . 15-16 Software V ersion Mismatch Between Active Potential Softwa re Version Mismatches Hotswapping In a Management Module . . . . . . . . . . . . . . . . . . . . . . . 15-16 and Hotswapped Module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-16 Dow[...]

  • Page 20

    Active (Actv) LED Behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-40 Standby Led Behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-40 Logging Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-41 Log File . . . . . . . . . . . . . . . . [...]

  • Page 21

    Using USB to Downl oad Switch Software . . . . . . . . . . . . . . . . . A-23 Switch-to-Switch Download . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-24 Menu: Switch-t o-Switch Download to Primary F lash . . . . . . . . A-25 CLI: Switch-To-Switc h Downloads . . . . . . . . . . . . . . . . . . . . . . . A-26 Xmodem: Copying a Sof[...]

  • Page 22

    Using USB Autorun . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-47 How It Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-47 Security Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-48 Troubleshooting Autorun Operations . . . .[...]

  • Page 23

    CLI Access for MAC Address Views and S earches . . . . . . . . . . B-22 Spanning Tree Protocol (MSTP) Inf ormati on . . . . . . . . . . . . . . . . . . B-23 CLI Access to MSTP Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-23 Internet Group Management Prot ocol (IGM P) Status . . . . . . . . . . . B-24 VLAN Information . . . .[...]

  • Page 24

    Selecting Inbound Traffic Using an ACL (D eprecated) . . . . . . . . . . B-62 Selecting Inbound Traffic Using Advanced Viewing the Mirroring Config urations in the Running Effect of Downstream VL AN Tagging on Untagged, Selecting Inbo und/Outbound Traff i c Using a M AC Address . . . . . B-63 Classifier-Based Mirroring . . . . . . . . . . . . . . .[...]

  • Page 25

    IGMP-Related Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-14 LACP-Related Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-14 Mesh-Related Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-15 Port-Based Access Control (802.1X)-Relate d Problems [...]

  • Page 26

    Adding a Priority Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-58 Configuring the Severit y Level for Event Log Configuring the System Module Used to Select the Event Log Messages Sent to a Syslog Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-59 Messages Sent to a Syslog Server . . . . . . . . . . .[...]

  • Page 27

    Event Log Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-95 Locator LED (Locating a Switch) . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-96 D MAC Address Management Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . D-1 Overview . [...]

  • Page 28

    Show Savepower Comman ds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . I-6 J Network Out-of-Band Manag ement (OOBM) for the 6600 Switch Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . J-1 Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [...]

  • Page 29

    Product Documentation About Y our Switch Manual Set Note For the latest version of all ProCur ve switch documentation, including Release Notes covering re cently added features, please visit the ProCurve Networking W eb site at www .procurve.com/ma nuals . Printed Publications The two public ations listed below are p rinted and shipped with yo ur s[...]

  • Page 30

    Software Feature Index For the software manual set supporting your 3500/350 0yl/5400zl/6200yl/6600/ 8200zl switch model, this feature inde x indicates which manual to consu lt for information on a gi ven software feature. Note This Index does not cover IPv6 capable software features. Fo r information on IPv6 protocol operations and features (such a[...]

  • Page 31

    Intelligent Edge Software Features Manual Management and Configuration Advanced T raffic Management Multicast and Routing Access Security Guide 802.1X Multiple Authent icated Clients Per Port Access Control Lists (ACLs) X X AAA Authentication Authorized IP Managers Authorized Manager List (Web, T elnet, TFTP) Auto MDIX Configuration X X X X BOOTP C[...]

  • Page 32

    Intelligent Edge Software Features Manual Management and Configuration Advanced T raffic Management Multicast and Routing Access Security Guide Factory Default Settings Flow Control (802.3x) File Management File T ransfers X X X X Friendly Port Names Guaranteed Minimum Bandwidth (GMB) GVRP Identity-Driven Management (IDM) X X X X IGMP Interface Acc[...]

  • Page 33

    Intelligent Edge Software Features Manual Management and Configuration Advanced T raffic Management Multicast and Routing Access Security Guide Multiple Configuration Files Network Management Applications (SNMP) X X Out-of-Band Management (OOBM) OpenView Device Management Passwords and Password Clear Protection ProCurve Manager (PCM) X X X X Ping P[...]

  • Page 34

    Intelligent Edge Software Features Manual Management and Configuration Advanced T raffic Management Multicast and Routing Access Security Guide sFlow SFTP SNMPv3 Software Downloads (SCP/SFTP , TFPT , Xmodem) X X X X Source-Port Filters Spanning T ree (STP , RSTP , MSTP) SSHv2 (Secure Shell) Encryption SSL (Secure Socket Layer) X X X X Stacking (350[...]

  • Page 35

    Intelligent Edge Software Features Manual Management and Configuration Advanced T raffic Management Multicast and Routing Access Security Guide W eb-based Authentication W eb UI X X xxxi[...]

  • Page 36

    xxxii[...]

  • Page 37

    1 Getting Started Contents Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Command Syntax Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [...]

  • Page 38

    Getting Started Introduction Introduction This guide is intended for use with the fo llowing ProCurve switches: ■ 8200zl switches ■ 6600 switches ■ 5400zl switches ■ 3500, 3500yl and 6200yl switches It describes how to use the co mmand lin e interface (CLI), Menu interface, and web browser to conf igure, manage, monitor , and troubleshoot s[...]

  • Page 39

    Getting Started Conventions Syntax: aaa port-access authe nticator < port-list > Command Prompts In the default co nfiguration, your switch displays a C LI prompt similar to the following example: ProCurve 8212zl# T o sim plify recognition, this guide uses ProCurve to repre sent command prompts for all sw itch models. For example: ProCurve# ([...]

  • Page 40

    Getting Started Sources for More Information Sources for More Information For information about switch operation and features no t covered in this guide, consult the fo llowing sources: ■ Feature Index—For information on wh ich manual to consult for a given software feature, ref er to the “Softw are Feature Ind ex” on page xi v. Note For th[...]

  • Page 41

    Getting Started Sources for More Information • file transfers, switch monitoring, t roubleshooting, and MAC address management ■ Advanced T raffic Management Guide —Use this guide for inform ation on topics such as: • VLANs: Static port-b ased and protocol VLANs, and dynamic GVRP VLANs • spanning-T ree: 802 .1D (STP), 802. 1w (RSTP), and [...]

  • Page 42

    Getting Started Sources for More Information Getting Documentation From the W eb T o obtain the latest versions of documentation and release notes for your switch, go to the ProCurve Ne tworking manuals web page at www .hp.c om/go/ procurve/manuals. Online Help Menu Interface If you need informatio n on specific parame ters in the menu in terface, [...]

  • Page 43

    Getting Started Sources for More Information Command Line Interface If you need information on a specific command i n the CLI, type t he command name fo llowed by help . For example: Figure 1-3. Example of CLI Help W eb Browser Interface If you need information on specific features in the HP ProCurve W eb Browser Interface (hereafter referred to as[...]

  • Page 44

    1 Getting Started Need Only a Quick Start? Need Only a Quick Start? IP Addressing If you just want to give th e switch an IP address so that it can communicate on your network, or if you are not us in g VLANs, ProCur ve recommends that you use the Switch Setup sc reen to quickly configure IP addressing. T o do so, do one of the following: ■ Enter[...]

  • Page 45

    2 Selecting a Management Interface Contents Selecting a Management Interface Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2 Advantages of Using ProCurve Manager Custom Login Banners for the Cons ole and Understanding Management I nterfaces . . . . . . . . . . . . . . .[...]

  • Page 46

    Selecting a Management Interface Overview Overview This chapter describes the foll owing: ■ Management interfaces for the sw itches covered in this guide ■ Advantages of using each interface Understanding Management Interfaces Management interfaces enable you to re configure the switch and to monitor switch status and performance. The sw itch o[...]

  • Page 47

    Selecting a Management Interface Advantages of Using the Menu Interface T o use ProCurve Manager or ProCurve Manage r Plus, refer to the Getting Started Guide and th e Administrator’ s Guide , which are available electron- ically with the software for these appl ications. For more informati on, visit the ProCurve Networking web s ite at www .proc[...]

  • Page 48

    Selecting a Management Interface Advantages of Using the CLI ■ Enables T elnet (i n-band) access to the menu functionalit y . ■ Allows faster navi gation , avoiding delays that occur with slower display of graphical objects over a web browser interface. ■ Provides more security ; configuratio n information and passwords are not seen on the ne[...]

  • Page 49

    Selecting a Management Interface Advantages of Using t he Web Browser Interface ■ T o perform specific procedur es (such as confi guring IP addressin g or VLANs), use the Contents listing at th e front of the m anual to locate the informat ion you need . ■ For monitoring and analyzing switch operation , refer to Appendix B. ■ For information [...]

  • Page 50

    Selecting a Management Interface Advantages of Using t he Web Browser Interface ■ More visual cues , using colors, status bars , device icons, and other graphical objects instead of relyin g solely on alphanumeric values ■ Display of accep table ranges of values av ailable in configur ation list boxes 2-6[...]

  • Page 51

    Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus Advantages of Using ProCurve Manager or ProCurve Manager Plus Y ou can operate ProCurve Manager and ProCurve Manager Plus (PCM and PCM+) from a PC on t he network to mo nitor traffic, manage your hubs and switches, and proactively recommend ne twork chang[...]

  • Page 52

    Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus PCM and PCM+ enable greater control, uptime, and performance in your network: ■ Features and benefits of ProCur ve Manager: • Network Status Summary: Upon boo t-up, a network status screen displays high-level information on ne twork devices, end nodes[...]

  • Page 53

    Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus • Device Software Updates: This feature automaticall y obtains new device software images from ProC urve and updates devices, al lowing users to do wnload the latest vers ion or choose the desired version. Updates can be scheduled easily across large gr[...]

  • Page 54

    Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus clears the banner windo w and prompts the u ser for a passwor d (if configured) . Following entry of the correct userna me /password information (or if no username/p assword is req uired), th e swit ch then displays either the Registra- tion page or the s[...]

  • Page 55

    Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus Example of Configuring and Displaying a Banner Suppose a system operator wan ted to configure the following banner message on her comp any’ s switches: This is a private system maintained by the Allied Widget Corporation. Unauthorized use of this system[...]

  • Page 56

    Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus Shows the current bann er configur ation. Figure 2-7. The Current Banner Appears in the Switch’ s Ru nning-Config File The next time someone logs onto t he switch’ s management CLI, the follow ing appears: The login scre en displays the configured ba [...]

  • Page 57

    Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus If someone uses a W eb browser to log in to the switch interface, the following message appears: Figure 2-9. Example of Web Browser Interface Result of th e Login Banner Configuration Operating Notes ■ The default banner appears only when the switch is [...]

  • Page 58

    Selecting a Management Interface Advantages of Using ProCurve Manager or ProCurve Manager Plus 2-14[...]

  • Page 59

    3 Using the Menu Interface Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2 Starting and Ending a Me nu Session . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3 How To Start a Menu Interface Session . . . . . . . . . . . . . . . . . . . . . . . . . 3-4 How To En[...]

  • Page 60

    Using the Menu Interface Overview Overview This chapter describes the follow ing features: ■ Overview of the Menu Interfa ce (page 3-2) ■ Starting and ending a Menu session (page 3-3) ■ The Main Menu (page 3-7) ■ Screen structure and naviga tion (page 3-9) ■ Rebooting the switch (page 3-12) The menu interface operates thro ugh the switch [...]

  • Page 61

    Using the Menu Interface Starting and Ending a Menu Session Note If the switch has neither a Manag er nor an Operator password, anyone having access to the console interface can ope rate the console with full manager privileges. Also, if you co nfigure only an Operator password, entering the Operator password en ables full manager privileges. For m[...]

  • Page 62

    Using the Menu Interface Starting and Ending a Menu Session How T o Start a Menu Interface Session In its factory default configuration, th e switch console starts with the CLI prompt. T o use the menu interface with Manager privileges, go to the Manager level prompt and ent er the menu command. 1. Use one of these methods to connect to the switch:[...]

  • Page 63

    Using the Menu Interface Starting and Ending a Menu Session Figure 3-1. Example of the Main Menu with Mana ger Privileges For a description of Main Menu fe atures, see “Main Menu Feat ures” on page 3-7. Note T o configure the switc h to start with th e menu interface inst ead of the CLI, go to the Manager lev el prompt in the CLI, enter the set[...]

  • Page 64

    Using the Menu Interface Starting and Ending a Menu Session Asterisk indicates a configuration change that requires a reboot to activate. Figure 3-2. Example Indicatio n of a Configuration Change Requiring a Reboot 1. In the current session, if you have not made conf iguration changes that require a switch reboot to activate, return to t he Main Me[...]

  • Page 65

    Using the Menu Interface Main Menu Features Main Menu Features Figure 3-3. The Main Menu View with Manager Privileges The Main Menu gives you access to these Menu interface features: ■ Status and Counters: Provides access to di splay screens showing switch informat ion, port status and counters, and port and VLA N address tables. (Refer to Append[...]

  • Page 66

    Using the Menu Interface Main Menu Features ■ Command Line (CLI): Selects the Command Line Interface at the same level (Manager or Operator) that you are accessing in the Menu interface . (Refer to Chapter 4, “Using th e Command Line Interface (CLI)”.) ■ Reboot Switch: Performs a “warm” reboot of the switch, which clears most temporary [...]

  • Page 67

    Using the Menu Interface Screen Structure and Navigation Screen Structure and Navigation Menu interface screens incl ude these three e lements: ■ Parameter fields and/or read -onl y information such as statisti cs ■ Navigati on and configur ation actions, such as Save, Edi t, and Cancel ■ Help line to describe navigati on options, in dividual[...]

  • Page 68

    Using the Menu Interface Screen Structure and Navigation T able 3-1. How T o Navig ate in the Menu Interface T ask: Actions: Execute an action from the “Actions –>” list at the bottom of the screen: Use either of the following methods: • Use the arrow keys ( [<] , or [>] ) to highlight th e action you want to execute, then press [E[...]

  • Page 69

    Using the Menu Interface Screen Structure and Navigation T o get Help on i ndividual parameter de scriptions. In most screens there is a Help option in the Actions line. Whenever any of the items in the Actions line is highlig hted, press [H] , and a sep arate help screen is displayed. For example: Pressing [H] or highlighting H elp and pressing [E[...]

  • Page 70

    Using the Menu Interface Rebooting the Switch Rebooting the Switch Rebooting the switch fr om the menu interface ■ T erminates all current sessions and performs a reset of the operating system ■ Activates any menu interface configuration changes that req uire a reboot ■ Resets statistical counters to zero (Note that statistical counters can b[...]

  • Page 71

    Using the Menu Interface Rebooting the Switch Rebooting T o Activate Configuration Changes. Configuration changes for most parameters in th e menu interface become ef fective as soon as you save them. However , you must reboot the switch in orde r to implement a change in the Maximum VLANs to support parameter . (T o access this parameter , go to t[...]

  • Page 72

    Using the Menu Interface Menu Features List Menu Features List Status and Counters • General System Information • Switch Management Add ress Information • Port Status • Port Counters • Address T able • Port Address T able Switch Configurat ion • System Info rmation • Port/T runk Se ttings • Network M onitoring Port • IP Configur[...]

  • Page 73

    Using the Menu Interface Where To Go From Here Where T o Go From Here This chapter provides a n overview of the menu interface a nd how to use it. The followi ng table indicates where t o turn for det ailed informatio n on how to use the individual features av ailable through the menu interface. Option: Tu r n t o : T o use the Run Setup option Ref[...]

  • Page 74

    Using the Menu Interface Where To Go From Here 3-16[...]

  • Page 75

    4 Using the Command Line Interface (CLI) Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2 Accessing the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2 Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . .[...]

  • Page 76

    Using the Command Line Interface (CLI) Overview Overview The CLI is a text-based command interf ace for configuring an d monitoring the switch. The CLI gives you access to the switch’ s full set of commands while providing the same password protection that is used in t he web browser interface and the menu interface. Accessing the CLI Like the me[...]

  • Page 77

    Using the Command Line Interface (CLI) Using the CLI When you use the CLI to make a config uration change, the switch writes the change to the Run ning-Config file in volati le memory . This allo ws you to test your configurat ion changes before ma ki ng them permanent. T o make changes permanent, you must use t he write memory command to save them[...]

  • Page 78

    Using the Command Line Interface (CLI) Using the CLI Caution ProCurve strongly recom mends that you confi gure a Manager passwo rd. If a Manager password is not configured, th en the Manager level is not passw ord- protected, and anyone having in-ban d or out-of-band access to the switch may be able to reach the Manag er level and compromise switch[...]

  • Page 79

    Using the Command Line Interface (CLI) Using the CLI Manager Privileges Manager privileges give you three additi onal levels of acce ss: Manager , Global Configuration, and Cont ext Configuration. A “ # ” character delimits any Man- ager prompt. For example: ProCurve #_ Example of the Manager prompt. ■ Manager level : Provides all Operat or l[...]

  • Page 80

    Using the Command Line Interface (CLI) Using the CLI T able 4-1. Privilege Level Hierarch y Privilege Level Example of Prompt and Permitted Operations Operator Privilege Operator Level ProCurve> show < command > setup ping < argument > link-test < argument > enable menu logout exit View status and con figuration information. Pe[...]

  • Page 81

    Using the Command Line Interface (CLI) Using the CLI How T o Move Between Levels Change in Levels Example of Prompt, Command, and Result Operator level to Manager level Manager level to Global configuration level Global configuration level to a Context configuration level Context configuration level to another Context configuration level Move from [...]

  • Page 82

    Using the Command Line Interface (CLI) Using the CLI For example, if you use the menu interf ace to configure an IP address of “ X ” for VLAN 1 and later use the CLI to co nfigure a different IP address of “ Y ” for VLAN 1, then “ Y ” replaces “ X ” as the IP address for VLAN 1 in the runni ng- config file. If you subsequently exe c[...]

  • Page 83

    Using the Command Line Interface (CLI) Using the CLI T y ping ? at the Manager level produces this listing: When - - MORE - - appears, use the Spa ce bar or [Return] to list additional co mmands. Figure 4-4.Example of the Manager-Level Command Listing When - - MORE - - appears, there are more comma nds in the listing. T o list the next screenfull o[...]

  • Page 84

    Using the Command Line Interface (CLI) Using the CLI As mentioned above, if you type part of a command word and press [T ab] , the CLI completes the current wo rd (if you have typed enou gh of the word for the CLI to distingui sh it from other possibilities), including hyphen ated exten- sions. For ex ample: ProCurve (config)# port- [T ab] ProCurve[...]

  • Page 85

    Using the Command Line Interface (CLI) Using the CLI Displaying CLI “Help” CLI Help provides two types of context-sensitive info rmation: ■ Command list with a brief summary of each command’ s purpose ■ Detailed informati on on how to use individual command s Displaying Command-List Help. Syntax: help Displays a listing of comm and Help s[...]

  • Page 86

    Using the Command Line Interface (CLI) Using the CLI Figure 4-7.Example of How T o Display Help for a Specific Command Note that trying to list the help for an individual command from a privilege level that does no t includ e that command results in an error message. For example, trying to li st the help for the interface command while at the globa[...]

  • Page 87

    Using the Command Line Interface (CLI) Using the CLI Configuration Comma nds and the Context Configuration Modes Y ou can execute any configuration comma nd in the global configuration mode or in selected context modes. However , using a c ontext mode enables you to execute context-specific commands fast er , with shorter command strings. The switc[...]

  • Page 88

    Using the Command Line Interface (CLI) Using the CLI In the port context, the first block of commands in the “?” listing show the context-specif ic commands that will affect only ports C3-C6. The remaining commands in the listing are Manager , Operator , and context commands. Figure 4-8. Co ntext-Specific Commands Affec ting Port Context 4-14[...]

  • Page 89

    Using the Command Line Interface (CLI) Using the CLI VLAN Context . Includes VLAN-specific command s that apply only to the selected VL AN, plus Manager an d Operator commands. The promp t for this mode includes the VLAN ID of the sel ected VLAN. For example, if you had already configur ed a VLAN with an ID of 100 in the switch: ProCurve(config)# v[...]

  • Page 90

    Using the Command Line Interface (CLI) CLI Control and Editing CLI Control and Editing Executing a Prior Command—Redo The redo command executes a prior command i n the history list . Syntax: re do [number | command-str] Re-executes a command from history. Executes the last command by default. number : The position of the command to execute in the[...]

  • Page 91

    Using the Command Line Interface (CLI) CLI Control and Editing Syntax: re peat [cmdlist] [count] [delay] Repeats execution of a previo us command. Repeats the last command by default until a key is pressed. cmdlist: If a number or range of numbers is specified, the command repeats the n th most recent commands (where “n” is the position in the [...]

  • Page 92

    Using the Command Line Interface (CLI) CLI Control and Editing Using a Command Alias Y ou can create a simple comma nd alias to use in place of a command name and its options. Choose an alias n ame that is not an existing CLI command already . Existing CLI commands are se arched before looking for an alias command; an alias that is identical to an [...]

  • Page 93

    Using the Command Line Interface (CLI) CLI Control and Editing ProCurve(config)# show int cust om 1-4 port name:4 type vlan intrusion sp eed enabled mdi Status and Counters - Custom P ort Status Intrusion Port Name Type VLAN Aler t Speed Enabled MDI-mode ---- ---------- ---------- -- --- --------- ------- ------- -------- 1 Acco 100/1000T 1 No 1000[...]

  • Page 94

    Using the Command Line Interface (CLI) CLI Control and Editing ProCurve(config)# show alias Name Command -------------------- ------------ ------------------ sc show config sic show int custom 1-4 port name:4 type vlan intrusion speed enabled mdi Figure 4-13. Example of Alias Comm ands and Their Configurations CLI Shortcut Keystrokes Keystrokes Fun[...]

  • Page 95

    5 Using the ProCurve W eb Browser Interface Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2 Starting a Web Browser Using ProCurve Manager (PCM) or Security: Creating Usernames and Passwords General Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .[...]

  • Page 96

    Using the ProCurve Web Browser Interface Contents Status Indicators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-22 Setting Faul t Detection Po licy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-23 5-2[...]

  • Page 97

    Using the ProCurve Web Browser Interface Overview Overview The ProCurve web browser interface buil t into the switch lets you easily access the switch f rom a browser -based PC on your network. This lets you do the followin g: ■ Optimize your network upt ime by using the Alert Lo g and other diagnost ic tools ■ Make config uration ch anges to t[...]

  • Page 98

    Using the ProCurve Web Browser Interface General Features General Features The web browser interface includes these features: Switch Identity and Status: • General system da ta • Software version • Redundant Management Modul e software versio n • IP address • Status Overview • Port utilizat ion • Port counters • P o r t s t a t u s [...]

  • Page 99

    Using the ProCurve Web Browser Interface Starting a Web Browser Interface Session with the Switch Starting a W eb Browser Interface Session with the Switch Y ou can star t a web browser session in the following ways: ■ Using a standalone web b rowser on a network con n ection from a PC or UNIX workstation: • Directly connected to your network ?[...]

  • Page 100

    Using the ProCurve Web Browser Interface Starting a Web Browser Interface Session with the Switch Using ProCurve Ma nager (PCM) or ProCurve Manager Plus (PCM+) ProCurve Manager and ProCurve Manager Pl us are designed for i nstallation on a network management w orkstation. For this reason, the system require- ments are different from the system requ[...]

  • Page 101

    Using the ProCurve Web Browser Interface Starting a Web Browser Interface Session with the Switch First time install alert Figure 5-1. Exa mple of Status Overview Screen 5-7[...]

  • Page 102

    Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session T asks for Y our First ProCurve W eb Browser Interface Session The first time you a ccess the web browse r interface, there ar e three tasks you should perform: ■ Review the “First Time Install” window ■ Set Manager and Op erator passwords ?[...]

  • Page 103

    Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session This window is the la unching point fo r the basic configur ation you need to perform to set web browser interf ace pa sswords for maintain ing security and a fault detection policy , which determin es the types of messages that the Alert Log displa[...]

  • Page 104

    Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session Figure 5-3.The Device Passwords Windo w T o set the passwords: 1. Acc ess the Device Passwords screen by on e of the following methods: • If the Alert Log includes a “First T ime Install” event entry , double click on this event, then, in the [...]

  • Page 105

    Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session Entering a User Name and Password Figure 5-4. Exa mple of the Password Prompt in the Web Browser Interface The manager and operator passw ords are us ed to control access to all switch interfaces. Once set, y ou will be prompt ed to supply the passw[...]

  • Page 106

    Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session The Clear button is provided for your convenience, but its presence means that if you are concerned with the security of the switch configuration and operation, you should make sure the swit ch is installed in a secure location, such as a locked wir[...]

  • Page 107

    Using the ProCurve Web Browser Interface Support/Mgmt URLs Feature Support/Mgmt URLs Feature The Support/Mgmt URLs window en ables you to change th e W orld W ide W eb Universal Resource Locat or (URL) for two functions: ■ Support URL – A support information site for your switch ■ Management S erver URL – The web sit e for web browser onlin[...]

  • Page 108

    Using the ProCurve Web Browser Interface Support/Mgmt URLs Feature Support URL This is the site the switch accesses when you click on the Support tab on the web browser interf ace. The default URL is: www .procurve.com which is the W orld Wide W eb site for ProCurve network ing products. Click on technical su pport on that page to get supp or t in [...]

  • Page 109

    Using the ProCurve Web Browser Interface Support/Mgmt URLs Feature In the defaul t configuration, the switch uses the URL for accessing the web browser interface h elp files on the ProCurve W orld Wide W eb site. Figure 5-7. How T o Access Web Browser Interface Online Help Using the PCM Server for Switch W eb Help For ProCurve devices that support [...]

  • Page 110

    Using the ProCurve Web Browser Interface Support/Mgmt URLs Feature 3. Add an entry , or edit the existing entry in the Di scovery portion of the global properties (globalpro ps.prp) in PCM to redire ct the switches to the help files on the PCM server . For example: Global { T empDi r=data/temp ... Discovery{ ... ... DeviceHelpUrlRedirect=htt p:// 1[...]

  • Page 111

    Using the ProCurve Web Browser Interface Status Reporting Features Status Reporting Features Browser elemen ts covered in this section includ e: ■ The Overv iew window (below) ■ Port utilization and status (page 5-18) ■ The Alert log (page 5-21) ■ The Status bar (page 5-23 ) The Overview W indow The Overvi ew W indow is the home screen for [...]

  • Page 112

    Using the ProCurve Web Browser Interface Status Reporting Features Policy Management and Configuration. PCM can perform network-w ide policy management and conf igurat ion of your switch . The Mana gement Server URL field (page 5-14) shows the URL fo r the management station performing that function. For more info rmation, re fer to the documentat [...]

  • Page 113

    Using the ProCurve Web Browser Interface Status Reporting Features ■ % Error Pkts Rx : All er ror packets received by the port. (This indic ator is a reddish color on many system s.) Although err ors re ceived on a port are not propagated to the rest of the network, a consistently high number of errors on a specific port ma y indicate a problem o[...]

  • Page 114

    Using the ProCurve Web Browser Interface Status Reporting Features Figure 5-11. Display of Nume rical Values for the Bar Port Status Port Status Indicators Legend Figure 5-12. The Port Sta tus Indicators and Legend The Port Status in dicators show a symbol for each port that i ndicates the general status of the port. Th ere are four possible status[...]

  • Page 115

    Using the ProCurve Web Browser Interface Status Reporting Features The Alert Log The web browser interface Al ert Log, sh own in th e lower half of the sc reen, shows a list of network occurrences, or alerts , that were detected by the switch. T ypical alerts are Broadcast Storm , indicating an excessive number of broadcasts received on a port, and[...]

  • Page 116

    Using the ProCurve Web Browser Interface Status Reporting Features Alert T ypes and Detailed Views As of June, 2007, the web browser in terface generates th e following alert types: • Auto Partition • High co llision or drop rate • Bac kup T ransition • Loss of Link • Excessive broadcasts • Mis-Configured SQE • Excessive CRC/alignment[...]

  • Page 117

    Using the ProCurve Web Browser Interface Status Reporting Features Figure 5-14. Example of Alert Log Detail View Status Indicators The status indicators use ic ons to show the severity of alerts in the current display of the Alert Log. This indicator can be one of four shapes and colors, as shown below . T able 5-1. Sta tus Indicator Key Color Swit[...]

  • Page 118

    Using the ProCurve Web Browser Interface Status Reporting Features Setting Fault Detection Policy One of the powerful features in the web browser interface is the Fault Detection facility . For your switch, this feature controls the types of alerts reported to the Alert Log based on their level of severity . Set this policy in the Fault De tection [...]

  • Page 119

    Using the ProCurve Web Browser Interface Status Reporting Features T o pro vide the most information on network prob lems in the Alert Log, the recommended sensitivity level for Log Network Problems is High Sensitivity . The Fault Detec tion settings are: ■ High Sensitivity . This policy direct s the sw itch to send all alerts to the Alert Log. T[...]

  • Page 120

    Using the ProCurve Web Browser Interface Status Reporting Features 5-26[...]

  • Page 121

    6 Switch Memory and Configuration Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-3 Using the Menu and Web Browse r Interfaces To Implement Viewing the Startup-Co nfig File Status with Multiple Configuration File Management . . . . . . . . . . . . . . . . . . . . . . . . [...]

  • Page 122

    Switch Memory and Configuration Contents Changing or Overriding t h e Reboo t Configuration Policy . . . . . . . . . 6-31 Using the Clear + Reset Butt on Combinati on To Reset the Xmodem: Copying a Configur ation File to a Serially Xmodem: Copying a Config uration from a Serially Managing Startup-Confi g Files in the Switch . . . . . . . . . . . . [...]

  • Page 123

    Switch Memory and Configuration Overview Overview This chapter describes: ■ How switch memory manages configur ation cha nges ■ How the CLI impl ements config uration changes ■ How the menu interface and web br owse r interface im plement configu- ration changes ■ How the swit ch provides softwar e options through prim ary/secondary flash i[...]

  • Page 124

    Switch Memory and Configuration Configuration File Management ■ Startup-config File: Exists in flash (non-volatile) memory and is used to preserve the most recently-save d configuration as the “permanent” configuration. Booting the swit ch repla ces the current runnin g-config file with a new run- ning-config file that is an e xact copy of th[...]

  • Page 125

    Switch Memory and Configuration Configuration File Management The above command disables port 5 in th e running-config fi le, but not in the startup-co nfig file. Port 5 remains disabled onl y until the switch reboots. If you want port 5 to rem ain disabl ed through the next reboot, use write memory to save the current running-config file to the st[...]

  • Page 126

    Switch Memory and Configuration Using the CLI To Implement Configuration Changes Using the CLI T o Implement Configuration Changes The CLI offers these capabili ties: ■ Access to the fu ll set of switch co nfiguration fe atures ■ The option of testing configuration changes before making them perma- nent How T o Use the CLI T o V iew the Current[...]

  • Page 127

    Switch Memory and Configuration Using the CLI To Implement Configuration Changes 3. Observe the switc h’ s performance wi th the new parameter settings to verify the effect of your changes. 4. When you are satisfied that you have the correct parameter settings, use the write memory command to copy the changes to the startup-config file. Syntax: w[...]

  • Page 128

    Switch Memory and Configuration Using the CLI To Implement Configuration Changes How T o Cancel Changes Y ou Have Made to the R unning-Config File. If you use th e CLI to change param eter settings in the runn ing-config file, and then decide that you d on’t want those changes to remain, you can use either of the follow ing meth ods to remove the[...]

  • Page 129

    Switch Memory and Configuration Using the CLI To Implement Configuration Changes Note If you us e the CLI t o make a ch ange to the running- config fi le, you should either use the write memory command or select th e save option allowed d uring a reboot (figure 6-6-2, above) to save th e change to the startup-config file. That is, if yo u use the C[...]

  • Page 130

    Switch Memory and Configuration Using the Menu a nd Web Browser Inte rfaces To Implement Configuration Changes Using the Menu and W eb Browser Interfaces T o Implement Configuration Changes The menu and web browser inte rfaces offer these advantages: ■ Quick, easy menu or w indow access to a sub set of switch configurati on features ■ Viewing s[...]

  • Page 131

    Switch Memory and Configuration Using the Menu and Web Browser Interfaces To Imple m en t Configuration Changes T o save and implement the changes for all parameters in this screen, press the [Enter] key, then press [S] (for S ave ). T o cancel all changes, press the [Enter] key, then press [C] (for C ancel ) Figure 6-4. Example of Pending Configur[...]

  • Page 132

    Switch Memory and Configuration Using the Menu a nd Web Browser Inte rfaces To Implement Configuration Changes Optional Reboot Switch Command Figure 6-5. The Reboot Switch Option in th e Main Menu Rebooting T o Activate Configuration Changes. Configuration changes for most parameters become effective as soon as you save them. However , you must reb[...]

  • Page 133

    Switch Memory and Configuration Using the Menu and Web Browser Interfaces To Imple m en t Configuration Changes Reminder to reboot the swi tch to act ivate configuration changes. Asterisk indicates a config uration change that requires a re boot in order to take effect. Figure 6-6. Indication of a Configuratio n Change Requiring a Reboot W eb: Impl[...]

  • Page 134

    Switch Memory and Configuration Using Primary and Secondary Flash Image Options Using Primary and Secondary Flash Image Options T he sw it ch e s covered in this guide f eature two flash memory locations for storing switch software im age files: ■ Primary Flash: The defaul t storage for a switch software image. ■ Secondary Flash: The additional[...]

  • Page 135

    ----- ---------- - ------- ------- ------- Switch Memory and Configuration Using Primary and Secondary Flash Image Options For example, if the switch is using a software version of K.12.XX stored in Primary flash, show version produces th e following: ProCurve(config)# show version Image stamp: /su/code/build/info(s01) Dec 01 2006 10:50:26 K.12.XX [...]

  • Page 136

    Switch Memory and Configuration Using Primary and Secondary Flash Image Options Figure 6-9. Determining the Software V ersion in Primary and Second ary Flash 1. In this example show version indicates the switch has version K.12.02 in primary flash . 2. After the boot system command, show version indicates that version K.12.01 is in secondary flash.[...]

  • Page 137

    Switch Memory and Configuration Using Primary and Secondary Flash Image Options Local Switch Software Replacement and Removal This section describes co mmands for erasing a soft ware v ersion and copying an existing software version betw een primary and secondary flash. Note It is not necessary to erase the conten t of a fla sh location before down[...]

  • Page 138

    Switch Memory and Configuration Using Primary and Secondary Flash Image Options For example, to copy the image in secondary flash to primary flash: 1. V erify that there is a valid flash im a ge in the secondary flash location. The following figure indicates that a software image is pre sent in secondary flash. (If you are un sure whether the im ag[...]

  • Page 139

    Switch Memory and Configuration Using Primary and Secondary Flash Image Options The prompt shows which flash location will be erased . Figure 6-11. Example of Erase Flash Prompt 3. T ype y at the prompt to co mplete the flash erase. 4. Use sho w flash to verify erasure of the se lected software flash image The “ 0 ” here shows tha t primary fla[...]

  • Page 140

    Switch Memory and Configuration Using Primary and Secondary Flash Image Options tures. For example, supp ose you have just downloaded a software upgrade that includes new features that are not supported in the soft ware you used to create the current startup-config file. In this case, the software simply assigns factory-default values to the parame[...]

  • Page 141

    Switch Memory and Configuration Using Primary and Secondary Flash Image Options T able 6-2. Comparing the Boot and Rel oad Commands Actions Included In Boot? Included In Reload Note Save all Optional, Optional with reload Config changes saved to configuration changes since the last boot or reload with prompt <cr>, when prompt displays. Not sa[...]

  • Page 142

    Switch Memory and Configuration Using Primary and Secondary Flash Image Options Booting from the Default Flash (Primary or Secondary) The boot command boots the switch from the flash image that you are currently boot ed on, or the fl ash image that was set eithe r by the boot set- default command or b y the last execu ted boot system flash <prim[...]

  • Page 143

    ----- ---------- -------- ------- ------- Switch Memory and Configuration Using Primary and Secondary Flash Image Options ProCurve(config)# show flash Image Size(Bytes) Date Version Build # Primary Image : 7497114 03/29/07 K.12.XX 57 Secondary Image : 7497114 03/29/07 K.12.XX 57 Boot Rom Version: K.12.03 Default Boot : Primary The next boot is from[...]

  • Page 144

    Switch Memory and Configuration Using Primary and Secondary Flash Image Options Using the Fastboot feature. The fastboot comman d allows a boot sequence that skips the internal power -on self-tests, resu lting in a faster boot time. When using redundant management a n d fastboot is enabled, it is saved to the standby management mo dule when the con[...]

  • Page 145

    Switch Memory and Configuration Using Primary and Secondary Flash Image Options Scheduled Reload. Beginning with software release K.11.34, additi onal parameters have been added to the reload command to allow for a scheduled reboot of the switch via the CLI. Syntax: [no] reload [after <[dd:]hh:]mm> | at <hh :mm[:ss]> [<mm/dd[/[yy]yy][...]

  • Page 146

    Switch Memory and Configuration Multiple Configuration Files ProCurve(config)# reload after 04:14:00 Reload scheduled in 4 days , 14 hours, 0 minutes This command will cause a swit chover at the scheduled time to the other management module which may not be running the same software image and configurations. Do y ou want to continue [y/n]? Figure 6[...]

  • Page 147

    Switch Memory and Configuration Multiple Configuration Files While you can sti ll use remote stor age for startup-confi g files, you can no w maintain multip le startup-config fil es on the switch and choose whi ch version to use for a reboot policy or an individual reboot. This choice of which conf iguration file to u se for the startup-config at [...]

  • Page 148

    Switch Memory and Configuration Multiple Configuration Files Changing the Startu p-Co nfig File. When the switch reboots, the startup- config file supplies the co nfiguration for th e running-config f ile the switch uses to operate. Making changes to the running-config file and then executing a write-mem command (or , in the Menu interface, the S a[...]

  • Page 149

    Switch Memory and Configuration Multiple Configuration Files ■ Erase the active startup-config file. Th is generates a new , default startup- config file that a lways results when the switch automa tically reboots after deletion of the currently active startu p-config file. (Refer to “Erasing a Startup-Config File” on page 6-35.) T ransitioni[...]

  • Page 150

    Switch Memory and Configuration Multiple Configuration Files Listing and Displaying Startup-Config Files Command Page show config files Below show config < filename > 6 - 3 1 V iewing the Startup-Config File Status with Multiple Configuration Enabled Rebooting th e switch automatically enables the multip le configuration fea - ture. Syntax: s[...]

  • Page 151

    Switch Memory and Configuration Multiple Configuration Files Displaying the Content of A Specific Startup-Config File W it h Multiple Configuration ena bled, th e switch can have up to three startup- config files. Because the sh ow config command always displays the content of the currently active startup-config fi le, the command exten sion shown [...]

  • Page 152

    Switch Memory and Configuration Multiple Configuration Files Syntax: startup-defau lt [ primary | secondary ] config < filename > Specifies a boot configur ation policy option: [ primary | secondary ] confi g < filename >: Designates the startup-config file to use in a reboot with the software version stored in a specific fl ash locatio[...]

  • Page 153

    Switch Memory and Configuration Multiple Configuration Files ProCurve(config)# startup-default pri config minconfig ProCurve(config) # startup-default sec config newconfig. Overriding the Default Re boot Configuration Policy . This co mmand provides a method for manually r ebootin g with a specific startup-config file other than the f ile specified[...]

  • Page 154

    Switch Memory and Configuration Multiple Configuration Files Renaming an Existing Startup-Config File Syntax: rename con fig < current-filename > < newname-str > This command changes the name of an existing startup- config file. A file name can include up to 63, alphanumeric characters. Blanks are allowed in a file name enclosed in quot[...]

  • Page 155

    Switch Memory and Configuration Multiple Configuration Files For example, suppose bo th primary and secondary flash memo ry contain software release “A” and use a star tup-config file n amed config1 : Figure 6-22. Example of Using One Startup-Config File for Both Primary and Secondary Flash If you wanted t o experiment with co nfiguration chang[...]

  • Page 156

    Switch Memory and Configuration Multiple Configuration Files In a redundant management system, this command erases the config or startup config file on both the active and th e standby mana gement modules as long as redundancy has no t been disabled. If the standby management module is not in standb y mode or has failed selftest, the config o r sta[...]

  • Page 157

    Switch Memory and Configuration Multiple Configuration Files Figure 6-24 illustrates using erase config < filename > to remove a startup-config file. Figure 6-24. Example of Erasing a Non-Active Startup-Config File W ith the same memory configuration as is sh own in the bottom portion of figure 6-24, executing erase startup-config boots the s[...]

  • Page 158

    Switch Memory and Configuration Multiple Configuration Files Pressing Clear + Reset: – R epl aces all startup- config files with a sin g le file named config1 that cont ains the default configuration for the softwar e version in primary flash. – R es ets the Active, Primary , and Secondary assignments as sh own here. Figure 6-25. Example of Cle[...]

  • Page 159

    Switch Memory and Configuration Multiple Configuration Files For example, the following command co pies a startup-config f ile named test- 01 from the switch to a (UNIX) TFTP server at IP address 10. 1 0.28.14: ProCurve(config)# copy config test-01 tftp 10.10.28.14 test-01.txt unix TFTP: Copying a Configuration File from a Remote Host Syntax: copy [...]

  • Page 160

    Switch Memory and Configuration Multiple Configuration Files Xmodem: Copying a Configuration File to a Serially Connected Host Syntax: copy config < filename > xm odem < pc | unix > This is an addition to the copy < config > xmodem command options. Use this command to upload a configuration file from the switch to an Xmodem host. [...]

  • Page 161

    Switch Memory and Configuration Automatic Configuration Update with DHCP Option 66 Automatic Configuration Update with DHCP Option 66 ProCurve switches are initially booted up with the factory-shipped co nfigura- tion file. This feature pr ovides a way to automatically download a different configuration file from a TFTP server us ing DHCP Option 66[...]

  • Page 162

    Switch Memory and Configuration Automatic Configuration Update with DHCP Option 66 Possible Scenarios for Upda ting the Configuration File The followin g table shows various network configurations and how Option 66 is handled. Scenario Behavior Single Server serving Multiple VLANs • Each DHCP -enabled VLAN interface initiates DHCPDISCOVER message[...]

  • Page 163

    Switch Memory and Configuration Automatic Configuration Update with DHCP Option 66 Global DHCP Parameters : Global parameters are processed only if received on the primary VLAN. Best Offer : The “Best Offer” is the best DHCP or BootP off er sent by the DHCP server in response to the DHCPREQUEST sent by the switch. The criteria for selecting the[...]

  • Page 164

    Switch Memory and Configuration Automatic Configuration Update with DHCP Option 66 6-44[...]

  • Page 165

    7 Interface Access and System Information Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2 Interface Access: Console/Serial Link, Web, and Inbound Telnet . 7-3 Menu: Modifying the Interface Access . . . . . . . . . . . . . . . . . . . . . . . . . . 7-4 CLI: Modifyin g th[...]

  • Page 166

    Interface Access and System Information Overview Overview This chapter describes how to: ■ View and modify the configuration for switc h interface access ■ Use the CLI kill command to terminat e a remote session ■ View an d modify switch system information For help on how to actual ly use the interfaces built into the switch, ref er to: ■ C[...]

  • Page 167

    Interface Access and System Information Interface Access: Cons ole/Serial Link, W eb, and Inbound Telnet Interface Access: Console/Serial Link, W eb, and Inbound T elnet Interface Access Features Feature Default Menu CLI We b Inactivity T ime 0 Minutes (disabled) page 7-4 page 7-9 — Inbound T elnet Access Enabled page 7-4 page 7-5 — Outbound T [...]

  • Page 168

    Interface Access and System Information Interface Access: Console/Serial Link, Web, and Inbound Telnet Menu: Modifying the Interface Access The menu interface enables you to modify these parameters: ■ Inactivity T imeout ■ Inbound T elnet Enabled ■ W eb Agent Enabled T o Access the Interface Access Parameters: 1. From the Main Menu, Select...[...]

  • Page 169

    Interface Access and System Information Interface Access: Cons ole/Serial Link, W eb, and Inbound Telnet CLI: Modifying the Interface Access Interface Access Commands Use d in This Section show console below [no] telnet-server below [no] web-management page 7-8 console page 7-9 Listing the Current Console/Serial Li nk Configuration. This com- mand [...]

  • Page 170

    Interface Access and System Information Interface Access: Console/Serial Link, Web, and Inbound Telnet Syntax: [no] telnet-server [listen <oobm | data | both>] Enables or disables inbound T elnet access on a switch. Use the no version of the command to disable inbound T elnet access. The li sten parameter is availabl e only on switches that h[...]

  • Page 171

    Interface Access and System Information Interface Access: Cons ole/Serial Link, W eb, and Inbound Telnet Syntax: telnet <ipv4-addr | ipv6-addr | hostname | switc h-num> [oobm] Initiates an outbound telnet session to another network device. The destination can be specified as: • IPv4 address • IPv6 address • H o s t n a m e • Stack num[...]

  • Page 172

    ------------------------------ ------------------------- ------------------------------ ------------------------- Interface Access and System Information Interface Access: Console/Serial Link, Web, and Inbound Telnet ProCurve(config)# show telnet Telnet Activity ----------------------------- --------------------------- Session : ** 1 Privilege: Man[...]

  • Page 173

    Interface Access and System Information Interface Access: Cons ole/Serial Link, W eb, and Inbound Telnet T o di sable web browser access: ProCurve(config)# no web-management T o re-enable w eb browser access: ProCurve(config)# web-management Reconfigure the Console/Seri al Link Settings. Y ou can reconfigure one or more console parameters with one [...]

  • Page 174

    Interface Access and System Information Interface Access: Console/Serial Link, Web, and Inbound Telnet The switch implements the Event Log change immediately . The switch implements the other console changes afte r executing write memory and reload . Figure 7-4. Example of Execu ting the Console Command with Multiple Parameters Note When using redu[...]

  • Page 175

    Session 2 is an active T elnet sessi on. Interface Access and System Information Denying Interface Access by Termi nating Remote Management Sessions Denying Interface Access by T erminating Remote Management Sessions The switch supports up to five ma nagement sessions. Y ou can use show ip ssh to list the current management sessions, and kill to te[...]

  • Page 176

    Interface Access and System Information System Information System Information System Information Feat ures Feature Default Menu CLI Web System Name switch product name page 7-13 page 7-15 page 7-18 System Contact n/a page 7-13 page 7-15 page 7-18 System Location n/a page 7-13 page 7-15 page 7-18 MAC Age T ime 300 seconds page 7-13 page 7-17 — T i[...]

  • Page 177

    Interface Access and System Information System Information Ti m e Z o n e : The number of minutes your time z o n e l o c a t i o n i s t o t h e We s t ( + ) or East (-) of Co ordinated Universal T ime (formerly GMT). Th e default 0 means no time zone is configured. For example, the time zone for Berlin, Germany is + 60 (minutes) and the time zone[...]

  • Page 178

    Interface Access and System Information System Information 2. Press [E] (for E dit). The cursor moves to the System Name field. 3. Refer to the online help provided with th is screen for further information on configurat ion options for these feat ures. 4. When you have finished making ch anges to the above parameters, press [Enter] , then press [S[...]

  • Page 179

    Interface Access and System Information System Information Configure a System Na me, Contact, and Location for the Switch. To help distinguish one switch from another , configur e a plain-language identity for the switch. Syntax: hostnam e < name-string > snmp-server [contact < system-contact >] [locat ion < system-location >] Eac[...]

  • Page 180

    Interface Access and System Information System Information MENU ProCurve Switch 5406zl 24-Oct-2006 12:41:47 ===========================- TELNET - MANAG ER MODE =========================== Switch Configuration - System Information System Name : Blue Switch System Contact : Bill_Smith System Location : + character s of the location are missing. It’[...]

  • Page 181

    Interface Access and System Information System Information Figure 7-11. System Location and System Con tact in the W eb Brow ser Reconfigure the MAC Age T ime for Learned MAC Addresses. This command corresponds to the MAC Age Inte rval in the menu interface, and is expressed in second s. Syntax: mac-age-time < 10 - 1000000 > (seconds) Allows [...]

  • Page 182

    Interface Access and System Information System Information For example, the time zone setting for Berlin, Germany is +6 0 (zone +1, or 6 0 minutes), and th e time zone setting for V a ncouver , Canada is -480 (zo ne -8, or -480 minutes). T o configur e the time zone and daylight tim e rule for V ancouver , Canada: ProCurve (config)# time timezone -[...]

  • Page 183

    8 Configuring IP Addressing Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2 IP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2 Just Want a Quick St art with IP Addr essing? . . . . . . . . . . . . . . . . . .[...]

  • Page 184

    Configuring IP Addressing Overview Overview Y ou can configure IP addressing throug h all of the switch’ s interfaces. Y o u can also: ■ Easily edit a switch conf iguration fi le to allo w downloading the f ile to multiple switches withou t overwriting each switch’ s unique gate way and VLAN 1 IP addressing. ■ Assign up to 32 IP addresse s [...]

  • Page 185

    Configuring IP Addressing IP Configuration IP Address and Subnet Mask. Configuring the switch with an IP address expands your ability to manage the sw itch and use its features. By default, the switch is configured to automatically receive IP addressing on th e default VLAN from a DHCP/Bootp serv er that has been confi gured correct ly with informa[...]

  • Page 186

    Configuring IP Addressing IP Configuration Notes Just W ant a Quick Star t with IP Addressing? If you just want to give th e switch an IP address so that it can communicate on your network, or if you are not us in g VLANs, ProCur ve recommends that you use the Switch Setup sc reen to quickly configure IP addressing. T o do so, do one of the followi[...]

  • Page 187

    Configuring IP Addressing IP Configuration ■ The IP addressing used in the swit ch should be compatible with your network. That is, th e IP address must be unique and the subnet mask must be appropriate for your IP network . ■ If you change the IP address throug h either T elnet access or the web browser interface, the connection to the switch [...]

  • Page 188

    Configuring IP Addressing IP Configuration For descriptio ns of these parameters, see the online Help fo r this screen. Before using the DH CP/ Bootp option, refer to “DHCP/Bootp Operation” on page 8-12. Figure 8-1. Example of t he IP Service Configuration Sc reen without Multiple VLANs Configured 2. Press [E] (for E dit ). 3. If the sw itch ne[...]

  • Page 189

    Configuring IP Addressing IP Configuration CLI: Configuring IP Addres s, Gateway , and T ime-T o- Live (TTL) IP Commands Used in This Se ction Page show ip 8-7 ip address < mask-length > 8-8, 8-9 ip address /< mask-bits > 8-8, 8-9 ip default-gateway 8-10 ip ttl 8-11 V iewing the Current IP Configuration. Syntax: show ip This command dis[...]

  • Page 190

    Configuring IP Addressing IP Configuration W ith multiple VLANs and some ot her features co nfigured, show ip provides additional informat ion: A Switch with IP Addressi ng and VLANs Configured Figure 8-3. Example of Show IP List ing with Non-Default IP Addressing Config ured Configure an IP Address and Subnet Mask. The following command includes b[...]

  • Page 191

    Configuring IP Addressing IP Configuration Configure Multiple IP A ddresse s on a VLAN (Multinetting). The fol- lowing is supported: ■ Up to 2000 IP addresses for the switch ■ Up to 32 IP addresse s for the same VLAN ■ Up to 512 IP VLANs, that is, VL ANs on which you can configure IP addresses ■ Each IP address on a VLAN must be for a separ[...]

  • Page 192

    Configuring IP Addressing IP Configuration Figure 8-5. Example of Multinett ing on the Default VLAN Note The Internet (I P) Se rvice screen in the Menu inte rface (figure 8-1 on page 8-6) displays the first IP a ddress for each VLAN. Y ou must use the CLI show ip command to display th e full IP address listing for multinetted VLANs. Removing or Rep[...]

  • Page 193

    Configuring IP Addressing IP Configuration Note The switch uses the IP default gate way only while operating as a Layer 2 device. While routing is enabled on the switch, the IP defa ult gateway is not used. Thus, to avoi d loss of T elnet ac cess to off-subnet management st ations, you should use the ip route command to configure a static (default)[...]

  • Page 194

    Configuring IP Addressing IP Configuration T able 8-1. Features Available With and Witho ut IP Addressing on the Switch Features Available W ithou t an IP Address Additional Features Availab le with an IP Address and Subnet Mask • Direct-connect access to the CLI and the menu interface. • DHCP or Bootp support for automatic IP address configura[...]

  • Page 195

    Configuring IP Addressing IP Configuration The DHCP/Bootp Process. Whenever the IP Config para meter in the switch or in an individual VLA N in the switch is configured to DHCP/Bootp (the default), or when the sw itch is reb ooted with th is configur ation: 1. DHCP/Bootp request s are automatically broadcast on t h e local networ k. (The switch sen[...]

  • Page 196

    Configuring IP Addressing IP Configuration Bootp Operation. When a Bootp server receives a request it searches its Bootp database for a record entry that matche s the MAC address in the Bootp request from the switch. If a match is found, the conf iguration data in the associated database record is returned to the switch. For ma ny Unix systems, the[...]

  • Page 197

    Configuring IP Addressing IP Configuration lg TFTP server address (source of final configuration file) T144 is the vendor-specific “tag” identif ying the configur ation file to download. vm is a required entry that specifies the Bootp report format. Use rfc1048 for the switches covered in this guide. Note The above Bootp table entry is a sample[...]

  • Page 198

    Configuring IP Addressing Loopback Interfaces Loopback Interfaces This section describes how to configur e and use user -defined loopback inter - faces on the switch. Introduction By default, each switch has an internal loopback interface ( lo0 ) with the IP address 127.0.0.1. This IP address is used only for internal traffic transmitted within the[...]

  • Page 199

    Configuring IP Addressing Loopback Interfaces For more informat ion about how to configure a loopback IP address to participate in an OSPF broadcast area, refer to the section titled “(Optional) Assigning Loopback Addresses to an Area” in the Multicast and Routing Guide . Configuring a Loop back Interface T o configure a loopback interface, ent[...]

  • Page 200

    Configuring IP Addressing Loopback Interfaces For example, i f you configure a VLAN with IP address 172.16.100.8/24, you cannot configure a loopback interface wi th IP address 172.16.100.8. In the same way , if you configure a loopback interfac e ( lo1 ) with IP address 172.16.101.8, you cannot configur e another loopback interface ( lo2 ) with IP [...]

  • Page 201

    -------- --------- ---------- ---------- ------- -------- ---------- ---------- --------------- Configuring IP Addressing Loopback Interfaces ProCurve> show ip Internet (IP) Service IP Routing : Enabled Default TTL : 64 ARP Age : 20 VLAN IP Config IP Address Subnet Mask Proxy ARP DEFAULT_VLAN Manual 10.0.8.121 255.255.0.0 No VLAN2 Manual 192.168[...]

  • Page 202

    Configuring IP Addressing Loopback Interfaces T o di splay the loopback in terfa ces configured on the switch in a list of IP routing entries displayed a ccording to destination IP a ddress, enter the show ip route command. The following example displays the co nfigu ration of the default loo pback interface ( lo 0 ) and one user -defined loopback [...]

  • Page 203

    Configuring IP Addressing IP Preserve: Retaining VLAN-1 IP Addres sing Across Configuration File Downloads IP Preserve: Retaining VLAN-1 IP Addressing Across Configuration File Downloads For the switches co ver ed i n th is g ui de, IP Preserve enables you to copy a configuratio n file to multiple switches whi le retaining the individual IP address[...]

  • Page 204

    Configuring IP Addressing IP Preserve: Retaining VLAN-1 IP Addres sing Across Configuration File Downloads Enabling IP Preserve T o set up IP Pres erve, enter the ip pres erve statement at the end of a configu- ration file. (Not e that you d o not ex ecute IP Preserve by entering a command from the CLI). Entering “ip p reserve” in the last l in[...]

  • Page 205

    Configuring IP Addressing IP Preserve: Retaining VLAN-1 IP Addres sing Across Configuration File Downloads ProCurve(config)# show run Running configuration: ; J8715A Configuration Edit or; Created on release #K.12.07 hostname "ProCurve" module 1 type J8702A module 2 type J8705A trunk A11-A12 Trk1 Trunk Using figure 8-10, above, switches 1[...]

  • Page 206

    Configuring IP Addressing IP Preserve: Retaining VLAN-1 IP Addres sing Across Configuration File Downloads ProCurve# show run Running configuration: ; J8715A Configuration Edit or; Created on release #K.12.07 hostname "ProCurve" module 1 type J8702A module 2 type J8705A trunk A11-A12 Trk1 Trunk Because swi tch 4 (figure 8-10) ip default-g[...]

  • Page 207

    Configuring IP Addressing Configuring a Single Source IP Address Configuring a Single Source IP Address Overview This feature applies to the fo llowing sof tware applications: • T ACACS • RADIUS • System Logging applications The above IP-based softw are applicatio ns use a client-server communicati on model, that is, the client’ s source IP[...]

  • Page 208

    Configuring IP Addressing Configuring a Single Source IP Address . Syntax : [no] ip source-interfa ce <radius | tacacs | logging | all> <loo pback < id > | vlan < vlan-id > address < ip-addre ss >> Determines the source IP add ress used by the specified software application when tran smitting IP packets. The all parame[...]

  • Page 209

    Configuring IP Addressing Configuring a Single Source IP Address ■ Configured IP Address—th e specific IP address that is us ed as the source IP address. This address is configured on one of the switch’ s IP interfaces, either a VLAN interface or a Loopback interfac e. ■ Configured IP Interface— the IP address from th e specific IP interf[...]

  • Page 210

    Configuring IP Addressing Configuring a Single Source IP Address ProCurve(config)# ip source-int erface radius address 10.10.10.2 ProCurve(config)# show ip sourc e-interface radius Source-IP Configuration Inform ation Protocol | Admin Selection Po licy IP Interface IP Address -------- + ------------------ ----- -------------- -------------- - Radiu[...]

  • Page 211

    Configuring IP Addressing Configuring a Single Source IP Address Displaying the Source IP Interface Information There are sev eral show commands that can be us ed to display information about the source IP interface status. Syntax : show ip source-interface st atus [radius | tacacs | syslog] Displays the operational status information for the sourc[...]

  • Page 212

    Configuring IP Addressing Configuring a Single Source IP Address The show ip source-interface d etail command displays detailed information about the configur ed policies, source IP address, and i nterface state for each protocol. Syntax : show ip source-interface det ail [radius | tacacs | syslog] Displays detailed operational status information f[...]

  • Page 213

    Configuring IP Addressing Configuring a Single Source IP Address ProCurve(config)# show radius Status and Counters - General R ADIUS Information Deadtime(min) : 0 Timeout(secs) : 5 Retransmit Attempts : 3 Global Encryption Key : Dynamic Authorization UDP Por t : 3799 Source IP Selection : Configu red IP address Source IP Selection for the specifie [...]

  • Page 214

    Configuring IP Addressing Configuring a Single Source IP Address Error Messages The followi ng error messages may appe ar when configuring source IP selec- tion if the int erface does not exist, is not confi gured for IP , or is down. Error Message Description W arning: Specified IP address is not config ured on any inter - The IP address specified[...]

  • Page 215

    9 T ime Protocols Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2 TimeP Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2 SNTP Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2 Selecti[...]

  • Page 216

    Time Protocols Contents Viewing the Current TimeP Co nfiguration . . . . . . . . . . . . . . . . . . 9-28 Configuring (Enablin g or Disabling) the TimeP Mode . . . . . . . . 9-29 SNTP Unicast Time Pollin g with Multiple SNTP Se rvers . . . . . . . . 9-34 Displaying All SNTP Server Addresses Configured on the Switch . . 9-34 Adding and Deleting SN T[...]

  • Page 217

    Time Protocols Overview Overview This chapter describes: ■ SNTP T ime P rotocol Operation ■ T imep Ti me Protocol Operation Using time synchron ization ensures a uni form time among interoperating devices. This helps you to manage a nd troubleshoot switch operation by attaching meaningful time data to event and error messages. The switch offers[...]

  • Page 218

    Time Protocols Selecting a Time Synchronization Protocol or Turning Off Time Protocol Operation Note T o use Broadcast mode, the switch and th e SNTP server must be in the same subnet. ■ Unicast Mode: The switch requests a time update from the config- ured SNTP se rver . (Y ou can co nfigure one se rver using the menu interface, or up to three se[...]

  • Page 219

    Time Protocols SNTP: Viewing, Selecting, and Configuring Disabling T ime Synchronization Y ou can use either of the following methods to disab le time synchronizat ion without c hanging the Timep or SNTP conf iguration: ■ In the Syste m Information scre en of the Menu inte rface, set the Ti m e Synch Method para meter to None , then press [Enter [...]

  • Page 220

    Time Protocols SNTP: Viewing, Selecting, and Configuring T able 9-1. SNTP Parameters SNTP Parameter Operation T ime Sync Method Used to select either SNTP , TIMEP , or None as the time synchronization method. SNTP Mode Disabled T he Default. SNTP does not operate, even if specified by the Menu interface T ime Sync M ethod parameter or the CLI times[...]

  • Page 221

    Time Protocols SNTP: Viewing, Selecting, and Configuring ==========================- CO NSOLE - MANAGER MODE -=================== ===== Switch Configuration - Syst em Information System Name : ProCurve System Contact : System Location : Inactivity Timeout (min) [0] : 0 MAC Age Time (sec) [300] : 300 Inbound Telnet Enabled [Yes] : Yes Web Agent Enab[...]

  • Page 222

    Time Protocols SNTP: Viewing, Selecting, and Configuring Note: This step replaces any pre v iously configured server IP address. If you will be using b ackup SNTP servers (requires use of the CLI), then refer to “SNTP Unicast Time Polling with Multiple SNTP Servers” on page 9-35. iii. Press [v] to move the cursor to the Server V ersion fi eld. [...]

  • Page 223

    Time Protocols SNTP: Viewing, Selecting, and Configuring CLI: V iewing and Configuring SNTP CLI Commands Described in this Section SNTP Command Page show sntp 9 -9 [no] timesync 9-11 and ff., 9-15 sntp broadcast 9-12 sntp unicast 9-12 sntp server 9-12 and ff. Protocol V ersion 9-14 Priority 9-15 poll-interval 9-15 no sntp 9-16 This section describe[...]

  • Page 224

    -------- ------------------------ ---------------------- ---------------- Time Protocols SNTP: Viewing, Selecting, and Configuring ProCurve(config)# show sntp SNTP Configuration Time Sync Mode: Sntp SNTP Mode : Unicast Poll Interval (sec) [720] : 719 Priority SNTP Server Address Protocol Version -------- ---------------------- ---------------------[...]

  • Page 225

    Time Protocols SNTP: Viewing, Selecting, and Configuring ProCurve(config)# show managem ent Status and Counters - Managem ent Address Information Time Server Address : fe80:: 215:60ff:fe7a:adc0%vlan10 Priority SNTP Server Address Protocol Version -------- ------------------- --------------------------- ------------ --- - 1 2001:db8::215:60ff:fe79:8[...]

  • Page 226

    Time Protocols SNTP: Viewing, Selecting, and Configuring Enabling SNTP in Broadcast Mode. Because the switch provides an SNTP polling interval (default: 720 seconds ), you need only these two commands for minimal SNTP broadcast configurati on: Syntax: timesync sntp Selects SNTP as the time synchronizat ion method . Syntax: sntp bro adcast Configure[...]

  • Page 227

    Time Protocols SNTP: Viewing, Selecting, and Configuring second or third server , you must u se the CLI. F or more on SNTP operation with multiple serv ers, refer to “SNTP Unicast T ime Polling w ith Multiple SNTP Servers” on page 9-35. Syntax: timesync sntp Selects SNTP as the time synchronizat ion method. sntp unicast Configures the SNTP mode[...]

  • Page 228

    Time Protocols SNTP: Viewing, Selecting, and Configuring ProCurve(config)# sntp server 10.28.227.141 Specifies the SNTP server an d accepts the current SNTP server version (default: 3). . ProCurve(config)# show sntp In this example, the Poll Interval and the Protocol SNTP Configuration Ver s io n appea r at their default settings. Time Sync Mode: S[...]

  • Page 229

    Time Protocols SNTP: Viewing, Selecting, and Configuring Changing the SNTP Poll Interval. Syntax: sntp poll-interval < 30..720 > Specifies how long the switch waits between time polling intervals. The default is 720 seconds and the range is 30 to 720 seconds. (This parameter is separate from the poll inter - val parameter used for T imep oper[...]

  • Page 230

    Time Protocols SNTP: Viewing, Selecting, and Configuring Figure 9-10. Example of SNTP with T i me Synchronization Disabled Disabling the SNTP Mode. If you want t o prevent SNTP from being used even if selected by timesync (or the Menu interface’ s T ime Sync Method param- eter), configure the SN TP mode as disabled. Syntax: no sntp Disables SNTP [...]

  • Page 231

    Time Protocols SNTP: Viewing, Selecting, and Configuring This feature provides support for SNTP client authenticatio n on HP ProCurve switches, which addresses security cons iderat ions when deploying S NTP in a network. Requirements The foll owing mus t be conf igured t o en able SNTP client au thentication on the switch. SNTP Client Authenticatio[...]

  • Page 232

    Time Protocols SNTP: Viewing, Selecting, and Configuring The followi ng must be performed on the SNTP server: ■ The same authentication key-identi fier , trusted key , authen tication mode and key-value that were conf igured on the SNTP client must also be configured on th e SNTP server . ■ SNTP server authentication must be enabled on the serv[...]

  • Page 233

    Time Protocols SNTP: Viewing, Selecting, and Configuring Configuring a T rusted Key T rusted keys are used in SNTP authentication. In unicast mode, a trusted key must be associated with a speci fic NT P/SNTP server . That key is used for authenticating the SNTP packet. In unicast mode, a specific server is co nfigured on the switch so that the SNTP[...]

  • Page 234

    Time Protocols SNTP: Viewing, Selecting, and Configuring Associating a Key wi th an SNTP Server After a key is configured, it mu st be associat ed with a specific se rver . Syntax : [no] sntp server priority <1-3> <ip-address | ipv6-address> < version-num > [key-id <1-4,294,967,295>] Configures a key-id to be associated with[...]

  • Page 235

    Time Protocols SNTP: Viewing, Selecting, and Configuring Configuring Unicast and Broadcast Mode T o enable authentication, eit her unicast or br oadcast mode must be config- ured. When authentication is enabled, changing the mode from unicast to broadcast or vice versa is not allowe d. Y ou must disable authentication and then change the mode. T o [...]

  • Page 236

    Time Protocols SNTP: Viewing, Selecting, and Configuring ProCurve(config)# show sntp SNTP Configuration SNTP Authentication : Enabled Time Sync Mode: Sntp SNTP Mode : Unicast Poll Interval (sec) [720] : 7 20 Priority SNTP Server Address -------- -------------------- ------------------- 1 10.10.10.2 2 fe80::200:24ff:fec8: 4ca8 Protocol Version KeyId[...]

  • Page 237

    Time Protocols SNTP: Viewing, Selecting, and Configuring ProCurve(config)# show sntp sta tistics SNTP Statistics Received Packets Sent Packets Dropped Packets : 0 : 3 : 0 SNTP Server Address ----------------------------- ---------- Auth Failed Pkts --------------- - 10.10.10.1 fe80::200:24ff:fec8:4ca8 0 0 Figure 9-16. Example of SNTP Authenti catio[...]

  • Page 238

    Time Protocols SNTP: Viewing, Selecting, and Configuring ProCurve(config)# show config Startup configuration: . . . timesync sntp SNTP authenticatio n has been sntp broadcast enabled and a key-id of 55 has been created. sntp 50 sntp authentication sntp server priority 1 10.10.10. 2 3 key-id 55 sntp server priority 2 fe80::200 :24ff:fec8:4ca8 4 key-[...]

  • Page 239

    Time Protocols SNTP: Viewing, Selecting, and Configuring If include-cred entials is conf igured, the SNTP authenticat ion configuratio n is saved in the configur ation file. When the show confi g co mmand is entered, all of the inform ation that ha s been configu red for SNTP authenticat ion displays , including the key-values. ProCurve(config)# sh[...]

  • Page 240

    Time Protocols TimeP: Viewing, Selecting, and Configuring T imeP: V iewing, Selecting, and Configuring T imeP Feature Default Menu CLI We b view the T imep time synchronization configuration n/a page 9-27 page 9-29 — select T imep as the time synchronization method TIMEP page 9-16 pages 9-31 ff. — disable time synchronization timep page 9-27 pa[...]

  • Page 241

    Time Protocols TimeP: Viewing, Selecting, and Configuring Menu: V iewing and Configuring T imeP T o View , Enable, and Modify t he T imeP Protocol: 1. From the Main Menu, sel ect: 2. Switch Configuration ... 1. System Information ==========================- CONSOL E - MANAGER MODE -========================== Switch Configuration - Sy stem Informati[...]

  • Page 242

    Time Protocols TimeP: Viewing, Selecting, and Configuring • Use the Space bar to select the Manual mode. i. Press [>] to move the cursor to the Server Address field. ii. Enter the IP address of the Time P server you want the switch to use for time synchronization. Note: This step replaces any previously c onfigured T imeP server IP address. ii[...]

  • Page 243

    Time Protocols TimeP: Viewing, Selecting, and Configuring V iewing the Current T imeP Configuration Using different show commands, you can display either the full T imeP config- uration or a combined l isting of all T imeP , SNTP , and VLAN IP addresses configured on the switch. Syntax: show timep This command lists both the time synchronization me[...]

  • Page 244

    -------- ------------------------ ---------------------- ---------------- Time Protocols TimeP: Viewing, Selecting, and Configuring ProCurve(config)# show management Status and Counters - Mana gement Address Information Time Server Address : 10.10.28.10 0 Priority SNTP Server Address Protocol V ersion 1 10.10..28.101 3 2 10.255.5.24 3 3 fe80::123%v[...]

  • Page 245

    Time Protocols TimeP: Viewing, Selecting, and Configuring Enabling T imeP in DHCP Mode. Bec ause the switch provides a T imeP polling interval (defaul t: 720 minutes) , you need only these t wo commands for a minimal T imeP DHCP conf iguration: Syntax: timesync t imep Selects T imeP as the time synchronization method. Syntax: ip timep d hcp Configu[...]

  • Page 246

    Time Protocols TimeP: Viewing, Selecting, and Configuring Enabling T imep in Manual Mode. Like DHCP mode, configuring TimeP for Manual mode enables T i meP . H owever , for manual operation, you must also specify the I P address of the T imeP ser ver . (The switch allows only one TimeP server .) T o enable the TimeP protocol: Syntax: timesync t ime[...]

  • Page 247

    Time Protocols TimeP: Viewing, Selecting, and Configuring Figure 9-25. Example of Configu ring T imep for Manual Operation Changing the T imeP Poll Interval. This command lets you specify how long the switch waits between time po lling intervals. The default is 720 minutes and the range is 1 to 9999 minutes. (T his parameter is separate from the po[...]

  • Page 248

    Time Protocols TimeP: Viewing, Selecting, and Configuring Figure 9-26. Example of T imeP wi th T i me Synchronization Disabled Disabling the T imeP Mode. Disabling the T imeP mode means to configure it as disabled. (Disabling T imeP prevents the switch from using it as the time synchronization protocol, even if it is the selected T ime Sync Method [...]

  • Page 249

    -------- ------------------------ ---------------------- ---------------- Time Protocols SNTP Unicast Time Polling with Multiple SNTP Servers SNTP Unicast T ime Polling with Multiple SNTP Servers When running SNTP unicast time polli ng as the ti me synchronization met hod, the switch requests a time update fro m the server yo u configured with eith[...]

  • Page 250

    Time Protocols SNTP Messages in the Event Log Adding and Deleting SNTP Server Addresses Adding Addresses. As mentioned earlier , yo u can configure one S NTP server address using either the Menu interface or the CL I. T o configure a second and third address, you must us e the CLI. T o conf igure the remaining two addresses, you would do the follow[...]

  • Page 251

    10 Port Status and Configuration Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-3 Viewing Port Status and Configuring Port Parameters . . . . . . . . . . 10-3 Menu: Port Configuratio n . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-6 CLI: Viewi[...]

  • Page 252

    Port Status and Configuration Contents Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-32 Uni-Directional Link Detection (UDLD) . . . . . . . . . . . . . . . . . . . . . . 10-33 Configuring UDLD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-34 Enabling UDLD . . [...]

  • Page 253

    Port Status and Configuration Overview Overview Note On Connecting T ransceiv ers to Fixed-Configuratio n Devices This chapter describes how to view th e current port conf iguration and ho w to configure ports t o non-d efault settings, including ■ Enable/Disable ■ Mode (speed and duplex) ■ Flow Control ■ Broadcast Limit ■ Friendly P ort [...]

  • Page 254

    Port Status and Configuration Viewing Port Status and Configur ing Port Parameters T able 10-1. Status and Parame ters for Each Port T ype Status or Parameter Description Enabled Ye s (default): The port is ready for a network connection. No: The port will not operate, even if properly connected in a network. Use this setting, for example, if the p[...]

  • Page 255

    Port Status and Configuration Viewing Port Status and Configuring Port Parameters Status or Parameter Description — Continued From Previous Page — Gigabit Fiber -Optic Ports (Gigabit-SX, Gigabit-LX, and Gigabit-LH): • 1000FDx: 1000 Mbps (1 Gbps ), Full Duplex only • Auto (default): The port operates at 1000FDx and auto-negotiates flow contr[...]

  • Page 256

    Port Status and Configuration Viewing Port Status and Configur ing Port Parameters Menu: Port Configuration From the menu interface, you can view and change the port configuration. Using the Menu T o V iew Port Con figuration. The menu interf ace dis- plays the configuration for ports an d (if con figured) any trunk groups. From the Main Menu, sele[...]

  • Page 257

    Port Status and Configuration Viewing Port Status and Configuring Port Parameters Using the Menu T o Configure Ports. Y ou can configure and view the port settings by using the menu. Note The menu interface uses the same scre en for confi guring both individual por ts and port trunk groups. For i nformation on port tr unk groups, refer to Chapter 1[...]

  • Page 258

    Port Status and Configuration Viewing Port Status and Configur ing Port Parameters CLI: Vi ewing Port Status and Configuring Port Parameters From the CLI, you can conf igure and view all port pa rameter settings and view all port statu s indicators. Port Status and Conf iguration Commands show interfaces brief page 10-9 show interfaces config page [...]

  • Page 259

    Port Status and Configuration Viewing Port Status and Configuring Port Parameters ProCurve(config)# show interfaces brief Status and Counters - Port Status | Intrusion MDI Flow Bcast Port Type | Alert Enabled Status Mode Mode Ctrl Limit ----- --------- + --------- --- ---- ------ ---------- ----- ----- ----- - B1 100/1000T | No Yes Down Auto-10-100[...]

  • Page 260

    Port Status and Configuration Viewing Port Status and Configur ing Port Parameters Syntax: show interfaces display Initiates the dynamic update of a command. The output is the same as the equivalent “ show ” command.The information is updated every 3 seconds. Note : Select “Back” to exit the display. For example: ProCurve# show interfaces d[...]

  • Page 261

    Port Status and Configuration Viewing Port Status and Configuring Port Parameters Syntax: show interfaces custom [port-list] column-list Select the information that yo u want to display . Parameters include: ■ port name ■ type ■ vlan ■ intrusion ■ enabled ■ status ■ speed ■ mdi ■ flow Columns supported are: Parameter Column Displa[...]

  • Page 262

    Port Status and Configuration Viewing Port Status and Configur ing Port Parameters ProCurve(config)# show int custo m 1-4 port name:4 type vlan intrusion spe ed enabled mdi Status and Counters - Custom Po rt Status Intrusion Port Name Type VLAN Alert Speed Enabled MDI-mode ---- ---------- ---------- --- -- --------- ------- ------- -------- 1 Acco [...]

  • Page 263

    Port Status and Configuration Viewing Port Status and Configuring Port Parameters Note on Using Pattern Matching with the “Show Interfaces Custom” Command If you have included a pa tt ern matching comma nd to search for a field in the output of the show int custom command and t he show int custom command produces an erro r , the er ror message [...]

  • Page 264

    Port Status and Configuration Viewing Port Status and Configur ing Port Parameters Operating Notes: ■ For each port on the switch, the co mmand provides a re al-time display of the rate at which data is received (Rx) and transmitted (Tx) in terms of kilobits per se cond (KBits/s), number of pack ets per second (Pkts/ s), and utilization (Util) ex[...]

  • Page 265

    Port Status and Configuration Viewing Port Status and Configuring Port Parameters Operating Notes: ■ The following inform ation is displa yed for each installed transceiver: • Port number on which transceiver is installed. • T ype of transceiver . • Product numb er—Includes revisio n letter , such as A, B, or C. If no revision letter foll[...]

  • Page 266

    Port Status and Configuration Viewing Port Status and Configur ing Port Parameters speed-duplex < auto-10 |10-full | 10-half | 100-full | 100-half |auto| auto- 100 | 1000-full >] Specifies the port’ s data transfer speed and mode. Does not use the no fo rm of the command. ( [ Default: auto .) Note that in the ab ove syntax you can sub stitu[...]

  • Page 267

    Port Status and Configuration Viewing Port Status and Configuring Port Parameters Enabling or Disab ling the USB Port This feature allows co nfiguration of the USB port with either the CLI or SNMP . T o ena ble/disable the USB port with the CLI: Syntax: usb-port no usb-port Enables the USB port. The no form of the command disables the USB port and [...]

  • Page 268

    Port Status and Configuration Viewing Port Status and Configur ing Port Parameters The autorun feature only works when a USB device is inserted and the USB port is enabled. Behavior of Autorun When USB Port is Disabled Software V ersions K.13.XX Operation. When using software version K.13.58, if the USB port is disabled (no usb-port command), the U[...]

  • Page 269

    Port Status and Configuration Viewing Port Status and Configuring Port Parameters T o disable flow control on some ports, while leavin g it enabled on other p orts, just disable it on the individual po rts you want to exclude. Syntax: [ no ]interface < port-list > flow-control Enables or disables flow control packets on the port. The “ no ?[...]

  • Page 270

    Port Status and Configuration Viewing Port Status and Configur ing Port Parameters Disables per -port flow control on po rts A5 and A6. Figure 10-13. Exa mple Continued from Figure 10-12 Disables per -port flow control on po rts A1 through A4 . Flow co ntrol is now disabled on the switch. Ports formerly co nfigured for flow contro l. Figure 10-14. [...]

  • Page 271

    Port Status and Configuration Viewing Port Status and Configuring Port Parameters Syntax: broadcast-limit <0-99> Enables or disables broadcast limiting for outbound broadcasts on a selected port on the switch. Th e value selected is the percentage of traffic allowed, for example, broadcast-limi t 5 allows 5% of the maximum amount of traffic f[...]

  • Page 272

    Port Status and Configuration Viewing Port Status and Configur ing Port Parameters Using the above ports: ■ If you connect a copper port using a st raight- through cable on a switch to a port on another switch or hub that uses MDI-X ports, the switch port automatically operates as an MDI port. ■ If you connect a copper port using a straight- th[...]

  • Page 273

    Port Status and Configuration Viewing Port Status and Configuring Port Parameters The Auto-MD IX feature s apply o nly to co pper port switches using twisted-pair copper Ethernet cables. Syntax: interface < port-list > mdix-mode < auto-mdix | mdi | mdix > auto-mdix is the automatic, default setting. This configures the port for automati[...]

  • Page 274

    Port Status and Configuration Viewing Port Status and Configur ing Port Parameters Per - Port MDI Configurati on Figure 10-15. Example of Displayi ng the Current MDI Configuration Per -Port MDI Operating M ode Figure 10-16. Example of Displaying th e Current MDI Operating Mode W eb: Viewing Port Status and Confi guring Port Parameters In the web br[...]

  • Page 275

    Port Status and Configuration Using Friendly (Optional) Port Names Using Friendly (Optional) Port Names Feature Default Menu CLI Web Configure Friendly Port Names Standard Port Numbering n/a page 26 n/a Display Friendly Port Names n/a n/a page 27 n/a This feature enables yo u to assign alphanumeric port nam es of your choosing to augment au tomatic[...]

  • Page 276

    Port Status and Configuration Using Friendly (Optional) Port Names ■ T o retain friendly por t names across reboot s, you must save the current running-con figuration to the startup- config file after entering the friendly port names. (In the CLI, use the write memory command.) Configuring Friendly Port Names Syntax: interface < port-list >[...]

  • Page 277

    Port Status and Configuration Using Friendly (Optional) Port Names Configuring the Sa me Name for Multiple Ports. Suppose that you wan t to use ports A5 through A8 as a trunked li nk to a server used by a drafting group. In this case you might configure ports A5 through A8 with the name “Draft-Server:T runk”. Figure 10-18. Example of C onfiguri[...]

  • Page 278

    Port Status and Configuration Using Friendly (Optional) Port Names T o List All Ports or Selected Ports with Their Friendly Port Names. This command lists names assi gned to a specific port. Syntax: show nam e [ port-list ] Lists the friendly port name with its corresponding port number and port typ e. The show name command without a port list show[...]

  • Page 279

    Port Status and Configuration Using Friendly (Optional) Port Names Including Friendly Po rt Names in Per -Port Statistics Listings. A friendly port name configured to a port is automatica lly included when y ou display the port’ s statistics output. Syntax: show inte rface < port-number > Includes the friendly port name wi th the port’ s [...]

  • Page 280

    Port Status and Configuration Using Friendly (Optional) Port Names For example, if you co nfigure port A1 with a friendly po rt name: This command seque nce saves the friendly port name for port A1 in the startup- config file. The n ame entered for port A2 is not saved because it was executed after write memory . In this case, show config li sts on[...]

  • Page 281

    Port Status and Configuration Using Friendly (Optional) Port Names Configuring T ransceivers and Modules That Haven’t Been Inserted T ransceivers Previously , a port ha d to be valid and v erified for the switch to allow it to be configured. T ransceivers are removable ports and considered invalid when not present in the switch, so they cannot be[...]

  • Page 282

    Port Status and Configuration Using Friendly (Optional) Port Names Syntax: [no] module <slot> Allows removal of the module co nfiguration in the configura- tion file after the module has been removed. Enter an integer between 1 and 12 for <slot>. For example: ProCurve(config)# no module 3 Note This does not change how hot-swap wor ks. O[...]

  • Page 283

    Port Status and Configuration Uni-Directional Link Detection (UDLD) Uni-Directional Link Detection (UDLD) Uni-directional Lin k Detection (UDLD) monitors a li nk between two ProCurve switches and blocks the ports on both en ds of the link if the link fails at any point between the two devices. This featur e is particularly useful for detecting fail[...]

  • Page 284

    Port Status and Configuration Uni-Directional Link Detection (UDLD) connected ports. UDLD-enabled ports; however , will prevent traffic from being sent across a bad link by blocking the ports in the event that either the individual transmitter or receiver for that connection fails. Ports enabl ed for UDLD exch ange heal th-check packets once every [...]

  • Page 285

    Port Status and Configuration Uni-Directional Link Detection (UDLD) Syntax: link-keepalive interval < interval > Determines the time interval to send UDLD control packets. The <interval> parameter specifies ho w often the ports send a UDLD packet. Y ou can specify from 10 – 100, in 100 ms increments, where 10 is 1 second, 11 is 1.1 se[...]

  • Page 286

    Port Status and Configuration Uni-Directional Link Detection (UDLD) Changing the Keepalive Interval By default, ports en abled for UDLD send a link health-check packe t once every 5 seconds. Y ou can change the i nterval to a value from 10 – 100 deciseconds, where 10 is 1 second, 11 is 1.1 seconds, and so on. For example, to change the packet int[...]

  • Page 287

    untagged Port Status and Configuration Uni-Directional Link Detection (UDLD) ■ T o re-assig n a VLAN ID, re-enter the command with the new VLAN ID number . The new command will o verwrite the previous command setting. ■ When configuring UDLD for tagge d ports, you may receive a warning message if there are any inconsistenc ies with the port’ [...]

  • Page 288

    Port Status and Configuration Uni-Directional Link Detection (UDLD) T o di splay detailed UDLD info rmation for specific ports, enter the show link- keepalive statistics comma nd. For example: Ports 1 and 2 are UDLD-en abled and show the number of heal th check packe ts sent and received o n each port. ProCurve(config)# show link-keepa live statist[...]

  • Page 289

    Port Status and Configuration Uni-Directional Link Detection (UDLD) Configuration W arnings and Event Log Messages W arning Messages. The following tab le shows the warning messages that may be issued and their possible causes, when UDLD is c onfigured for tagged ports. T able 10-3. Warning Messages caused by c onfiguring UDLD for T agged Ports CLI[...]

  • Page 290

    Port Status and Configuration Uni-Directional Link Detection (UDLD) 10-40[...]

  • Page 291

    11 Power Over Ethernet (PoE/PoE+) Operation Contents Introduction to PoE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2 PoE Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2 PoE Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .[...]

  • Page 292

    Power Over Ethernet (PoE/PoE+) Operation Contents PoE Event Log Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-27 “Informational” PoE Event-Log Messages . . . . . . . . . . . . . . . . . 11-27 “Warning” PoE Event-Log Messages . . . . . . . . . . . . . . . . . . . . . . 11-28 11-2[...]

  • Page 293

    Power Over Ethernet (PoE/PoE+) Operation Introduction to PoE Introduction to PoE PoE technolo gy allows IP telephon es , wireless LAN access points, an d other appliances to receive power and transf er data over existing ethernet LAN cabling. For more inf ormation about PoE technology , refer to the PoE Plan- ning and Implementation Guide , wh ich [...]

  • Page 294

    Power Over Ethernet (PoE/PoE+) Operation Introduction to PoE Te r m Use in this Manual port-number priority Refers to the type of power prioritiza tion wh ere, within a priority class, a PoE module assigns the highest priority to the lowest-numbered port in the module, the second-high est priority to the second lowest-numbered port in the module, a[...]

  • Page 295

    Power Over Ethernet (PoE/PoE+) Operation PoE Operation PoE Operation Using the commands described in this chapter , you can: ■ Enable or disable PoE op eration on individual po rts. ■ Monitor PoE stat us and performance per module. ■ Configure a non-de fault power threshold for SNMP and Even t Log reporting of PoE co nsumption on eit her all [...]

  • Page 296

    Power Over Ethernet (PoE/PoE+) Operation PoE Operation Note The ports support standard networking link s and PoE links. Y ou can connect either a non-PoE device or a PD to a port enabled for PoE without reconfig- uring the port. PD Support T o be st utilize the allocated PoE powe r , spread your co nnected PoE devices as evenly as possible across m[...]

  • Page 297

    Power Over Ethernet (PoE/PoE+) Operation PoE Operation For PoE+, there must be 33 watts avail a ble f or the modul e to begin supplyin g power to a port with a PD connected. A slot in a zl chassis can pr ovide a maximum of 370 wat ts of PoE/PoE+ po wer to a modul e. Disconnecting a PD from a PoE port causes th e module to stop providing PoE power t[...]

  • Page 298

    Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation Configuring PoE Operation In the default configuration, PoE suppor t is enabled on the ports in a P o E module installed o n the switch. The default prio rity for all ports is Low and the default power notificat ion threshold is 80 (%). Using the CLI, you can: ■ Disable or re-enab[...]

  • Page 299

    Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation Configuring the PoE Po rt Priority Level Syntax: interface < port-list > power -over -e thernet [ critical | high | low ] Reconfigures the PoE priority level on < port-list >. For a given level, ports are prioritized by port number in ascending order . For example, if po[...]

  • Page 300

    Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation T able 11-1. Example of PoE Priority Operation on a PoE Module Port Priority Setting Configuration Command 1 and Resulting Operation with PDs connected to Ports C3 Through C24 C3 - C17 Critical In this example, the following CL I command sets ports C3-C17 to Critical : ProCurve(conf[...]

  • Page 301

    Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation allocated sta rting with module A, then B, C, and the rema ining modules in order . Any remaining pow er is allo cated in the same manner for the Low priority port s, beginning wi th module A though th e remaining modul es. If there is not enough PoE power for all the PDs connected [...]

  • Page 302

    Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation Controlling PoE Allocation The default opti on for PoE allocat ion is usage , which is what a PD attached to the port is allocat ed. Y ou can overri de this value by specifying the amount of power allocated to a port by using the class or value options. Syntax : [no] int <port-li[...]

  • Page 303

    Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation Manually Configuring PoE Power Levels Y ou can specify a power level (in watts) allocated for a port by using the value option. This is the maximum amoun t of power that will be delivered. T o configure a port by value, first se t th e PoE allocation by enterin g th e poe- allocate-[...]

  • Page 304

    Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation ProCurve(config)# int A7 poe-va lue 4 ProCurve(config)# show power-ov er-ethernet A7 Status and Counters - Port Pow er Status for port A7 Power Enable : Yes LLDP Detect : enabled Priority : low Configured Type : AllocateBy : value Value : 4 W Detection Status : fault Power Class : 2[...]

  • Page 305

    Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation Changing the Threshold for Generating a Power Notice Y ou can configure one of t he following threshol ds: ■ A global power th reshold that app lies to all modul es on the switch. This setting acts as a trigger for sending a notice when the PoE power consumption on any P oE module[...]

  • Page 306

    Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation Syntax : power-over -ethernet [slot < slot-id-rang e >] threshold < 1 - 99 > This command specifies the PoE usage level (as a percentage of the PoE power available on a module) at which the s w itch generates a power usage notice. This notice appears as an S NMP trap and[...]

  • Page 307

    Power Over Ethernet (PoE/PoE+) Operation Configuring PoE Operation Syntax : power-over -ethernet [slot < slot-id-range >] threshold <1 - 99 > (Continued) T o continue the preceding exampl e, if the PoE power usage on the PoE module in slot B drops below 70%, another SNMP trap is generated and you will see this message in the Event Log: [...]

  • Page 308

    Power Over Ethernet (PoE/PoE+) Operation PoE/PoE+ Allocation Using LLDP Information PoE/PoE+ Allocation Using LLDP Information LLDP with PoE When using Po E, enabling poe-lldp-detect allows au tomatic power configura - tion if the link part ner supports PoE. When LLDP is enabled, th e information about the power usage of the PD is avai lable and th[...]

  • Page 309

    Power Over Ethernet (PoE/PoE+) Operation Displaying the Switch’s Global PoE Power Status Displaying the Switch’ s Global PoE Power Status Syntax: s how power-over -ethernet [brief | [ethernet] <port -list> |[slot <slot-id-range> | all>]] Displays the switch’ s global PoE power status, including: • T otal Available Power: List[...]

  • Page 310

    Power Over Ethernet (PoE/PoE+) Operation Displaying the Switch’s Global PoE Power Status ProCurve(config)# show powe r-over-ethernet Status and Counters - Syst em Power Status Pre-standard Detect : On System Power Status : No redundancy PoE Power Status : No redundancy Chassis power-over-etherne t: Total Available Power : 600 W Total Failover Pow[...]

  • Page 311

    Power Over Ethernet (PoE/PoE+) Operation Displaying the Switch’s Global PoE Power Status Displaying PoE Stat us on All Ports Syntax : show power-over -ethernet brief Displays the followin g port power status: • PoE Port: Lists all PoE-capable ports on the switch. • Power Enable: Shows Ye s for ports enabled to support PoE (the default) and No[...]

  • Page 312

    Power Over Ethernet (PoE/PoE+) Operation Displaying the Switch’s Global PoE Power Status For example, show power-over -ethernet brief displays this output: ProCurve(config)# show power-ove r-ethernet brief Status and Counters - Port Powe r Status System Power Status : No re dundancy PoE Power Status : No re dundancy Available: 600 W Used: 9 W R e[...]

  • Page 313

    Power Over Ethernet (PoE/PoE+) Operation Displaying the Switch’s Global PoE Power Status Displaying the PoE Stat us on Specific Ports Syntax : show power-over -ethernet < port-list > Displays the following PoE status and statistics (since the last reboot) for each port in < port-list >: • Power Enable: Shows Ye s for ports enabled t[...]

  • Page 314

    Power Over Ethernet (PoE/PoE+) Operation Displaying the Switch’s Global PoE Power Status • Power Class: Shows the power class of the PD detected on the indicated port. Classes include: 0 : 0.44w to 12.95w 2 : 3.84w to 6.49w 4: For PoE+; 1 : 0.44w to 3.84w 3 : 6.49 w to 12.95w up to 25.5 watts can be drawn by the PD • MPS Absent Cnt: This valu[...]

  • Page 315

    Power Over Ethernet (PoE/PoE+) Operation Planning and Imple m e nti ng a PoE Configuration Planning and Implementing a PoE Configuration This section provides an overview of some considerations for planning a PoE application . For additional informat ion on this topic, re fer to the HP ProCurve PoE Planning and Implementation Guide which is availab[...]

  • Page 316

    Power Over Ethernet (PoE/PoE+) Operation Planning and Implementing a PoE Configuration For example, if the 5406zl has two 24- port PoE modules (J8702A) installed, and all ports are using 15.4 watts, then the total wattage used is 739.2 wa tts (48 x 15.4). T o supply the nec essary PoE wattage a J8713A power supply is installed in one of th e power [...]

  • Page 317

    Power Over Ethernet (PoE/PoE+) Operation Planning and Imple m e nti ng a PoE Configuration T able 11-3. Classifiers for Prioritizing Outbound Pac kets Priority QoS Classifier 1 UDP/TCP Application T ype (port) 2 Device Priority (destinat ion or source IP address) 3 IP T ype of Service (T oS) field (IP packets only) 4 VLAN Priority 5 Incoming source[...]

  • Page 318

    Power Over Ethernet (PoE/PoE+) Operation PoE Event Log Messages PoE Event Log Messages PoE operat ion generat es these Event Log messages. Y ou can also configure the switch to send these messages to a configured debug destination (ter minal device or SyslogD server). “Informational” PoE Event-Log Messages Message Meaning I < MM/DD/YY > &[...]

  • Page 319

    Power Over Ethernet (PoE/PoE+) Operation PoE Event Log Messages “W arning” PoE Event-Log Messages Message Meaning W < MM / DD / YY > < HH : MM : SS > chassis Message header , with severity , date, system time, and system module type. For more information on Event Log operation, including severity indicators, refer to “Usin g the E[...]

  • Page 320

    Power Over Ethernet (PoE/PoE+) Operation PoE Event Log Messages 11-30[...]

  • Page 321

    12 Port T runking Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-3 Port Trunk Features an d Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-5 Trunk Configuration Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-6 Menu: Viewing [...]

  • Page 322

    Port Trunking Contents Forwarding Broadcast, Mult icast, and Unknown Traffic Downstream (to the Server) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-33 Distributed Trunki ng Restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-35 Trunk Group Operation Usin g the “Trunk” Option . . . . . . . . . . . . 12-36 How t[...]

  • Page 323

    Port Trunking Overview Overview This chapter describes creating and modifying port trunk grou ps. This includes non-protocol trunks and L ACP (802.3ad) trun ks. Port Status and Conf iguration Feature s Feature Default Menu CLI W eb viewing port trunks n/a page 12-10 page 12-12 page 12-18 configuring a static trunk none page 12-10 page 12-16 — gro[...]

  • Page 324

    Port Trunking Overview Port Connecti ons and Configuratio n: All port trunk links must be poin t- to-point connections between a sw itch and another switch, router , server , or workstation config ured for port tr unking. No intervening, non-trunki ng devices are allowed. It i s important to note that ports on both ends of a port trunk group must h[...]

  • Page 325

    Port Trunking Port Trunk Features and Operation Port T runk Features and Operation T he sw it ch es covered in this guide o ff er th es e o pt io n s f or po rt tr un ki n g: ■ LACP: IEEE 802.3ad—page 12-19 ■ T runk: Non- Protocol—page 12-36 Up t o 1 44 t ru nk gr ou p s a re su p po rt ed o n t he sw i tc he s covered in this guide. The ac[...]

  • Page 326

    Port Trunking Trunk Configuration Methods T runk Configuration Methods Dynamic LACP T runk : The switch automatically negoti ates trunked li nks between LACP-configured po rts on sepa rate devices, and offers one dynamic trunk option: LACP . T o conf igure the switch to in itiate a dynamic LACP trunk with another device, use the interface command i[...]

  • Page 327

    Port Trunking Trunk Configuration Methods T able 12-2. T runk Configuration Protocols Protocol T runking Options LACP Provides dynamic and static LACP trunking options. (802.3ad) • Dynamic LACP — Use the switch-negotiated dy namic LACP trunk when: – The port on the other end of the trunk link is configured for Active or Passive LACP . – Y o[...]

  • Page 328

    Port Trunking Trunk Configuration Methods T able 12-3. General Opera ting Rules for Port T runks Media: For proper trunk operation, all ports on both ends of a trunk group must have th e same media type and mode (speed and duplex). (For the switches cover ed in this guide, ProCurve recommends leaving the port Mode setting at Auto or , in networks u[...]

  • Page 329

    Port Trunking Trunk Configuration Methods Spanning T ree: 802.1D (STP) and 802.1w (RSTP) Spanning T ree operate as a global setting on the switch (with one instance of Spanning T ree per switch). 802.1s (MSTP) Spanning T r ee operates on a per -instance basis (with multiple instances allowed per switch). For each Spanning T ree instance, you can ad[...]

  • Page 330

    Port Trunking Menu: Viewing an d Configuring a Static Trunk Group Menu: V iewing and Configuring a Static T runk Group Important Confi gure port trunki ng before you connect the trunked links to anot her switch, routing switch, or server . Otherwise, a broad cast storm could occur . (If you need to connect the ports b efore configur ing them for tr[...]

  • Page 331

    Port Trunking Menu: Viewing an d Configuring a Static Trunk Group • For proper trunk operation, all por ts in a trunk must have the same media type and mode (such as 10/100TX set to 100FDx, or 100FX set to 100FDx). The flow control settings must also be the same for all ports in a given trunk. T o verify thes e settings, refer t o “V ie wing Po[...]

  • Page 332

    Port Trunking CLI: Viewing and Configurin g Port Trunk Groups 8. Connect the trunked ports on the switch to the corresponding ports on the opposite device. If you previousl y disabled any of the trunked ports on the switch, enab le them now . (R efer to “V iewing Port Status and Configuring Port Parameters” on page 10-3.) Check the Event Log (?[...]

  • Page 333

    Port Trunking CLI: Viewing and Configuring Port Trunk Groups Using a port list specifies, for sw itch ports in a static trunk group, only the ports you want to vi ew . In this case, the command specifies ports A5 through A 7 . H o w e v e r, b e c a u s e p o r t A 6 i s n o t i n a static trunk group, i t does no t appear in the resultin g listing[...]

  • Page 334

    Port Trunking CLI: Viewing and Configurin g Port Trunk Groups Listing Static LACP and Dynamic LACP T runk Data. Syntax: show lacp Lists data for only the LACP-configured ports.. In the followin g example, po rts A1 and A2 have been previously con figured for a static LACP tr unk. (For more on the “Active” parameter , see table 12-5 on page 12-2[...]

  • Page 335

    Port Trunking CLI: Viewing and Configuring Port Trunk Groups Figure 12-9. Example of a Dynamic LACP T runk with One Standby Link “Up” Links Standby Link Using the CLI T o Configure a Static or Dynamic T runk Group Important Configure port trun king before y ou connect the trunked links between switches. Otherwise, a br oadcast storm could occur[...]

  • Page 336

    Port Trunking CLI: Viewing and Configurin g Port Trunk Groups Configuring a Static T runk or Static LACP T runk Group. Syntax: trunk < port-list > < trk1 ... trk144> < trunk | lacp > Configures the specified static trunk type. This example uses port s C4 - C6 to create a non-protocol st atic trunk group with the group n ame of Tr [...]

  • Page 337

    Port Trunking CLI: Viewing and Configuring Port Trunk Groups Figure 12-10. Example of Criteria for Automatically Forming a Dyna mic LACP T runk Switch “A” with ports set to LACP passive. Switch “B” with ports set to LACP passive. Dynamic LACP tru nk cannot automat ically form b ecause both ends of the links are LACP passive. (In this case s[...]

  • Page 338

    Port Trunking Web: Viewing Existing Port Trunk Groups Caution Unless spanning tree is running on your netw ork, removing a port from a trunk can result i n a loop . T o help preven t a broadcast storm when you remove a port from a trunk whe re spanning tree is not in use, ProCurve recomm ends that you first disabl e the port or disconnect the li nk[...]

  • Page 339

    Port Trunking Trunk Group Operation Using LACP T runk Group Operation Using LACP The switch can automat ically configure a dy namic LACP trunk gr oup or you can manually configure a static LACP trunk group. Note LACP requires fu ll-duplex (FDx) l inks of the same medi a type (10/100Base -T , 100FX, etc.) and the same speed, and en forces speed and [...]

  • Page 340

    Port Trunking Trunk Group Operation Using LACP T able 12-4. LACP T runk T ypes LACP Port T runk Configuration Operation Dynamic LACP This option automatically establishes an 802.3ad-compliant trunk group, with LACP for the port T ype parameter and Dyn X for the port Group name, where X is an automatically assigned value from 1 to 144, depending on [...]

  • Page 341

    Port Trunking Trunk Group Operation Using LACP Static LACP Provides a manually configured, st atic LACP trunk to acco mmodate these conditions: LACP Port T runk Configuration Operation • The port on the other end of the trunk link is configured for a static LACP trunk. • Y ou want to configure non-default spanning tree or IGMP parameters on an [...]

  • Page 342

    Port Trunking Trunk Group Operation Using LACP Default Port Operation In the default configuration, LACP is di sabled for al l ports. If LACP i s not configured as Active on at least one end of a link, then the p ort does not t ry to detect a trunk configur ation and operates as a standard, untrunked port. T able 12-5 lists the elements of per -por[...]

  • Page 343

    Port Trunking Trunk Group Operation Using LACP LACP Partner Ye s : LACP is enabled on both ends of the link. Status Name Meaning No: LACP is enabled on the switch , but either LACP is not enabled or the link has not been detected on the opposite device. LACP Status Success: LACP is enabled on the port, detects and synchr onizes with a device on the[...]

  • Page 344

    Port Trunking Trunk Group Operation Using LACP The switch will not allo w you to configure LACP on a port on which port security is enabled. For example: ProCurve(config)# int a17 lacp passive Error configuring port A17: LACP and port security cannot be run together. ProCurve(config)# T o restore LACP to the port, you must remove port security and [...]

  • Page 345

    Port Trunking Trunk Group Operation Using LACP ProCurve(eth-B1-B8)# show lac p LACP PORT LACP TRUNK PORT LACP LACP NUMB ENABLED GROUP STATUS PARTNER STATUS ---- ------- ------- ------- ------- ------- B1 Active Dyn1 Up Yes Success B2 Active Dyn1 Up Yes Success B3 Active Dyn1 Up Yes Success B4 Active Dyn1 Up Yes Success B5 Active Dyn1 Blocked Yes Fa[...]

  • Page 346

    Port Trunking Trunk Group Operation Using LACP Spanning T ree and IGMP . If Spanning T ree and/or IG MP is enabled in the switch, a dynamic LACP trunk op erates only with the default settings fo r these features and does not appear in th e port listings for these features. Half-Duplex and/or Dif ferent Port Speeds Not Allowed in LACP T runks. The p[...]

  • Page 347

    Port Trunking Distributed Trunking Distributed T runking Overview The IEEE standard 802.3ad requires that all the links in a trunk group originate from the same switch. Di stributed T runking uses a proprietary p rotocol that allows two or more por t trunk links dist ributed across two switch es to create a trunk group. The grou ped links appear to[...]

  • Page 348

    12-28 Port Trunking Distributed Trunking Figure 12-13. Example of Distribu ted T runking Confi guration In figure 12-14, three differ ent distributed trunk s with three different servers have one common ISC link. Each trunk only span s two distributed trunki ng switches. The distributed tr unking switch e s are connected at the ISC ports so they ca[...]

  • Page 349

    Port Trunking Distributed Trunking Distributed T runk Switch Local InterSwitch-Connect (ISC) Server 1 Server 2 Server 3 T runk Tr u n k T runk Distributed T runk Switch Remote DTD DTD DTD ISC ports DT ports DT ports Figure 12-14.Example of Distrib uted T runking Distributed T runking Inte rconnect Protocol (DTIP) Distributed trun king uses the Dist[...]

  • Page 350

    Port Trunking Distributed Trunking Configuring Distributed T runking ISC Port Configuration Y ou must configure the ISC ports before you can configure the tru nks for distributed trunki ng. T o configure an ISC port, enter this command: Syntax: switch-interconnect <port-num | trk1...trkN> no switch-interconnect Configures an InterSwitch-Conne[...]

  • Page 351

    Port Trunking Distributed Trunking ProCurve Switch Local(config)# sw itch-interconnect a7 ProCurve Switch Remote(config)# s witch-interconnect a8 ProCurve Switch Local(config)# tr unk a9-a10 trk10 dt-lacp ProCurve Switch Remote(config)# t runk a5-a6 trk10 dt-lacp Figure 12-15.Example of Configuri ng Distributed T runking Displaying Distributed T ru[...]

  • Page 352

    Port Trunking Distributed Trunking Maximum DT T runks and Links Supported T able 12-1 shows the maximum number of DT trunks and DT links that are supported. T able 12-1. Maximum DT T runks and Links Descriptio n Max Nu mber Maximum number of groups (DT trun ks) in a DT switch (that is, 60 maximum number of servers supported) Maximum number of switc[...]

  • Page 353

    Port Trunking Distributed Trunking Unicast frames are only forwarded by one of the DT switches unless the MAC address is reachable only t hrough the other DT switch, f or example, a host on DT2 sends or receives fr ames direct ly through the DT2 swi tch. Forwarding Broadcast, Multicast, and Unknown T raffic Upstream When the DT 1 switch rec eives b[...]

  • Page 354

    Port Trunking Distributed Trunking STP Root D A DT1 DT2 B C Server ISC Port Running MSTP STP Blocked Upstream Unicast T raffic Upstream Bcas t/Mcast/Unknown DA Downstream Unicast T raffic Downstream Bcast/Mcast/Unknown DA I1 I2 I3 I4 Figure 12-17. Example of Distrib uted T runking with STP Forwarding Unicast, Broadcast and Multic ast T raffic 12-34[...]

  • Page 355

    Port Trunking Distributed Trunking Distributed T runking Restrictions There are sev eral restricti ons with di stributed trunk ing. ■ The port tru nk links should be co nfigured manually (manual LACP). Dynamic linking acr oss switches is not supported. ■ Only servers are supported as Dist ributed T runking Devices (DTDs). ■ A distributed trun[...]

  • Page 356

    Port Trunking Trunk Group Operation Using the “Trunk” Option T runk Group Operation Using the “T runk” Option This method creat es a trunk grou p that operat es independently of specif ic trunking protocol s and does not u se a protocol exch ange with the device on the other end of the trunk. W ith this ch oice, the switch simp ly uses the [...]

  • Page 357

    Port Trunking How the Switch Lists Trunk Data How the Switch Lists T runk Data Static T runk Grou p: Appears in the menu interface and t he output from th e CLI show trunk and show interfa ces commands. Dynamic LACP T runk Group: Appears in the output f rom the CLI show lacp command. Interface Option Dynamic LACP T runk Group Static LACP T runk Gro[...]

  • Page 358

    Port Trunking Outbound Traffic Distribution Across Trunked Links The load-balancing is done on a per co mmunication basis. Otherwise, traffic is transmitted across the same path as show n in figure 12-18. That is, if Client A attached to Switch 1 sends five packet s of data to Server A attached to Switch 2, the same link is used to send a ll five p[...]

  • Page 359

    Port Trunking Outbound Traffic Distribut ion Across Trunked Links T able 12-1. Example of Link Assig nments in a T runk Group (SA/DA Distribution) Source: Destination: Link: Node A Node W 1 Node B Node X 2 Node C Node Y 3 Node D Node Z 1 Node A Node Y 2 Node B Node W 3 Because the am ount of traffi c coming from or going t o various nodes in a netw[...]

  • Page 360

    Port Trunking Outbound Traffic Distribution Across Trunked Links 12-40[...]

  • Page 361

    13 Port T raffic Controls Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-3 Using Both ICMP Rate-Lim iting and All-Traffic Rate-L imiting Configuring Inbound Rate-Lim iting for Broadcast Configuring Guaranteed Minimum Bandwidt h for Displaying the Current Guar anteed Minim[...]

  • Page 362

    Port Traffic Controls Contents Jumbo Frames . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-30 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-30 Operating Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [...]

  • Page 363

    Port Traffic Controls Overview Overview Feature Default Me nu CLI We b Rate-Limiting None n/a 13-4 n/a Guaranteed Minimum Per Queue (1-8 order): n/a 13-22 n/a Bandwidth 2%-3%-30%-10%-10% - 10%-15%-20% Jumbo Packets Disabled n/a 13-30 n/a This chapter includes: ■ Rate-Limiting: Enables a port to limit the am ount of bandwidth a user or device may [...]

  • Page 364

    Port Traffic Controls Rate-Limiting Rate-Limiting Feature Default Menu CLI We b rate-limit all none n/a page 13-5 n/a show rate-limit all n/a n/a page 13-6 n/a rate-limit icmp none n/a page 13-13 n/a show rate-limit icmp n/a n/a page 13-14 n/a All T raffic Rate-Limiting Rate-limiting for all traf fic operates on a per -port basis to allow only the [...]

  • Page 365

    Port Traffic Controls Rate-Limiting Configuring Rate-Limiting Note The mode using b its per second (bps) in releases before K.12.XX has been replaced by the kilobi ts per second (kbps) mo de. Switches that have config- urations with bps values w ill be auto matically converted when you update your software to the new version. However , an ol der co[...]

  • Page 366

    Port Traffic Controls Rate-Limiting • Kbps rate-limiting is done in segments of 1% of the lowest corresponding media speed. For example, if the media speed is 100 Kbps, the valu e would be 1 Mbps. A 1-100 Kbps rate-limit is implemented as a limit of 100 Kbps; a limit of 100-199 Kbps is also implemented as a limit of 100 Kbps, a limit of 200-299 K[...]

  • Page 367

    Port Traffic Controls Rate-Limiting ProCurve# show rate-limit all a1-a6 All-Traffic Rate Limit Maximu m % | Inbound Radius | Outbound Radius Port | Limit Mode Override | Limit Mode Override ----- + --------- --------- ----------- + --------- --------- ------- ---- A1 | Disabled Disabled No-override | 200 kbps No-override A2 | Disabled Disabled No-o[...]

  • Page 368

    Port Traffic Controls Rate-Limiting ProCurve(config)# show confi g Startup configuration: ; J8697A Configuration Edito r; Created on release #K.14.01 hostname "ProCurve Switch 82 12zl" module 1 type J8705A snmp-server community "publi c" Unrestricted vlan 1 name "DEFAULT_VLAN" untagged A1-A24 ip address dhcp-bootp exit[...]

  • Page 369

    Port Traffic Controls Rate-Limiting rate-limiting o n the port while it is in the trunk. Atte mpting to configure rate-limiting on a po rt that alread y belongs to a trunk generates the following message: < port-list > : Operation is not allowed for a trunked port. ■ Rate-limiting f or inbound and outbound traffi c are separate features: Th[...]

  • Page 370

    Port Traffic Controls Rate-Limiting ■ Optimum rate-limiti ng operation: Optimum rate-li miting occurs with 64-byte packet sizes. T raffic with larger packet sizes can result in performance somewhat below the configured band width. This i s to ensure the strictest possible rate-l im iting of all si zes of packets. Note on T esting Rate-lim iting i[...]

  • Page 371

    Port Traffic Controls Rate-Limiting messages to an extent where no other tr affic can get through. (ICMP messages themselves can also be misused as viru s carriers). Such malicious misuses of ICMP can include a high number of ping pac kets that mi mic a valid source I P address and an invalid destination IP address (spoofed pings), and a high numbe[...]

  • Page 372

    Port Traffic Controls Rate-Limiting Spoofe d Ping: An ICMP echo request packet intentionally gen erated with a valid source IP address and an inva lid destin ation IP address. Spoofed pings are often created with the intent to oversubscribe network resources with traffic having invalid destinations. Guidelines for Configuring ICMP Rate-Limiting App[...]

  • Page 373

    Port Traffic Controls Rate-Limiting Configuring ICMP Rate-Limiting The r ate-limit icmp command controls inbound usage of a port by setting a limit on the bandw idth available for inbound ICMP traffi c. Syntax: [no] int < port- list > rate-limit icmp <percent < 0-100 > | kbps <0-10000000>> Configures inbound ICMP traf fic ra[...]

  • Page 374

    Port Traffic Controls Rate-Limiting Using Both ICMP Rate-Limiting and All-T raffic Rate-Limiting on the Same Interface ICMP and all-tra ffic rate-limiting can be confi gured on the same interface. All-traffic rate -limiting applie s to all inbound or outbound traffic (including ICMP traffic), w hile ICMP rate-limitin g applies onl y to inbound ICMP[...]

  • Page 375

    Port Traffic Controls Rate-Limiting For example, if you wanted to view the rate-lim iting configuration on th e first six ports in th e module in slot “B”: ProCurve(config)# show rate-li mit icmp b1-b6 Inbound ICMP Rate Limit Maxim um Percentage | Rate Port | Mode Limit ----- + -------- -------- B1 | Disabled Disabled B2 | kbps 100 B3 | % 5 B4 [...]

  • Page 376

    Port Traffic Controls Rate-Limiting 0.5 Mbps of inbound traffi c. If an interface experiences an inbound flow of ICMP traffic in excess of its config u red limit, the swit ch gene rates a log message and an SNMP tr ap (if an SNMP trap receiver is conf igured). ■ ICMP rate-limiting i s port-based: ICMP rate-limiting re flects the available perc en[...]

  • Page 377

    Note on T esting ICMP Rate-Limiting Port Traffic Controls Rate-Limiting ICMP rate-limiti ng is applied to the a vailable bandwidth on an interface. If the total bandwi dth requested by all ICMP traffic is less than the ava ilable, configured maximum rate, then no ICMP ra te-li mit can be applied. That i s, an interface m ust be receiving m ore inbo[...]

  • Page 378

    Port Traffic Controls Rate-Limiting The switch does not send more traps or Event Log messages for excess ICMP traffic on the affect ed port until the system operat or resets the port’ s ICMP trap function . The reset can be done throug h SNMP from a network manage - ment station or t hrough the CLI with the following setmib co mmand. Syntax: setm[...]

  • Page 379

    Port Traffic Controls Rate-Limiting T o match the port’ s external slot/numbe r to the internal port number , use the walkmib ifDescr command, as shown in the following figure: ProCurve# walkmib ifDescr ifDescr.1 = A1 ifDescr.2 = A2 ifDescr.3 = A3 . . . ifDescr.23 = A23 ifDescr.24 = A24 ifDescr.27 = B1 ifDescr.28 = B2 ifDescr.29 = B3 . . . ifDesc[...]

  • Page 380

    Port Traffic Controls Rate-Limiting Syntax: rate-limit < bcast | mc ast > in percent <0-100> no rate-limit <bcast | mcast> in Enables rate-limiting and set s limits for the specified inbound broadcast or multicast traffic. Only the amount of traffic specified by the percent is forwarded. Default: Disabled For example, if you w ant[...]

  • Page 381

    Port Traffic Controls Rate-Limiting ProCurve(eth-3)# rate-limit mcast in percent 20 ProCurve(eth-3)# show rate- limit mcast Multicast-Traffic Rate Lim it Maximum % Port | Inbound Limit Mode Radius Override ----- + ------------- --------- - ------------- - 1 | Disabled Dis abled No-override 2 | Disabled Dis abled No-override 3 | 20 % No-override 4 |[...]

  • Page 382

    Port Traffic Controls Guaranteed Minimum Bandwidth (GMB) Guaranteed Minimum Bandwidth (GMB) Feature Default Menu CLI We b bandwidth-min output Per -Queue: 2%-3%-30%-10% 10%-10%-15% -20% n/a page 13-25 n/a show bandwidth output [ port-list ] n/a n/a page 13-28 n/a Introduction Guaranteed Minimum Bandwid th (GMB) pr ovides a method for ensuring th at[...]

  • Page 383

    Port Traffic Controls Guaranteed Minimum Bandwidth (GMB) T able 13-1. Per -Port Outbound Priority Queue s 802.1p Priority Settings in T agged VLAN Packets* Outbound Priority Queue for a Given Port 1 (low) 1 2 (low) 2 0 (normal) 3 3 (normal) 4 4 (medium) 5 5 (medium) 6 6 (high) 7 7 (high) 8 *The switch processes outbound traffic from an unt agged po[...]

  • Page 384

    Port Traffic Controls Guaranteed Minimum Bandwidth (GMB) Note For a given port, when the de mand on one or more outboun d queues exceeds the minimum b andwidth configured for those queues, the switc h apportions unallocated bandwidth to these queues on a pri ority basis. As a result, speci- fying a minimum bandwidt h for a high-p riority queue but [...]

  • Page 385

    Port Traffic Controls Guaranteed Minimum Bandwidth (GMB) Note For more informat ion on queue confi guration and the associated default minimum band width settings, refer to the chapter ti tled “ Quality of Service (QoS): Managing Band width More Effectively ” in the Advanced T raffic Management Guide f or your switch . Configuring Guaranteed Mi[...]

  • Page 386

    Port Traffic Controls Guaranteed Minimum Bandwidth (GMB) Syntax: [ no ] int < port-list > band width-min output [ < queue1% > < queue2% > < queue3% > < queue4% > < queue5% > < queue6 %> <queue7%> <queue8%>] For ports in < port-list > , specifies the minimum outbound bandwidth as a percent [...]

  • Page 387

    Port Traffic Controls Guaranteed Minimum Bandwidth (GMB) Notes: Configuring 0% for a queue can result in that queue being starved if any higher queue becomes over - subscribed and is then gi ven all unused bandwidth. The switch applies the bandwi dth calculation t o the link speed the port is currently using. For example, if a 10/100 Mbs port negot[...]

  • Page 388

    Port Traffic Controls Guaranteed Minimum Bandwidth (GMB) Either of t he following commands conf igures ports A1 through A5 wit h bandwidth sett ings: ProCurve(config)#int a1-a5 bandwidth-min output 2 3 30 10 10 10 15 20 ProCurve(eth-A1-A5)#bandwidth-min output 2 3 30 10 10 10 15 20 Displaying the Current Guaranteed Minimum Bandwidth Configuration T[...]

  • Page 389

    Port Traffic Controls Guaranteed Minimum Bandwidth (GMB) This is ho w the precedi ng listin g of the GMB configuratio n would appear in the startu p-config file. The outbound po rt priority queues 1 - 8 for ports A1-A5 are configured wi th the indicate d Guaranteed Minimum Bandwidth percentages. Figure 13-10. Example of GM B Settings Listed in the [...]

  • Page 390

    Port Traffic Controls Jumbo Frames Jumbo Frames Feature Default Menu CLI Web display VLAN jumbo status n/a — 13-33 — configure jumbo VLANs Disabled — 13-35 — The Maximum T ransmission Unit (MTU) is the maximum size IP frame the switch can receive for Layer 2 frames in boun d on a port. The switch drops any inbound frames larger than the MTU[...]

  • Page 391

    Port Traffic Controls Jumbo Frames MTU ( Maximum T ransmission Unit) : Thi s is the maximum-size IP frame the switch can receive for Layer 2 fr ames inbo und on a port. The switch allows jumbo frames of up to 9220 bytes. Standard MTU: An IP frame of 1522 bytes in si ze. (This size includes 4 bytes for the VLAN ta g.) Operating Rules ■ Required Po[...]

  • Page 392

    Port Traffic Controls Jumbo Frames Configuring Jumbo Frame Operation Command Page show vlans 13-33 show vlans ports < port-list > 13-34 show vlans < vid > 13-35 jumbo 13-35 jumbo max-frame-size 13-35 Overview 1. Determine the VLAN memb ership of the ports or trunks through which you want the switch to accept inboun d jumbo traffic. For [...]

  • Page 393

    Port Traffic Controls Jumbo Frames V iewing the Current Jumbo Configuration Syntax: show vlans Lists the static VLANs configured on the swit ch and includes a Jumbo column to indicat e whic h VLANs are configured to support inbound jumbo traffic. All ports belonging to a jumbo-enabled VLAN can receive jumbo traffic. (For more information refer to ?[...]

  • Page 394

    Port Traffic Controls Jumbo Frames Indicates which stat ic VLANs are configured to enable jumbo fr ames. Figure 13-12. Example of Listing the VLAN Memberships for a Range of Port s Syntax: show vlans < vid > This command shows port membership and jumbo configuration for the specified < vid > . Lists the ports belongi ng to VLAN 100 and [...]

  • Page 395

    Port Traffic Controls Jumbo Frames Enabling or Disabling Jumbo T raffic on a VLAN Syntax: vlan < vid > jumbo [ no ] vlan < vid > jumbo Configures the specified VLAN to allow jumbo frames on all ports on the switch that belong to that VLAN. If the VLAN is not already configu red on the switch, vlan < vid > jumbo also creates the VL[...]

  • Page 396

    Port Traffic Controls Jumbo Frames Configuring IP MTU Note The following feature is available on th e switches covered in this guide. Jumbos support is r equired. On switches that do not support thi s command, the IP MTU value is derived from the maximum frame size and is not config- urable. Y ou can set the IP MTU globa lly by entering this comman[...]

  • Page 397

    Port Traffic Controls Jumbo Frames Displaying the Maximum Frame Size Use the show jumbos command to display the gl obally configured untagged maximum frame size for the switch. ProCurve(config)# show jumbo s Jumbos Global Values Configured : MaxFrameSize : 9216 Ip-MTU : 9198 In Use : MaxFrameSize : 9216 Ip-MTU : 9198 Figure 14. Displaying the Maxi [...]

  • Page 398

    Port Traffic Controls Jumbo Frames ■ When the switch applies the default MT U (1522-bytes) to a VLAN, all ports in the VLAN can receive in coming frames of up to 1522 bytes in length. When the switch applies the jumbo MT U (9220 bytes) to a VLAN, all ports in that VL AN can recei ve incomi ng frames of u p to 9220 bytes in len gth. A port receivi[...]

  • Page 399

    Port Traffic Controls Jumbo Frames can occur in situations where a non -jumbo VLAN in cludes some ports that do not belong to another , jumb o-enabled VL AN and some port s that do belong to another , jumbo-enabled VL AN. In this case, ports capable of receiving jumbo frames can forward them to the ports in the VLAN that do not have ju mbo capabil [...]

  • Page 400

    Port Traffic Controls Jumbo Frames T roubleshooting A VLAN is configured to allow jum bo frames, but one or more ports drops all inbound j umbo frames. The port may not be operating at a min- imum of 10 Mbps on the ProCurve 3500 switches or 1 Gbps on the ot her switches covered in this guide. Regardle ss of a port’ s configuration, if it is actua[...]

  • Page 401

    14 Configuring for Network Management Applications Contents Using SNMP Tools To Manage the Switch . . . . . . . . . . . . . . . . . . . . . 14-2 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-2 SNMP Management Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [...]

  • Page 402

    Configuring for Network Manageme nt Applications Contents CLI-Configured sFlow wi th Multiple Instan ces . . . . . . . . . . . . . . . . . 14-33 Configuring Support f or Port Speed and Duplex Advertising Device Capability, Network Policy, PoE Status Displaying Swit ch Information Availabl e for Outbound Terminology . . . . . . . . . . . . . . . . .[...]

  • Page 403

    Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Using SNMP T ools T o Manage the Switch Overview Y ou can manage the switch via SNMP from a network management stat ion running an applicati on such as ProCurve Manager (PCM) or ProCurve Manager Plus (PCM+). For more on PCM and PCM+, visit the ProCurve Networking [...]

  • Page 404

    Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch SNMP Management Features SNMP management features on the switch include: ■ SNMP version 1, version 2c, or version 3 over IP ■ Security via configuration of SNMP communities (page 14-11) ■ Security via authentica tion and privacy for SNMP V ersion 3 access ?[...]

  • Page 405

    Configuring for Network Management Applications Using SNMP Tools To Manage the Switch If you want to restrict acce ss to one or more specifi c nodes, you can use the switch’ s IP Auth orized Mana ger feature. (R efer to the Access Security Guide for your sw itch.) Caution For ProCurve Manager (PCM) version 1.5 or earlier (or any T opT ools versio[...]

  • Page 406

    Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch SNMP V ersion 3 Commands SNMP version 3 (SNMPv3) adds some new commands to the CLI for configuring SNMPv3 functi ons. T o enable SMNPv3 operation on the switch, use the snmpv3 enable command. An ini tial user entry will be generated wit h MD5 authentication and D[...]

  • Page 407

    Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Enabling SNMPv3 The snmpv3 enable command allows the switch to: ■ Receive SNMPv3 me ssages. ■ Configure initial u sers. ■ Restrict non-version 3 message s to “read only” (optional). Figure 14-1 shows an example of how to use the snmpv3 enable command. No[...]

  • Page 408

    Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch 1. Configure users in the User T able with the snmpv3 user command. T o view the list of co nfigured us ers, enter the show snmpv3 user command (see “Adding Users” on page 14-8). 2. Assign use rs to Security Groups ba sed on their security m odel with the snm[...]

  • Page 409

    ----------- -------------- ---- ------------- Configuring for Network Management Applications Using SNMP Tools To Manage the Switch SNMPv3 User Commands Syntax: [no] snmpv3 user <user_nam e> Adds or deletes a user entry for SNMPv3. Authorization and privacy are opti onal, but to use p rivacy , you must use authorization. When you delete a use[...]

  • Page 410

    Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch Assigning Users to Groups. Then you must set the group access level for the user by assigning the user to a group. This is done with the snmpv3 group command. For mo re details on the MI Bs acc ess for a given group refer to “Group Access Levels” on page 14-1[...]

  • Page 411

    Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Group Access Levels The switch suppor ts eight predefined group access levels. There are four levels for use with version 3 users and four are use d for access by version 2c or version 1 management applications. Group Name Group Access T ype Group Read View Group [...]

  • Page 412

    Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch Syntax: [no] snmpv3 community This command maps or removes a mapping of a community name to a group access level. T o remove a mapping you, only n eed to specify the index_name parameter . index <index_name> This is an index number or title for the mapping.[...]

  • Page 413

    Configuring for Network Management Applications Using SNMP Tools To Manage the Switch SNMP Community Features Feature Default Menu CLI Web show SNMP communities n/a page page — 14-13 14-15 configure identity information none — page 14-16 configure community names public page page — MIB view for a commun ity name 14-13 14-16 (operator , manage[...]

  • Page 414

    Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch Note: This screen gives an overview of the SNMP com munities that are currently configured. All fie lds in this screen are read- only . Figure 14-5. The SNMP Communiti es Screen (Default V alue s) 2. Press [A] (for Add ) to display the following screen: Add and E[...]

  • Page 415

    Configuring for Network Management Applications Using SNMP Tools To Manage the Switch CLI: V iewing and Configuring SNMP Community Names Community Name Commands Page show snmp-server [< community-string >] 1 4-15 [no] snmp-server 14-16 [community < community-str >] 14-16 [host < community-str > < ip-addr >] 14-19 [<none |[...]

  • Page 416

    Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch Configuring Community Na mes and V alues. The snmp-server command enables you to add SNMP communities wi th either default or spec ific access attributes, and to delete specific communitie s. Syntax: [no] snmp-server commu nity < community-name > Configures[...]

  • Page 417

    Configuring for Network Management Applications Using SNMP Tools To Manage the Switch SNMP Notifications T he sw it ch e s covered in this guide s up po rt : ■ SNMP version 1 or SNMP version 2c traps ■ SNMPv2c informs ■ SNMPv3 notific ation process, including traps This section describes how to config ure a switch to send network security and[...]

  • Page 418

    Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch ■ Advance T raffic Management Guide: • Loop protectio n • Spanning T ree (STP , RSTP , MSTP) ■ Access Security Guide: • MAC lockdown • MAC lockout • Uni-Directiona l Link Detection (UDLD) • Virus throttling ■ Multicast and Routing Gui de: • O [...]

  • Page 419

    Configuring for Network Management Applications Using SNMP Tools To Manage the Switch SNMPv1 and SNMPv2c T raps T he sw it ch e s covered in this guide s up po rt t he fo ll ow i ng fu nc t io na li ty fr om earlier SNMP versions (SNMPv1 and SNMPv2c): ■ T rap receivers: A trap receiver is a management st ation to which th e switch sends SNMP trap[...]

  • Page 420

    Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch Syntax: snmp-server host < ipv4-addr | ipv6-addr > < community name > Configures a destination ne twork management station to receive SNMPv1/v2c traps, and (optionally) event log messages sent as traps from the switch, using the specified community na[...]

  • Page 421

    Configuring for Network Management Applications Using SNMP Tools To Manage the Switch For example, to configur e a trap receiver in a co mmunity named "red-team" with an IP address of 10.28.227.130 to receive only "c ritical" event log messages, you can enter the following comma nd: ProCurve(config)# snmp-server host 10.28.227.1[...]

  • Page 422

    Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch Note The retries and timeout values are not used to s end trap req uests. T o verify the configuration of SNMPv2c informs, enter the show snmp-server command: ProCurve Switch 5406zl(config) # show snmp-server SNMP Communities Community Name MIB View Write Access [...]

  • Page 423

    Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Configuring SNMPv3 Notifications The SNMPv3 not ification pro c ess al lows messages th at are passed via SNMP between the switch and a network mana gement station to b e authenticated and encrypted. T o configure SNMPv3 notifi cations, foll ow these steps: 1. Ena[...]

  • Page 424

    Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch 5. Configure the target address of the SNMPv3 management stati on to which SNMPv3 informs and trap s are sent by enteri ng the snmpv3 targetaddress command. Syntax: [no] snmpv3 targetaddress < ipv4-addr | ipv6-addr> < name > Configures the IPv4 or IPv[...]

  • Page 425

    Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Syntax: [no] snmpv3 targetaddress < ipv4-addr | ipv6-addr> < name > —Continued— [timeout < value > ] (Optional) T ime (in millisecond increments) allowed to receive a response from the target before notification packets are retransmitted . Ra[...]

  • Page 426

    Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch An example of how to configure SNMPv3 notification i s shown here: The tag _name value in snmpv3 notify command matche s the tag _name val ue in the snmp v3 targetaddress command. Params _name value in the snmpv3 targetaddress command matche s the p arams _name v[...]

  • Page 427

    Configuring for Network Management Applications Using SNMP Tools To Manage the Switch T o ena ble or disable notific ation/traps for network security failures and other security events, enter the snmp-server enable traps command. Syntax: [no] snmp-server enable traps [snmp-auth | p assword-change-mgr | login- failure-mgr | port-sec urity | auth-ser[...]

  • Page 428

    Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch ProCurve(config)# show snmp-serv er traps Trap Receivers Link-Change Traps Enabled on P orts [All] : A1-A24 Link-change trap setting Traps Category Current Status ------------------------------ ---------------------- --- - SNMP Authentication : Extended Password [...]

  • Page 429

    Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Configuring the Source IP Addr ess for SNMP Notifications The switch uses a n interface I P address as the source IP address in IP headers when sending SNMP notificatio ns (traps and informs) or responses to SNMP requests. For multi-nette d interfaces, the source [...]

  • Page 430

    Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch T o configure the switc h to use a specif ied source IP address in generated tr ap PDUs, enter the snmp-server trap-sou rce command. Syntax: [no] snmp-server trap-sou rce [< ipv4-addr > | loopback<0-7>] Specifies the source IP address to be used for a[...]

  • Page 431

    Configuring for Network Management Applications Using SNMP Tools To Manage the Switch ProCurve(config)# show snmp -server SNMP Communities Community Name MIB View Write Access ---------------- -------- ----------- - public Manager Unrestricted Trap Receivers Link-Change Traps Enabled on Ports [All] : All ... Excluded MIBs Snmp Response Pdu Source-I[...]

  • Page 432

    Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch In the follow in g example, the show snmp-server command output shows that the switch has been configured to send SNMP traps and notifi cations to management stations that belong to th e “public”, “red- team ”, and “blue-team” communities. ProCurve(co[...]

  • Page 433

    Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Configuring Listening Mode For switches that have a se parate out-of-band management port, yo u can specify whether a configured SNMP serv er listens for SNMP queries over the out-of-ban d management interf ace, the data in terface, or both. By default , the switc[...]

  • Page 434

    Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch Advanced Management: RMON The switch supports RMON (Rem ote Monitoring) on all connected network segments. This allows for tro ubleshooting an d optimizing yo ur network. The followi ng RMON groups are supported: ■ Ethernet Statistics (except the numbers of pac[...]

  • Page 435

    Configuring for Network Management Applications Using SNMP Tools To Manage the Switch Configuring sFlow The following sFlow commands allow y ou to configure sFlow insta nces via the CLI. Syntax: [no] sflow < receiver-instance > destination < ip-address > [ udp-port-num ] Enables an sFlow receiver/dest ination. The receiver -instance num[...]

  • Page 436

    Configuring for Network Manageme nt Applications Using SNMP Tools To Manage the Switch The show sflo w agent command displays read-only switch agent information. The version informat ion shows the sFlow version, MIB su pport and software versions; the agent address is typically the ip address of the first vlan config- ured on the switch. ProCurve# [...]

  • Page 437

    Configuring for Network Management Applications Using SNMP Tools To Manage the Switch The sh ow sflow < instance > sampling-polling [port-list] command displays infor - mation about sFlow sampling and pollin g on the switch. Y ou can specify a li st or range of ports for which to view sampling information. ProCurve# show sflow 2 sampling-poll[...]

  • Page 438

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) LLDP (Link-Layer Discovery Protocol) T o standardize device discovery on al l ProCurve switches, L LDP will be implemente d while offering limited read -only support for CDP as documented in this manual. For the latest informatio n on your switch model, consult th[...]

  • Page 439

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) LLDP-MED (LLDP Media Endpoint Discovery): Provides an extension to LLDP and is designed to support V oIP deployme nts. Note LLDP-MED is an extension for LLDP , an d the switch requires that LLDP be enabled as a prerequisite to LLDP-MED operation. An SNMP utility ca[...]

  • Page 440

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) LLDP Neighbor: An LLDP device that is either directly c onnected to another LLDP device or co nn ected to that device by anot her , non-LLDP Layer 2 device (such as a hub) Note that an 802.1D-co mpliant switch does not forward LLDP data packets even if it is not L[...]

  • Page 441

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) TL V (T ype-Length-V alue): A data unit that includes a data type field, a data unit length fiel d (in bytes), and a f ield containing the actual data the unit is designed to carry (as an alphanumeric string, a bitmap, or a subgr oup of information ). Some TL Vs in[...]

  • Page 442

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Configuration Options Enable or Disable LLDP on the Switch. In the default configuratio n, LLDP is glob ally enabled on the sw itch. T o prevent transmission or receipt of LLDP traffic, you can disable LLDP operat ion (page 14-42) Enable or Disable LLDP-MED. In th[...]

  • Page 443

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) SNMP Notification. Y ou can enable the switch to send a notification to any configured SNMP trap receiver(s) wh en the swi tch detects a remote LLDP data change on an LLDP-e nabled port (page 14-52). Per -Port (Outbound) Data Options. The following table lists the [...]

  • Page 444

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Data T ype Configuration Options Default Description 1 The Packet T ime-to-Live value is included in LLDP data pack ets. (Refer to “Changing the T ime-to-Live for T ransmitted Advertisements” on page 14-50.) 2 Subelement of the Chassis ID TLV . 3 Subelement of[...]

  • Page 445

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) ■ RFC 2737 (Entity MIB) ■ RFC 2863 (Interfaces MIB) ■ ANSI/TIA-1057/D6 (LLDP-MED; refer to “LLDP-MED (Media-Endpoint- Discovery)” on page 1 4-57.) LLDP Operating Rul es (For additional information sp ecific to LLDP-MED operation, refer to “LLDP- MED (Me[...]

  • Page 446

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Spanning-T ree Blocking. Spanning tree does no t prevent LLDP packet transmission or receipt on STP-bl ocked links. 802.1X Blocking. Po rts blocked by 802.1X operation do not allo w transmission or recei pt of LLDP packet s. Configuring LLDP Operation In the defau[...]

  • Page 447

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Displays the LLDP global configuration, LLDP port status, and SNMP notification status. For inf ormation on port adm in status, refer to “Configuring Per -Port T ransmit and Receive Modes” on page 14-53. For exampl e, show lldp config produces the following dis[...]

  • Page 448

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Displaying Port Configuratio n Details. This command displays the port- specific configurat ion, including. Syntax show lldp config < port-list > Displays the LLDP port-specific configuration for all ports in < port-list > , including which o ptional T[...]

  • Page 449

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) ■ Add entries to its neighbors ta ble based on data read from incoming LLDP advertisements. Syntax [ no ] lldp run Enables or disables LLDP operation on the swi tch. The no form of the command, regardless of individual LLDP p o rt configurations, preven ts the sw[...]

  • Page 450

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Changing the T ime-to-Live for T ransmitted Advertisements. The T ime-t o-Live value (in seconds) for all LLDP advertisements transm itted from a switch is controlled by the switch that generate s the advertisement, and determines how long an LLDP neighbor retains[...]

  • Page 451

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Syntax setmib lldpTxDelay .0 -i < 1 - 8192 > Uses setmib to change the minimum ti me (delay-interval) any LLDP port will delay advertising successive LLDP advertis ements due to a chang e in LLDP MIB content. (Default: 2; Range: 1 - 8192) Note: The LLDP refre[...]

  • Page 452

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) delay interval delays the port’ s ability to reinitialize and generate LLDP traffic following an LLDP disable/enable cycle. Syntax setmib lldpReinitDelay.0 -i < 1 - 1 0 > Uses setmib to change the minimum time (reinitializa tion delay interval) an LLDP por[...]

  • Page 453

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Changing the Minimum Interval for Succe ssive Data Change Notifications for the Same Ne ighbor . If LLDP trap notificati on is enabled on a port, a rapid succession of changes in LLDP inf ormation receiv ed in adverti sements from on e or more neighbors can generat[...]

  • Page 454

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Configuring Basic LLDP Per - Port Advertisement Content In the defa ult LLDP conf iguration, outbound ad vertisemen ts from each port on the switch includ e both mandatory and optional data. Mandator y Data. An active LLDP port on the switch always includes the ma[...]

  • Page 455

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) For example, if port 3 belongs to a subn etted VLAN that includes an IP address of 10.10.10.100 and you wanted port 3 to use this secondary address in LLDP advertisements, you would need to exec ute th e fo llowing command: ProCurve(config)# lldp config 3 ipAddrEna[...]

  • Page 456

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) system_cap For outbound advertisements, this TL V includes a bitmask of supported syst em capabilities (device functions). Also includes in formation on whether the capabilities are enabled. (Default: Enabled) For example, if you want ed to exclude the system name[...]

  • Page 457

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Syntax: [ no ] lldp config < port -list > dot3TlvEnable macphy_co nfig For outbound advertisements, this TL V includes the (local) switch port’ s current speed and duplex settings, the range of speed and duplex set tings the port supports, and the method re[...]

  • Page 458

    IP Network Infrastructure (IEEE 802 LA N) IP Network Infrastructure (IEEE 802 LA N) IP Network Infrastructure (IEEE 802 LA N) Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) ■ Power over Ethernet (PoE) status and troubleshooting support via SNMP ■ support for I P telephony network troubleshooting of call qu[...]

  • Page 459

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) ■ able to use th e following network po licy elements configured on the client port • v o i c e V L A N I D • 802.1p (Layer 2) QoS • Diffserv codepoint (DSCP) (Layer 3) QoS ■ discover and advertise device locat ion da ta learned from the switch ■ suppor[...]

  • Page 460

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) ■ Class 3 (Communication Devices): These devices are typically IP phones or end-user devices t h at ot herwise support IP media and of fer all Class 1 and Class 2 features, plus location id en tification and emergency 911 capability , Layer 2 s witch support, an[...]

  • Page 461

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Syntax: lldp top-change-notify < port -list > T opology chang e notification, when enabled on a n LLDP port, causes the switch to send an SNMP trap if it detects LLDP- MED endpoint c onnection or disconnectio n activity on the port, or an age-ou t of the LLDP[...]

  • Page 462

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) LLDP-MED Fast Start Control Syntax: lldp fast-start-count < 1 - 10 > An LLDP-MED device connecting to a switch port may use the data contained in the ME D TL Vs from the switch to configure itself. However , the lldp refresh-interval setting (default: 30 sec[...]

  • Page 463

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Note LLDP-MED oper ation requires the macphy _config TL V subelemen t—enabled by default—that is optional for IEEE 802.1AB LLDP operation. Refer to the dot3TlvEnable macphy_ config command on page 14-57. Network Policy Advertisements. Network policy advertiseme[...]

  • Page 464

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Notes A codepoint must have an 802.1p priority before you can configure it for use in prioritizi ng packets by VLAN-ID. If a codepoi nt you want to use shows No Override in the Prio rity column of the DSCP po licy table (display with show qos- dscp map , then use [...]

  • Page 465

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) network-policy This TL V enables the switch port to advertise its configured network policies (voice VLAN, Layer 2 QoS, Layer 3 QoS), and allows LLDP-MED endpoint devices to auto-configure the voice networ k policy advertised by the switch. This also en ables the u[...]

  • Page 466

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) PoE Advertisements. These advertisements in form an LLDP-MED endpoint of th e power (PoE ) configuration o n switch ports. Si milar advertisements from an LLDP-MED endpoint i nform the switch of the endpoint’ s power needs and provide information t hat can be us[...]

  • Page 467

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) ■ ELIN (Emergency Location Identification Number): an emergency number typically assigned to ML TS (Multiline T elephone System Opera- tors) in North America ■ coordinate-based loca tion: attitude, longitude, and altitud e informa- tion (Requires confi guration[...]

  • Page 468

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) — Continued — T ype/V alue Pairs ( CA-TYPE and CA-V ALUE ): This is a series of data pairs, each co mposed of a location data “type” specifier and the co rresponding location data for that type. That is, the first value in a pair is expected to be the civi[...]

  • Page 469

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Note: A switch port allow s one instance of any given CA- TYPE . For example, if a type/value pair of 6 Atlantic (to specify “Atlantic” as a street name) is configured on port A5 and later another type/ value pair of 6 Pacific is configured on the same port, th[...]

  • Page 470

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) T able 14-4. Some Location Codes Used in CA-TYPE Fields* Location Element Code Location Elemen t Co de national subdivision 1 regional subdivision 2 city or township 3 city subdivision 4 street 6 street suffix 18 street number 19 additional location data 22 unit o[...]

  • Page 471

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Figure 14-20 shows the commands for co nfiguring and displ aying the above data. Figure 14-20. Example of a Civic Address Conf iguration Displaying Advertisement Data Command Page show lldp info local-device below walkmib lldpXdot3LocPortOperMauT ype show lldp info[...]

  • Page 472

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Displaying Switch Informat ion A vailable for Outbound Advertisements These commands display the current switch informati on that will be used to populate outbo und LLDP advertisements. Syntax show lldp info local-device [ port-list ] W ithout the [ port-list ] op[...]

  • Page 473

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) The Management Addr ess field displays only the LLDP-configurabl e IP addresses on th e switch. (Only manu ally-configure d IP addresses are LLDP-config u rabl e.) If the switch has only a n IP address from a DHCP or Bootp server , then the Management Addr ess fiel[...]

  • Page 474

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) information on d isplaying the currently configu red port speed and duplex o n an LLDP-MED endpoint, refer to “Dis playing the Current Port Speed and Duplex Configurat ion on a Sw itch Port” on page 14-73. Syntax: show interfaces brief < port-list > Incl[...]

  • Page 475

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Figure 14-23. Example of a Gl obal Listing of Discovered Devices Indicates the polic y configured on the telephone. A configurati on mismatch occurs if the supp orting port is configured diffe rently . Figure 14-24. Example of an LLLD P-MED Listing of an Advertisem[...]

  • Page 476

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Displaying LLDP Statistics LLDP statistics are availabl e on both a global and a per - p ort levels. Rebooting the switch resets the LLDP statisti cs co unters to zero. Disa bling the transmit and/or receive capability on a port “free z es” the related port co[...]

  • Page 477

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) — Continued — Per -Port LLDP Counters: NumFra mesRecvd: Shows the total number of valid, inbound LLDP advertisements received from any neighbor(s) on < port- list > . Where multiple neighbors are connected to a port through a hub, this value is the tota l[...]

  • Page 478

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Counters showing frames sent on a po rt but no frames received on that port indicates an a ctive link with a device that either has LLDP disable d on the link or is not LLDP- aware. Figure 14-25. Example of a Gl obal LLDP Statistics Display Figure 14-26. Example o[...]

  • Page 479

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) LLDP Packet Forwarding: An 802.1D-compliant sw itch does not forward LLDP packets, regardless of whether LL DP is global ly enabled or disabled on the switch. One IP Address Advertiseme nt Per -Port: LLDP advertises only one IP address per -port, even if multiple I[...]

  • Page 480

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Figure 14-27. Matching In ternal Port Numbers t o External Slot/Port Numbers ProCurve# walkmib ifDescr ifDescr.1 = A1 ifDescr.2 = A2 ifDescr.3 = A3 . . . ifDescr.23 = A23 ifDescr.24 = A24 ifDescr.27 = B1 ifDescr.28 = B2 ifDescr.29 = B3 . . . ifDescr.48 = B22 ifDes[...]

  • Page 481

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) ■ If the switch receives bot h LLD P and CDP advertis ements on the same port from the same neigh bor the switch st ores this informati on as two separate entries if the advertisements have differences chassis ID and port ID information. ■ If the chassis and po[...]

  • Page 482

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) Protocol State Packet Generation Inbound Data Management Inbound Packet Forwarding CDP Enabled 1 n/a Store inboun d CDP data. No forwarding of inbound CDP packets. CDP Disabled n/a No stor age of CDP data from Floods inbound CDP packets neighbor devices. from conn[...]

  • Page 483

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Command Page show cdp 14-83 show cdp neighbors [< port-list > detail] 14-84 [detail < port-list >] [no] cdp run 14-85 [no] cdp enable < port-list > 14-85 Note For details on how to use a n SNMP utility to retrieve information from t he switch’ s[...]

  • Page 484

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) V iewing the Switch’ s Current CDP N eighbors T able. D evices are listed by the port on which they were detected. Syntax: show cdp neighbors Lists the neighboring CDP de vices the switch detects, with a subset of the info rmation collected from the device’ s [...]

  • Page 485

    Configuring for Network Management Applications LLDP (Link-Layer Discovery Protocol) Disabling CDP Operation. Disabling CDP operation clears the switch’ s CDP Neighbors table and causes the swi tch to drop i nbound CDP packet s from other devices wi thout entering the dat a in the CDP Neighbors table. Syntax: [no] cdp run Enables or disables CDP [...]

  • Page 486

    Configuring for Network Manageme nt Applications LLDP (Link-Layer Discovery Protocol) 14-86[...]

  • Page 487

    15 Redundancy (Switches 8200zl) Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-2 Software V ersion Mismatch Between Active Potential Softwa re Version Mismatches Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-2[...]

  • Page 488

    Redundancy (Swit ches 8200zl) Contents Disabling Redund ancy with Two Mo dules Pr esent . . . . . . . . . . . . . 15-20 Disabling Redundancy With Only One M odule Present . . . . . . . . . . 15-21 Displaying Management Information . . . . . . . . . . . . . . . . . . . . . . . . . 15-22 Active Management Module Commands . . . . . . . . . . . . . . .[...]

  • Page 489

    Redundancy (Switches 8200zl) Overview Overview Redundancy prov ides the ability to keep yo ur switch operating by using d ual management modules, one active module and one standby module. In the event of a failure, the currently active management module will switchover to the standby management module, which then becomes the active management modul[...]

  • Page 490

    Redundancy (Swit ches 8200zl) Overview Secondary Image. The so ftware version stored in secondary flash on each management module. Selftest. A test performed at boot to ensure th e management module is functioning correctly . If the module fails selftest, it does not go into active or standby mode . If both modules fail selftest, the switch does no[...]

  • Page 491

    Redundancy (Switches 8200zl) Using Redundant Manage ment Using Redundant Management There are ne w CLI command s for redundant ma nagement as we ll as modifications to existing commands. (S ee “Existing CLI Commands Affected by Redundant Manage ment” on page 15-29) New Redundant Manag ement Commands Page redundancy management-module below redun[...]

  • Page 492

    -------- ---------- ---- -------------------- -------------------- -------- ---------- ---------- Redundancy (Swit ches 8200zl) Using Redundant Management ProCurve(config)# show re dundancy Settings Mgmt Redundancy : enabled Statistics Failovers : 0 Last Failover : Slot Module Description Status SW Version Boot Image 1 ProCurve J9092A Mana gement M[...]

  • Page 493

    ---- ------------------------- --------------- -------- ----------- ---- ----- Redundancy (Switches 8200zl) Using Redundant Manage ment ProCurve(config)# redundancy m anagement-module All configuration files and so ftware images on the off-line management module will be overwritten wit h the data from the current active management module. Do you wa[...]

  • Page 494

    ---- ---------------------- ------------------ -------- ----------- - -------- Redundancy (Swit ches 8200zl) Using Redundant Management ProCurve(config)# no redund ancy management-module The other management module will no longer be used for system redundancy except in the ca se of a hardware failure of the active ma nagement module. Do you want to[...]

  • Page 495

    Redundancy (Switches 8200zl) Using Redundant Manage ment ProCurve(config)# redundancy s witchover This management module will no w reboot from primary image and will beco me the standby module! You will n eed to use the other management module's console interface. Do you want to continue [y/n]? y ROM information: Build directory: /sw/rom/bu il[...]

  • Page 496

    Redundancy (Swit ches 8200zl) Using Redundant Management If the specified management module is not there or is in failed m ode, this message displays: The <specified module> is not present or is in failed state. Figure 15-5 shows an example of setting ma nagement module 2 to be the active management module. ProCurve(config)# redundancy acti v[...]

  • Page 497

    ---- --------------------------------- ------- -------- ----------- --------- ---- --------------------------------- ------- -------- ---------- ---------- Redundancy (Switches 8200zl) Using Redundant Manage ment ProCurve(config)# show redunda ncy Settings ------- - Mgmt Redundancy : Disabled Redundancy disable d Statistics --------- - Failovers : [...]

  • Page 498

    ---- ---------------------- ------------------ -------- ---------- -- -------- Redundancy (Swit ches 8200zl) Using Redundant Management Enabling and Disab ling Fabric Modules The fabric modules can be enabled or di sabled even if they are not present in the switch. Y ou cannot disabl e both fabr ic modules at the same time; one must be enab led. Us[...]

  • Page 499

    Redundancy (Switches 8200zl) Management Module Switchover Management Module Switchover Events that Ca use a Switchover There are a number of events that can cause the activ e management module to switchover to the standby management module when redundancy is enabled: ■ The active management module crashes ■ The standby management modu le does n[...]

  • Page 500

    Redundancy (Swit ches 8200zl) Management Module Switchover ■ Learned routes (from r outing protocols) ■ MAC addresses ■ IGMP , LACP , GVRP , LLDP , CDP , 802.1X, STP , VRRP , PIM learned data ■ W eb auth and MAC auth connections ■ IDM data ■ AAA accounting data ■ T elnet connec tion to the switch ■ SNMP sample rates Resetting the Ma[...]

  • Page 501

    Redundancy (Switches 8200zl) Hotswapping Management Modules Hotswapping Management Modules Hotswapping Out the Ac tive Management Module Y ou can hotswap out the active man agement module and have switch operations take n over by the standby management m odule by following the correct shutdown p rocedure on the active module using th e MM Shutdown [...]

  • Page 502

    Redundancy (Swit ches 8200zl) Hotswapping Management Modules When the Standby Module is not A vailable If you have disabled redundancy with the no redunda ncy management-module command, or the standby m odule failed selfte st, the Dw n LED will not turn green to indicat e it is OK to hot swap out the active management module. Note If you remove the[...]

  • Page 503

    Redundancy (Switches 8200zl) Downloading a New Software Version Downloading a New Software V ersion File Synchronization after Downloading After downloading a new software version to either the primary or secondary flash of the active management module, the software version is immediately copied to the corresponding flash (pri mary or sec ondary) o[...]

  • Page 504

    Redundancy (Swit ches 8200zl) Downloading a New Software Version (you can veri fy this usin g the show redundancy command), you can now switch over to the management module runn ing the newer software with this command: ProCurve# redundancy switchover This causes a switchove r to the ma nagement module that received the new software versio n, which[...]

  • Page 505

    Redundancy (Switches 8200zl) Downloading a New Software Version Caution If you have boot ed one module out of primary flash and one module o ut of secondary flash, and the secondary fl as h is running a prior software version because the latest version was never c opied over from the primary flash, you will have an software version mismatch. The co[...]

  • Page 506

    ---- ---------------------------- ------------ -------- ---------- -------- -- Redundancy (Swit ches 8200zl) Downloading a New Software Version ProCurve(config)# show version Management Module 1: Active Image stamp: /sw/code/build/bt m(t2g) Mar 15 2007 12:28:32 K.12.30 64 Boot Image: Primary Management Module 2: Standby Image stamp: /sw/code/build/[...]

  • Page 507

    Redundancy (Switches 8200zl) Downloading a Software Version Serially if the Management Module is Corrupted Downloading a Software V ersion Serially if the Management Module is Corrupted If the software version on a managem ent module becomes corrupted, you may need to do a serial download to restore the affected modul e. The non- corrupted manageme[...]

  • Page 508

    ---- ------------------------- --------------- -------- ---------- ----- ----- Redundancy (Swit ches 8200zl) Turning Off Redundant Manage ment Note Even if redundancy has been disabled, the specified management mod ule will become the active management module at the next system boot if you use the redundancy active -management command. Y ou are war[...]

  • Page 509

    Redundancy (Switches 8200zl) Displaying Management Information The currently active module remains acti ve on boot (assumin g no selftest failure) unless you make the newly inse rted mana gement module active using this command: ProCurve(config)# redundancy active-management standby The standby management module becomes the acti ve manage ment modu[...]

  • Page 510

    ---- ---------------------- ------------------ -------- ---------- -- -------- Redundancy (Swit ches 8200zl) Displaying Management Information ProCurve(config)# show modu les details Status and Counters - Modu le Information Chassis: 8212zl J8715A Slot Module Description Serial Number: SG560TN124 Serial Number Status ----- -------------------------[...]

  • Page 511

    Redundancy (Switches 8200zl) Displaying Management Information Show Flash The show flash command displays which software version is in each flash image. The Default B oot field displays which flash image wi ll be used for the next boot . ProCurve(config)# show flash Will boot from primary fl ash Image Size(Bytes) Date Version Build # ----- --------[...]

  • Page 512

    -- Redundancy (Swit ches 8200zl) Displaying Management Information ProCurve(config)# show version Management Module 1: Redundancy and Synchronization has been disabled: enable with the ‘redundancy ’ command. Management Module 2: Active Image stamp: /sw/code/build/btm(t2g) Mar 5 2007 13:20:59 K.12.XX 351 Boot Image: Primary Figure 15-17. Exampl [...]

  • Page 513

    -------- ---------- ---- -------------------- -------------------- -------- ---------- ---------- Redundancy (Switches 8200zl) Displaying Management Information Standby Management Module Commands The standby management modul e, by desi gn, has very little co nsole capability . Y ou can use three commands— show flash , show version , a nd show red[...]

  • Page 514

    ----- ---------- - ------- ------- ------- Redundancy (Swit ches 8200zl) Displaying Management Information Standby Console> show flash Image Size(Bytes) Date Version Build # Primary Image : 7493854 03/21/07 K.12.XX 1617 Secondary Image : 7463821 03/05/07 K.12.XX 351 Boot Rom Version: K.12.03 Default Boot : Primary Will boot from primary flash on[...]

  • Page 515

    Redundancy (Switches 8200zl) Existing CLI Commands Affe cted by Redundant Management Existing CLI Commands Affected by Redundant Management Several existing c ommands have change s related to redundant management. Boot Command In redundant management systems, the boot or boot active command causes a switchover to the standb y management module as l[...]

  • Page 516

    Redundancy (Swit ches 8200zl) Existing CLI Commands Aff ected by Redundant Management Command Action Boot active Boots the act ive management module. The switch starts to boot from the default flash image. Y ou can select which image to boot from during the boot process itself. See Figure 15-22. The switch will switchover to the standby management [...]

  • Page 517

    Redundancy (Switches 8200zl) Existing CLI Commands Affe cted by Redundant Management ProCurve(config)# boot se t-default flash secondary This command changes the location of the default boot. This command will change the default flash image to boot from secondary. Hereafter, ‘reload’ and ‘boot’ comma nds will boot from secondary. Do you wan[...]

  • Page 518

    ----- ---------- -------- ------- ------- Redundancy (Swit ches 8200zl) Existing CLI Commands Aff ected by Redundant Management ProCurve(config)# show flash Image Size(Bytes) Date Version Build # ----- ---------- -------- ------- ------- Primary Image : 7463821 03/05/07 K.12.XX 351 Secondary Image : 7463821 03/05/07 K.12.XX 351 Boot Rom Version: K.[...]

  • Page 519

    -------- ---------- ---- -------------------- -------------------- -------- ---------- ---------- Redundancy (Switches 8200zl) Existing CLI Commands Affe cted by Redundant Management Command Action reload <cr> Boots (warm reboot) the active management module. Switchover to the standby management module occurs if redundancy is enabled. If redu[...]

  • Page 520

    Redundancy (Swit ches 8200zl) Existing CLI Commands Aff ected by Redundant Management Additional Commands Affected by Redundant Management The other exis ting command s op erate with redundant management as shown below . Command Action auto-tftp If a new image is downloaded using auto-tftp , the active management module downloads the new software v[...]

  • Page 521

    Redundancy (Switches 8200zl) Existing CLI Commands Affe cted by Redundant Management Command Action fastboot When fastboot is enabled, this in formation is saved to the standby management module when the config files are sync’d. The fastb oot value is used during the next boot on both modules. front-panel-security This command and its options onl[...]

  • Page 522

    Redundancy (Swit ches 8200zl) Using the Web Browser for Redundant Managemen t Using the W eb Browser for Redundant Management The web browser interface can be used to di splay information about the active and standby management modules. T o learn more about using the web browser interface on your switc h, see the chapter “ Using the ProCurve W eb[...]

  • Page 523

    Redundancy (Switches 8200zl) Using the Web Browser for Redundant Managemen t Overview Page T o view sta tus information about the management modules select the Status tab, and then the Overview button. The fol lowing information is shown: ■ Which module i s the active module and whic h is the standby module ■ V ersion of soft ware running on ea[...]

  • Page 524

    Redundancy (Swit ches 8200zl) Using the Web Browser for Redundant Managemen t Figure 15-28.Redundancy St atus Page Showing Information ab out the Active and Standby Modules Device V iew Page The Device V iew page displays a gr aphical representa tion of the switch. Select the Conf iguration tab and then th e Device V iew butto n. The informatio n d[...]

  • Page 525

    Redundancy (Switches 8200zl) Using the Web Browser for Redundant Managemen t Figure 15-29. Device View Showing T wo Management Mo dules 15-39[...]

  • Page 526

    Redundancy (Swit ches 8200zl) Management Module LED Behavior Management Module LED Behavior Active (Actv) LED Behavior The Actv (Ac tive) LED shows the LED beha vior for various states on the active and standby management modu les. See T able 15-2 for the available states and what they indicate. Re fer to the Install ation and Getting Started Guid [...]

  • Page 527

    Redundancy (Switches 8200zl) Logging Messages Logging Messages Log File The log file displays messages about the activities and status of the management modules. Enter this command to display the messages: Syntax: show logging Displays log events. For more informat ion on command o p tio n s avail able with t he show logging command, see “CLI : D[...]

  • Page 528

    Redundancy (Swit ches 8200zl) Logging Messages Crash Files Crash logs for all modules are always available on the active mana gement module. The copy crash-log and copy crash-data commands can be used to copy the informa tion to a file of your choice. Syntax: copy crash-log [< slot-id > | mm] tf tp < ip-address > < filename > Copi[...]

  • Page 529

    Redundancy (Switches 8200zl) Logging Messages ProCurve Switch 8200zl$ s how boot-history Mgmt Module 1 -- Saved Cr ash Information (most recent first): ========================= ==================================== Mgmt Module 1 in Active M ode went down: 11/07/05 14:48:36 Operator warm reload from CONSOLE session. Mgmt Module 1 in Active M ode wen[...]

  • Page 530

    Redundancy (Swit ches 8200zl) Notes on How the Active Module is Determined Notes on How the Active Module is Determined Both management modules run selftest routines to determine which module becomes the active management module and which becomes the standby management module. The module that was la st active in the chassis is given precedence and [...]

  • Page 531

    Redundancy (Switches 8200zl) Notes on How the Active Module is Determined Diagram of Decision Process B ot h m anage m ent m odul es s t art t o boot Both modul e s fail se lf t est On e modul e fail s se lf t est Bot h modu les wer e booted In this chass is Modul e 1 booted mos t r ec entl y Modul e 2 booted mos t r ec entl y On ly one mo du le w [...]

  • Page 532

    Redundancy (Swit ches 8200zl) Event Log Messages Event Log Messages # System Message Severity Description 1 Mgmt module [1 or 2] went down without saving crash information info The specified management module went down without saving the crash information. RMON_BOOT_NO_CRASH_RECORD 2 Mgmt module [1 or 2] went down info The specified management modu[...]

  • Page 533

    Redundancy (Switches 8200zl) Event Log Messages # System Message Severity Description 15 Mgmt Module [1 or 2] - Running different version of SW info The specified management module is running a different version of software from the other management module. RMON_SYSTEM_MGMT_OS_DIFF 16 Mgmt Module [1 or 2] - Failover occurred warn Switchover occurre[...]

  • Page 534

    Redundancy (Swit ches 8200zl) Event Log Messages # System Message Severity Description 24 Initial active to standby sync started i nfo Indicates the beginning of the initial synchronization of the active management module’ s flash image to the standby management module. RMON_SYSTEM_SYNC_BEGIN 25 Initial active to standby sync complete info I ndi [...]

  • Page 535

    A File T ransfers Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-3 Downloading Switch Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-3 General Softwa re Download Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-4 Using TFTP To Dow[...]

  • Page 536

    File Transfers Contents TFTP: Copying a Software Image to a Remote Host . . . . . . . . . A-27 Xmodem: Copying a Software Im age from the Switch to a Serially Connected PC or UNIX Workstat ion . . . . . . . . . . . . . . . A-27 USB: Copying a Software Image to a USB Device . . . . . . . . . . . A-28 Transferring Switch Configurations . . . . . . . [...]

  • Page 537

    File Transfers Contents Operating Notes and Restrictions . . . . . . . . . . . . . . . . . . . . . . . . A-50 Autorun and Configur ing Passwords . . . . . . . . . . . . . . . . . . . . . . A-50 Viewing Autorun Conf iguration Information . . . . . . . . . . . . . . . . . . . A-51 A-3[...]

  • Page 538

    File Transfers Overview Overview The switches co vered in this guide su pport several methods for transferring files to and from a physic ally connected device, or via the network, including TFTP , Xmodem, and US B. This appendix expl ains how to dow nload new switch software, upload or downlo ad switch conf iguration fi les and software images, an[...]

  • Page 539

    File Transfers Downloading Switch Software General Software Download Rules ■ Switch software that y ou download via the menu interface always goes to primary flash. ■ After a software download, you must reboot the switch to implement t he new software. Unti l a reboot occurs, the switch cont inues to run on the software it was usin g before the[...]

  • Page 540

    File Transfers Downloading Switch Software Menu: TFTP Download from a Server to Primary Flash Note that the menu interface ac cesses only the primary flash. 1. In the console Main Menu, select Do wnload OS to display the screen in figure A-1. (The term “OS”, or “ope rating system” refers to the switch software): Figure A-1. Example of a Dow[...]

  • Page 541

    File Transfers Downloading Switch Software A “progress” bar indicates the progre ss of the download. When the entire software file has been received, all activ ity on the sw itch halts and you will see V alidating and wr iting system softw are to FLASH... 7. After the pri mary flash memory has been updated with t he new software, you must reboo[...]

  • Page 542

    File Transfers Downloading Switch Software T o find more information on the cause of a do wnload fail ure, examine the messages in the switch’ s Event Log by executing the show l og tftp command from the CLI. Also: ■ For more on the Event Log, see “Usi ng the Even t Log for T roublesh ooting Switch Problems” on page C-27. ■ For descriptio[...]

  • Page 543

    File Transfers Downloading Switch Software For example, to download a switch so ftware file named k0800.s wi from a TFTP server with the IP address of 10.28.227.103 to primary fl ash: 1. Execute co py as shown b elow: Dynamic counter co ntinually displa ys the number of bytes transferred. This message means that the image you want to upload will re[...]

  • Page 544

    File Transfers Downloading Switch Software Enabling TFTP TFTP is enabled by default on the swit ch. If TFTP operation has been disabled, you can re-enable it by spec ifying TFTP client or server functionality with the tftp < client | server > command at the global configuration level. Syntax: [no] tftp <clien t | server [listen <oobm|da[...]

  • Page 545

    File Transfers Downloading Switch Software Using Auto-TFTP The auto-tftp command allows yo u to configure the switch to download software automatically from a TFTP server . How It W orks. At switch startup, the au to-TFTP feature automatically downloads a specified s oftware image to the switch from a specified TFTP server , then reboots the switch[...]

  • Page 546

    File Transfers Downloading Switch Software Using Secure Copy and SFTP For some situ ations you may want t o use a secu re method t o issue command s or copy files to the switch. By open ing a secure, encrypted SSH session and enabling ip ssh file transfer , you can then use a third-party software applica tion to take advantage of Secure Copy (SCP )[...]

  • Page 547

    File Transfers Downloading Switch Software Protocol major versions differ: 2 vs. 1 Connection closed Protocol major versions differ: 1 vs. 2 Connection closed Received disconnect from < ip-addr > : /usr/local/ libexec/sftp-server: command not supported Connection closed SCP (secure copy) is an im plementation of the BSD rcp (Berkeley UNIX rem[...]

  • Page 548

    File Transfers Downloading Switch Software Disable TFTP and Auto-TFTP for Enhanced Security Using the ip ssh filetransfer command to enable Secure FTP (S FTP) automat- ically disables TFTP and auto-TFTP (i f either or both are enabled). ProCurve(config)# ip ssh filetransfer Enabling SFTP automati cally disables TFTP and auto-tftp and displays this [...]

  • Page 549

    File Transfers Downloading Switch Software Enables/Disables TFTP . Note: If SFTP is enabled, this field will be set to No . Y ou cannot use this field to enable TFTP if SFTP is enabled. Attempting to do so produces an Inconsistent value message in the banner below the Actions line. Figure A-6. Using the Menu Interface T o Disable TFTP ■ While SFT[...]

  • Page 550

    File Transfers Downloading Switch Software Note As a matter of policy , admini strators should not enable the SSHv1-only or the SSHv1-or -v2 advertisement modes. SSHv1 is supported on only some legacy switches (such as the ProC urve Series 2500 switches). T o confirm that SSH is enabled type in the command ProCurve(config)# show ip ssh Once you hav[...]

  • Page 551

    File Transfers Downloading Switch Software ■ When an SFTP client conn ects, the switch provides a file syste m display- ing all of its available files and f olders. No file or directory creation is permitted by th e user . Files may only be uploaded or downloaded, accord- ing to the perm issions mask. All of the necessary files the switch will ne[...]

  • Page 552

    File Transfers Downloading Switch Software | authorized_keys ---oper_keys authorized_keys ---core ( this directory i s not available on the 8212zl ) | mm1.cor management module or management function | im_a.cor interface module ( chassis switches on ly ) | im_b.cor interface module ( chassis switches on ly ) | im_1.cor interface module ( chassis [...]

  • Page 553

    File Transfers Downloading Switch Software ssh: read error Bad file number, session aborted I 01/ 01/90 00:06:11 00636 ssh: sftp session from ::ffff:10.0.12.35 W 01/01/90 00:06:26 00641 ssh: sftp read error Bad file number, session aborted I 01/ 01/90 00:09:54 00637 ssh: scp session from ::ffff:10.0.12.35 W 01/01/90 ssh: scp read error Bad file num[...]

  • Page 554

    File Transfers Downloading Switch Software Using Xmodem to Download Switch Software From a PC or UNIX W orkstation This procedure assumes tha t: ■ The switch is connected via the Consol e RS-232 port to a PC ope rating as a terminal. (Refer to the Installation and Getting Start ed Guide you received with the switch for information on connect ing [...]

  • Page 555

    File Transfers Downloading Switch Software 6. After the pri mary flash memory has been updated with t he new software, you must reboot the switch to impl ement the newly downloaded software. Return to the Main Menu and press [6] (for Reboot Switch ). Y ou will then see the following prompt: Continue reboot of system? : No Press the space bar once t[...]

  • Page 556

    File Transfers Downloading Switch Software c. In the Protocol field, select Xmodem . d. Click on the [Send] button. The download ca n take several minutes , depending on the baud rate used in the transfer . 3. When the download finishe s, you mu st r eboot the switch t o implemen t the newly downloaded soft ware. T o do so, use one of th e followi [...]

  • Page 557

    File Transfers Downloading Switch Software ■ T o view the contents of a USB flash drive, use the dir command. This will list all files and d irectories at the root. T o view the contents of a directory , you must spe cify the subdirect ory name (that is, dir <s ubdirectory >) . ■ The USB port supports conne ction to a single USB device. U[...]

  • Page 558

    File Transfers Downloading Switch Software For example, to copy a switch software file na med k0800.swi from a USB device to primary flash: 1. Execute co py as shown b elow: This message means that the image you want to upload will replace the image currently in p rimary flash . Figure A-7. Example of the Command to Copy Switch Softw are from USB 2[...]

  • Page 559

    File Transfers Downloading Switch Software Menu: Switch-to-Switch Down load to Primary Flash Using the menu in terface, you can download a switch software file fro m either the primary or secondary flash of one sw itch to the primary flash of another switch of the same series. 1. From the switch console Main Menu in the switch to re ceive the down-[...]

  • Page 560

    File Transfers Downloading Switch Software CLI: Switch-T o-Switch Downloads Where two switches in your network belong to the same series, you can download a software i mage betw een them by initiat ing a copy tftp command from the destinat ion switch. The options for this CLI feat ure include: ■ Copy from primary flash in the source to either pri[...]

  • Page 561

    File Transfers Downloading Switch Software Syntax: copy tftp flash < ip-addr > < /os/primary > | < /os/secondary > [ primary | secondary ] [oobm] This command (executed in the destination swit ch) give s you the most options for downloading between switches. If you do not specify either a primary or secondary flash location for th[...]

  • Page 562

    File Transfers Copying Software Images Copying Software Images Using the CLI commands described in this sectio n, you can copy software images from the switch to another device using tftp, xmodem, or usb. Note For details on how swit ch memory opera tes, incl uding prim ary and secondary flash, refer to Chapter 6, “Swi tch Me mory and Configurati[...]

  • Page 563

    File Transfers Transferring Switch Configurations For example, to copy the primary flas h image to a serially connected PC: 1. Execute the following command: Procurve# copy xmodem flash Press ‘Enter’ and start XMODEM on your host... 2. After you see the above prompt, press [Enter] . 3. Execute the terminal emulator comm ands to begin the file t[...]

  • Page 564

    File Transfers Transferring Switch Configurations Using the CLI commands described in this sectio n, you can copy switch configurations to and from a switch, or copy a software image to configure or replace an ACL in the switch configuration. Note For greater security , you can perform all TFTP operations using SFTP as described in the section on U[...]

  • Page 565

    File Transfers Transferring Switch Configurations TFTP: Copying a Configuration File from a Remote Host Syntax: copy tftp < startup -config | running-config > < ip-address > < remote-file > [ pc | unix ] [oobm] copy tftp config < filenam e > < ip-address > < remote-file > [ pc | unix ] [oobm] This command can cop[...]

  • Page 566

    File Transfers Transferring Switch Configurations Syntax: copy tftp show-tech <ipv4 or ipv6 ad dress> <filename> [oobm] Copy a customized command file to the switch. For switches that have a separ ate out-of-band management port, the oobm parameter specifies that the transfer will be through the out-of-band ma nageme nt interface. If th[...]

  • Page 567

    File Transfers Transferring Switch Configurations Xmodem: Copying a Configuration File to a Serially Connected PC or UNIX W orkstation T o u se this method, the swit ch must be connected via the serial port to a PC or UNIX workstation. Y ou will need to: ■ Determine a filename to use. ■ Know the directory path you w ill us e to store the config[...]

  • Page 568

    File Transfers Transferring Switch Configurations Syntax: copy xmodem startup-config < pc | unix > copy xmodem config < filena me > < pc | unix > Copies a configuration file fr om a serially connected PC or UNIX workstation to a designat ed configuration file on the switch. For more on multiple configuration files, refer to “Mul[...]

  • Page 569

    File Transfers Transferring Switch Configurations USB: Copying a Configuration File to a USB Device T o use this method, a USB flash memory device must be connected to the switch’ s USB port. Syntax: copy startup-con fig usb < filename> copy running-config usb < filename > Uses the USB port to copy a desi gnated configuration file fro[...]

  • Page 570

    File Transfers Transferring ACL Command Files T ransferring ACL Command Files This section describes ho w to upload and execute a command file to the switch for configuring or replacing an Access Control List ( ACL) in the switch configuration. Such file s should contain only ACE (Access Control Entry) commands. For more on this general topic, incl[...]

  • Page 571

    File Transfers Transferring ACL Comman d Files For example, suppose you: 1. Created an ACL command file named vlan10_in.txt to update an ex isting ACL. 2. Copied the file to a TFTP server at 18 .38.124.16. Using a PC work station, you then execu te the following from th e CLI to upload the file to the switch and implem ent the ACL commands it conta[...]

  • Page 572

    File Transfers Transferring ACL Command Files Xmodem: Uploading an ACL Command File from a Serially Connected PC or UNIX W orkstation Syntax: copy xmodem command-file < unix | pc > Uses Xmodem to copy and executes an ACL command from a PC or Unix workstation. De pending on the ACL commands used, this action does one of the following in the ru[...]

  • Page 573

    File Transfers Copying Diagnostic Data to a Remote Host , USB Device, PC or UNIX Workstation Using a PC work station, you then execu te the following from th e CLI to upload the file to the switch and implem ent the ACL commands it contains: ProCurve(config)# copy usb command-file vlan10_in.txt pc The switch displ ays this message: Running configur[...]

  • Page 574

    File Transfers Copying Diagnostic Data to a Remote Host , USB Device , PC or UNIX Workstation Copying Command Output to a Destination Device Syntax : copy comma nd-output < “ cli-command ” > tftp < ip-addre ss > < filepath- filename > [oobm] copy command-output < “ cli-comm and ” > usb < filename > copy command[...]

  • Page 575

    File Transfers Copying Diagnostic Data to a Remote Host , USB Device, PC or UNIX Workstation Copying Event Log Output to a Destination Device Syntax : copy e vent-log tftp < ip-address > < filepath_filename > [oo bm] copy event-log usb < filenam e > copy event-log xm odem < filename > These commands copy the Event Lo g conte[...]

  • Page 576

    File Transfers Copying Diagnostic Data to a Remote Host , USB Device , PC or UNIX Workstation Syntax : copy c rash-data [< slot-id | master>] tftp < ip-address> <filename > [oobm] copy crash-data [< slot-id | mm>] usb <filename > copy crash-data [< slot-id | mm>] xmod em where: slot-id = a - h , and retrieves the[...]

  • Page 577

    File Transfers Copying Diagnostic Data to a Remote Host , USB Device, PC or UNIX Workstation slot-id: retrieves the crash data from th e module in the specified slot. mm: retrieves the crash data from both management modules and concatenates them. oobm : For switches that have a separate out-of-band management port, specifies that the transfer will[...]

  • Page 578

    File Transfers Copying Diagnostic Data to a Remote Host , USB Device , PC or UNIX Workstation At this p oint, press [Enter] and start the Xmodem command sequence in your terminal emulator . Figure A-16. Example of sending a Crash Log for Slot C to a File on an Attached PC Copying Crash Logs with Redundant Manageme nt. When you are usi ng redundant [...]

  • Page 579

    File Transfers Enabling or Disabling the USB Port Enabling or Disabling the USB Port This feature allows co nfiguration of the USB port with either the CLI or SNMP . T o ena ble/disable the USB port with the CLI: Syntax: usb-port no usb-port Enables the USB port. The no form of the command disables the USB port and any access to the device. T o dis[...]

  • Page 580

    File Transfers Enabling or Disabling the USB Port The autorun feature only works when a USB device is inserted and the USB port is enabled. Behavior of Autorun When USB Port is Disabled Software V ersions K.13.XX Operation When using software version K.13.58, if the USB port is disabled (no usb-port command), the USB autorun function does not work [...]

  • Page 581

    File Transfers Using USB Autorun Using USB Autorun USB autorun helps ease the configurat ion of ProCurve switches by providing a way to auto-execute CLI commands from a USB flash dri ve. Using this solution, you can create a command file (a lso known as an AutoRun file), writ e it to a USB storage device, and then ex ecute the file simply by insert[...]

  • Page 582

    File Transfers Using USB Autorun d. determine if the fi le will be ‘run once’ (moved to a ‘processed’ direc- tory on execution ) or ‘run many’ (kept in the root dire ctory of the flash drive from where it can be executed again). 2. Deploy the AutoRun file to a USB fl ash drive. 3. (If required) Enable the autorun feature on the sw itch [...]

  • Page 583

    File Transfers Using USB Autorun T roubleshooting Autorun Operations Y ou can verify autorun operations by checking the following items: USB Auxiliary Port LEDs. The following t able shows LED indication s on the Auxiliary Port that allow you to iden tify the different USB operation states. Color State Meaning Green Green n/a Amber Slow Blinking So[...]

  • Page 584

    File Transfers Using USB Autorun Event Log or Syslog. For details on how to use the switch’ s event log or syslog for help in isola ting autorun-re lated problems, see “Using the Event Log for T roubleshootin g Switch Problems” on page C-27. Configuring Autorun on the Switch T o enable/dis able the autorun feature on the switch, the following[...]

  • Page 585

    File Transfers Using USB Autorun Operating Notes and Restrictions ■ Autorun is en abled by default, un til passwords are set on the device. ■ Secure-mode and encr yption-key are disabl ed by default. ■ T o enable secure mode both an encr yption key and trusted certificate must be set. ■ If secure-mode is en abled, the following conditions a[...]

  • Page 586

    File Transfers Using USB Autorun V iewing Autorun Configuration Information The show autorun command displays aut orun configurat ion status inf ormation as shown in the following e xample. ProCurve(config)# show autorun Autorun configuration status Enabled : Yes Secure-mode : Disabled Encryption-key : A-52[...]

  • Page 587

    B Monitoring and Analyzing Switch Operation Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-3 Status and Counters Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-4 Menu Access To Stat us and Counters . . . . . . . . . . . . . . . . . . . . . .[...]

  • Page 588

    Monitoring and Analyzi ng Switch Operation Contents Web Browser Interface Status Information . . . . . . . . . . . . . . . . . . . . B-26 Traffic Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-27 Mirroring Terminol ogy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-29[...]

  • Page 589

    Monitoring and Analyzing Switch Operation Contents Viewing a Classifier-Based Mirroring Configuration . . . . . . . . . B-72 Viewing the Mirroring Config urations in the Running Effect of Downstream VL AN Tagging on Untagged, Classifier-Based Mirroring Re strictions . . . . . . . . . . . . . . . . . . . B-72 Applying Multiple Mirroring Sessi ons to[...]

  • Page 590

    Monitoring and Analyzi ng Switch Operation Overview Overview T he sw it ch e s covered in this guide h av e s ev e ra l b ui lt - in to ol s fo r m on it o ri ng , analyzing, and troubleshootin g switch and network operation: ■ Status: Includes options for displaying general swi tch informat ion, man- agement address data, port st atus, port and [...]

  • Page 591

    Monitoring and Analyzing Switch Operation Status and Counters Data Status and Counters Data This section describes the status and counters screens available through the switch console interface and/or the web browser interface. Note Y ou can access a ll console screens from the web browser interface via T elnet to the console. T elnet access to the[...]

  • Page 592

    Monitoring and Analyzi ng Switch Operation Status and Counters Data Menu Access T o St atus and Counters Beginning at the Main Menu, display th e Status a nd Counters menu by select- ing: 1. Status and Counters Figure B-1. The Status and Counters Menu Each of the above menu items accesses the read-only scr eens desc ribed on the followin g pages. R[...]

  • Page 593

    Monitoring and Analyzing Switch Operation Status and Counters Data General System Information Menu Access From the console Main Menu, select: 1. Status and Counters 1. General System Information Figure B-2. Example of General Switch Informatio n This screen dynamically indicates how individual switch resources are being used. Refer to the online He[...]

  • Page 594

    Monitoring and Analyzi ng Switch Operation Status and Counters Data CLI Access to System Information The show system command displays general sy stem informat ion abou t the switch. Syntax: show system [chassislocate| informat ion | power -supply | temperature | fans] Displays global system in formation and operational parameters for the switch. ch[...]

  • Page 595

    Monitoring and Analyzing Switch Operation Status and Counters Data ProCurve(config)# show system fans Fan Information Num | State | Failures -------+-------------+-------- -- Sys-1 | Fan OK | 0 0 / 1 Fans in Failure State 0 / 1 Fans have been in Failur e State Figure B-4. Example of System Fan Status ProCurve(config)# show syst em Status and Counte[...]

  • Page 596

    Monitoring and Analyzi ng Switch Operation Status and Counters Data Syntax: [no] task-monitor cpu Allows the collection of pro cessor utilization data. Only manager logins can execute th is command. The settings are not persistent, that is, there are no changes to the configura- tion. Default: Disabled ProCurve(config)# task-moni tor cpu ProCurve(c[...]

  • Page 597

    Monitoring and Analyzing Switch Operation Status and Counters Data Figure B-7. Example of Management Address Information with VLANs Conf igured This screen displays a ddresses that are importan t for manage ment of the switch. If multiple VLANs are not configured, this screen displays a single IP address for the entire switch. Refe r to the online [...]

  • Page 598

    Monitoring and Analyzi ng Switch Operation Status and Counters Data Module Information Use this feature to dete rmine whic h slots have modules installed and whic h type(s) of m odules are installed . Menu: Displaying Port Status From the Main Menu, select: 1. Status and Counters … 3. Module Information Figure B-8. Example of Module I nformation [...]

  • Page 599

    Monitoring and Analyzing Switch Operation Status and Counters Data CLI Access The CLI show modules command will di splay additi onal component i nforma- tion for the foll owing: ■ System Support Modules (SSM)—ident ification, inclu ding serial number ■ Mini-GBICS—a list of in stalled mini-GBICs displaying the type, “J” number , and seri[...]

  • Page 600

    Monitoring and Analyzi ng Switch Operation Status and Counters Data ProCurve(config)# show modu les details Status and Counters - Modu le Information Chassis: 8212zl J8715A Slot Module Description Serial Number: SG560TN124 Serial Number Status ----- --------------------------- ------------- MM1 ProCurve J9092A Management Module 8200zl SSM ProCurve [...]

  • Page 601

    Monitoring and Analyzing Switch Operation Status and Counters Data Figure B-11. Example of Port Statu s on the Menu Interface CLI Access Syntax: show interfaces brief W eb Access 1. Click on the Stat us tab. 2. Click on [Port Status] . V iewing Port and T runk Gr oup Statistics and Flow Control Status Feature Default Menu CLI Web viewing port and t[...]

  • Page 602

    Monitoring and Analyzi ng Switch Operation Status and Counters Data These feat ures enab le you to d etermine the traffic patte rns fo r each port since the last reboot or reset of the switch. Y ou can display: ■ A general report of traf fic on all LAN ports and trunk grou ps in the switch , along with the per -port flow cont rol status (On or Of[...]

  • Page 603

    Monitoring and Analyzing Switch Operation Status and Counters Data Menu Access to Port and T runk Statistics T o access this screen from the Main Menu, sele ct: 1. Status and Counters … 4. Port Counte rs Figure B-12. Example of Port Count ers on the Menu Interface T o view details about the traffi c on a particular port, use the [v] key to highli[...]

  • Page 604

    Monitoring and Analyzi ng Switch Operation Status and Counters Data CLI Access T o Port and T runk Group Statistics T o Display the Port Counter Summary Report. Syntax: show interfaces This command provides an overvie w of port activity for al l ports on the switch. T o Display a Deta iled T raf fic Summary for Specific Ports. . Syntax: show interf[...]

  • Page 605

    Monitoring and Analyzing Switch Operation Status and Counters Data Note The clearing of statistics cannot be uncleared. W eb Browser Access T o V iew Po rt and T runk Group Statistics 1. Click on the Stat us tab. 2. Click on [Por t Counters] . 3. T o refresh the counters for a specifi c port, click anywhere in the row for that port, then click on [[...]

  • Page 606

    Monitoring and Analyzi ng Switch Operation Status and Counters Data 1. From the Main Menu, select: 1. Status and Counters 5. VLAN Address T able 2. The switch then prompts you to select a VLAN. 3. Use the Space ba r to select the VLAN you want, then press [Enter] . The switch then displays the MAC address table for that VLAN: Figure B-14. Example o[...]

  • Page 607

    Monitoring and Analyzing Switch Operation Status and Counters Data 2. T ype the MAC add ress you want to locate and press [Enter] . The address and port nu mber are highlighted if fou nd. If the switch does not fi nd the MAC address on the currently select ed VLAN, it leaves the MAC address listing empty . Located MAC Address an d Corresponding Por[...]

  • Page 608

    Monitoring and Analyzi ng Switch Operation Status and Counters Data Determining Wh ether a Specific Devi ce Is Connected to the Selected Port. Proceeding from step 2, above: 1. Press [S] (for S earch ), to display the followin g prompt: Enter MAC address: _ 2. T ype the MAC add ress you want to locate and press [Enter] . The address is highlighted [...]

  • Page 609

    Monitoring and Analyzing Switch Operation Status and Counters Data Spanning T ree Protocol (MSTP) Information CLI Access to MSTP Data This option lists the MSTP co nfiguration, root data, and per -port data (cost, priority , state, and designated bridge). Syntax: show spanning-tree This command displays the sw itch’ s global and regional spanning[...]

  • Page 610

    Monitoring and Analyzi ng Switch Operation Status and Counters Data Internet Group Management Protocol (IGMP) Status The switch uses the CLI to display th e following IGMP st atus on a per -VLAN basis: Show Command Output show ip igmp Global command listing IG MP status for a ll VLANs configured in the switch: • VLAN ID (VID) and name • Active [...]

  • Page 611

    Monitoring and Analyzing Switch Operation Status and Counters Data VLAN Information The switch uses the CLI to disp lay the following VLAN status: Show Command Output show vlan Lists: • Maximum number of VLANs to support • Existing VLANs • Status (static or dynamic) • Primary VLAN show vlan < vlan-id > For the specified VLAN, lists: ?[...]

  • Page 612

    Monitoring and Analyzi ng Switch Operation Status and Counters Data Listing the VLAN ID (VID) and Status for Specific Ports. Because ports A1 and A2 are not members of VLAN- 44, it does not appear in this listing. Figure B-20. Example of VLAN Listing fo r Specific Ports Listing Individual VLAN Status. Figure B-21. Example of Port Listing for a n In[...]

  • Page 613

    Monitoring and Analyzing Switch Operation Status and Counters Data W eb Browser Interface Status Information The “home” screen for the web browse r interface is the Status Overvie w screen, as shown below . As the title imp lies, it provides an overview of the status of the swit ch, includin g summary grap hs indicatin g the network uti li- zat[...]

  • Page 614

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring T raffic Mirroring Mirror Features Feature De fault Menu CLI Mirror CLI Quick Reference n/a n/a B-45, B-47 Configure Mirror Source disabled page B-39 page B-49 Configure Mirror Destination at Source disabled page B-39 page B-52 Configure Remote Mirrorin g at Destination disabled n/a page [...]

  • Page 615

    Configuration Notes Deprecation of ACL-based T raffic Selection Monitoring and Analyzing Switch Operation Traffic Mirroring Mirroring sources and sessions. T raffic mirrorin g supports th e configur a- tion of port an d VLAN interfaces as mirroring sources in up to four mirroring sessions on a switch. Each session can have one or more sources (port[...]

  • Page 616

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring The following commands have been deprecated: ■ interface < port / tru nk / mesh > monitor ip access-group < ac l-name > in mirror < 1 - 4 | name-s tr > ■ vlan < vid-# > monitor i p access-group < acl-name > in mirror < 1 - 4 | name-s tr > After you [...]

  • Page 617

    Monitoring and Analyzing Switch Operation Traffic Mirroring Switch A Local mirroring session : Source Switch: Switch A Monitored interface: Port A2 Exit port: A15 Destination/Host: T raffic analyzer 1 Network Switch B T raffic Analyzer 2 A15 T raffic Analyzer 1 A1 A2 B7 Remote mirroring session : Source Switch: Switch A Monitored interface: Port A1[...]

  • Page 618

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring Caution An exit port should be co nnected only to a network analyzer , IDS, or other network edge device that has no co nnection to other netw ork resources. Connecting a mirroring exit port to a network can result in serious network performance problems, and i s strongly discouraged by P[...]

  • Page 619

    Monitoring and Analyzing Switch Operation Traffic Mirroring Mirrored T raffic Destinations Local Destinations A local mirroring traffic destination is a port on the same switch as the source of the traffic being mirrore d. Remote Destinations A remote mirroring traffic de stination is a ProCurve switch configured to operate as the exit switch for m[...]

  • Page 620

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring Criteria for Selecting Mirrored T raffic On the monitore d sources listed a bove, you can co nfigure th e following criteria to select the traffic you want to mirror: ■ Direction of traffic movement (enter ing or leaving the switch, or both) ■ T ype of IPv4 or IPv6 traf fic enteri ng [...]

  • Page 621

    Monitoring and Analyzing Switch Operation Traffic Mirroring ■ Y ou can reduce the risk of oversu bscribing a single exit port by: • Di recting traffic from different se ssion sources to mult iple exit p orts • Configuring an exit port wit h a higher bandwidth than the mo nitored source port ■ Y ou can segregate traffic by ty pe, direction, [...]

  • Page 622

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring Configuration Notes Using the CLI, you can configure a ll mirroring opti ons on a switch. Using the Menu or W eb interface, you can configure only sessi on 1 and only local mirroring in session 1 for traffic in both directions on sp ecified inter - faces. (If session 1 has been already co[...]

  • Page 623

    Monitoring and Analyzing Switch Operation Traffic Mirroring • Dire cting traffic from different se ssion sources to mult iple exit p orts • Configuring an exit port wit h a higher bandwidth than the mo nitored source port Migration to Release K.12.xx On a switch that is r unning a so ftware release earlier than K.12. xx with one or more mirrori[...]

  • Page 624

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring Figures B-24 and B-25 show how ACL-based selecti on criter ia in a mirroring session are converted to a classifier -based pol icy and class configuration when you install release K.14.01 or greate r on a switch. ProCurve(config)# show run Running configuration: . . . ip access-list extend[...]

  • Page 625

    Monitoring and Analyzing Switch Operation Traffic Mirroring Using the Menu or W eb Inte rface T o Configure Local Mirroring Menu and W eb Interface Limits The Menu and W eb interfaces can be used to quickly configur e or reconfigure local mirroring on session 1, and allow one of the following two m irroring source options: ■ any combination of so[...]

  • Page 626

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring Configuration Steps Not e s If mirroring has already been enabled on the sw itch, the Menu screens will appear differently than shown in this section. 1. From the Main Menu, Selec t: 2. Switch Configuration ... 3. Network Monitoring Port Enable mirroring by setting this parameter to “Y [...]

  • Page 627

    Monitoring and Analyzing Switch Operation Traffic Mirroring Move the cursor to the Mo nitoring Port para meter , then use the Spac e bar to select the loca l exit port. Figure B-27. How T o Select a Local Exit Port 5. Use the Space bar to select the port to use for send ing mirrored traffi c to a locally connected traffic analyzer or IDS. (The sele[...]

  • Page 628

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring 8. Use the down arrow key to move the cursor to the Action column for the individual port in terfaces and positi on the cursor at a port, trunk, or mesh you want to mirror . Use the down a rrow key to se lect the interfac e(s) whose traffic you want to mirror to th e local exit port. 9. P[...]

  • Page 629

    Monitoring and Analyzing Switch Operation Traffic Mirroring CLI: Configuring Local and Remote Mirroring Command Page Quick Reference Local Mirroring Commands Remote Mirroring Commands B-45 B-47 Configuring a Remote Mirroring Destination On the remote switch: mirror endpoint ip < src-ip > < src-udp-port > < dst-ip > < exit-port [...]

  • Page 630

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring ■ “Local Mirroring Overview” on pa ge B-44 ■ “Remote Mirroring Overview” on page B- 46 (The remote switch must be a ProCurve switch of fering the full mirroring capab ilities described in this chapter .) For a detailed descr iption of each step in a mi rroring configur ation, [...]

  • Page 631

    Monitoring and Analyzing Switch Operation Traffic Mirroring 3. Determine the traffic to be selected for mirroring by any of the followin g methods and the appr opriate config uration level (VLAN, port, mesh, trunk, switch): a. Direction: inbound, outbound, or bot h b. Classifier -based mirroring policy: inbound only fo r IPv4 or IPv6 traffic c. MAC[...]

  • Page 632

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring Configure a Mirroring Polic y to Select Inbound T raff ic (Page B-66) class < ipv4 | ipv6 > < classname > [no] [ seq-number ] < m atch | ignore > < ip-protocol > < source-addre ss > < destination-address > [ precedence precedence-value ] [ tos tos-value[...]

  • Page 633

    Monitoring and Analyzing Switch Operation Traffic Mirroring 2. On the remot e destination (endpo int) switch, enter the mirror endpoint command with the i nformation from step 1 to configure a mirroring session for a specific exit port. 3. Determine the sessio n (1 - 4) and (opti onal) alphanumeric name to use on the source switch. 4. Determine the[...]

  • Page 634

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring Configure the Mirroring De stination on a Remote Switch ( Page B-50): IP Address and UDP Port on Source Switch IP Address and Exit Port on Remote Swi tch mirror endpoint ip < src-ip-addr > < src-udp-port > < dst-ip-ad dr > port < exit-port > Enter this command on a[...]

  • Page 635

    Monitoring and Analyzing Switch Operation Traffic Mirroring Configure a Mirroring Polic y to Select Inbound T raff ic (Page B-66) class < ipv4 | ipv6 > < classname > [no] [ seq-number ] < m atch | ignore > < ip-protocol > < source-addre ss > < destination-address > [ precedence precedence-value ] [ tos tos-value [...]

  • Page 636

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring ■ The IP address of the VLAN or subn et on which the mirrored traffic enters or leaves the source switch ■ The unique UDP port number to u se fo r the session on the source switch (The recommended port range is from 7933 to 65535.) Caution Although the swit ch supports t he use of UDP[...]

  • Page 637

    Monitoring and Analyzing Switch Operation Traffic Mirroring Caution When configuring a remote mirroring session, always configure the destina- tion switch first. Conf iguring the source switch first can result in a large volume of mirrored, IPv4-encapsul ated traffic arriving at the destination without an exit path, which can slo w switch performan[...]

  • Page 638

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring Syntax: mirror endpoint ip < src-ip > < src-udp-port > < dst-ip > < exit-port-# > no mirror endpoint ip < src-ip > < src-udp-port > < dst-ip > — Continued — < src-udp-port >: This parameter must exactly match the <src- udp-port > v[...]

  • Page 639

    Monitoring and Analyzing Switch Operation Traffic Mirroring Configuring a Source Switch in a Local Mirrori ng Session. For a local mirroring session, enter the mirror port command on the source switch to configure an exit port on the same sw itch. T o create the mirroring sessi on, use the information gathered i n “1. Determine the Mirro ring Ses[...]

  • Page 640

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring as described i n “2. Configure a Mirroring Destinatio n on a Remote Switch” on page B-50, before using the mirror remote ip command in this section to configure the mirroring source for the same session. Syntax: [no] mirror < 1 - 4 > [name < name-str >] remote ip < src-[...]

  • Page 641

    Monitoring and Analyzing Switch Operation Traffic Mirroring Syntax: [no] mirror < 1 - 4 > [name < name-str >] remote ip < src-ip > < src-udp-port > < dst -ip > < src-udp-port >: This parameter associates the remote session with a UDP port numb er . When multiple sessions have the same source IP address < src-i[...]

  • Page 642

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring ■ Interface type • Port, trunk, and/ or mesh • V L A N • Switch (global configuration level) ■ T raffic direction and selection criteria • All inbound and/or outbound traffic on a port or VLAN interface • Only inbound I P traffic sel ected wit h an ACL (deprecated in softwar[...]

  • Page 643

    Monitoring and Analyzing Switch Operation Traffic Mirroring Selecting All Inbound/Out bound T raffic to Mirror Use the commands in this section to configur e all inbound and/or outboun d traffic on specified VLAN, port, or tr unk interfaces for a local or remote mirroring session. For an ex ample of a mirroring config uration that sele cts all inbo[...]

  • Page 644

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring monitor all < in | out | bot h >: For the interface specified by < port/trun k/mesh > , selects traffic to mirror based on whether the traffic is entering or leavin g the switch on the interface. in : Mirrors entering traffic. out : Mirrors exiting traffic . both : Mirrors tra[...]

  • Page 645

    Monitoring and Analyzing Switch Operation Traffic Mirroring Untagged Mirrored Packets Although a VLAN ta g is added (by de fault) to the mirro red copy of untagged outbound packets to indicate the source VLAN of the packet, it is sometimes desirable to have mirrored pack ets look exactly like the original packet. The no-tag-added paramete r gives y[...]

  • Page 646

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring of the mirror’ed copy; ‘disabled’ does put the VLAN tag in the mirror’ed copy. Only one logical port is allowed. This object is persistent and when written the entity SHOULD save the change to non-volatile storage.” DEFVAL { 2 } ::= { hpicfBridgeMirrorSessionEntry 2 } Operating [...]

  • Page 647

    Monitoring and Analyzing Switch Operation Traffic Mirroring VLAN Interface with T raffic Di rection as the Selection Criteria Use the following command to select all tra ffic on a VLAN interface for mirroring according t o traffic direction (inbound and/or outbound): Syntax: vlan < vid-# > monitor all < in | out | both > mirror < 1 -[...]

  • Page 648

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring Deprecation of ACL-based T raffic Selection < 1 - 4 > : Configures the selected VLAN traffic to be mirrored in the specified session number . [ name < name-str >] : Optional; config ures the selected port traffic to be mirrored in the specified session name. The string can be [...]

  • Page 649

    Monitoring and Analyzing Switch Operation Traffic Mirroring Selecting Inbound/Outbou nd T raffic Using a MAC Address Use the monitor mac mirror command at the glob al configuratio n level to appl y a source and/or destination MAC address as the selection criteria used in a local or remote mirroring session. While classifi er -based mirrorin g allow[...]

  • Page 650

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring T o configure a MAC address to filter mirrored traffic on an interface, enter the monitor mac mirror comma nd at the global configuration level. Syntax: [no] monitor mac < mac-addr > <src | dest | both> mirror < 1 - 4 | name -str > [< 1 - 4 | name-str >] [< 1 - [...]

  • Page 651

    Monitoring and Analyzing Switch Operation Traffic Mirroring Depending on how many session s are configured on the switch, you can use the same command to configure a MAC address as mirroring criteria in up to four sessions. T o identify a session, you can ent er either its name or number; for example: mirror 1 2 3 traffsrc4 Refer to “Mirroring-So[...]

  • Page 652

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring The following commands are not supported: monitor mac 111111-222222 src mirror 3 monitor mac 111111-222222 dest mirror 4 In addition, if you enter the monitor mac 111111-222222 both mirror 1 com- mand, you cannot use the MAC address 111111-222222 in an y other monitor mac mirror configura[...]

  • Page 653

    Monitoring and Analyzing Switch Operation Traffic Mirroring Deprecation of ACL-based T raffic Selection In software release K.14.01 or greater , advanced classifier -based polic ies replace ACL-based tra ffic selection in mirroring configurat ions. Like ACL-based traffic-se lection criter ia, classifier -based service policies apply only to inbound[...]

  • Page 654

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring 2. Create an IPv4 or IPv6 traffic class using the class comman d to select the packets that you want to mirror in a session on a preconfi gured local or remote destination device. Context: Global configuration Syntax: [no] class < ipv4 | ipv6 > < classname > Defines the name o[...]

  • Page 655

    Monitoring and Analyzing Switch Operation Traffic Mirroring Context: Class co nfiguration Syntax: [no] [ seq-number ] < match | ignore > < ip-protocol > < source-address > < destination-address > [ ip -dscp codepoint ] [ precedence pre cedence-value ] [ tos tos-value ] [ vlan vlan-id ] For detailed information ab out how to [...]

  • Page 656

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring • [ seq-number ] — The (optional) seq-number parameter sequentially orders the mirro ring actions that you enter in a policy configur ation. Actions are executed on matching packets in numerical order . Default: Mirroring action statem ents are numbered in increments of 10, starting a[...]

  • Page 657

    Monitoring and Analyzing Switch Operation Traffic Mirroring T o ma nage packets that do not match the match or ignore criteria in any class in the policy , and therefore h ave no mirroring acti ons performed on them, you can enter an optional defaul t class. The default class is placed at the end of a policy configuration a nd specifies the mirrori[...]

  • Page 658

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring For this reason, ProCur ve strongly recommends th at you first confi gure the exit switch in a remote mirror ing session, as described in “2. Configure a Mirroring Destination on a Remote Switch” on page B-50 and “3. Configure a Mirroring Session on the Source Swit ch” on page B-5[...]

  • Page 659

    Monitoring and Analyzing Switch Operation Traffic Mirroring For more informati on about how to apply a mirror ing policy to an interface , refer to the “Applying a Service Policy to an Interface” section in the “Classi- fier -Ba sed Softwar e Configurati on” chapter in the Advanced T raffic Manage- ment Guide . V iewing a Classifier -Based [...]

  • Page 660

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring ■ If a mirrori ng session is config ured wi th a classifier -based mirroring policy on a port or VLAN interface, no othe r traffic-selection criteria (MAC-based or all inbou nd and/or outbound traffi c) can be added to the sessi on. Switch-B(config)# mirror endpoint 10.10.40.4 9200 10.1[...]

  • Page 661

    Monitoring and Analyzing Switch Operation Traffic Mirroring Applying Multiple Mirroring Sessions to an Interface Y ou can apply a mirroring pol icy to an inte rface that is already configured with another traffic -selection method (MAC- based or all inbound an d/or outbound traffic) for a different mirroring session. The classifie r -based pol icy [...]

  • Page 662

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring Displaying a Mirroring Configuration Displaying All Mirroring Sessi ons Configured on the Switch Use the show monitor command to display in form ation on the currently con- figured status, traffi c-selection criteria , and number of monitored interfaces in each mirroring session on a swit[...]

  • Page 663

    Monitoring and Analyzing Switch Operation Traffic Mirroring Syntax: show monitor T ype: Indicates whether the mirroring session is local ( port ), remote ( IPv4 ), or MAC-based ( mac ) for local or remote sessions. Sources: Indicates how many moni tored source interfaces are configured for each mirroring session. Policy: Indicates whether the sourc[...]

  • Page 664

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring Displaying the Remote Endpoi nts Configured on the Switch Syntax: show monitor endpoint This command displays the remote mirroring endpoints configured on the switch. Informat ion on local sessi ons configured on the switch is not displayed. (T o view the configuration of a local session,[...]

  • Page 665

    Monitoring and Analyzing Switch Operation Traffic Mirroring Displaying the Mirroring Config uration for a Specific Session Syntax: show monitor < 1 - 4 | name < name-str > Use this command to display deta iled configuration information for a specified local or remote mi rroring session on a source switch. Session: Displays the number of th[...]

  • Page 666

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring Syntax: show monitor < 1 - 4 | name < name-str > Direction: For the selected interface, indicates whether mirrored traffic is entering the switch ( in ), leaving the switch ( out ), or both . Displaying a R emote Mirroring Session. After you configure session 2 for remote mirrori[...]

  • Page 667

    Monitoring and Analyzing Switch Operation Traffic Mirroring ProCurve_8200(config)# show monitor 3 Network Monitoring Session: 3 Session Name: Policy: no policy relationship exists Mirror Destination: A1 (Port) Monitoring Sources Direction ------------------ -------- - MAC: 112233-445566 Source The MAC address used to sel ect packets in a local mirr[...]

  • Page 668

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring Displaying Information o n a Cla ssifier -Based Mirroring Session. In the following example, a classi fier -based mirroring policy ( mirrorAd minT raffic ) mirrors selected inb ound IPv4 packets on VL AN 5 to the destination devi ce configured for mi rroring session 3. ProCurve(config)# m[...]

  • Page 669

    Monitoring and Analyzing Switch Operation Traffic Mirroring Use the following show commands to display information about: ■ A classifier -based mirrori ng configuration ( show class and show pol icy ) ■ Statistics on one or more m irroring policies ( show statistics policy ) ■ Hardware resources used by all mirro ring polici es currently conf[...]

  • Page 670

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring Syntax: show statistics policy [ mirror -policy-name ] [ interface < port-list > | vlan < vlan-id > ] in Displays statistics for the specified mirroring policies configured on one or more port or VLAN interfaces. ProCurve# show statistics pol icy MirrorAdminTraffic vlan 30 in [...]

  • Page 671

    Monitoring and Analyzing Switch Operation Traffic Mirroring ProCurve# show policy resource s Resource usage in Policy Enfo rcement Engine | Rules | Rules Used Ports | Available | ACL | QoS | IDM Includes th e hardware resources used by classifier- based local and remote mir roring policies that ar e currently applied to inte rfaces on the switch. |[...]

  • Page 672

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring V iewing the Mirroring Configurations in the Running Configuration File Using the show run command, you can view the current mirroring config ura- tions on t he switch. In the show run command ou tput, inf ormation ab out mirroring sources in co nfigured sessions begi ns with the mirror k[...]

  • Page 673

    Monitoring and Analyzing Switch Operation Traffic Mirroring Mirroring Configuration Examples Example: Local Mirroring Us ing T raffic-Direction Criteria An administrator wants to mirror the inbound traffic from workstation “X” on port A5 and workst ation “Y” on port B1 7 to a traff ic analyzer connected to por t C24. In this case, the admin[...]

  • Page 674

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring Example: Remote Mirroring Us ing a Classifier -Based Policy In the network shown i n Figure B-50, an administrator has connected a traffic analyzer to port A15 (i n VLAN 30) on sw itch C to mon itor the TCP traffic to the server at 10.10.30.153 from workstations connected to switches A an[...]

  • Page 675

    Monitoring and Analyzing Switch Operation Traffic Mirroring 2. On source s witch A, configure an association between the remote mirror - ing endpoint on switch C and a m irroring session on switch A (as described in “3. Configure a Mirrorin g Session on the Source Switch ” on page B-52). 3. On sw itch A, configur e a classifier -based mirroring[...]

  • Page 676

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring b. Configure a classifier -based mirrori ng po licy to select in bound TCP traffic destined to the server a t 10.10.30.153, and apply the policy to a VLAN interface for VLAN 20. Because the remote session has mirroring sources on diff erent switches, you can use the same session number (1[...]

  • Page 677

    Monitoring and Analyzing Switch Operation Traffic Mirroring A15 VLAN 30 10.10.30.2 VLAN 40 10.10.40.1 Switch C VLAN 10 10.10.10.119 Tr a f f i c Analyzer 1 Switch A VLAN 20 10.10.20.145 10.10.30.153 Switch B Server C12 T raffic Analyzer 2 B10 10.20.40.7 A20 Network Figure B-54. Sample T opology for Remote Mirro ring from a Port Interface T o con fi[...]

  • Page 678

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring Switch-A(config)# mirror 2 remote ip 10.10.10.119 9400 10.10.40.1 Caution: Please configure destination switch first. Do you want to continue [y/n]? y Switch-A(config)# interface c12 monitor all in mirror 2 IP address of source swi tch and UDP port numbe r used in session 2 IP address o f[...]

  • Page 679

    Monitoring and Analyzing Switch Operation Traffic Mirroring Enabling Jumbo Frames T o Increase the Mirroring Path MTU On 1 Gbps and 10 Gbps ports in the mi rroring path, you can redu ce the number of dropped frames by en abling jumbo fr ames on all intermed iate switches and routers. (The maxi mum transmission un it—MTU—on the sw itches covered[...]

  • Page 680

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring Effect of Downstream VLAN T agging on Untagged, Mirrored T raffic In a remote mirroring applicati on, if mi rrored traffic leaves the switch without 802.1Q VLAN tagging, but is forwarded th rough a downstream device that adds 802.1Q VLAN tags, the MTU for untagged mirrored frames leaving [...]

  • Page 681

    Monitoring and Analyzing Switch Operation Traffic Mirroring Operating Notes for T raffic Mirroring ■ Mirrorin g Dropped T ra f fi c: When an interface is configured to mirror traffic to a local or remote de stinat ion, packets are mirrored regardless of whether the traffi c is dropped while on the interface. For example, if an ACL is configured o[...]

  • Page 682

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring ■ Intercepted or Injected T raffic: The mirroring feature does not protect against either mirrored traffic being in tercepte d or traffic being injected into a mirrored stream by an intermediate host. ■ Inbound Mirrored IPv4-Encapsula ted Frames are Not Mirrored: The switch does no t [...]

  • Page 683

    Monitoring and Analyzing Switch Operation Traffic Mirroring T roubleshooting T raffic Mirroring If mirrored tr affic does not reach th e conf igured remote destina tion (end- point) switch or remote exit port , check the following configurations: • In a remote mirroring session, the mirro r remote ip command parame- ters configured on the source [...]

  • Page 684

    Monitoring and Analyzi ng Switch Operation Traffic Mirroring B-98[...]

  • Page 685

    C T r oubleshooting Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-4 Troublesho oting Approa ches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-5 Browser or Telnet Access Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . C-6 Unusual Net[...]

  • Page 686

    Troubleshooting Contents Using Log Throttling to Reduce Duplicate Event Log and SNMP Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-37 Configuring the Severit y Level for Event Log Configuring the System Module Used to Select the Event Log Log Throttle Periods . . . . . . . . . . . . . . . . . . . . . . . . . . . .[...]

  • Page 687

    Troubleshooting Contents Customizing show tech Comma nd Output . . . . . . . . . . . . . . . . . C-74 CLI: Viewing M ore Information on Switch Operation . . . . . . . . . . . C-78 Pattern Matching When Using t he Show Command . . . . . . . . . C-79 CLI: Useful Commands for Troublesh ootin g Sessions . . . . . . . . . . . C-82 Restoring the Factory-[...]

  • Page 688

    Troubleshooting Overview Overview This appendix addresses performance- relat ed network problems that can be caused by topology , switch configur ation, and t he effects of other devi ces or their config urations on sw itch operation. (For swit ch-speci fic inform ation on hardware problems indicated by LED behavior , cabling requi rements, and oth[...]

  • Page 689

    Troubleshooting Troubleshooting Approaches T roubleshooting Approaches Use these approaches to diagnose switch problems: ■ Check the ProCurve Networking web site f or software up dates that may have solved your problem: www.procurve.com ■ Check the switch LEDs for indicati ons of proper switch operation: • Each sw itch port has a Link LED th [...]

  • Page 690

    Troubleshooting Browser or Telnet Access Problems Browser or T elnet Access Problems Cannot access the we b browser interface: ■ Access may be disabled by the Web Agent Enabled parameter in the switch console. Check the se tting on this parame ter by selecting: 2. Switch Configuration … 1. System Information ■ The switch may not have the corr[...]

  • Page 691

    Troubleshooting Browser or Telnet Access Problems Cannot T elnet into the switch con sole from a station on the network: ■ Off subnet management stations can lo se T elnet access if you enable routing wit hout first co nfiguring a static (default) route. That is, the switch uses the IP default gateway only w hile operating as a Layer 2 device. W [...]

  • Page 692

    Troubleshooting Unusual Network Activity Unusual Network Activity Network activity that fails to meet ac cepted norms may indicate a hardware problem with one or more of the netw ork components, possibl y including the switch. Such problems can also be caused by a network loop or simply to o much traffic for t he network as it is currently de signe[...]

  • Page 693

    Troubleshooting Unusual Network Activity This can also happen, for example, if the server is first conf igured to issue IP addresses with an un limited duration, th en is subsequently co nfigured to issue IP addresses that will expire aft er a limited duration. One solu tion is to configure “reservations” in the DHCP server for speci fic IP add[...]

  • Page 694

    Troubleshooting Unusual Network Activity S Indicates that routin g is enabled; a requir e- ment for ACL oper ation. (There is a n exception. Refer to the Note , below .) Figure C-1. Indica tion that Routing Is Enabled Note If an ACL assigned to a VLAN includes an ACE referencing an IP address on the switch itself as a pack et source or destination,[...]

  • Page 695

    Troubleshooting Unusual Network Activity Error (Invalid input) when entering an IP address. When using the “host” opti on in the co mmand syntax, ensure that you are not including a mask in either dotted decimal or CIDR format . Using the “host” option implie s a specific host device and therefore do es not permit any ma sk entry . Correct.[...]

  • Page 696

    Troubleshooting Unusual Network Activity common mistake is to either not e xplicitly permit the sw itch’ s IP address as a DA or to use a wildca rd ACL mask in a deny statement that happens to incl ude the switch’ s IP address. For an exam ple of this problem, refer to the sectio n titled “General ACL Operating Notes” in the “Access Contr[...]

  • Page 697

    Troubleshooting Unusual Network Activity 30 Net IP: 30.29.16.1 (Deflt. Gateway) Router X 10 Net IP: 10.0.8.1 8212zl 10 Net -- VLAN 1 IP: 10.08.1 5 (Deflt. G’W ay = 10.0.8.1) Switch 1 20 Net -- VLAN 2 IP: 20.0.8.21 (Deflt. G’way = 20.0.8.1) 20 Net VLAN 2 IP: 20.0.8.1 (Deflt. G’way f o r 2 0 . 0 . 8 . 1 ) 30.29.16.91 Switch 2 10 Net -- VLAN 1 I[...]

  • Page 698

    Troubleshooting Unusual Network Activity Caution IGMP-Related Problems IP Multicast (IGMP) T raffic That Is Directed By IGMP Does Not Reach IGMP Hosts or a Multicast Router Connected to a Port. IGMP must be enabled on the switch an d the aff ected port must be configured for “Auto” or “Forward” operation. IP Multicast T raf fic Floods Out A[...]

  • Page 699

    Troubleshooting Unusual Network Activity Mesh-Related Problems T raffi c on a dynamic VLAN does not get through the switch mesh . GVRP enables dyna mic VLANs. Ensure that al l switches in the mesh have GVRP enabled . Port-Based Access Control (802.1X)-Related Problems Note T o list the 802.1X port-access Event Lo g messages stored on the switch, us[...]

  • Page 700

    Troubleshooting Unusual Network Activity VLAN as untagged on the port to support the cl ient access, as specified in the response from the RADIUS server . Refe r to “How 802.1X Au thentication Affects VLAN Oper ation” in the Access Security Guide for your switch. The switch appears to be properly configured as a supplicant, but cannot gain acce[...]

  • Page 701

    Troubleshooting Unusual Network Activity RADIUS server fails to respond to a request for service, even though the server’ s IP address is correct ly co nfigured in the switch. Use show radius to verify that the encryption key (RAD IUS secret key) the switch is using is correct for the server being co ntacted. If the switch ha s only a global key [...]

  • Page 702

    Troubleshooting Unusual Network Activity QoS-Related Problems Loss of communication when using VLAN- tagged traffi c. If you cannot communicate with a device in a tagged VLAN environment, ensure that the device either supports VLAN tagged traffi c or is connected to a VLAN port that is configured as Untagged . Radius-Related Problems The switch doe[...]

  • Page 703

    Troubleshooting Unusual Network Activity Global RADIUS Encryption Ke y Unique RADIUS Encr yption Key for the RADIUS server at 10.33.18.119 Figure C-7. Exampl es of Global and Unique Encryption Keys Spanning-T ree Protocol (MSTP) and Fast-Uplink Problems Caution If you enable MSTP , it is recommende d that you leave th e remainder of the MSTP param [...]

  • Page 704

    Troubleshooting Unusual Network Activity Fast-Uplink T roubleshoo ting. Some of the problems th at can result fr om incorrect usage of Fast-Uplink MSTP in clude temporary loops and generation of duplicate packets. Problem sources can include: ■ Fast-Uplink is config ured on a switch that is the MSTP root device. ■ Either the Hello T ime or the [...]

  • Page 705

    Troubleshooting Unusual Network Activity Switch does not detect a client’ s public key that does appear in the switch’ s public key file ( sh ow ip client-public-key ). The client’ s public key entry in the public key fi le may be pr eceded by an other entry that does not terminate wi th a new line (CR). In this case, the switch in terprets t[...]

  • Page 706

    Troubleshooting Unusual Network Activity T ACACS-Related Problems Event Log. When troubleshooting T ACACS+ op eration, check the switch’ s Event Log for i ndications of prob lem areas. All Users Are Locked Out of Access to the Switch. If the switch is func- tioning properly , but no username/password pairs resul t in console or T elnet access to [...]

  • Page 707

    Troubleshooting Unusual Network Activity ■ The encryption key configured in the server does not match the encryption key configured in the switch (by using the tacac s-server key command). V erify the key in the server and compare it to the key configured in the switch. (Use show tacacs-server to list th e global k ey . Use show config or show co[...]

  • Page 708

    Troubleshooting Unusual Network Activity T imeP , SNTP , or Gateway Problems The Switch Cannot Find the T ime Se rver or the Con figured Gateway . T imeP , SNTP , and Gateway access are through the primary VLAN, which in the default configuration is the DE F AUL T_VLAN. If the primary VLAN has been moved to another VLAN, it may be disabled or does [...]

  • Page 709

    Troubleshooting Unusual Network Activity Switch “Y” Switch “X” Link supporting VLAN_1 and VLAN_2 Port X-3 Port Y - 7 VLAN Port Assignment VLAN Port Assignment Po rt VLA N_ 1 VL AN _2 Po rt VLA N_ 1 VL AN _2 X-3 Untagged T agged Y -7 Untagged T agged Figure C-8. Exampl e of Correct VLAN Port Assignments on a Link 1. If VLAN_1 (VID=1) is conf[...]

  • Page 710

    Troubleshooting Unusual Network Activity Server 8212zl Switch (Multiple Forwarding Database) Switch with Single Forwarding Database MAC Address “A”; VLAN 1 MAC Address “A”; VLAN 2 Problem: This switch detec ts continual move s of MAC address “A” between ports. VLAN 1 VLAN 2 Figure C-9. Exampl e of Duplicate MAC Address Fan Failure When [...]

  • Page 711

    Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems Using the Event Log for T roubleshooting Switch Problems The Event Log records oper ating event s in single- or doubl e-line entries and serves as a tool to isolat e and troubl eshoot problems. Starting in software release K.13. xx , the maximum number of entries supported in [...]

  • Page 712

    Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems I (information) provides information on normal switch operation. D (debug) is reserved for ProCurve internal diagnostic informa tion. Date is the date in the format mm/dd/yy when an entry is recorded i n the log. Ti m e i s the time in the format hh:mm:ss whe n an entry is rec[...]

  • Page 713

    Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems cdp Cisco Discovery Protocol: Supports reading CDP packets received from neighbor devices, enabling a switch to learn about adjacent CDP devices. ProCurve switches do not support the transmission of CDP packets to neighbor devices. Management and Configuration Guide chassis Ha[...]

  • Page 714

    Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems dma D irect Access Memo ry (DMA): T ransmits and receives packets between the CPU and the switch. Not used for logging messages in software release K.13. xx . — fault Fault Detection facility, including response policy and the sensitivity level at which a network problem sho[...]

  • Page 715

    Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems kms Key Management Syst em: Configures and maintains security information (keys) for all rout ing protocols, including a timing mechanism for activating and deactivating an individual protocol. Access Security Guide lacp LACP trunks: The switch can eit her automatically establ[...]

  • Page 716

    Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems mld Multicast Listener Discovery (M LD): IPv6 protocol used by a router to discover the presence of multicast listeners. MLD can also optimize IPv6 multicast traffic flow with th e snooping feature. Multicast and Routing Guide mtm Multicast T raffic Manager (MTM): Controls and[...]

  • Page 717

    Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems snmp Simple Network Management Protocol: Allows you to manage the switch from a network management station, including support for security features, ev ent reporting, flow sampling, and standard MIBs. Management and Configuration Guide sntp Simple Network T ime Pr otocol: Sync[...]

  • Page 718

    Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems telnet Session established on t he switch from a remote device through the T elnet virtual terminal protocol. Management and Configuration Guide tftp T rivial File T ransfe r Protocol: Supports the download of files to the switch from a TFTP network server . Management and Con[...]

  • Page 719

    Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems Menu: Displaying and Navi gating in the Event Log T o displa y the Event Log fr om the Main Menu, select Event Log . Figure C-11 shows a sample ev ent log display . ProCurve Switch 5406zl 25-Oct-2007 18:02:52 ==========================-CONSO LE - MANAGER MODE -================[...]

  • Page 720

    Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems Key Action [^] Rolls back display by one event (up one line). [E] Advances to the end of the log. [H] Displays Help for the Event Log. CLI: Displaying the Event Log T o displa y messages record ed in the event log fr om the CLI, enter the show logging command. Keyword searches[...]

  • Page 721

    Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems T o redispl ay all hidden entries, includi ng Event Log entries recorded prior to the last reboot , enter the sh ow logging -a command. Syntax: clear logging Removes all entries from the event log display output. CLI: T urning Event Numbering On Syntax: [no] log-numbers T urns[...]

  • Page 722

    Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems Log Throttle Periods The length of the log thrott le period di ffers according to an e vent’ s severity level: Severity Level Log Throttle Period I (Information) 6000 Seconds W (W arning) 600 Seconds D (Debug) 6 0 Seconds M (Major) 6 Se conds Example of Log Throttling For ex[...]

  • Page 723

    Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems If PIM oper ation caused th e same event to occur six more times during t he initial log throt tle period, there would be no furt her entries in the Event Log. However , if the event occurr ed again after the log throttl e period expired, the switch would rep eat the message ([...]

  • Page 724

    Troubleshooting Using the Event Log for Tr oubleshooting Switch Problems Example of Event Counter Operation Suppose the switch detects the following after a re boot: ■ Three duplicate instances of the PIM “Send error” during the firs t log throttle period for this event ■ Five more instan ces of th e same Send error during the second log th[...]

  • Page 725

    Troubleshooting Debug/Syslog Operation Debug/Syslog Operation While the Event Log records switch-l evel progress, status, and warning messages on the swi tch, the Debu g/System Log ging ( Syslog ) feature provides a way to record Event Log and debu g messages on a remote device. For example, you can send messages about routing misconfigurations and[...]

  • Page 726

    Troubleshooting Debug/Syslog Operation A Debug/Syslog destination device can be a Syslog server and/or a console session. Y ou can configure debug and logging messages to b e sent to: ■ Up to six Syslog servers ■ A CLI session through a direct RS-232 co nsole connection, or a T elnet or SSH session Debug/Syslog Conf iguration Commands Event —[...]

  • Page 727

    Troubleshooting Debug/Syslog Operation event Sends standard Event Log messages to configured debug destinations. (The same messages are also sent to the switch’ s Event Log, re gardless of whether you enable this option.) ip forwarding: Sends IPv4 forwarding messages to the debug destination(s). ospf: Sends OSPF event logging to the debug destina[...]

  • Page 728

    Troubleshooting Debug/Syslog Operation ■ Series 3500yl switches ■ Series 3400cl switches ■ Series 2900 switches ■ Series 2800 switches ■ Series 2610 switches ■ Series 2600 switches an d the Switch 6108 (softw are rel ease H.07.30 or greater) For the latest feature info rmation on ProCurve switches, v isit the ProCurve Networking web sit[...]

  • Page 729

    Troubleshooting Debug/Syslog Operation 2. T o use a CLI session on a destination device fo r debug messaging: a. Set up a serial , T elnet, or SSH co nnection to access the switch’ s CLI. b. Enter the deb ug destination session command at the manager level. 3. Enable the types of debug messages to be sent t o configured Sysl og servers and/or the[...]

  • Page 730

    Troubleshooting Debug/Syslog Operation saved after a system reboot (power cycle or reboot) and re-activated on the switch. As a result, after switch startu p, one of the follo w i ng situations may occur: ■ Only a partial set of Event Log messages may be sent to configured debug destinations. ■ Messages may be sent to a previously configured Sy[...]

  • Page 731

    Troubleshooting Debug/Syslog Operation messages sent to the Syslog server , speci fy a set of messages by entering the logging severity and logging system-module commands. ProCurve(config)# show debug Debug Logging Destination: None Enabled debug types: None are enabled ProCurve(config)# logging 10. 28.38.164 ProCurve(config)# write memor y ProCurv[...]

  • Page 732

    Troubleshooting Debug/Syslog Operation Example. The next example shows ho w to configure: ■ Debug logging of ACL and IP- OSPF p acket messages on a Syslog server at 18.38.64.164 (with user as the default logging facility). ■ Display of these messages in the CLI session of your terminal device’ s management access to the switch. ■ Blocking E[...]

  • Page 733

    Troubleshooting Debug/Syslog Operation ProCurve# config ProCurve(config)# logging 10. 38.64.164 ProCurve(config)# show debug Debug Logging Destination: Logging -- 10.38.64.164 Facility=user Severity=debug System module=all-pass Enabled debug types: event ProCurve(config)# no debug ev ent ProCurve(config)# debug acl ProCurve(config)# debug ip os pf [...]

  • Page 734

    Troubleshooting Debug/Syslog Operation Debug Command At the manager level, use the debug command to perform two main functions: ■ Specifies the types of event messages to be sent to an ex ternal destination. ■ Specifies the de stinations to whic h selected message types are sent. By default, no debug destination is enabled a nd only Event Log m[...]

  • Page 735

    Troubleshooting Debug/Syslog Operation Syntax: [no] debug < debu g-type > (Continued) event Event Log messages are automati cally enabled to be sent to debug destinations in these conditions: • If no Syslog server address is configured and you enter the logging < syslog-ip-addr > command to configure a destination address. • If at l[...]

  • Page 736

    Troubleshooting Debug/Syslog Operation ipv6 [dhcpv6-client [events | packet ]] [forwarding | nd | packet] When no debug options are included, displays debug messages for all IPv6 debug options. dhcpv6-client [events | packet]: D isplays DHCPv6 client event and packet data. [forwarding]: Displays IPv6 forwarding messages. [nd]: Displays debug messag[...]

  • Page 737

    Troubleshooting Debug/Syslog Operation session Enables transmission of event notification messages to the CLI session that most recently executed this command. The session can be on any one terminal emulation device with serial, Telnet, or SSH access to the CLI at the Manager level prompt ( ProCurve#_ ). If more than one terminal device has a conso[...]

  • Page 738

    Troubleshooting Debug/Syslog Operation Logging Command At the global configuration level, the lo gging command allows you to enable debug logging on specified Syslog server s and select a subset of Event Log messages to send for debuggi ng purposes according to: ■ Severity level ■ System modul e By specifying both a severity level and system mo[...]

  • Page 739

    Troubleshooting Debug/Syslog Operation Configuring a Syslog Server Syslog is a client-server logging tool th at allows a client switch to send event notification messages to a networked de vice operati ng with Syslog server software. Messages sent to a Syslog server can be stored to a file for later debugging analysis. T o use the Syslog feature, y[...]

  • Page 740

    Troubleshooting Debug/Syslog Operation Syntax: [no] logging < syslo g-ip-addr > Enables or disables Syslog messaging to the specified IP address. You can configure up to six addresses. If you configure an address when none are already configured, this command enables destinatio n logging (Syslog) and the Event debug type. Therefore, at a mini[...]

  • Page 741

    Troubleshooting Debug/Syslog Operation Syntax: [no] logging facility < fac i lity-name > The logging facility specifies th e destination subsystem used in a configured Syslog server . (All configured Syslog servers must use the same subsystem.) ProCurve recommends the default (user) subsystem unless your application specifically requires anot[...]

  • Page 742

    Troubleshooting Debug/Syslog Operation The CLI comm and is: Syntax: logging <ip-addr> control-descr <text_string >] no logging <ip-addr> [control-descr] An optional user -frien dly description that can be associated with a server IP address. If no description is entered, this is blank. If <text_string> contains white space, [...]

  • Page 743

    Troubleshooting Debug/Syslog Operation ProCurve(config)# logging priority-descr severe-pr i Figure C-20. Example of the Lo gging Command with a Priority Description Note A notification i s sent to the SNMP agent if there are any changes to the sy slog parameters eith er through the CLI or with SNMP . Configuring the Severity Level for Event Log Mes[...]

  • Page 744

    Troubleshooting Debug/Syslog Operation Configuring the System Module Us ed to Select the Event Log Messages Sent to a Syslog Server Event Log messages contain the name of the system module that reported the event. Using the logging system-module command, you can select a set of Event Log messages according to the originating system module and send [...]

  • Page 745

    Troubleshooting Debug/Syslog Operation Debug Option Effect of a Reboot or Reset ACL (debug type) Disabled. All (debug type) Disabled. event (debug type) If a Syslog server IP address is configured in the star tup- config file, the sending of Event Log messages is reset to enabled , regardless of the last active setting. If no Syslog server is confi[...]

  • Page 746

    Troubleshooting Diagnostic Tools Diagnostic T ools Diagnostic Features Feature Default Menu CLI Web Port Auto negotiation n/a — — — Ping test n/a — page C-65 page C-64 Link test n/a — page C-65 page C-64 T raceroute operation n/a — page C-67 n/a View switch configuration files n/a — page C-71 page C-71 View switch (sho w tech) n/a —[...]

  • Page 747

    Troubleshooting Diagnostic Tools Port Auto-Negotiation When a link LED does not light (indicat ing loss of link between two devices), the most common r e ason is a failure of port auto-n egotiation between the connecting ports. If a lin k LED fails to light wh en you conn ect the swit ch to a port on another devi ce, do the following: 1. Ensure tha[...]

  • Page 748

    Troubleshooting Diagnostic Tools W eb: Executing Ping or Link T ests Figure C-21. Link and Pi ng T est Screen on the Web Browser Interface 4. For a Ping test, enter the IP address of the target device. For a Link test, enter the MAC addr ess of the target device. 3. Select Ping T est (the default) or Link T est 5. Select the numb er of tries (packe[...]

  • Page 749

    Troubleshooting Diagnostic Tools Number of Packets to Send is th e number of times you want the switch to attempt to test a c onnection. T imeout in Seconds is th e number of seconds to allow per attempt to test a connection before determining that the current atte mpt has failed. T o halt a Link or Ping test before it con cludes, click on t he Sto[...]

  • Page 750

    Troubleshooting Diagnostic Tools source <ip-addr | ho stname > Source IP address or hostname . The source IP address must be owned by the router . If a VLAN is specified, the IP address associated with the specified VLAN is used. data-size <0-65471> Size of packet sent. Default: 0 (zero) data-fill <0-1024> The data pattern in th e[...]

  • Page 751

    Troubleshooting Diagnostic Tools Basic Link T est Link T est with Repetitions Link T est with Repetitions and T imeout Link T est Over a Specific VLAN Link T est Over a Specific VLAN; T est Fail Figure C-23. Example of Link T ests T raceroute Command The traceroute command enables you to trace th e route from the switch to a host address. This comm[...]

  • Page 752

    Troubleshooting Diagnostic Tools <ip-address | hostname> The IP address or hostname of the device to which to send the traceroute. [minttl < 1-255 >] For the current instance of traceroute , changes the minimum number of hops allowed for each probe packet sent along the route. If minttl is greater than the actual number of hops, then th[...]

  • Page 753

    Troubleshooting Diagnostic Tools Intermediate router hops with the time taken for the switch to receive acknowledgement of each probe reach ing each router . Destination IP Address Figure C-24. Example of a Completed T racero ute Enquiry Continuing fr om the previous examp le (Figure C-24, above), execut ing traceroute with an insu fficient maxttl [...]

  • Page 754

    Troubleshooting Diagnostic Tools If A Network Condition Preven ts T raceroute from Reaching the Destination. Common reasons for T rac eroute fa iling to reach a destination include: ■ T im eouts (indicated by one asterisk per probe, per hop; refer to Figure C-25, above.) ■ Unreachable hosts ■ Unreachable networks ■ Interference from firewal[...]

  • Page 755

    Troubleshooting Viewing Switch Configuration and Operation V iewing Switch Configuration and Operation In some troubleshoot ing s cenarios, you may need to view the switch config- uration to diagnose a problem. The co mplete switch config uration is co n- tained in a file that you can browse fr om either the web browse r interface or the CLI using [...]

  • Page 756

    Troubleshooting Viewing Switch Configur ation a nd Operation CLI: Vi ewing a Summary of Switch Operational Data Syntax: show tech By default, the show tech command displays a single output of switch operat- ing and running -configuration data from several internal switch sources, including: ■ Image stamp (software version data) ■ Running config[...]

  • Page 757

    Troubleshooting Viewing Switch Configuration and Operation Figure C-27 shows sample ou tput from the show tech command. ProCurve# show tech show system Status and Counters - General System Information System Name System Contact System Location : 5400_1 : : MAC Age Time (sec) : 300 Time Zone : 0 Daylight Time Rule : None Software revision ROM Versio[...]

  • Page 758

    Troubleshooting Viewing Switch Configur ation a nd Operation For example, if your te rminal emulator is the Hyperterminal application available with Microsoft® Windows® software, you can copy the show t ech output to a file and th en use eit her Microsoft W ord or Notepad t o display the data. (In this case, Microsof t W ord pr ovides the data in[...]

  • Page 759

    Troubleshooting Viewing Switch Configuration and Operation 5. Click on T ransfer | Capture T ext | Stop in HyperT e rminal to stop copyin g data and save the text file. If you do not stop HyperT erminal from copying command out put into the text file, additi onal unwanted data can be copi ed from the HyperT erminal screen. 6. T o access the file, o[...]

  • Page 760

    Troubleshooting Viewing Switch Configur ation a nd Operation . Syntax: copy < source > show- tech crash- log [ slot-id | master]: Includes the crash logs from all management and interface modules in show tech command output. T o limit the amount of crash-l og data displayed, specify an installed module or management modules, where: slot-id : [...]

  • Page 761

    Troubleshooting Viewing Switch Configuration and Operation . Syntax: copy < source > show- tech usb config < startup-config < filename > | command-file < acl- filename. txt > Copies the contents of a co nfiguration file or ACL command file from a USB flash drive to show tec h command output, where: startup-config < file name[...]

  • Page 762

    Troubleshooting Viewing Switch Configur ation a nd Operation CLI: Vi ewing More Informat ion on Switch Operation Use the following commands to displa y additional information on switch operation for trou bleshooting purposes. Syntax: show boot-history Displays the crash informatio n saved for each management module on the switch (see “Displaying [...]

  • Page 763

    Troubleshooting Viewing Switch Configuration and Operation Pattern Matching When Using the Show Command The pattern matching op tion with the show command provides the ability to do searches for specific text. Selected portions of the outp ut are displayed depending on the parameters chose n. Syntax: show < command option > | <include | ex[...]

  • Page 764

    Troubleshooting Viewing Switch Configur ation a nd Operation ProCurve(config)# show run | exclude ipv6 Running configuration: ; J8697A Configuration Edito r; Created on release #K.14.06 hostname "ProCurve Switch 54 06zl" module 1 type J8702A module 2 type J8705A snmp-server community "notpu blic" Unrestricted vlan 1 name "D[...]

  • Page 765

    Troubleshooting Viewing Switch Configuration and Operation ProCurve(config)# show run | be gin ipv6 ipv6 enable no untagged B21-B24 Displays the running config begin ning at the first line exit that contains “ipv6”. vlan 20 name "VLAN20" untagged B21-B24 ipv6 enable no ip address exit policy qos "michael" exit ipv6 access-li[...]

  • Page 766

    Troubleshooting Viewing Switch Configur ation a nd Operation CLI: Useful Commands for T roubleshooting Sessions Use the following commands in a troubleshooti ng session to more accurately display the information yo u need to diagnose a problem. For more informati on on other the se CLI practices, refer t o chapter 4, “Using the Command Line Inter[...]

  • Page 767

    Troubleshooting Restoring the Factory-Default Configuration Restoring the Factory-Default Configuration As part of your troubleshooting pr ocess, it may become necessary to return the switch configuration to the factor y default settings. This process momen- tarily interrupts t he switch operation, clears any passw ords, clears the console Event Lo[...]

  • Page 768

    Troubleshooting Restoring a Flash Image 2. Co ntinue to press the Clear butt on while releasing the Re set button. 3. When the Self T est LED begins to flas h, release the Cle ar button. The switch will then complete it s self test and begin operating with the configuration restored to th e factory default settings. Restoring a Flash Image The swit[...]

  • Page 769

    Troubleshooting Restoring a Flash Image Enter h or ? for help. => 4. Since the OS file is large, you can increase the speed of the download by changing the switch console and termin al emulator baud rates to a high speed. For example: a. Change the switch baud rate to 115,200 Bps. => sp 115200 b. Change the terminal emulator baud rate to matc[...]

  • Page 770

    Troubleshooting Restoring a Flash Image Figure C-34. Example of Xmodem Download in Progress 8. When the download compl etes, the swit ch reboots from pri mary flash using the OS image you dow nloaded in the preceding steps, plus th e most recent startup-config file. C-86[...]

  • Page 771

    Troubleshooting DNS Resolver DNS Resolver The Domain Name System (D N S) resolver is designed for use in local network domains where it enables us e of a host name or fully qualified domain name with DNS-com patible switch CLI com man ds. (At software release K.13.01, the DNS-compatible commands include ping and traceroute .) Beginning wi th softwa[...]

  • Page 772

    Troubleshooting DNS Resolver Basic Operation ■ When the switch is configured wit h onl y the IP address of a DNS server available to the switch, then a DNS-compatible command, executed with a fully qualified doma in name, can reac h a device found in any domain accessible through the configured DNS server . ■ When the switch is config ured with[...]

  • Page 773

    Troubleshooting DNS Resolver Note that if the target host is in a domain other than the domain configured on the switch, then: ■ The host’ s domain must be reachabl e from the switch . This requires that the DNS server for the switch must be able to communicate with the DNS serv er(s) in the path to the dom ain in which the target h ost operate[...]

  • Page 774

    Troubleshooting DNS Resolver c. The domain name for an accessible domain in which there are hosts you want to reach with a DNS-c ompatible command. (This is the domain s uffix in the f ully qualif ied domain name for a given host operating in the select ed domain. Refer to “T erminology” on page C- 87.) Note that if a domain suffix is not confi[...]

  • Page 775

    Troubleshooting DNS Resolver Syntax: [no] ip dns domain-name < domain-name-suffix > This optional DNS command configures the dom ain suffix that is automatically appended to the host name entered with a DNS-compatible command. When the domain suffix and the IP address for a DNS server that can access that domain are both configured on the swi[...]

  • Page 776

    Troubleshooting DNS Resolver Configuring switch “A” with the domai n name and the IP address of a DNS server for the domain enables the switch to use host names assigned to IP addresses in the do main to perform ping and traceroute act ions on the devices in the domain. T o summarize: Entity: Ide ntity: DNS Server IP Address 10.28.229.10 Domain[...]

  • Page 777

    Troubleshooting DNS Resolver As mentioned under “Basic Operation” on page C-88, if the DNS entry config- ured in the switch does not include the domain suffi x for the desired ta rget, then you must use the target host’ s fully qualified dom ain name with DNS- compatible commands. For example, using the docume nt server in Fi gure C- 37 as a [...]

  • Page 778

    Troubleshooting DNS Resolver Operating Notes ■ Configuring anot her IP address for a priority that has already been assigned to an IP address is not a llowed. T o re place one IP address a t a given priority level w ith another ad dress having the same priority , you must first use the no form of the command to remove the unwanted address. Also, [...]

  • Page 779

    Troubleshooting DNS Resolver Event Log Messages Message Meaning DNS server address not configure d The switch does not ha ve an IP address configured for the DNS server . DNS server not responding The DNS serve r failed to respond or is unreachable. An incorrect server IP address can produce this re sult. Unknown host < ho st-name > The ho st[...]

  • Page 780

    Troubleshooting Locator LED (Locating a Switch) Locator LED (Locating a Switch) T o locate where a pa rticular switch is physically installed, use the chassislo- cate command to activate the blue Locator LED on the switch’ s front panel. Syntax: chassislocate [b link | on | off] Locates a switch by using the blue Locate LED on t he front panel. b[...]

  • Page 781

    D MAC Address Management Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . D-2 Determining MAC Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . D-3 Menu: Viewing th e Switch’s MAC Addresses . . . . . . . . . . . . . . . . . . . . D-4 CLI: Viewing [...]

  • Page 782

    MAC Address Management Overview Overview The switch assigns MAC addresses in these areas: ■ For management functions, one Base MAC address is assigned to the de f au lt VL AN ( VI D = 1 ). (A ll VL AN s on th e s w it ch es covered in this guide use the same MAC address. ) ■ For internal switch operations: One M AC address per port (Refer to ?[...]

  • Page 783

    MAC Address Management Determining MAC Addresses Determining MAC Addresses MAC Address Viewing Methods Feature Default Menu CLI Web view switch’ s base ( default vlan) MAC address and the addressing for any added VLANs n/a D-4 D-5 — view port MAC addresses (hexadecimal format) n/a — D-5 — ■ Use the menu interface to view the switch’ s b[...]

  • Page 784

    MAC Address Management Determining MAC Addresses Menu: V iewing the Switch’ s MAC Addresses The Management Address Information screen lists the MAC addresses for: ■ Base switch (d efault VLAN; V ID = 1) ■ Any additional V LANs conf igured on the switch. Also, the Base MAC address appears on a label on the back of the switch. Note The Base MAC[...]

  • Page 785

    MAC Address Management Determining MAC Addresses CLI: Vi ewing the Port and VLAN MAC Addresses The MAC address assigned to each switch port is used inte rnally by such features as Flow Control and the spanning-tree protocol. Using the walkmib command to determi ne the MAC address assignment s for individu al ports can sometimes be useful when di ag[...]

  • Page 786

    MAC Address Management Determining MAC Addresses ProCurve# walkmib ifphysa ddress ifPhysAddress.1 = 00 12 7 9 88 b1 ff ifPhysAddress.2 = 00 12 7 9 88 b1 fe ifPhysAddress.3 = 00 12 7 9 88 b1 fd ifPhysAddress.4 = 00 12 7 9 88 b1 fc ifPhysAddress.49 = 00 12 79 88 b1 cf ifPhysAddress.461 and 488 Physical addr esses for non-default VLANs confi gured on [...]

  • Page 787

    MAC Address Management Viewing the MAC Addresses of Connected Devices V iewing the MAC Addresses of Connected Devices Syntax: show mac-address [ | mac-addr | Lists the MAC addresses of the device s the switch has detected, along with the number of the specific port on wh ich each MAC address was detected. [ port-list ] Lists the MAC addresses of th[...]

  • Page 788

    MAC Address Management Viewing the MAC Addresses of Connected Devices D-8[...]

  • Page 789

    E Monitoring Resources Contents Viewing Information on Resource Usage . . . . . . . . . . . . . . . . . . . . . . . E-2 Policy Enforcement Engine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . E-2 Displaying Current Resource Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . E-4 When Insufficie nt Resources Are Availab[...]

  • Page 790

    Monitoring Resources Viewing Information on Resource Usage V iewing Information on Resource Usage The switch allows you to view info rmation about the curren t usage and availability of resources in the Polic y Enforcement engine, includ ing the following software features: ■ Access control lists (ACL) ■ Quality-of-service (QoS), including devi[...]

  • Page 791

    Monitoring Resources Viewing Information on Resource Usage ■ When the following features are co nfigured globally or per -VLAN, resource usage is applied across a ll por t grou ps or all slots with install ed modules: • ACLs • QoS configuration s that use the following commands: – QoS device priority (IP Addre ss) through the CLI using the [...]

  • Page 792

    Monitoring Resources Viewing Information on Resource Usage Displaying Current Resource Usage T o display c urrent resource usage in the switch, enter the show <qos | access- list | policy> resources command. The show resources command output allows you to view cu rrent resource usage and, if necessary , pri oritize and reconfigur e software f[...]

  • Page 793

    Monitoring Resources Viewing Information on Resource Usage ProCurve# show qos resources Resource usage in Policy Enfo rcement Engine | Rules | Rules Used Ports | Available | ACL | QoS | IDM | VT | Mirror | Other | ------+-------------+------- +-------+-------+-------+--------+------- | 1-24 | 3014 | 15 | 11 | 0 | 1 | 0 | 3 | 25-48 | 3005 | 15 | 10 [...]

  • Page 794

    Monitoring Resources Viewing Information on Resource Usage Usage Notes ■ A 1:1 mapping of int ernal rules to conf igured polic ies in the switc h does for show resources Output not necessarily exist. As a result, disp laying current resource usa ge is the most reliable method for keeping tr ack of available resources. Also, because some internal [...]

  • Page 795

    Monitoring Resources When Insufficient Resources Are Available When Insufficient Resources Are A vailable The switch has ample r esources for configur ing features and supporting: ■ RADIUS-authen ticated clients (with or without the op tional IDM applica - tion) ■ Viru s throttling and b locking on indi vidual clients. Note Virus throttling doe[...]

  • Page 796

    Monitoring Resources When Insufficient Resource s Are Available E-8[...]

  • Page 797

    F Daylight Savings T ime on ProCurve Switches This information applies to the fo llowing ProCurve switches: •2 1 2 M • Series 2500 • Series 5300xl •2 2 4 M • Series 2510 • Series 5400zl • 1600M • Series 2600 • Switch 6108 • 2400M • Series 2610 • Switch 6200yl • 2424M • Series 2800 • Series 6400cl • 4000M • Switch 2[...]

  • Page 798

    Daylight Savings Time on ProCurve Switches Middle Europe and Portugal : • Begin DST at 2am the first Su nday on or after March 25th. • End DST at 2am the first Sund ay on or after September 24th. Southern Hemisphere: • Begin DST at 2am the first Sund ay on or after Oc tober 25th. • End DST at 2am the first Sunday on or after March 1st. W es[...]

  • Page 799

    Daylight Savings Time on ProCurve Switches Before configuring a “User defined” Daylight Time Rule, it is important to understand how t he switch treats the entries. The swi tch knows which dates are Sundays, and uses an algorithm to determine on which date to change the system clock, given the configured “Beginning day” and “Ending day”[...]

  • Page 800

    Daylight Savings Time on ProCurve Switches F-4[...]

  • Page 801

    G Scalability: IP Addre ss, VLAN, and Routing Maximum V alues The following table lists the swi tch scal ability values for the areas of VLANs, ACLs, hardware, ARP , and routing. Subject Maximum IPv4 ACLs total named (extended or standard) up to 2048 (minus any IPv4 numeric standard or extended ACL assignments and any RADIUS-assigned ACLs) 1 total [...]

  • Page 802

    Scalability: IP Address, VL AN, and Routing Maximum Values ARP Subject Maximum ARP entries 10 ,000 packets held for ARP resolution 25 Routing Protocol RIP interfaces 128 OSPF passive interfaces OSPF active interfaces 512 (minus OSPF active interfaces) 128 OSPF areas 16 ECMP next hops 4 G-2[...]

  • Page 803

    H Switch Licensing Switch softw are licensing enables adva nced features in certain ProCurve switches. The following table shows th e software licenses available for the switches covered by this manual. License T ype Premium (includes OSPF , PIM – sparse mode, PIM – dense mode, VRRP , QinQ) Switch Family License Product 3500 and 3500yl J8993A 5[...]

  • Page 804

    Switch Licensing The procedure for installing a l ice nsed feature into a switch is: 1. Locate the registration ID. When you purchase a software license, you receive a folded license registration ca rd. The registration ID is located on the insi de of the card, in th e upper le ft corner . 2. Get the switch’ s hardware ID. Establish a console con[...]

  • Page 805

    I Power -Saving Features Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . I-2 Configuring th e Power-S aving Options . . . . . . . . . . . . . . . . . . . . . . . . . I-3 Configuring the Savepower module Option . . . . . . . . . . . . . . . . . . I-3 Configuring the Savepower LE[...]

  • Page 806

    Power-Saving Features Overview There are sev eral power -saving feature s that can be configure d for the indi- cated switches and modules. The power -saving features inclu de the ability to: ■ T urn slot power on or off ■ T urn LED power on or off using a timer ■ Slot auto low power mode The module s support th e power -saving features a s i[...]

  • Page 807

    Power-Saving Features Configuring the Power -Saving Options The savepower command provides configurable power -saving options. Syntax: [no] savepower <module [slot-list | all] | led [slot-id] | port-low-pwr [slot-id]> Configures power -saving features. module [slot-id]: T urns power -saving options on or off for all modules or a specified mod[...]

  • Page 808

    Power-Saving Features Y ou can verify the status of the savepow er command by using the show modu les command or by checking the log messa ges (for 8200zl and 5400zl switche s). Note If a savepow er module < slot-list > or savepower all command is immediately followed by a no savepower module < slot-list > or no savepower al l command, [...]

  • Page 809

    Power-Saving Features duration <[HH:]MM> : The amount of time the LEDs remain turned off. Option al. If the duration value is zero, when the timer starts the LEDs are turned off indefinitely un til the timer is canceled or the command is overridden with another command. Default: 0 (zero) recur : Optional. If specified, th e LEDs are turned of[...]

  • Page 810

    Power-Saving Features Configuring the Savepower port-low-pwr Option The port-low-pwr option puts the slots into auto low p ower mode if they are not linked. I f a particular slot i s specifi ed, only that slot goes into auto low power mode . Specifying all puts all the slots into auto low power mod e. The ports i n low power mode peri odically moni[...]

  • Page 811

    Power-Saving Features ProCurve(config)# show savepow er module Module Save Power Information Slot | Status ---- + -------- A | Disabled B | Disabled C | Enabled D | Disabled E | Disabled Figure I-4. Example of Outpu t for show savepower module Command Show Savepower Port-low-pwr . T o displa y the status of the power - down feature for the slots, u[...]

  • Page 812

    Power-Saving Features ProCurve(config)# show savepower led Led Save Power Information Alarm Start Time : 06/01/0 9 12:01:07 Alarm Duration (HH:MM) : 12:00 Recurrent Status : Enabled Led Save Power Information Slot | Status ---- + -------- A | Enabled B | Enabled C | Enabled D | Enabled E | Enabled Figure I-6. Example of Outpu t for show savepower l[...]

  • Page 813

    J Network Out-of-Band Management (OOBM) for the 6600 Switch Contents Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . J-2 Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . J-4 OOBM and Switch Applications . . . . . . . . . .[...]

  • Page 814

    Network Out-of-Band Management (OOBM) for the 6600 Switch Concepts Concepts Management communications with a managed switch can be: ■ in band—through the networked data ports of the switch ■ out of band—through a dedi cated ma nagement port (or ports) separate from the data ports Out-of-band ports have typically been serial console ports us[...]

  • Page 815

    Network Out-of-Band Management (OOBM) for the 6600 Switch Concepts improved sw itch securi ty: a prope rly configured switch can limit management access to the managemen t port only , pr eventing malicious atte mpts to gain access via the data ports. Network OOBM typically occurs on a management network that connects multiple sw itches. It has th e[...]

  • Page 816

    Network Out-of-Band Management (OOBM) for the 6600 Switch Concepts Example In a typical data center installation, top-of-rack switches connect servers to the data netwo rk, while the management po rts of those swit ches connect to a physically and logically separate mana gement n e two rk. This allows netw ork administrators to manage the switches [...]

  • Page 817

    Network Out-of-Band Management (OOBM) for the 6600 Switch Concepts OOBM and Switch Applications The table below shows the switch appl ications that are supported on the OOBM interf ace as well as on the data inte rfaces. In this list , some applications are client-only , some are server -only , and some are both. Application Inbound OOBM (server) O[...]

  • Page 818

    Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks Ta s k s OOBM Configuration OOBM Context OOBM configurat ion commands can be issued f rom the global config uration context ( config ) or from a specific OOBM configuratio n context ( oobm ). T o enter the OOBM configuration contex t from the gene ral configuration context, use the oob[...]

  • Page 819

    Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks OOBM Enable/disable T o ena ble or disable network OOBM, use the enable or disable command. Network OOBM is enabled by default. Syntax: From the OOBM context: enable disable From the general configuration context: oobm enable oobm disable Enables or disables networked out-of-band-manag[...]

  • Page 820

    Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks OOBM Port Enable/disable The OOBM interf ace command enables or disables the OOBM interface (the OOBM port, as opposed to the O OBM function). Syntax: From the OOBM context: interface [enable | disable] From the general configuration context: oobm interface [enable | disable] Enables o[...]

  • Page 821

    Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks OOBM Port Speed Control The OOBM port operates at 10 Mbps or 100 Mbps, half or full duplex . These can be set explicitly or they can be aut omatically negot iated using the au to setting.Set the port speed using the inter face command. Syntax: From the OOBM context: interface speed-dup[...]

  • Page 822

    Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks OOBM IPv4 Address Configuration Configuring an IPv4 address for the OO BM interface is similar to VLAN IP address configuratio n, but it is a ccomplish ed within the OOBM context. Syntax: From the OOBM context: [no] ip address [dhcp -bootp | ip-address/mask-length ] From the general co[...]

  • Page 823

    Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks OOBM Show Commands The show commands for OOBM are similar to the analogous commands for the data plane. Note that you must always include the oobm parameter to see the informati on for the OOBM interfac e, regardless of the context. For instance, even from the OOBM context the show ip [...]

  • Page 824

    Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks Show OOBM IP Configuration Use show oobm ip to see the IP configuration of the OO BM interface. Syntax: show oobm ip Summarizes the IP configuration of the OOBM interface. This command displays the status of IPv4 (enabled/disabled), the IPv4 default gateway , and the IPv4 address confi[...]

  • Page 825

    Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks Application Server Commands Application server s (as described in OOBM and Server Applications in the Concepts section above) have a dded a listen keyword with oobm|data|both options to specify which i nterface(s) is(are) active. Default value is both for all servers. For example: T el[...]

  • Page 826

    ----------------------------- Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks The show servers command shows the listen mode of the servers. ProCurve# show servers Server listen mode Server Listen mode Telnet | both Ssh | both Tftp | both Web-management | both Snmp | both Application Client Commands CLI commands for client applicati[...]

  • Page 827

    Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks Ping: ping [...] [source < ip-address | vlan-id | oobm>] Management and Confi guration Guide , page C-65 T raceroute: tracerou te [...] [source <ip-address | vlan-id | oobm>] Management and Confi guration Guide, page C-67 Example This example shows setup and use of network [...]

  • Page 828

    Network Out-of-Band Management (OOBM) for the 6600 Switch Tasks The CLI commands that follow w ould acco mplish those tasks. (The first time through the process yo u might easily make the omissi on shown near the end of the example.) Switch 41# config Switch 41(config)# vlan 1 Switch 41(vlan-1)# ip address 10.1.129.7/20 Switch 41(vlan-1)# end Switc[...]

  • Page 829

    Index Symbols => prompt …C - 8 4 Numerics 802.1X effect, LLDP … 14-79 LLDP blocked … 14-46 802.1X access control authentication fa ilure, SNMP notification … 14-26 SNMP notification of authentication failure … 14-26 A access manager … 14-13 operator … 14-13 out-of-band … 2-3 access control list See ACL. ACL debug messages … C-4[...]

  • Page 830

    disabled … A-11 download to a redundant management system … A-9 downloading software images … A-11 B bandwidth displaying port utilization … 10-13 displaying utilizati on … 5-18 guaranteed minimum See guaranteed minimum bandwidth. banner configuring … 2-11 default … 2-9 non-default … 2-10 operation … 2-9 redundant management … 2[...]

  • Page 831

    copy tftp oobm … A-31 config files oobm … 6-38 config files, SCP/SFTP transfer …6 - 4 0 configuration Bootp … 8-14 clearing module … 10-31 comparing startu p to running … 6-6 console … 7-3 copying … A-29 DHCP Option 66 … 6-41 DHCP, Best Offer … 6-43 factory default … 6-9, 8-2 file update with Option 66 … 6-41 file updating w[...]

  • Page 832

    features … 2-3 Help … 3-9, 3-11 inactivity-timer … 7-9 Main Menu interface … 3-7 meaning of asterisk … 3-10, 3- 13 measuring network activity … C-8 navigation … 3-9, 3-10 operation … 3-10 starting a session … 3-4 statistics, clear counters … 3-12 status and counters access … 3-7 status and counters menu … B-6 troubleshooting[...]

  • Page 833

    PoE … 11-8 PoE allocation, usage …1 1 - 1 2 PoE power threshoold, 80 … 11-17 PoE pre-std- detect, enable d … 11-8 PoE prioirty, low … 11-10 PoE value, 17W … 11-21 port speed, auto … 10-16 security … A-48 SNTP … 9-5 sntp poll interval, 720 seconds …9 - 1 1 Support/Mgmnt URL wind ow … 5-13 system information features … 7-12 sy[...]

  • Page 834

    See MAC address. Dyn1 See LACP. dynamic ARP protection resource usage … E-2 E edge ports … 13-4 Emergency Location Id Number … 14-39, 14-67 erase config file … 6-39 event log clearing entries … C-36 compared to debug/Syslog operation … C-41 console menu … 3-7 debugging by severity level … C-42, C-54 debugging by system module … C-[...]

  • Page 835

    starving queues … 13-24 H Help for CLI … 1-7, 4-11 for menu interface … 1-6, 3-9, 3-11 for web browser interface … 1-7, 5-14 online, inoperable … 5-14 hop, router …8 - 1 1 hotswapping mgmt module … 15-15 HP Auto-MDIX feature … 10-21 web browser interface … 2-5 I ICMP resources … E-4 ICMP rate-limiting all-traffic See rate-limiti[...]

  • Page 836

    single source … 8-25 source IP address … 8-26 source IP with debug debug source IP address …8 - 3 1 source IP with radius … 8-31 source IP with tacacs … 8-31 source-interface option … 8-2 6 IP Preserve DHCP server … 8-21 overview … 8-21 rules, operating … 8-21 summary of effect … 8-24 IP routing debug messages … C-42 IPv6 debu[...]

  • Page 837

    802.1X blocking … 14-46 802.1X effect … 14-79 active port … 14-39 adjacent device … 14-39 advertisement … 14-39 advertisement content … 14-54 advertisement data … 14-71 advertisement, mandatory data … 14-54 advertisement, optional data … 14-55 advertisements, delay interval … 14-50 CDP neighbor data … 14-80 chassis ID … 14-5[...]

  • Page 838

    trap receiver, data change notice … 14-52 TTL … 14-42, 14-44 txonly … 14-53 VLAN, untagged … 14-79 walkmib … 14-44 with PoE … 11-18 LLDP-MED displaying speed … 14-73 ELIN … 14-67 enable or disable … 14-42 endpoint support … 14-58 fast start control … 14-62 location data … 14-66 medTlvenable … 14-64 Neighbors MIB … 14-74 [...]

  • Page 839

    ACL criteria (deprecated) … B-29, B-35, B-37, B-56, B-62 ACLs converted to classifi er-based policies in K.14.xx and later … B-30, B-62 ACLs replaced by classifier-based criteria … B-29, B-67 ARP request … B-96 booting pre-K.12.xx OS … B-37 caution configure destination first … B-33, B-44, B-53, B-71 endpoint removal … B-51 exit port [...]

  • Page 840

    rate … B-36 remote session configuration steps … B-46 defined … B-32 disabling … B-48 exit port … B-31 first release supported … B-28 quick reference … B-47 supported switches … B-33 restrictions classifier-based … B -67, B-72, B-73 local sessions … B-28 remote sessions … B-28 source switch … B-56 session 1, legacy configura[...]

  • Page 841

    oobm address config … J-10 client commands … J-14 command … J-6 copy command output … A-40 copy config to remote host … A-30 copy crash-data … A-42, A-43 copy crash-log … A-43, A-44 copy event-log tftp … A-41 copy show-tech … A-32 copy tftp command-file … A-36 copy tftp config … A-31 copy tftp flash … A-26 default gateway co[...]

  • Page 842

    absent cnt … 11-24 defined … 11-3 needed power for PoE+ … 11-7 other fault … 11-23 over current cnt … 11-23 oversubscribed … 11-3 overview of status … 11-21 PD support … 11-6 PD, defined … 11-3 poe-lldp-detect command … 1 1-18 port-number priority … 11-7 port-number priority, defined … 11-4 power denied cnt … 11-23 power, [...]

  • Page 843

    menu access to static trunk … 12-10 mirroring … B-28 monitor port restrictions … 12-9 nonconsecutive ports … 12-3 port security restriction … 12-9 removing port from static trunk … 12-16 requirements … 12-8 SA/DA … 12-37 spanning tree protoc ol … 12-9 static trunk … 12-8 static trunk, overview … 12-6 static/dynamic limit … 1[...]

  • Page 844

    how measured … 13-9 ICMP See ICMP rate-limiting. intended use … 13-4 mcast command … 13-19 multicast traffic … 13-19 note on testing … 13-10, 13-17 operating notes … 13-8 optimum packet size … 13-10, 13-16 per-port only … 13-4 purpose … 13-4 traffic filters … 13-9 reboot actions causing … 6-4 faster boot time … 6-24 from sec[...]

  • Page 845

    viewing … 6-6 See also configuratio n. S savepower command … I-3 led option … I -4 port-low-pwr … I-6 show led … I-7 show module … I-6 show port-low-pwr … I-7 scalability …G - 1 scheduled reboot …6 - 2 5 SCP/SFTP enabling … A-13 session limit … A-17, A-19 transfer of config files … 6-40 troubleshooting … A-18 secure copy S[...]

  • Page 846

    configuring trap receivers … 14-19 configusing trap receivers … 14-19 DHCP snooping events … 14-17 different versions … 14-17 enabling informs … 14-21 enabling network security traps … 14-27 enabling SNMPv3 … 14-23 fixed traps … 14-19 invalid password in login … 14-17 IP … 14-3 link-change traps … 14-17, 14-28 manager password[...]

  • Page 847

    startup-config viewing … 6-6 See also configuratio n. statistics …3 - 7 clearing … B-18 SNTP … 9-22 statistics, clear counters …6 - 1 1 status and counters access from console … 3-7 status overview screen …5 - 7 subnet …8 - 9 VLAN, mirroring exit port … B-34, B-46, B-48, B-49, B-90, B-97 subnet mask … 8-5, 8-6 See also IP mask s[...]

  • Page 848

    terminal type …7 - 3 terminate remote session …7 - 1 1 TFTP auto-TFTP … A-11 auto-TFTP feature … A-11 auto-TFTP, disa ble … A-11, A-14 copy command output … A-40 copy crash data … A-41 copy crash log … A-43 copy event log output … A-41 copying a configuration file … A-31 copying software image … A-28 disable … A-14 disabled [...]

  • Page 849

    See also notification. snmp-authentication … 14-27 threshold … 14-19 troubleshooting ACL … C-9 approaches … C-5 browsing the configuration file … C-71 configuring debug destinations … C-42 console access problems … C-6 diagnosing unusual networ k activity … C-8 diagnostics tools … C-62 displaying switch operation … C-72, C-75 DN[...]

  • Page 850

    copy crash log … A-43 copy event log output … A-41 copy software image to a USB device … A-29 devices with secure partitions not supported … A-22 flash drives must be formatted … A-22 supported capabilities … A-22 uploading an ACL command file … A-38 using to copy switch software … A-22 viewing flash drive contents … A-22, A-23 us[...]

  • Page 851

    features … 2-5 copying a software image … A-28 first-time install … 5-8 download to primar y or secondary flash … A-21 first-time tasks … 5-8 uploading an ACL command file … A-38 Java applets, enabling … 5-5 using to download switch software … A-20 main screen … 5-17 online help … 5-14 online help locatio n specifying … 5-14 o[...]

  • Page 852

    24 – Index[...]

  • Page 853

    [...]

  • Page 854

    Pr oC ur v e 5400zl S w itc hes Inst allati on and Gettin g Startd Guide T echnology for bet ter business outcom es T o learn mo re , vi sit w w w .hp .com/go/pr ocurv e/ © Cop yri ght 2009 Hew lett-P ack ard De velopme nt Co mpan y , L .P . T he infor mation contained her ein is su bject to change w ithout notice. The onl y warr anties f or HP pr[...]